source: extensions/community/include/functions_community.inc.php @ 23037

Last change on this file since 23037 was 23037, checked in by plg, 7 years ago

manage quota (number of photos, disk usage)

File size: 8.4 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24function community_get_user_permissions($user_id)
25{
26  global $conf, $user;
27
28  $cache_key = community_get_cache_key();
29  if (!isset($cache_key))
30  {
31    $cache_key = community_update_cache_key();
32  }
33
34  // I (plg) don't understand why, but when you connect, you keep the
35  // permissions calculated for the "guest" : the session "inherits"
36  // variables from guest to the connected user, so I add a
37  // $_SESSION['community_user_id'] to force refresh if the permissions were
38  // not calculated for the right user
39  if (
40    isset($_SESSION['community_user_id'])
41    and $_SESSION['community_user_id'] == $user_id
42    and $_SESSION['community_cache_key'] == $cache_key
43    )
44  {
45    return $_SESSION['community_user_permissions'];
46  }
47
48  $return = array(
49    'upload_whole_gallery' => false,
50    'create_whole_gallery' => false,
51    'create_categories' => array(),
52    'upload_categories' => array(),
53    'permission_ids' => array(),
54    'nb_photos' => 0,
55    'storage' => 0,
56    );
57 
58  // what are the user groups?
59  $query = '
60SELECT
61    group_id
62  FROM '.USER_GROUP_TABLE.'
63  WHERE user_id = '.$user_id.'
64;';
65  $user_group_ids = array_from_query($query, 'group_id');
66
67  $query = '
68SELECT
69    id,
70    category_id,
71    recursive,
72    create_subcategories,
73    nb_photos,
74    storage
75  FROM '.COMMUNITY_PERMISSIONS_TABLE.'
76  WHERE (type = \'any_visitor\')';
77
78  if ($user_id != $conf['guest_id'])
79  {
80    $query.= '
81    OR (type = \'any_registered_user\')
82    OR (type = \'user\' AND user_id = '.$user_id.')';
83
84    if (count($user_group_ids) > 0)
85    {
86      $query.= '
87    OR (type = \'group\' AND group_id IN ('.implode(',', $user_group_ids).'))';
88    }
89  }
90   
91  $query.= '
92;';
93
94  $recursive_categories = array();
95
96  $result = pwg_query($query);
97  while ($row = pwg_db_fetch_assoc($result))
98  {
99    array_push($return['permission_ids'], $row['id']);
100   
101    if (empty($row['category_id']))
102    {
103      $return ['upload_whole_gallery'] = true;
104    }
105    else
106    {
107      array_push($return['upload_categories'], $row['category_id']);
108
109      if ('true' == $row['recursive'])
110      {
111        array_push($recursive_categories, $row['category_id']);
112      }
113    }
114
115    if ('true' == $row['create_subcategories'])
116    {
117      if (empty($row['category_id']))
118      {
119        $return ['create_whole_gallery'] = true;
120      }
121      else
122      {
123        array_push($return['create_categories'], $row['category_id']);
124      }
125    }
126
127    if ($return['nb_photos'] != -1)
128    {
129      if (empty($row['nb_photos']) or -1 == $row['nb_photos'])
130      {
131        // that means "no limit"
132        $return['nb_photos'] = -1;
133      }
134      elseif ($row['nb_photos'] > $return['nb_photos'])
135      {
136        $return['nb_photos'] = $row['nb_photos'];
137      }
138    }
139   
140    if ($return['storage'] != -1)
141    {
142      if (empty($row['storage']) or -1 == $row['storage'])
143      {
144        // that means "no limit"
145        $return['storage'] = -1;
146      }
147      elseif ($row['storage'] > $return['storage'])
148      {
149        $return['storage'] = $row['storage'];
150      }
151    }
152  }
153
154  if (is_admin())
155  {
156    $return ['upload_whole_gallery'] = true;
157    $return ['create_whole_gallery'] = true;
158    $return['nb_photos'] = -1;
159    $return['storage'] = -1;
160  }
161
162  // these are categories with access permission but considering the user
163  // has a level 8 (maximum level). We want to keep categories with no
164  // photos inside (for nobody)
