feature #259, notify an album to a list of users

... and not just to a group
2016-01-06 13:42:30 +01:00 · 2016-01-06 13:42:30 +01:00 · 7bd36e0240
commit 7bd36e0240
parent 67e142f331
4 changed files with 247 additions and 42 deletions
--- a/admin/album_notification.php
+++ b/admin/album_notification.php
@ -46,7 +46,7 @@ $page['cat'] = $category['id'];
 // +-----------------------------------------------------------------------+

 // info by email to an access granted group of category informations
-if (isset($_POST['submitEmail']) and !empty($_POST['group']))
+if (isset($_POST['submitEmail']))
 {
  set_make_full_url();

@ -80,41 +80,111 @@ SELECT id, file, path, representative_ext
    }
  }

-  pwg_mail_group(
-    $_POST['group'],
-    array(
-      'subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')),
-      // TODO : change this language variable to 'Visit album %s'
-      // TODO : 'language_selected' => ....
-    ),
-    array(
-      'filename' => 'cat_group_info',
-      'assign' => array(
-        'IMG' => $img,
-        'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
-        'LINK' => make_index_url(array(
-            'category' => array(
-              'id' => $category['id'],
-              'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
-              'permalink' => $category['permalink']
-              )
-            )),
-        'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content']),
-        )
+  $args = array(
+    'subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')),
+    // TODO : change this language variable to 'Visit album %s'
+    // TODO : 'language_selected' => ....
+    );
+    
+  $tpl = array(
+    'filename' => 'cat_group_info',
+    'assign' => array(
+      'IMG' => $img,
+      'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
+      'LINK' => make_index_url(
+        array(
+          'category' => array(
+            'id' => $category['id'],
+            'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
+            'permalink' => $category['permalink']
+            )
+          )
+        ),
+      'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content']),
      )
    );

-  unset_make_full_url();
+  if ('users' == $_POST['who'] and isset($_POST['users']) and count($_POST['users']) > 0)
+  {
+    check_input_parameter('users', $_POST, true, PATTERN_ID);

-  $query = '
+    // TODO code very similar to function pwg_mail_group. We'd better create
+    // a function pwg_mail_users that could be called from here and from
+    // pwg_mail_group
+
+    // TODO to make checks even better, we should check that theses users
+    // have access to this album. No real privacy issue here, even if we
+    // send the email to a user without permission.
+
+    $query = '
+SELECT
+    ui.user_id,
+    ui.status,
+    ui.language,
+    u.'.$conf['user_fields']['email'].' AS email,
+    u.'.$conf['user_fields']['username'].' AS username
+  FROM '.USER_INFOS_TABLE.' AS ui
+    JOIN '.USERS_TABLE.' AS u ON u.'.$conf['user_fields']['id'].' = ui.user_id
+  WHERE ui.user_id IN ('.implode(',', $_POST['users']).')
+;';
+    $users = query2array($query);
+    $usernames = array();
+    
+    foreach ($users as $u)
+    {
+      $usernames[] = $u['username'];
+      
+      $authkey = create_user_auth_key($u['user_id'], $u['status']);
+      
+      $user_tpl = $tpl;
+
+      if ($authkey !== false)
+      {
+        $user_tpl['assign']['LINK'] = add_url_params($tpl['assign']['LINK'], array('auth' => $authkey['auth_key']));
+
+        if (isset($user_tpl['assign']['IMG']['link']))
+        {
+          $user_tpl['assign']['IMG']['link'] = add_url_params(
+            $user_tpl['assign']['IMG']['link'],
+            array('auth' => $authkey['auth_key'])
+            );
+        }
+      }
+
+      $user_args = $args;
+      if (isset($authkey))
+      {
+        $user_args['auth_key'] = $authkey['auth_key'];
+      }
+
+      switch_lang_to($u['language']);
+      pwg_mail($u['email'], $user_args, $user_tpl);
+      switch_lang_back();
+    }
+
+    $message = l10n_dec('%d mail was sent.', '%d mails were sent.', count($users));
+    $message.= ' ('.implode(', ', $usernames).')';
+    
+    $page['infos'][] = $message;
+  }
+  elseif ('group' == $_POST['who'] and !empty($_POST['group']))
+  {
+    check_input_parameter('group', $_POST, false, PATTERN_ID);
+    
+    pwg_mail_group($_POST['group'], $args, $tpl);
+
+    $query = '
 SELECT
    name
  FROM '.GROUPS_TABLE.'
  WHERE id = '.$_POST['group'].'
 ;';
-  list($group_name) = pwg_db_fetch_row(pwg_query($query));
+    list($group_name) = pwg_db_fetch_row(pwg_query($query));

