Ignore:
Timestamp:
Mar 17, 2012, 1:47:17 AM (13 years ago)
Author:
plg
Message:

feature 2594: redesign on album permission screen. The choice "public/private"
is not on the "properties" tab anymore. Simpler ergonomy to select grant users
and groups.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/admin/cat_perm.php

    r13013 r13580  
    3838// +-----------------------------------------------------------------------+
    3939
    40 // if the category is not correct (not numeric, not private)
    41 if (isset($_GET['cat']) and is_numeric($_GET['cat']))
     40$page['cat'] = $category['id'];
     41
     42// +-----------------------------------------------------------------------+
     43// |                           form submission                             |
     44// +-----------------------------------------------------------------------+
     45
     46if (!empty($_POST))
    4247{
    43   $query = '
    44 SELECT status
    45   FROM '.CATEGORIES_TABLE.'
    46   WHERE id = '.$_GET['cat'].'
    47 ;';
    48   list($status) = pwg_db_fetch_row(pwg_query($query));
    49  
    50   if ('private' == $status)
    51   {
    52     $page['cat'] = $_GET['cat'];
    53   }
    54 }
    55 
    56 if (!isset($page['cat']))
    57 {
    58   $query = '
     48  check_pwg_token();
     49
     50  if ($category['status'] != $_POST['status'])
     51  {
     52    set_cat_status(array($page['cat']), $_POST['status']);
     53    $category['status'] = $_POST['status'];
     54  }
     55
     56  if ('private' == $_POST['status'])
     57  {
     58    //
     59    // manage groups
     60    //
     61    $query = '
     62SELECT group_id
     63  FROM '.GROUP_ACCESS_TABLE.'
     64  WHERE cat_id = '.$page['cat'].'
     65;';
     66    $groups_granted = array_from_query($query, 'group_id');
     67
     68    if (!isset($_POST['groups']))
     69    {
     70      $_POST['groups'] = array();
     71    }
     72   
     73    //
     74    // remove permissions to groups
     75    //
     76    $deny_groups = array_diff($groups_granted, $_POST['groups']);
     77    if (count($deny_groups) > 0)
     78    {
     79      // if you forbid access to an album, all sub-albums become
     80      // automatically forbidden
     81      $query = '
     82DELETE
     83  FROM '.GROUP_ACCESS_TABLE.'
     84  WHERE group_id IN ('.implode(',', $deny_groups).')
     85    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
     86;';
     87      pwg_query($query);
     88    }
     89
     90    //
     91    // add permissions to groups
     92    //
     93    $grant_groups = array_diff($_POST['groups'], $groups_granted);
     94    if (count($grant_groups) > 0)
     95    {
     96      $cat_ids = get_uppercat_ids(array($page['cat']));
     97      if (isset($_POST['apply_on_sub']))
     98      {
     99        $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
     100      }
     101     
     102      $query = '
    59103SELECT id
    60104  FROM '.CATEGORIES_TABLE.'
    61   WHERE status = \'private\'
    62   LIMIT 1
    63 ;';
    64 
    65   list($page['cat']) = pwg_db_fetch_row(pwg_query($query));
    66 }
    67 
    68 // +-----------------------------------------------------------------------+
    69 // |                           form submission                             |
    70 // +-----------------------------------------------------------------------+
    71 if (isset($_POST['deny_groups_submit']) or isset($_POST['grant_groups_submit']) or isset($_POST['deny_users_submit']) or isset($_POST['grant_users_submit']) )
    72 {
    73   check_pwg_token();
    74 }
    75 
    76 if (isset($_POST['deny_groups_submit'])
    77          and isset($_POST['deny_groups'])
    78          and count($_POST['deny_groups']) > 0)
    79 {
    80   // if you forbid access to a category, all sub-categories become
    81   // automatically forbidden
    82   $query = '
    83 DELETE
    84   FROM '.GROUP_ACCESS_TABLE.'
    85   WHERE group_id IN ('.implode(',', $_POST['deny_groups']).')
    86     AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
    87 ;';
    88   pwg_query($query);
    89 }
    90 else if (isset($_POST['grant_groups_submit'])
    91          and isset($_POST['grant_groups'])
    92          and count($_POST['grant_groups']) > 0)
    93 {
    94   $cat_ids = (isset($_POST['apply_on_sub'])) ? implode(',', get_subcat_ids(array($page['cat']))).",".implode(',', get_uppercat_ids(array($page['cat']))) : implode(',', get_uppercat_ids(array($page['cat'])));
    95 
    96   $query = '
    97 SELECT id
    98   FROM '.CATEGORIES_TABLE.'
    99   WHERE id IN ('.$cat_ids.')
    100   AND status = \'private\'
    101 ;';
    102   $private_cats = array_from_query($query, 'id');
    103 
    104   // We must not reinsert already existing lines in group_access table
    105   $granteds = array();
    106   foreach ($private_cats as $cat_id)
    107   {
    108     $granteds[$cat_id] = array();
    109   }
     105  WHERE id IN ('.implode(',', $cat_ids).')
     106    AND status = \'private\'
     107;';
     108      $private_cats = array_from_query($query, 'id');
     109
     110      // We must not reinsert already existing lines in group_access table
     111      $granteds = array();
     112      foreach ($private_cats as $cat_id)
     113      {
     114        $granteds[$cat_id] = array();
     115      }
    110116 
    111   $query = '
    112 SELECT group_id, cat_id
     117      $query = '
     118SELECT
     119    group_id,
     120    cat_id
    113121  FROM '.GROUP_ACCESS_TABLE.'
    114122  WHERE cat_id IN ('.implode(',', $private_cats).')
    115     AND group_id IN ('.implode(',', $_POST['grant_groups']).')
    116 ;';
    117   $result = pwg_query($query);
    118   while ($row = pwg_db_fetch_assoc($result))
    119   {
    120     array_push($granteds[$row['cat_id']], $row['group_id']);
    121   }
    122 
    123   $inserts = array();
    124  
    125   foreach ($private_cats as $cat_id)
    126   {
    127     $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]);
    128     foreach ($group_ids as $group_id)
    129     {
    130       array_push($inserts, array('group_id' => $group_id,
    131                                  'cat_id' => $cat_id));
    132     }
    133   }
    134 
    135   mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
    136 }
    137 else if (isset($_POST['deny_users_submit'])
    138          and isset($_POST['deny_users'])
    139          and count($_POST['deny_users']) > 0)
    140 {
    141   // if you forbid access to a category, all sub-categories become
    142   // automatically forbidden
    143   $query = '
     123    AND group_id IN ('.implode(',', $grant_groups).')
     124;';
     125      $result = pwg_query($query);
     126      while ($row = pwg_db_fetch_assoc($result))
     127      {
     128        array_push($granteds[$row['cat_id']], $row['group_id']);
     129      }
     130
     131      $inserts = array();
     132     
     133      foreach ($private_cats as $cat_id)
     134      {
     135        $group_ids = array_diff($grant_groups, $granteds[$cat_id]);
     136        foreach ($group_ids as $group_id)
     137        {
     138          array_push(
     139            $inserts,
     140            array(
     141              'group_id' => $group_id,
     142              'cat_id' => $cat_id
     143              )
     144            );
     145        }
     146      }
     147
     148      mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
     149    }
     150
     151    //
     152    // users
     153    //
     154    $query = '
     155SELECT user_id
     156  FROM '.USER_ACCESS_TABLE.'
     157  WHERE cat_id = '.$page['cat'].'
     158;';
     159    $users_granted = array_from_query($query, 'user_id');
     160
     161    if (!isset($_POST['users']))
     162    {
     163      $_POST['users'] = array();
     164    }
     165   
     166    //
     167    // remove permissions to users
     168    //
     169    $deny_users = array_diff($users_granted, $_POST['users']);
     170    if (count($deny_users) > 0)
     171    {
     172      // if you forbid access to an album, all sub-album become automatically
     173      // forbidden
     174      $query = '
    144175DELETE
    145176  FROM '.USER_ACCESS_TABLE.'
    146   WHERE user_id IN ('.implode(',', $_POST['deny_users']).')
     177  WHERE user_id IN ('.implode(',', $deny_users).')
    147178    AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
    148179;';
    149   pwg_query($query);
    150 }
    151 else if (isset($_POST['grant_users_submit'])
    152          and isset($_POST['grant_users'])
    153          and count($_POST['grant_users']) > 0)
    154 {
    155   add_permission_on_category($page['cat'], $_POST['grant_users']);
     180      pwg_query($query);
     181    }
     182
     183    //
     184    // add permissions to users
     185    //
     186    $grant_users = array_diff($_POST['users'], $users_granted);
     187    if (count($grant_users) > 0)
     188    {
     189      add_permission_on_category($page['cat'], $grant_users);
     190    }
     191  }
     192
     193  array_push($page['infos'], l10n('Album updated successfully'));
    156194}
    157195
     
