aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2007-09-11 02:24:51 +0000
committerrvelices <rv-github@modusoptimus.com>2007-09-11 02:24:51 +0000
commit92f80e5d799aa7fef5f00cbf5c27e32f92c4b2ea (patch)
treecbde0a4b03ea5733bf71ce1db3c8ec993825c38e /include
parent45fde2cc6b34d3acdfd43b487eb4b7dbeede05a8 (diff)
feature 731: permissions at image level
- this is the first version - I wait for feedback before changing help files git-svn-id: http://piwigo.org/svn/trunk@2084 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include')
-rw-r--r--include/config_default.inc.php23
-rw-r--r--include/functions_user.inc.php96
2 files changed, 81 insertions, 38 deletions
diff --git a/include/config_default.inc.php b/include/config_default.inc.php
index a12770ef2..64ade722b 100644
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@@ -168,14 +168,14 @@ $conf['show_version'] = true;
// );
//
// Advenced use:
-// You can also used special options. Instead to pass a string like parameter value
+// You can also used special options. Instead to pass a string like parameter value
// you can pass a array with different optional parameter values
// $conf['links'] = array(
// 'http://phpwebgallery.net' => array('label' => 'PWG website', 'new_window' => false, 'eval_visible' => 'return true;'),
// 'http://forum.phpwebgallery.net' => array('label' => 'For ADMIN', 'new_window' => true, 'eval_visible' => 'return is_admin();'),
// 'http://phpwebgallery.net/doc' => array('label' => 'For Guest', 'new_window' => true, 'eval_visible' => 'return is_a_guest();'),
-// 'http://download.gna.org/phpwebgallery/' =>
-// array('label' => 'PopUp', 'new_window' => true,
+// 'http://download.gna.org/phpwebgallery/' =>
+// array('label' => 'PopUp', 'new_window' => true,
// 'nw_name' => 'PopUp', 'nw_features' => 'width=800,height=450,location=no,status=no,toolbar=no,scrollbars=no,menubar=no'),
// );
// Parameters:
@@ -263,6 +263,9 @@ $conf['prefix_thumbnail'] = 'TN-';
// Administration>Identification>Users?
$conf['users_page'] = 20;
+// image level permissions available in the admin interface
+$conf['available_permission_levels'] = array(0,1,2,4,8);
+
// mail_options: only set it true if you have a send mail warning with
// "options" parameter missing on mail() function execution.
$conf['mail_options'] = false;
@@ -614,11 +617,11 @@ $conf['allow_web_services'] = true;
$conf['ws_max_images_per_page'] = 500;
// On Access control false / Admim Web Service need Php cURL extension
-// Controls are done on public basis or
+// Controls are done on public basis or
// if connected on member authorization basis
$conf['ws_access_control'] = false;
-
-// On Access control true
+
+// On Access control true
// Additionnal controls are made based on Web Service Access Table
// Max returned rows number ( > 0 )
@@ -628,10 +631,10 @@ $conf['ws_access_control'] = false;
// 0 it's Now(), don't remove that one
$conf['ws_postponed_start'] = array(0,1,2,3,5,7,14,30); /* In days */
-// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s)
+// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s)
// or 15, 10, 7, 5, 1, 0 day(s)
// 0 it's temporary closed (Useful for one access)
- $conf['ws_durations'] = array(3650,1825,730,365,182,91,30,15,10,7,5,1,0);
+ $conf['ws_durations'] = array(3650,1825,730,365,182,91,30,15,10,7,5,1,0);
// +-----------------------------------------------------------------------+
// | Filter |
@@ -675,12 +678,12 @@ $conf['filter_pages'] = array
// +-----------------------------------------------------------------------+
// | Light slideshow |
// +-----------------------------------------------------------------------+
-// $conf['light_slideshow'] indicates to use slideshow.tpl in state of
+// $conf['light_slideshow'] indicates to use slideshow.tpl in state of
// picture.tpl for slideshow
// Take care to have slideshow.tpl in all available templates
// Or set it false.
// Check if Picture's plugins are compliant with it
// Every plugin from 1.7 would be design to manage light_slideshow case.
-$conf['light_slideshow'] = true;
+$conf['light_slideshow'] = true;
?>
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index f3b078dbf..1c4500328 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -257,6 +257,22 @@ SELECT ui.*, uc.*
$userdata['forbidden_categories'] =
calculate_permissions($userdata['id'], $userdata['status']);
+ /* now we build the list of forbidden images (this list does not contain
+ images that are not in at least an authorized category)*/
+ $query = '
+SELECT DISTINCT(id)
+ FROM '.IMAGES_TABLE.' INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
+ WHERE category_id NOT IN ('.$userdata['forbidden_categories'].')
+ AND level>'.$userdata['level'];
+ $forbidden_ids = array_from_query($query, 'id');
+
+ if ( empty($forbidden_ids) )
+ {
+ array_push( $forbidden_ids, 0 );
+ }
+ $userdata['image_access_type'] = 'NOT IN'; //TODO maybe later
+ $userdata['image_access_list'] = implode(',',$forbidden_ids);
+
update_user_cache_categories($userdata);
// Set need update are done
@@ -269,6 +285,7 @@ SELECT ui.*, uc.*
SELECT COUNT(DISTINCT(image_id)) as total
FROM '.IMAGE_CATEGORY_TABLE.'