-  $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
+    $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
+  }
+
+  unset_make_full_url();
 }

 // +-----------------------------------------------------------------------+
@ -189,6 +259,64 @@ SELECT
  }
 }

+// all users with status != guest and permitted to this this album (for a
+// perfect search, we should also check that album is not only filled with
+// private photos)
+$query = '
+SELECT
+    user_id
+  FROM '.USER_INFOS_TABLE.'
+  WHERE status != \'guest\'
+;';
+$all_user_ids = query2array($query, null, 'user_id');
+
+if ('private' == $category['status'])
+{
+  $user_ids_access_indirect = array();
+  
+  if (isset($group_ids) and count($group_ids) > 0)
+  {
+    $query = '
+SELECT
+    user_id
+  FROM '.USER_GROUP_TABLE.'
+  WHERE group_id IN ('.implode(',', $group_ids).') 
+';
+    $user_ids_access_indirect = query2array($query, null, 'user_id');
+  }
+
+  $query = '
+SELECT
+    user_id
+  FROM '.USER_ACCESS_TABLE.'
+  WHERE cat_id = '.$category['id'].'
+;';
+  $user_ids_access_direct = query2array($query, null, 'user_id');
+
+  $user_ids_access = array_unique(array_merge($user_ids_access_direct, $user_ids_access_indirect));
+
+  $user_ids = array_intersect($user_ids_access, $all_user_ids);
+}
+else
+{
+  $user_ids = $all_user_ids;
+}
+
+if (count($user_ids) > 0)
+{
+  $query = '
+SELECT
+    '.$conf['user_fields']['id'].' AS id,
+    '.$conf['user_fields']['username'].' AS username
+  FROM '.USERS_TABLE.'
+  WHERE id IN ('.implode(',', $user_ids).')
+;';
+
+  $users = query2array($query, 'id', 'username');
+
+  $template->assign('user_options', $users);
+}
+
 // +-----------------------------------------------------------------------+
 // |                           sending html code                           |
 // +-----------------------------------------------------------------------+
--- a/admin/themes/default/template/album_notification.tpl
+++ b/admin/themes/default/template/album_notification.tpl
@ -1,3 +1,59 @@
+{combine_script id='jquery.selectize' load='footer' path='themes/default/js/plugins/selectize.min.js'}
+{combine_css id='jquery.selectize' path="themes/default/js/plugins/selectize.{$themeconf.colorscheme}.css"}
+
+{footer_script}
+jQuery(document).ready(function() {
+  jQuery("select[name=who]").change(function () {
+    checkWhoOptions();
+  });
+
+  checkWhoOptions();
+
+  function checkWhoOptions() {
+    var option = jQuery("select[name=who] option:selected").val();
+    jQuery(".who_option").hide();
+    jQuery(".who_" + option).show();
+  }
+
+  jQuery(".who_option select").selectize({
+    plugins: ['remove_button']
+  });
+
+  jQuery("form#categoryNotify").submit(function(e) {
+    var who_selected = false;
+    var who_option = jQuery("select[name=who] option:selected").val();
+
+    if (jQuery(".who_" + who_option + " select").length > 0) {
+      if (jQuery(".who_" + who_option + " select option:selected").length > 0) {
+         who_selected = true;
+      }
+    }
+
+    if (!who_selected) {
+      jQuery(".actionButtons .errors").show();
+      e.preventDefault();
+    }
+    else {
+      jQuery(".actionButtons .errors").hide();
+      console.log("form can be submited");
+    }
+  });
+});
+{/footer_script}
+
+{html_style}
+.who_option {
+  margin-top:5px;
+}
+
+span.errors {
+  background-image:none;
+  padding:2px 5px;
+  margin:0;
+  border-radius:5px;
+}
+{/html_style}
+
 <div class="titrePage">
  <h2><span style="letter-spacing:0">{$CATEGORIES_NAV}</span> &#8250; {'Edit album'|@translate} {$TABSHEET_TITLE}</h2>
 </div>
@ -5,36 +61,51 @@
 <form action="{$F_ACTION}" method="post" id="categoryNotify">

