source: extensions/community/main.inc.php @ 9444

Last change on this file since 9444 was 9444, checked in by plg, 10 years ago

bug fixed: use the same function to check permissions on menubar and on upload
form (groups where not fixed for menubar)

bug fixed: if no permission defined, the upload_categories was empty and SQL
query was crashing Piwigo

admins get automatically full permissions

File size: 3.5 KB
Line 
1<?php
2/*
3Plugin Name: Community
4Version: auto
5Description: Non admin users can add photos
6Plugin URI: http://piwigo.org/ext/extension_view.php?eid=303
7Author: plg
8Author URI: http://piwigo.wordpress.com
9*/
10
11if (!defined('PHPWG_ROOT_PATH'))
12{
13  die('Hacking attempt!');
14}
15
16define('COMMUNITY_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');
17
18global $prefixeTable;
19define('COMMUNITY_TABLE', $prefixeTable.'community');
20define('COMMUNITY_PERMISSIONS_TABLE', $prefixeTable.'community_permissions');
21define('COMMUNITY_PENDINGS_TABLE', $prefixeTable.'community_pendings');
22
23include_once(COMMUNITY_PATH.'include/functions_community.inc.php');
24
25/* Plugin admin */
26add_event_handler('get_admin_plugin_menu_links', 'community_admin_menu');
27
28function community_admin_menu($menu)
29{
30  array_push(
31    $menu,
32    array(
33      'NAME' => 'Community',
34      'URL'  => get_root_url().'admin.php?page=plugin-community'
35      )
36    );
37
38  return $menu;
39}
40
41add_event_handler('loc_end_section_init', 'community_section_init');
42function community_section_init()
43{
44  global $tokens, $page;
45 
46  if ($tokens[0] == 'add_photos')
47  {
48    $page['section'] = 'add_photos';
49  }
50}
51
52add_event_handler('loc_end_index', 'community_index');
53function community_index()
54{
55  global $page;
56 
57  if (isset($page['section']) and $page['section'] == 'add_photos')
58  {
59    include(COMMUNITY_PATH.'add_photos.php');
60  }
61}
62
63add_event_handler('blockmanager_apply' , 'community_gallery_menu');
64function community_gallery_menu($menu_ref_arr)
65{
66  global $conf, $user;
67
68  // conditional : depending on community permissions, display the "Add
69  // photos" link in the gallery menu
70  $user_permissions = community_get_user_permissions($user['id']);
71 
72  if (!$user_permissions['upload_whole_gallery'] and count($user_permissions['upload_categories']) == 0)
73  {
74    return;
75  }
76
77  $menu = & $menu_ref_arr[0];
78
79  if (($block = $menu->get_block('mbMenu')) != null )
80  {
81    load_language('plugin.lang', COMMUNITY_PATH);
82
83    array_splice(
84      $block->data,
85      count($block->data),
86      0,
87      array(
88        '' => array(
89          'URL' => make_index_url(array('section' => 'add_photos')),
90          'TITLE' => l10n('Upload your own photos'),
91          'NAME' => l10n('Upload Photos')
92          )
93        )
94      );
95  }
96}
97
98
99add_event_handler('ws_invoke_allowed', 'community_switch_user_to_admin', EVENT_HANDLER_PRIORITY_NEUTRAL, 3);
100
101function community_switch_user_to_admin($res, $methodName, $params)
102{
103  global $user;
104
105  $methods_of_permission_level[1] = array(
106    'pwg.categories.getList',
107    'pwg.tags.getAdminList',
108    'pwg.tags.add',
109    'pwg.images.exist',
110    'pwg.images.add',
111    'pwg.images.setInfo',
112    'pwg.images.addChunk',
113    'pwg.images.checkUpload',
114    );
115
116  // permission_level 2 has all methods of level 1 + others
117  $methods_of_permission_level[2] = array_merge(
118    $methods_of_permission_level[1],
119    array(
120      'pwg.categories.add',
121      'pwg.categories.setInfo',
122      )
123    );
124   
125  $query = '
126SELECT
127    permission_level
128  FROM '.COMMUNITY_TABLE.'
129  WHERE user_id = '.$user['id'].'
130;';
131  $result = pwg_query($query);
132  if (1 == mysql_num_rows($result))
133  {
134    list($permission_level) = mysql_fetch_row($result);
135
136    if (in_array($methodName, $methods_of_permission_level[$permission_level]))
137    {
138      $user['status'] = 'admin';
139    }
140  }
141
142  return $res;
143}
144
145add_event_handler('delete_user', 'community_delete_user');
146function community_delete_user($user_id)
147{
148  $query = '
149DELETE
150  FROM '.COMMUNITY_TABLE.'
151  WHERE user_id = '.$user_id.'
152;';
153  pwg_query($query);
154}
155
156?>
Note: See TracBrowser for help on using the repository browser.