aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--admin/album.php12
-rw-r--r--admin/cat_modify.php13
-rw-r--r--admin/cat_perm.php241
-rw-r--r--admin/themes/default/template/cat_modify.tpl6
-rw-r--r--admin/themes/default/template/cat_perm.tpl60
-rw-r--r--admin/themes/default/theme.css5
6 files changed, 199 insertions, 138 deletions
diff --git a/admin/album.php b/admin/album.php
index 1097f04f5..cb434e061 100644
--- a/admin/album.php
+++ b/admin/album.php
@@ -43,6 +43,11 @@ SELECT *
;';
$category = pwg_db_fetch_assoc(pwg_query($query));
+if (!isset($category['id']))
+{
+ die("unknown album");
+}
+
// +-----------------------------------------------------------------------+
// | Tabs |
// +-----------------------------------------------------------------------+
@@ -59,12 +64,7 @@ if (isset($_GET['tab']))
$tabsheet = new tabsheet();
$tabsheet->add('properties', l10n('Properties'), $admin_album_base_url.'-properties');
$tabsheet->add('sort_order', l10n('Manage photo ranks'), $admin_album_base_url.'-sort_order');
-
-if ('private' == $category['status'])
-{
- $tabsheet->add('permissions', l10n('Permissions'), $admin_album_base_url.'-permissions');
-}
-
+$tabsheet->add('permissions', l10n('Permissions'), $admin_album_base_url.'-permissions');
$tabsheet->select($page['tab']);
$tabsheet->assign();
diff --git a/admin/cat_modify.php b/admin/cat_modify.php
index 08be98381..d294a0714 100644
--- a/admin/cat_modify.php
+++ b/admin/cat_modify.php
@@ -144,10 +144,6 @@ if (isset($_POST['submit']))
{
set_cat_visible(array($_GET['cat_id']), $_POST['visible']);
}
- if ($cat_info['status'] != $_POST['status'] )
- {
- set_cat_status(array($_GET['cat_id']), $_POST['status']);
- }
// in case the use moves his album to the gallery root, we force
// $_POST['parent'] from 0 to null to be compared with
@@ -163,10 +159,7 @@ if (isset($_POST['submit']))
move_categories( array($_GET['cat_id']), $_POST['parent'] );
}
- // we redirect to hide/show the "permissions" tab if the category status
- // has changed
- $_SESSION['page_infos'] = array(l10n('Album updated successfully'));
- redirect($admin_album_base_url);
+ array_push($page['infos'], l10n('Album updated successfully'));
}
elseif (isset($_POST['set_random_representant']))
{
@@ -226,10 +219,6 @@ $template->assign(
'CAT_ID' => $category['id'],
'CAT_NAME' => @htmlspecialchars($category['name']),
'CAT_COMMENT' => @htmlspecialchars($category['comment']),
-
- 'status_values' => array('public','private'),
-
- 'CAT_STATUS' => $category['status'],
'CAT_VISIBLE' => boolean_to_string($category['visible']),
'U_JUMPTO' => make_index_url(
diff --git a/admin/cat_perm.php b/admin/cat_perm.php
index 3dc9c1e21..7b555e3be 100644
--- a/admin/cat_perm.php
+++ b/admin/cat_perm.php
@@ -37,122 +37,160 @@ check_status(ACCESS_ADMINISTRATOR);
// | variable initialization |
// +-----------------------------------------------------------------------+
-// if the category is not correct (not numeric, not private)
-if (isset($_GET['cat']) and is_numeric($_GET['cat']))
-{
- $query = '
-SELECT status
- FROM '.CATEGORIES_TABLE.'
- WHERE id = '.$_GET['cat'].'
-;';
- list($status) = pwg_db_fetch_row(pwg_query($query));
-
- if ('private' == $status)
- {
- $page['cat'] = $_GET['cat'];
- }
-}
-
-if (!isset($page['cat']))
-{
- $query = '
-SELECT id
- FROM '.CATEGORIES_TABLE.'
