source: trunk/admin/cat_perm.php @ 22734

Last change on this file since 22734 was 19703, checked in by plg, 12 years ago

update Piwigo headers to 2013 (the end of the world didn't occur as expected on r12922)

  • Property svn:eol-style set to LF
File size: 9.5 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2013 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH'))
25{
26  die ("Hacking attempt!");
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
36// +-----------------------------------------------------------------------+
37// |                       variable initialization                         |
38// +-----------------------------------------------------------------------+
39
40$page['cat'] = $category['id'];
41
42// +-----------------------------------------------------------------------+
43// |                           form submission                             |
44// +-----------------------------------------------------------------------+
45
46if (!empty($_POST))
47{
48  check_pwg_token();
49
50  if ($category['status'] != $_POST['status'])
51  {
52    set_cat_status(array($page['cat']), $_POST['status']);
53    $category['status'] = $_POST['status'];
54  }
55
56  if ('private' == $_POST['status'])
57  {
58    //
59    // manage groups
60    //
61    $query = '
62SELECT group_id
63  FROM '.GROUP_ACCESS_TABLE.'
64  WHERE cat_id = '.$page['cat'].'
65;';
66    $groups_granted = array_from_query($query, 'group_id');
67
68    if (!isset($_POST['groups']))
69    {
70      $_POST['groups'] = array();
71    }
72   
73    //
74    // remove permissions to groups
75    //
76    $deny_groups = array_diff($groups_granted, $_POST['groups']);
77    if (count($deny_groups) > 0)
78    {
79      // if you forbid access to an album, all sub-albums become
80      // automatically forbidden
81      $query = '
82DELETE
83  FROM '.GROUP_ACCESS_TABLE.'
84  WHERE group_id IN ('.implode(',', $deny_groups).')
85    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
86;';
87      pwg_query($query);
88    }
89
90    //
91    // add permissions to groups
92    //
93    $grant_groups = $_POST['groups'];
94    if (count($grant_groups) > 0)
95    {
96      $cat_ids = get_uppercat_ids(array($page['cat']));
97      if (isset($_POST['apply_on_sub']))
98      {
99        $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
100      }
101
102      $query = '
103SELECT id
104  FROM '.CATEGORIES_TABLE.'
105  WHERE id IN ('.implode(',', $cat_ids).')
106    AND status = \'private\'
107;';
108      $private_cats = array_from_query($query, 'id');
109
110      // We must not reinsert already existing lines in group_access table
111      $granteds = array();
112      foreach ($private_cats as $cat_id)
113      {
114        $granteds[$cat_id] = array();
115      }
116
117      $query = '
118SELECT
119    group_id,
120    cat_id
121  FROM '.GROUP_ACCESS_TABLE.'
122  WHERE cat_id IN ('.implode(',', $private_cats).')
123    AND group_id IN ('.implode(',', $grant_groups).')
124;';
125      $result = pwg_query($query);
126      while ($row = pwg_db_fetch_assoc($result))
127      {
128        array_push($granteds[$row['cat_id']], $row['group_id']);
129      }
130
131      $inserts = array();
132     
133      foreach ($private_cats as $cat_id)
134      {
135        $group_ids = array_diff($grant_groups, $granteds[$cat_id]);
136        foreach ($group_ids as $group_id)
137        {
138          array_push(
139            $inserts,
140            array(
141              'group_id' => $group_id,
142              'cat_id' => $cat_id
143              )
144            );
145        }
146      }
147
148      mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
149    }
150
151    //
152    // users
153    //
154    $query = '
155SELECT user_id
156  FROM '.USER_ACCESS_TABLE.'
157  WHERE cat_id = '.$page['cat'].'
158;';
159    $users_granted = array_from_query($query, 'user_id');
160
161    if (!isset($_POST['users']))
162    {
163      $_POST['users'] = array();
164    }
165   
166    //
167    // remove permissions to users
168    //
169    $deny_users = array_diff($users_granted, $_POST['users']);
170    if (count($deny_users) > 0)
171    {
172      // if you forbid access to an album, all sub-album become automatically
173      // forbidden
174      $query = '
175DELETE
176  FROM '.USER_ACCESS_TABLE.'
177  WHERE user_id IN ('.implode(',', $deny_users).')
178    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
179;';