165  $forbidden_categories = calculate_permissions($user['id'], $user['status']);
166 
167  $empty_categories = array_diff(
168    explode(',', $user['forbidden_categories']),
169    explode(',', $forbidden_categories)
170    );
171
172  if (count($empty_categories) > 0)
173  {
174    $query = '
175SELECT
176    category_id
177  FROM '.IMAGE_CATEGORY_TABLE.'
178    JOIN '.IMAGES_TABLE.' ON image_id = id
179  WHERE category_id IN ('.implode(',', $empty_categories).')
180    AND level > '.$user['level'].'
181    AND level <= 8
182  GROUP BY category_id
183;';
184    $not_really_empty_categories = array_keys(hash_from_query($query, 'category_id'));
185    $forbidden_categories.= ','.implode(',', $not_really_empty_categories);
186  }
187
188  $query = '
189SELECT
190    id
191  FROM '.CATEGORIES_TABLE.'
192;';
193  $all_categories = array_keys(hash_from_query($query, 'id'));
194
195  if ($return['upload_whole_gallery'])
196  {
197    $return['upload_categories'] = array_diff(
198      $all_categories,
199      explode(',', $forbidden_categories)
200      );
201  }
202  elseif (count($return['upload_categories']) > 0)
203  {
204    if (count($recursive_categories) > 0)
205    {
206      $return['upload_categories'] = array_unique(
207        array_merge(
208          $return['upload_categories'],
209          get_subcat_ids($recursive_categories)
210          )
211        );
212    }
213
214    $return['upload_categories'] = array_diff(
215      $return['upload_categories'],
216      explode(',', $forbidden_categories)
217      );
218  }
219
220  if ($return ['create_whole_gallery'])
221  {
222    $return['create_categories'] = array_diff(
223      $all_categories,
224      explode(',', $forbidden_categories)
225      );
226  }
227  elseif (count($return['create_categories']) > 0)
228  {
229    // no need to check for "recursive", an upload permission can't be
230    // "create_subcategories" without being "recursive"
231    $return['create_categories'] = get_subcat_ids($return['create_categories']);
232
233    $return['create_categories'] = array_diff(
234      $return['create_categories'],
235      explode(',', $forbidden_categories)
236      );
237  }
238
239  $_SESSION['community_user_permissions'] = $return;
240  $_SESSION['community_cache_key'] = $cache_key;
241  $_SESSION['community_user_id'] = $user_id;
242
243  return $_SESSION['community_user_permissions'];
244}
245
246function community_reject_pendings($image_ids)
247{
248  if (count($image_ids) == 0)
249  {
250    return;
251  }
252 
253  $query = '
254DELETE
255  FROM '.COMMUNITY_PENDINGS_TABLE.'
256  WHERE image_id IN ('.implode(',', $image_ids).')
257;';
258  pwg_query($query);
259
260  // needs to be in administration panel
261  delete_elements($image_ids, true);
262}
263
264function community_reject_user_pendings($user_id)
265{
266  $query = '
267SELECT
268    image_id
269  FROM '.COMMUNITY_PENDINGS_TABLE.' AS cp
270    INNER JOIN '.IMAGES_TABLE.' AS i ON i.id = cp.image_id
271  WHERE state != \'validated\'
272    AND added_by = '.$user_id.'
273;';
274  $result = pwg_query($query);
275  $image_ids = array();
276  while ($row = pwg_db_fetch_assoc($result))
277  {
278    array_push($image_ids, $row['image_id']);
279  }
280
281  community_reject_pendings($image_ids);
282}
283
284function community_update_cache_key()
285{
286  $cache_key = generate_key(20);
287  conf_update_param('community_cache_key', $cache_key);
288  return $cache_key;
289}
290
291function community_get_cache_key()
292{
293  global $conf;
294
295  if (isset($conf['community_cache_key']))
296  {
297    return $conf['community_cache_key'];
298  }
299  else
300  {
301    return null;
302  }
303}
304
305function community_get_user_limits($user_id)
306{
307  // how many photos and storage for this user?
308  $query = '
309SELECT
310    COUNT(id) AS nb_photos,
311    IFNULL(FLOOR(SUM(filesize)/1024), 0) AS storage
312  FROM '.IMAGES_TABLE.'
313  WHERE added_by = '.$user_id.'
314;';
315  return pwg_db_fetch_assoc(pwg_query($query));
316}
317?>
Note: See TracBrowser for help on using the repository browser.