- WHERE status = \'private\'
- LIMIT 1
-;';
-
- list($page['cat']) = pwg_db_fetch_row(pwg_query($query));
-}
+$page['cat'] = $category['id'];
// +-----------------------------------------------------------------------+
// | form submission |
// +-----------------------------------------------------------------------+
-if (isset($_POST['deny_groups_submit']) or isset($_POST['grant_groups_submit']) or isset($_POST['deny_users_submit']) or isset($_POST['grant_users_submit']) )
+
+if (!empty($_POST))
{
check_pwg_token();
-}
-if (isset($_POST['deny_groups_submit'])
- and isset($_POST['deny_groups'])
- and count($_POST['deny_groups']) > 0)
-{
- // if you forbid access to a category, all sub-categories become
- // automatically forbidden
- $query = '
+ if ($category['status'] != $_POST['status'])
+ {
+ set_cat_status(array($page['cat']), $_POST['status']);
+ $category['status'] = $_POST['status'];
+ }
+
+ if ('private' == $_POST['status'])
+ {
+ //
+ // manage groups
+ //
+ $query = '
+SELECT group_id
+ FROM '.GROUP_ACCESS_TABLE.'
+ WHERE cat_id = '.$page['cat'].'
+;';
+ $groups_granted = array_from_query($query, 'group_id');
+
+ if (!isset($_POST['groups']))
+ {
+ $_POST['groups'] = array();
+ }
+
+ //
+ // remove permissions to groups
+ //
+ $deny_groups = array_diff($groups_granted, $_POST['groups']);
+ if (count($deny_groups) > 0)
+ {
+ // if you forbid access to an album, all sub-albums become
+ // automatically forbidden
+ $query = '
DELETE
FROM '.GROUP_ACCESS_TABLE.'
- WHERE group_id IN ('.implode(',', $_POST['deny_groups']).')
+ WHERE group_id IN ('.implode(',', $deny_groups).')
AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
;';
- pwg_query($query);
-}
-else if (isset($_POST['grant_groups_submit'])
- and isset($_POST['grant_groups'])
- and count($_POST['grant_groups']) > 0)
-{
- $cat_ids = (isset($_POST['apply_on_sub'])) ? implode(',', get_subcat_ids(array($page['cat']))).",".implode(',', get_uppercat_ids(array($page['cat']))) : implode(',', get_uppercat_ids(array($page['cat'])));
+ pwg_query($query);
+ }
- $query = '
+ //
+ // add permissions to groups
+ //
+ $grant_groups = array_diff($_POST['groups'], $groups_granted);
+ if (count($grant_groups) > 0)
+ {
+ $cat_ids = get_uppercat_ids(array($page['cat']));
+ if (isset($_POST['apply_on_sub']))
+ {
+ $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
+ }
+
+ $query = '
SELECT id
FROM '.CATEGORIES_TABLE.'
- WHERE id IN ('.$cat_ids.')
- AND status = \'private\'
+ WHERE id IN ('.implode(',', $cat_ids).')
+ AND status = \'private\'
;';
- $private_cats = array_from_query($query, 'id');
+ $private_cats = array_from_query($query, 'id');
- // We must not reinsert already existing lines in group_access table
- $granteds = array();
- foreach ($private_cats as $cat_id)
- {
- $granteds[$cat_id] = array();
- }
+ // We must not reinsert already existing lines in group_access table
+ $granteds = array();
+ foreach ($private_cats as $cat_id)
+ {
+ $granteds[$cat_id] = array();
+ }
- $query = '
-SELECT group_id, cat_id
+ $query = '
+SELECT
+ group_id,
+ cat_id
FROM '.GROUP_ACCESS_TABLE.'
WHERE cat_id IN ('.implode(',', $private_cats).')
- AND group_id IN ('.implode(',', $_POST['grant_groups']).')
+ AND group_id IN ('.implode(',', $grant_groups).')
;';
- $result = pwg_query($query);
- while ($row = pwg_db_fetch_assoc($result))
- {
- array_push($granteds[$row['cat_id']], $row['group_id']);
- }
+ $result = pwg_query($query);
+ while ($row = pwg_db_fetch_assoc($result))
+ {
+ array_push($granteds[$row['cat_id']], $row['group_id']);
+ }
- $inserts = array();
-
- foreach ($private_cats as $cat_id)
- {
- $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]);
- foreach ($group_ids as $group_id)
- {
- array_push($inserts, array('group_id' => $group_id,
- 'cat_id' => $cat_id));
+ $inserts = array();
+
+ foreach ($private_cats as $cat_id)
+ {
+ $group_ids = array_diff($grant_groups, $granteds[$cat_id]);
+ foreach ($group_ids as $group_id)
+ {
+ array_push(
+ $inserts,
+ array(
+ 'group_id' => $group_id,
+ 'cat_id' => $cat_id
+ )
+ );
+ }
+ }
+
+ mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
}
- }
- mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
-}
-else if (isset($_POST['deny_users_submit'])
- and isset($_POST['deny_users'])
- and count($_POST['deny_users']) > 0)
-{
- // if you forbid access to a category, all sub-categories become
- // automatically forbidden
- $query = '
+ //
+ // users
+ //
+ $query = '
+SELECT user_id
+ FROM '.USER_ACCESS_TABLE.'
