diff options
author | plegall <plg@piwigo.org> | 2012-03-17 00:47:17 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2012-03-17 00:47:17 +0000 |
commit | b09c66fdc3aedc5d09a8b082facbf58f5b5e0478 (patch) | |
tree | b7c1ff0637f044248c284f8a2da3f1edc9d4427d /admin/cat_perm.php | |
parent | f3e2beed8cd7e3042b2d82ad9c6efc012a32fe13 (diff) |
feature 2594: redesign on album permission screen. The choice "public/private"
is not on the "properties" tab anymore. Simpler ergonomy to select grant users
and groups.
git-svn-id: http://piwigo.org/svn/trunk@13580 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin/cat_perm.php | 241 |
1 files changed, 132 insertions, 109 deletions
diff --git a/admin/cat_perm.php b/admin/cat_perm.php index 3dc9c1e21..7b555e3be 100644 --- a/admin/cat_perm.php +++ b/admin/cat_perm.php @@ -37,122 +37,160 @@ check_status(ACCESS_ADMINISTRATOR); // | variable initialization | // +-----------------------------------------------------------------------+ -// if the category is not correct (not numeric, not private) -if (isset($_GET['cat']) and is_numeric($_GET['cat'])) -{ - $query = ' -SELECT status - FROM '.CATEGORIES_TABLE.' - WHERE id = '.$_GET['cat'].' -;'; - list($status) = pwg_db_fetch_row(pwg_query($query)); - - if ('private' == $status) - { - $page['cat'] = $_GET['cat']; - } -} - -if (!isset($page['cat'])) -{ - $query = ' -SELECT id - FROM '.CATEGORIES_TABLE.' - WHERE status = \'private\' - LIMIT 1 -;'; - - list($page['cat']) = pwg_db_fetch_row(pwg_query($query)); -} +$page['cat'] = $category['id']; // +-----------------------------------------------------------------------+ // | form submission | // +-----------------------------------------------------------------------+ -if (isset($_POST['deny_groups_submit']) or isset($_POST['grant_groups_submit']) or isset($_POST['deny_users_submit']) or isset($_POST['grant_users_submit']) ) + +if (!empty($_POST)) { check_pwg_token(); -} -if (isset($_POST['deny_groups_submit']) - and isset($_POST['deny_groups']) - and count($_POST['deny_groups']) > 0) -{ - // if you forbid access to a category, all sub-categories become - // automatically forbidden - $query = ' + if ($category['status'] != $_POST['status']) + { + set_cat_status(array($page['cat']), $_POST['status']); + $category['status'] = $_POST['status']; + } + + if ('private' == $_POST['status']) + { + // + // manage groups + // + $query = ' +SELECT group_id + FROM '.GROUP_ACCESS_TABLE.' + WHERE cat_id = '.$page['cat'].' +;'; + $groups_granted = array_from_query($query, 'group_id'); + + if (!isset($_POST['groups'])) + { + $_POST['groups'] = array(); + } + + // + // remove permissions to groups + // + $deny_groups = array_diff($groups_granted, $_POST['groups']); + if (count($deny_groups) > 0) + { + // if you forbid access to an album, all sub-albums become + // automatically forbidden + $query = ' DELETE FROM '.GROUP_ACCESS_TABLE.' - WHERE group_id IN ('.implode(',', $_POST['deny_groups']).') + WHERE group_id IN ('.implode(',', $deny_groups).') AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).') ;'; - pwg_query($query); -} -else if (isset($_POST['grant_groups_submit']) - and isset($_POST['grant_groups']) - and count($_POST['grant_groups']) > 0) -{ - $cat_ids = (isset($_POST['apply_on_sub'])) ? implode(',', get_subcat_ids(array($page['cat']))).",".implode(',', get_uppercat_ids(array($page['cat']))) : implode(',', get_uppercat_ids(array($page['cat']))); + pwg_query($query); + } - $query = ' + // + // add permissions to groups + // + $grant_groups = array_diff($_POST['groups'], $groups_granted); + if (count($grant_groups) > 0) + { + $cat_ids = get_uppercat_ids(array($page['cat'])); + if (isset($_POST['apply_on_sub'])) + { + $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat']))); + } + + $query = ' SELECT id FROM '.CATEGORIES_TABLE.' - WHERE id IN ('.$cat_ids.') - AND status = \'private\' + WHERE id IN ('.implode(',', $cat_ids).') + AND status = \'private\' ;'; - $private_cats = array_from_query($query, 'id'); + $private_cats = array_from_query($query, 'id'); - // We must not reinsert already existing lines in group_access table - $granteds = array(); - foreach ($private_cats as $cat_id) - { - $granteds[$cat_id] = array(); - } + // We must not reinsert already existing lines in group_access table + $granteds = array(); + foreach ($private_cats as $cat_id) + { + $granteds[$cat_id] = array(); + } - $query = ' -SELECT group_id, cat_id + $query = ' +SELECT + group_id, + cat_id FROM '.GROUP_ACCESS_TABLE.' WHERE cat_id IN ('.implode(',', $private_cats).') - AND