- deletion of calculated permissions when deleting a user

- taking into account locked categories during permissions calculation


git-svn-id: http://piwigo.org/svn/trunk@680 68402e56-0260-453c-a942-63ccdbb3a9ee

2 files changed, 21 insertions, 2 deletions

diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 47c124f67..344231577 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -267,9 +267,10 @@ DELETE FROM '.FAVORITES_TABLE.'
  * belongs to minus the categories directly authorized to the user
  *
  * @param int user_id
+ * @param string user_status
  * @return string forbidden_categories
  */
-function calculate_permissions($user_id)
+function calculate_permissions($user_id, $user_status)
 {
   $private_array = array();
   $authorized_array = array();
@@ -284,6 +285,23 @@ SELECT id
   {
     array_push($private_array, $row['id']);
   }
+
+  // if user is not an admin, locked categories can be considered as private$
+  if ($user_status != 'admin')
+  {
+    $query = '
+SELECT id
+  FROM '.CATEGORIES_TABLE.'
+  WHERE visible = \'false\'
+;';
+    $result = pwg_query($query);
+    while ($row = mysql_fetch_array($result))
+    {
+      array_push($private_array, $row['id']);
+    }
+
+    $private_array = array_unique($private_array);
+  }
   
   // retrieve category ids directly authorized to the user
   $query = '
diff --git a/include/user.inc.php b/include/user.inc.php
index 0d969cec8..f64c28a46 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -128,7 +128,8 @@ if (!defined('IN_ADMIN') or !IN_ADMIN)
       or !is_bool($user['need_update'])
       or $user['need_update'] == true)
   {
-    $user['forbidden_categories'] = calculate_permissions($user['id']);
+    $user['forbidden_categories'] = calculate_permissions($user['id'],
+                                                          $user['status']);
   }
 }