+ WHERE cat_id = '.$page['cat'].'
+;';
+ $users_granted = array_from_query($query, 'user_id');
+
+ if (!isset($_POST['users']))
+ {
+ $_POST['users'] = array();
+ }
+
+ //
+ // remove permissions to users
+ //
+ $deny_users = array_diff($users_granted, $_POST['users']);
+ if (count($deny_users) > 0)
+ {
+ // if you forbid access to an album, all sub-album become automatically
+ // forbidden
+ $query = '
DELETE
FROM '.USER_ACCESS_TABLE.'
- WHERE user_id IN ('.implode(',', $_POST['deny_users']).')
+ WHERE user_id IN ('.implode(',', $deny_users).')
AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).')
;';
- pwg_query($query);
-}
-else if (isset($_POST['grant_users_submit'])
- and isset($_POST['grant_users'])
- and count($_POST['grant_users']) > 0)
-{
- add_permission_on_category($page['cat'], $_POST['grant_users']);
+ pwg_query($query);
+ }
+
+ //
+ // add permissions to users
+ //
+ $grant_users = array_diff($_POST['users'], $users_granted);
+ if (count($grant_users) > 0)
+ {
+ add_permission_on_category($page['cat'], $grant_users);
+ }
+ }
+
+ array_push($page['infos'], l10n('Album updated successfully'));
}
// +-----------------------------------------------------------------------+
@@ -170,6 +208,7 @@ $template->assign(
),
'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm',
'F_ACTION' => $admin_album_base_url.'-permissions',
+ 'private' => ('private' == $category['status']),
)
);
@@ -188,7 +227,7 @@ SELECT id, name
ORDER BY name ASC
;';
$groups = simple_hash_from_query($query, 'id', 'name');
-$template->assign('all_groups', $groups);
+$template->assign('groups', $groups);
// groups granted to access the category
$query = '
@@ -197,14 +236,7 @@ SELECT group_id
WHERE cat_id = '.$page['cat'].'
;';
$group_granted_ids = array_from_query($query, 'group_id');
-$group_granted_ids = order_by_name($group_granted_ids, $groups);
-$template->assign('group_granted_ids', $group_granted_ids);
-
-
-// groups denied
-$template->assign('group_denied_ids',
- order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups)
- );
+$template->assign('groups_selected', $group_granted_ids);
// users...
$users = array();
@@ -215,7 +247,7 @@ SELECT '.$conf['user_fields']['id'].' AS id,
FROM '.USERS_TABLE.'
;';
$users = simple_hash_from_query($query, 'id', 'username');
-$template->assign('all_users', $users);
+$template->assign('users', $users);
$query = '
@@ -224,9 +256,7 @@ SELECT user_id
WHERE cat_id = '.$page['cat'].'