    171209    'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
    172210    'F_ACTION' => $admin_album_base_url.'-permissions',
     211    'private' => ('private' == $category['status']),
    173212    )
    174213  );
     
    189228;';
    190229$groups = simple_hash_from_query($query, 'id', 'name');
    191 $template->assign('all_groups', $groups);
     230$template->assign('groups', $groups);
    192231
    193232// groups granted to access the category
     
    198237;';
    199238$group_granted_ids = array_from_query($query, 'group_id');
    200 $group_granted_ids = order_by_name($group_granted_ids, $groups);
    201 $template->assign('group_granted_ids', $group_granted_ids);
    202 
    203 
    204 // groups denied
    205 $template->assign('group_denied_ids',
    206     order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups)
    207   );
     239$template->assign('groups_selected', $group_granted_ids);
    208240
    209241// users...
     
    216248;';
    217249$users = simple_hash_from_query($query, 'id', 'username');
    218 $template->assign('all_users', $users);
     250$template->assign('users', $users);
    219251
    220252
     
    225257;';
    226258$user_granted_direct_ids = array_from_query($query, 'user_id');
    227 $user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users);
    228 $template->assign('user_granted_direct_ids', $user_granted_direct_ids);
    229 
     259$template->assign('users_selected', $user_granted_direct_ids);
    230260
    231261
     
    283313}
    284314
    285 $user_denied_ids = array_diff(array_keys($users),
    286                               $user_granted_indirect_ids,
    287                               $user_granted_direct_ids);
    288 $user_denied_ids = order_by_name($user_denied_ids, $users);
    289 $template->assign('user_denied_ids', $user_denied_ids);
    290 
    291 
    292315// +-----------------------------------------------------------------------+
    293316// |                           sending html code                           |
Note: See TracChangeset for help on using the changeset viewer.