source: trunk/admin/cat_perm.php @ 27926

Last change on this file since 27926 was 26461, checked in by mistic100, 11 years ago

Update headers to 2014. Happy new year!!

  • Property svn:eol-style set to LF
File size: 9.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2014 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH'))
25{
26  die ("Hacking attempt!");
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
36// +-----------------------------------------------------------------------+
37// |                       variable initialization                         |
38// +-----------------------------------------------------------------------+
39
40$page['cat'] = $category['id'];
41
42// +-----------------------------------------------------------------------+
43// |                           form submission                             |
44// +-----------------------------------------------------------------------+
45
46if (!empty($_POST))
47{
48  check_pwg_token();
49
50  if ($category['status'] != $_POST['status'])
51  {
52    set_cat_status(array($page['cat']), $_POST['status']);
53    $category['status'] = $_POST['status'];
54  }
55
56  if ('private' == $_POST['status'])
57  {
58    //
59    // manage groups
60    //
61    $query = '
62SELECT group_id
63  FROM '.GROUP_ACCESS_TABLE.'
64  WHERE cat_id = '.$page['cat'].'
65;';
66    $groups_granted = array_from_query($query, 'group_id');
67
68    if (!isset($_POST['groups']))
69    {
70      $_POST['groups'] = array();
71    }
72   
73    //
74    // remove permissions to groups
75    //
76    $deny_groups = array_diff($groups_granted, $_POST['groups']);
77    if (count($deny_groups) > 0)
78    {
79      // if you forbid access to an album, all sub-albums become
80      // automatically forbidden
81      $query = '
82DELETE
83  FROM '.GROUP_ACCESS_TABLE.'
84  WHERE group_id IN ('.implode(',', $deny_groups).')
85    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
86;';
87      pwg_query($query);
88    }
89
90    //
91    // add permissions to groups
92    //
93    $grant_groups = $_POST['groups'];
94    if (count($grant_groups) > 0)
95    {
96      $cat_ids = get_uppercat_ids(array($page['cat']));
97      if (isset($_POST['apply_on_sub']))
98      {
99        $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
100      }
101     
102      $query = '
103SELECT id
104  FROM '.CATEGORIES_TABLE.'
105  WHERE id IN ('.implode(',', $cat_ids).')
106    AND status = \'private\'
107;';
108      $private_cats = array_from_query($query, 'id');
109     
110      $inserts = array();
111      foreach ($private_cats as $cat_id)
112      {
113        foreach ($grant_groups as $group_id)
114        {
115          $inserts[] = array(
116            'group_id' => $group_id,
117            'cat_id' => $cat_id
118            );
119        }
120      }
121     
122      mass_inserts(
123        GROUP_ACCESS_TABLE,
124        array('group_id','cat_id'),
125        $inserts,
126        array('ignore'=>true)
127        );
128    }
129
130    //
131    // users
132    //
133    $query = '
134SELECT user_id
135  FROM '.USER_ACCESS_TABLE.'
136  WHERE cat_id = '.$page['cat'].'
137;';
138    $users_granted = array_from_query($query, 'user_id');
139
140    if (!isset($_POST['users']))
141    {
142      $_POST['users'] = array();
143    }
144   
145    //
146    // remove permissions to users
147    //
148    $deny_users = array_diff($users_granted, $_POST['users']);
149    if (count($deny_users) > 0)
150    {
151      // if you forbid access to an album, all sub-album become automatically
152      // forbidden
153      $query = '
154DELETE
155  FROM '.USER_ACCESS_TABLE.'
156  WHERE user_id IN ('.implode(',', $deny_users).')
157    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
158;';
159      pwg_query($query);
160    }
161
162    //
163    // add permissions to users
164    //
165    $grant_users = $_POST['users'];
166    if (count($grant_users) > 0)
167    {
168      add_permission_on_category($page['cat'], $grant_users);
169    }
170  }
171
172  $page['infos'][] = l10n('Album updated successfully');
173}
174