 <fieldset id="emailCatInfo">
-  <legend>{'Send an information email to group members'|@translate}</legend>
-
-{if isset($group_mail_options)}
+  <legend>{'Send mail to users'|@translate}</legend>

  <p>
-    <strong>{'Group'|@translate}</strong>
-    <br>
-    <select name="group">
-      {html_options options=$group_mail_options}
+    <strong>{'Recipients'|@translate}</strong>
+    <select name="who">
+      <option value="group">{'Group'|translate}</option>
+      <option value="users">{'Users'|translate}</option>
    </select>
  </p>

+  <p class="who_option who_group">
+{if isset($group_mail_options)}
+    <select name="group" placeholder="{'Type in a search term'|translate}" style="width:524px;">
+      {html_options options=$group_mail_options}
+    </select>
+{elseif isset($no_group_in_gallery) and $no_group_in_gallery}
+    {'There is no group in this gallery.'|@translate} <a href="admin.php?page=group_list" class="externalLink">{'Group management'|@translate}</a>
+{else}
+    {'No group is permitted to see this private album'|@translate}.
+    <a href="{$permission_url}" class="externalLink">{'Permission management'|@translate}</a>
+{/if}
+    </p>
+
+    <p class="who_option who_users">
+{if isset($user_options)}
+    <select name="users[]" multiple placeholder="{'Type in a search term'|translate}" style="width:524px;">
+      {html_options options=$user_options selected=$user_options_selected}
+    </select>
+{else}
+    {'No user is permitted to see this private album'|@translate}.
+    <a href="{$permission_url}" class="externalLink">{'Permission management'|@translate}</a>
+{/if}
+    </p>
+
  <p>
    <strong>{'Complementary mail content'|@translate}</strong>
    <br>
    <textarea cols="50" rows="5" name="mail_content" id="mail_content" class="description">{$MAIL_CONTENT}</textarea>
  </p>

-  <p>
+  <p class="actionButtons">
    <input class="submit" type="submit" value="{'Send'|@translate}" name="submitEmail">
+    <span class="errors" style="display:none">&#x2718; {'No recipient selected'|translate}</span>
  </p>

-{elseif isset($no_group_in_gallery) and $no_group_in_gallery}
-  <p>{'There is no group in this gallery.'|@translate} <a href="admin.php?page=group_list" class="externalLink">{'Group management'|@translate}</a></p>
-{else}
-  <p>
-    {'No group is permitted to see this private album'|@translate}.
-    <a href="{$permission_url}" class="externalLink">{'Permission management'|@translate}</a>
-  </p>
-{/if}
 </fieldset>

 </form>
--- a/language/en_UK/admin.lang.php
+++ b/language/en_UK/admin.lang.php
@ -984,3 +984,6 @@ $lang['width & height'] = 'width & height';
 $lang['Upload in progress'] = 'Upload in progress';
 $lang['Orphans'] = 'Orphans';
 $lang['Delete %d orphan photos'] = 'Delete %d orphan photos';
+$lang['Recipients'] = 'Recipients';
+$lang['No recipient selected'] = 'No recipient selected';
+$lang['No user is permitted to see this private album'] = 'No user is permitted to see this private album';
--- a/language/fr_FR/admin.lang.php
+++ b/language/fr_FR/admin.lang.php
@ -985,3 +985,6 @@ $lang['No and unlock sub-albums'] = 'Non, et déverrouiller les sous-albums';
 $lang['Upload in progress'] = 'Transfert en cours...';
 $lang['Orphans'] = 'Orphelines';
 $lang['Delete %d orphan photos'] = 'Supprimer les %d photos orphelines';
+$lang['Recipients'] = 'Destinataires';
+$lang['No recipient selected'] = 'Choisissez un destinataire';
+$lang['No user is permitted to see this private album'] = 'Aucun utilisateur n\'est autorisé à voir cet album privé';