;';
$user_granted_direct_ids = array_from_query($query, 'user_id');
-$user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users);
-$template->assign('user_granted_direct_ids', $user_granted_direct_ids);
-
+$template->assign('users_selected', $user_granted_direct_ids);
$user_granted_indirect_ids = array();
@@ -282,13 +312,6 @@ SELECT user_id, group_id
}
}
-$user_denied_ids = array_diff(array_keys($users),
- $user_granted_indirect_ids,
- $user_granted_direct_ids);
-$user_denied_ids = order_by_name($user_denied_ids, $users);
-$template->assign('user_denied_ids', $user_denied_ids);
-
-
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
diff --git a/admin/themes/default/template/cat_modify.tpl b/admin/themes/default/template/cat_modify.tpl
index 31a9e6ef9..47272ec3e 100644
--- a/admin/themes/default/template/cat_modify.tpl
+++ b/admin/themes/default/template/cat_modify.tpl
@@ -81,12 +81,6 @@
{/if}
<p>
- <strong>{'Access type'|@translate}</strong>
- <br>
- {html_radios name='status' values=$status_values output=$status_values|translate selected=$CAT_STATUS}
- </p>
-
- <p>
<strong>{'Lock'|@translate}</strong>
<br>
{html_radios name='visible' values='true,false'|@explode output='No,Yes'|@explode|translate selected=$CAT_VISIBLE}
diff --git a/admin/themes/default/template/cat_perm.tpl b/admin/themes/default/template/cat_perm.tpl
index c44d918ae..728669894 100644
--- a/admin/themes/default/template/cat_perm.tpl
+++ b/admin/themes/default/template/cat_perm.tpl
@@ -1,9 +1,62 @@
+{combine_script id='jquery.chosen' load='footer' path='themes/default/js/plugins/chosen.jquery.min.js'}
+{combine_css path="themes/default/js/plugins/chosen.css"}
+
+{footer_script}{literal}
+jQuery(document).ready(function() {
+ jQuery(".chzn-select").chosen();
+
+ function checkStatusOptions() {
+ if (jQuery("input[name=status]:checked").val() == "private") {
+ jQuery("#privateOptions, #applytoSubAction").show();
+ }
+ else {
+ jQuery("#privateOptions, #applytoSubAction").hide();
+ }
+ }
+
+ checkStatusOptions();
+ jQuery("#selectStatus").change(function() {
+ checkStatusOptions();
+ });
+});
+{/literal}{/footer_script}
+
<div class="titrePage">
<h2><span style="letter-spacing:0">{$CATEGORIES_NAV}</span> &#8250; {'Edit album'|@translate} {$TABSHEET_TITLE}</h2>
</div>
<form action="{$F_ACTION}" method="post" id="categoryPermissions">
+<fieldset>
+ <legend>{'Access type'|@translate}</legend>
+
+ <p id="selectStatus">
+ <label><input type="radio" name="status" value="public" {if not $private}checked="checked"{/if}> <strong>{'public'|@translate}</strong> : <em>{'any visitor can see this album'|@translate}</em></label>
+ <br>
+ <label><input type="radio" name="status" value="private" {if $private}checked="checked"{/if}> <strong>{'private'|@translate}</strong> : <em>{'visitors need to login and have the appropriate permissions to see this album'|@translate}</em></label>
+ </p>
+</fieldset>
+
+<fieldset id="privateOptions">
+ <legend>{'Groups and users'|@translate}</legend>
+
+ <p>
+ <strong>{'Permission granted for groups'|@translate}</strong>
+ <br>
+ <select data-placeholder="{'Select groups...'|@translate}" class="chzn-select" multiple style="width:700px;" name="groups[]">
+ {html_options options=$groups selected=$groups_selected}
+ </select>
+ </p>
+
+ <p>
+ <strong>{'Permission granted for users'|@translate}</strong>
+ <br>
+ <select data-placeholder="{'Select users...'|@translate}" class="chzn-select" multiple style="width:700px;" name="users[]">
+ {html_options options=$users selected=$users_selected}
+ </select>
+ </p>
+
+{*
<h4>{'Groups'|@translate}</h4>
<fieldset>
@@ -60,6 +113,13 @@
<input class="submit" type="submit" name="grant_users_submit" value="{'Grant selected users'|@translate}">
<label><input type="checkbox" name="apply_on_sub">{'Apply to sub-albums'|@translate}</label>
</fieldset>
+*}
+</fieldset>
+
+ <p style="margin:12px;text-align:left;">
+ <input class="submit" type="submit" value="{'Save Settings'|@translate}" name="submit">
+ <label id="applytoSubAction" style="display:none;"><input type="checkbox" name="apply_on_sub">{'Apply to sub-albums'|@translate}</label>
+ </p>
<input type="hidden" name="pwg_token" value="{$PWG_TOKEN}">
</form>
diff --git a/admin/themes/default/theme.css b/admin/themes/default/theme.css
index c669d8e21..006a56d8a 100644
--- a/admin/themes/default/theme.css
+++ b/admin/themes/default/theme.css
@@ -244,11 +244,6 @@ TABLE.doubleSelect SELECT.categoryList {
width: 100%; max-width: 100%; overflow-x: auto;
}
-FORM#categoryPermissions LI {
- display:inline;
- white-space: nowrap;
-}
-
.statBar {
height: 10px;
background-color: #ff7700;