group_id IN ('.implode(',', $_POST['grant_groups']).') + AND group_id IN ('.implode(',', $grant_groups).') ;'; - $result = pwg_query($query); - while ($row = pwg_db_fetch_assoc($result)) - { - array_push($granteds[$row['cat_id']], $row['group_id']); - } + $result = pwg_query($query); + while ($row = pwg_db_fetch_assoc($result)) + { + array_push($granteds[$row['cat_id']], $row['group_id']); + } - $inserts = array(); - - foreach ($private_cats as $cat_id) - { - $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]); - foreach ($group_ids as $group_id) - { - array_push($inserts, array('group_id' => $group_id, - 'cat_id' => $cat_id)); + $inserts = array(); + + foreach ($private_cats as $cat_id) + { + $group_ids = array_diff($grant_groups, $granteds[$cat_id]); + foreach ($group_ids as $group_id) + { + array_push( + $inserts, + array( + 'group_id' => $group_id, + 'cat_id' => $cat_id + ) + ); + } + } + + mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); } - } - mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); -} -else if (isset($_POST['deny_users_submit']) - and isset($_POST['deny_users']) - and count($_POST['deny_users']) > 0) -{ - // if you forbid access to a category, all sub-categories become - // automatically forbidden - $query = ' + // + // users + // + $query = ' +SELECT user_id + FROM '.USER_ACCESS_TABLE.' + WHERE cat_id = '.$page['cat'].' +;'; + $users_granted = array_from_query($query, 'user_id'); + + if (!isset($_POST['users'])) + { + $_POST['users'] = array(); + } + + // + // remove permissions to users + // + $deny_users = array_diff($users_granted, $_POST['users']); + if (count($deny_users) > 0) + { + // if you forbid access to an album, all sub-album become automatically + // forbidden + $query = ' DELETE FROM '.USER_ACCESS_TABLE.' - WHERE user_id IN ('.implode(',', $_POST['deny_users']).') + WHERE user_id IN ('.implode(',', $deny_users).') AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).') ;'; - pwg_query($query); -} -else if (isset($_POST['grant_users_submit']) - and isset($_POST['grant_users']) - and count($_POST['grant_users']) > 0) -{ - add_permission_on_category($page['cat'], $_POST['grant_users']); + pwg_query($query); + } + + // + // add permissions to users + // + $grant_users = array_diff($_POST['users'], $users_granted); + if (count($grant_users) > 0) + { + add_permission_on_category($page['cat'], $grant_users); + } + } + + array_push($page['infos'], l10n('Album updated successfully')); } // +-----------------------------------------------------------------------+ @@ -170,6 +208,7 @@ $template->assign( ), 'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm', 'F_ACTION' => $admin_album_base_url.'-permissions', + 'private' => ('private' == $category['status']), ) ); @@ -188,7 +227,7 @@ SELECT id, name ORDER BY name ASC ;'; $groups = simple_hash_from_query($query, 'id', 'name'); -$template->assign('all_groups', $groups); +$template->assign('groups', $groups); // groups granted to access the category $query = ' @@ -197,14 +236,7 @@ SELECT group_id WHERE cat_id = '.$page['cat'].' ;'; $group_granted_ids = array_from_query($query, 'group_id'); -$group_granted_ids = order_by_name($group_granted_ids, $groups); -$template->assign('group_granted_ids', $group_granted_ids); - - -// groups denied -$template->assign('group_denied_ids', - order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups) - ); +$template->assign('groups_selected', $group_granted_ids); // users... $users = array(); @@ -215,7 +247,7 @@ SELECT '.$conf['user_fields']['id'].' AS id, FROM '.USERS_TABLE.' ;'; $users = simple_hash_from_query($query, 'id', 'username'); -$template->assign('all_users', $users); +$template->assign('users', $users); $query = ' @@ -224,9 +256,7 @@ SELECT user_id WHERE cat_id = '.$page['cat'].' ;'; $user_granted_direct_ids = array_from_query($query, 'user_id'); -$user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users); -$template->assign('user_granted_direct_ids', $user_granted_direct_ids); - +$template->assign('users_selected', $user_granted_direct_ids); $user_granted_indirect_ids = array(); @@ -282,13 +312,6 @@ SELECT user_id, group_id } } -$user_denied_ids = array_diff(array_keys($users), - $user_granted_indirect_ids, - $user_granted_direct_ids); -$user_denied_ids = order_by_name($user_denied_ids, $users); -$template->assign('user_denied_ids', $user_denied_ids); - - // +-----------------------------------------------------------------------+ // | sending html code | // +-----------------------------------------------------------------------+ |