WHERE category_id NOT IN ('.$userdata['forbidden_categories'].')
+ AND image_id '.$userdata['image_access_type'].' ('.$userdata['image_access_list'].')
;';
list($userdata['nb_total_images']) = mysql_fetch_array(pwg_query($query));
@@ -281,10 +298,12 @@ DELETE FROM '.USER_CACHE_TABLE.'
$query = '
INSERT INTO '.USER_CACHE_TABLE.'
- (user_id, need_update, forbidden_categories, nb_total_images)
+ (user_id, need_update, forbidden_categories, nb_total_images,
+ image_access_type, image_access_list)
VALUES
('.$userdata['id'].',\''.boolean_to_string($userdata['need_update']).'\',\''
- .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].')
+ .$userdata['forbidden_categories'].'\','.$userdata['nb_total_images'].',"'
+ .$userdata['image_access_type'].'","'.$userdata['image_access_list'].'")
;';
pwg_query($query);
}
@@ -527,26 +546,20 @@ function get_computed_categories($userdata, $filter_days=null)
$group_by = '';
$query = 'SELECT c.id cat_id, global_rank';
- if ( !isset($filter_days) )
- {
- $query .= ',
- date_last cat_date_last,
- nb_images cat_nb_images
- FROM '.CATEGORIES_TABLE.' as c';
- }
- else
+ // Count by date_available to avoid count null
+ $query .= ',
+ MAX(date_available) cat_date_last, COUNT(date_available) cat_nb_images
+FROM '.CATEGORIES_TABLE.' as c
+ LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON ic.category_id = c.id
+ LEFT JOIN '.IMAGES_TABLE.' AS i
+ ON ic.image_id = i.id
+ AND i.level<='.$userdata['level'];
+
+ if ( isset($filter_days) )
{
- // Count by date_available to avoid count null
- $query .= ',
- MAX(date_available) cat_date_last,
- COUNT(date_available) cat_nb_images
- FROM '.CATEGORIES_TABLE.' as c
- LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON ic.category_id = c.id
- LEFT JOIN '.IMAGES_TABLE.' AS i
- ON ic.image_id = i.id AND
- i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)';
- $group_by = 'c.id';
+ $query .= ' AND i.date_available > SUBDATE(CURRENT_DATE,INTERVAL '.$filter_days.' DAY)';
}
+ $group_by = 'c.id';
if ( !empty($userdata['forbidden_categories']) )
{
@@ -719,7 +732,7 @@ SELECT COUNT(*)
function get_default_user_info($convert_str = true)
{
global $page, $conf;
-
+
if (!isset($page['cache_default_user']))
{
$query = 'select * from '.USER_INFOS_TABLE.
@@ -727,7 +740,7 @@ function get_default_user_info($convert_str = true)
$result = pwg_query($query);
$page['cache_default_user'] = mysql_fetch_assoc($result);
-
+
if ($page['cache_default_user'] !== false)
{
unset($page['cache_default_user']['user_id']);
@@ -839,11 +852,13 @@ function create_user_infos($arg_id, $override_values = null)
foreach ($user_ids as $user_id)
{
+ $level= isset($default_user['level']) ? $default_user['level'] : 0;
if ($user_id == $conf['webmaster_id'])
{
$status = 'webmaster';
+ $level = max( $conf['available_permission_levels'] );
}
- else if (($user_id == $conf['guest_id']) or
+ else if (($user_id == $conf['guest_id']) or
($user_id == $conf['default_user_id']))
{
$status = 'guest';
@@ -858,11 +873,12 @@ function create_user_infos($arg_id, $override_values = null)
array(
'user_id' => $user_id,
'status' => $status,
- 'registration_date' => $dbnow
+ 'registration_date' => $dbnow,
+ 'level' => $level
));
array_push($inserts, $insert);
- }
+ }
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
mass_inserts(USER_INFOS_TABLE, array_keys($inserts[0]), $inserts);
@@ -901,7 +917,7 @@ SELECT name
* return the file path of the given language filename, depending on the
* availability of the file
*
- * in descending order of preference:
+ * in descending order of preference:
* param language, user language, default language
* PhpWebGallery default language.
*
@@ -1290,14 +1306,38 @@ function get_sql_condition_FandF(
break;
}
case 'visible_images':
- {
if (!empty($filter['visible_images']))
{
$sql_list[] =
$field_name.' IN ('.$filter['visible_images'].')';
}
+ // note there is no break - visible include forbidden
+ case 'forbidden_images':
+ if (
+ !empty($user['image_access_list'])
+ or $user['image_access_type']!='NOT IN'
+ )
+ {
+ $table_prefix=null;
+ if ($field_name=='id')
+ {
+ $table_prefix = '';
+ }
+ elseif ($field_name=='i.id')
+ {
+ $table_prefix = 'i.';
+ }
+ if ( isset($table_prefix) )
+ {
+ $sql_list[]=$table_prefix.'level<='.$user['level'];
+ }
+ else
+ {
+ $sql_list[]=$field_name.' '.$user['image_access_type']
+ .' ('.$user['image_access_list'].')';
+ }
+ }
break;
- }
default:
{
die('Unknow condition');