180      pwg_query($query);
181    }
182
183    //
184    // add permissions to users
185    //
186    $grant_users = $_POST['users'];
187    if (count($grant_users) > 0)
188    {
189      add_permission_on_category($page['cat'], $grant_users);
190    }
191  }
192
193  array_push($page['infos'], l10n('Album updated successfully'));
194}
195
196// +-----------------------------------------------------------------------+
197// |                       template initialization                         |
198// +-----------------------------------------------------------------------+
199
200$template->set_filename('cat_perm', 'cat_perm.tpl');
201
202$template->assign(
203  array(
204    'CATEGORIES_NAV' =>
205      get_cat_display_name_from_id(
206        $page['cat'],
207        'admin.php?page=album-'
208        ),
209    'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
210    'F_ACTION' => $admin_album_base_url.'-permissions',
211    'private' => ('private' == $category['status']),
212    )
213  );
214
215// +-----------------------------------------------------------------------+
216// |                          form construction                            |
217// +-----------------------------------------------------------------------+
218
219// groups denied are the groups not granted. So we need to find all groups
220// minus groups granted to find groups denied.
221
222$groups = array();
223
224$query = '
225SELECT id, name
226  FROM '.GROUPS_TABLE.'
227  ORDER BY name ASC
228;';
229$groups = simple_hash_from_query($query, 'id', 'name');
230$template->assign('groups', $groups);
231
232// groups granted to access the category
233$query = '
234SELECT group_id
235  FROM '.GROUP_ACCESS_TABLE.'
236  WHERE cat_id = '.$page['cat'].'
237;';
238$group_granted_ids = array_from_query($query, 'group_id');
239$template->assign('groups_selected', $group_granted_ids);
240
241// users...
242$users = array();
243
244$query = '
245SELECT '.$conf['user_fields']['id'].' AS id,
246       '.$conf['user_fields']['username'].' AS username
247  FROM '.USERS_TABLE.'
248;';
249$users = simple_hash_from_query($query, 'id', 'username');
250$template->assign('users', $users);
251
252
253$query = '
254SELECT user_id
255  FROM '.USER_ACCESS_TABLE.'
256  WHERE cat_id = '.$page['cat'].'
257;';
258$user_granted_direct_ids = array_from_query($query, 'user_id');
259$template->assign('users_selected', $user_granted_direct_ids);
260
261
262$user_granted_indirect_ids = array();
263if (count($group_granted_ids) > 0)
264{
265  $granted_groups = array();
266
267  $query = '
268SELECT user_id, group_id
269  FROM '.USER_GROUP_TABLE.'
270  WHERE group_id IN ('.implode(',', $group_granted_ids).')
271';
272  $result = pwg_query($query);
273  while ($row = pwg_db_fetch_assoc($result))
274  {
275    if (!isset($granted_groups[$row['group_id']]))
276    {
277      $granted_groups[$row['group_id']] = array();
278    }
279    array_push($granted_groups[$row['group_id']], $row['user_id']);
280  }
281
282  $user_granted_by_group_ids = array();
283 
284  foreach ($granted_groups as $group_users)
285  {
286    $user_granted_by_group_ids = array_merge($user_granted_by_group_ids, $group_users);
287  }
288 
289  $user_granted_by_group_ids = array_unique($user_granted_by_group_ids);
290 
291  $user_granted_indirect_ids = array_diff(
292    $user_granted_by_group_ids,
293    $user_granted_direct_ids
294    );
295
296  $template->assign('nb_users_granted_indirect', count($user_granted_indirect_ids));
297
298  foreach ($granted_groups as $group_id => $group_users)
299  {
300    $group_usernames = array();
301    foreach ($group_users as $user_id)
302    {
303      if (in_array($user_id, $user_granted_indirect_ids))
304      {
305        array_push($group_usernames, $users[$user_id]);
306      }
307    }
308
309    $template->append(
310      'user_granted_indirect_groups',
311      array(
312        'group_name' => $groups[$group_id],
313        'group_users' => implode(', ', $group_usernames),
314        )
315      );
316  }
317}
318
319// +-----------------------------------------------------------------------+
320// |                           sending html code                           |
321// +-----------------------------------------------------------------------+
322$template->assign(array('PWG_TOKEN' => get_pwg_token()));
323
324$template->assign_var_from_handle('ADMIN_CONTENT', 'cat_perm');
325?>
Note: See TracBrowser for help on using the repository browser.