175// +-----------------------------------------------------------------------+
176// |                       template initialization                         |
177// +-----------------------------------------------------------------------+
178
179$template->set_filename('cat_perm', 'cat_perm.tpl');
180
181$template->assign(
182  array(
183    'CATEGORIES_NAV' =>
184      get_cat_display_name_from_id(
185        $page['cat'],
186        'admin.php?page=album-'
187        ),
188    'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
189    'F_ACTION' => $admin_album_base_url.'-permissions',
190    'private' => ('private' == $category['status']),
191    )
192  );
193
194// +-----------------------------------------------------------------------+
195// |                          form construction                            |
196// +-----------------------------------------------------------------------+
197
198// groups denied are the groups not granted. So we need to find all groups
199// minus groups granted to find groups denied.
200
201$groups = array();
202
203$query = '
204SELECT id, name
205  FROM '.GROUPS_TABLE.'
206  ORDER BY name ASC
207;';
208$groups = simple_hash_from_query($query, 'id', 'name');
209$template->assign('groups', $groups);
210
211// groups granted to access the category
212$query = '
213SELECT group_id
214  FROM '.GROUP_ACCESS_TABLE.'
215  WHERE cat_id = '.$page['cat'].'
216;';
217$group_granted_ids = array_from_query($query, 'group_id');
218$template->assign('groups_selected', $group_granted_ids);
219
220// users...
221$users = array();
222
223$query = '
224SELECT '.$conf['user_fields']['id'].' AS id,
225       '.$conf['user_fields']['username'].' AS username
226  FROM '.USERS_TABLE.'
227;';
228$users = simple_hash_from_query($query, 'id', 'username');
229$template->assign('users', $users);
230
231
232$query = '
233SELECT user_id
234  FROM '.USER_ACCESS_TABLE.'
235  WHERE cat_id = '.$page['cat'].'
236;';
237$user_granted_direct_ids = array_from_query($query, 'user_id');
238$template->assign('users_selected', $user_granted_direct_ids);
239
240
241$user_granted_indirect_ids = array();
242if (count($group_granted_ids) > 0)
243{
244  $granted_groups = array();
245
246  $query = '
247SELECT user_id, group_id
248  FROM '.USER_GROUP_TABLE.'
249  WHERE group_id IN ('.implode(',', $group_granted_ids).')
250';
251  $result = pwg_query($query);
252  while ($row = pwg_db_fetch_assoc($result))
253  {
254    if (!isset($granted_groups[ $row['group_id'] ]))
255    {
256      $granted_groups[ $row['group_id'] ] = array();
257    }
258    $granted_groups[ $row['group_id'] ][] = $row['user_id'];
259  }
260
261  $user_granted_by_group_ids = array();
262 
263  foreach ($granted_groups as $group_users)
264  {
265    $user_granted_by_group_ids = array_merge($user_granted_by_group_ids, $group_users);
266  }
267 
268  $user_granted_by_group_ids = array_unique($user_granted_by_group_ids);
269 
270  $user_granted_indirect_ids = array_diff(
271    $user_granted_by_group_ids,
272    $user_granted_direct_ids
273    );
274
275  $template->assign('nb_users_granted_indirect', count($user_granted_indirect_ids));
276
277  foreach ($granted_groups as $group_id => $group_users)
278  {
279    $group_usernames = array();
280    foreach ($group_users as $user_id)
281    {
282      if (in_array($user_id, $user_granted_indirect_ids))
283      {
284        $group_usernames[] = $users[$user_id];
285      }
286    }
287
288    $template->append(
289      'user_granted_indirect_groups',
290      array(
291        'group_name' => $groups[$group_id],
292        'group_users' => implode(', ', $group_usernames),
293        )
294      );
295  }
296}
297
298// +-----------------------------------------------------------------------+
299// |                           sending html code                           |
300// +-----------------------------------------------------------------------+
301$template->assign(array('PWG_TOKEN' => get_pwg_token(), 'INHERIT' => $conf['inheritance_by_default']));
302
303$template->assign_var_from_handle('ADMIN_CONTENT', 'cat_perm');
304?>
Note: See TracBrowser for help on using the repository browser.