diff options
Diffstat (limited to 'admin')
-rw-r--r-- | admin/album.php | 12 | ||||
-rw-r--r-- | admin/cat_modify.php | 13 | ||||
-rw-r--r-- | admin/cat_perm.php | 241 | ||||
-rw-r--r-- | admin/themes/default/template/cat_modify.tpl | 6 | ||||
-rw-r--r-- | admin/themes/default/template/cat_perm.tpl | 60 | ||||
-rw-r--r-- | admin/themes/default/theme.css | 5 |
6 files changed, 199 insertions, 138 deletions
diff --git a/admin/album.php b/admin/album.php index 1097f04f5..cb434e061 100644 --- a/admin/album.php +++ b/admin/album.php @@ -43,6 +43,11 @@ SELECT * ;'; $category = pwg_db_fetch_assoc(pwg_query($query)); +if (!isset($category['id'])) +{ + die("unknown album"); +} + // +-----------------------------------------------------------------------+ // | Tabs | // +-----------------------------------------------------------------------+ @@ -59,12 +64,7 @@ if (isset($_GET['tab'])) $tabsheet = new tabsheet(); $tabsheet->add('properties', l10n('Properties'), $admin_album_base_url.'-properties'); $tabsheet->add('sort_order', l10n('Manage photo ranks'), $admin_album_base_url.'-sort_order'); - -if ('private' == $category['status']) -{ - $tabsheet->add('permissions', l10n('Permissions'), $admin_album_base_url.'-permissions'); -} - +$tabsheet->add('permissions', l10n('Permissions'), $admin_album_base_url.'-permissions'); $tabsheet->select($page['tab']); $tabsheet->assign(); diff --git a/admin/cat_modify.php b/admin/cat_modify.php index 08be98381..d294a0714 100644 --- a/admin/cat_modify.php +++ b/admin/cat_modify.php @@ -144,10 +144,6 @@ if (isset($_POST['submit'])) { set_cat_visible(array($_GET['cat_id']), $_POST['visible']); } - if ($cat_info['status'] != $_POST['status'] ) - { - set_cat_status(array($_GET['cat_id']), $_POST['status']); - } // in case the use moves his album to the gallery root, we force // $_POST['parent'] from 0 to null to be compared with @@ -163,10 +159,7 @@ if (isset($_POST['submit'])) move_categories( array($_GET['cat_id']), $_POST['parent'] ); } - // we redirect to hide/show the "permissions" tab if the category status - // has changed - $_SESSION['page_infos'] = array(l10n('Album updated successfully')); - redirect($admin_album_base_url); + array_push($page['infos'], l10n('Album updated successfully')); } elseif (isset($_POST['set_random_representant'])) { @@ -226,10 +219,6 @@ $template->assign( 'CAT_ID' => $category['id'], 'CAT_NAME' => @htmlspecialchars($category['name']), 'CAT_COMMENT' => @htmlspecialchars($category['comment']), - - 'status_values' => array('public','private'), - - 'CAT_STATUS' => $category['status'], 'CAT_VISIBLE' => boolean_to_string($category['visible']), 'U_JUMPTO' => make_index_url( diff --git a/admin/cat_perm.php b/admin/cat_perm.php index 3dc9c1e21..7b555e3be 100644 --- a/admin/cat_perm.php +++ b/admin/cat_perm.php @@ -37,122 +37,160 @@ check_status(ACCESS_ADMINISTRATOR); // | variable initialization | // +-----------------------------------------------------------------------+ -// if the category is not correct (not numeric, not private) -if (isset($_GET['cat']) and is_numeric($_GET['cat'])) -{ - $query = ' -SELECT status - FROM '.CATEGORIES_TABLE.' - WHERE id = '.$_GET['cat'].' -;'; - list($status) = pwg_db_fetch_row(pwg_query($query)); - - if ('private' == $status) - { - $page['cat'] = $_GET['cat']; - } -} - -if (!isset($page['cat'])) -{ - $query = ' -SELECT id - FROM '.CATEGORIES_TABLE.' - WHERE status = \'private\' - LIMIT 1 -;'; - - list($page['cat']) = pwg_db_fetch_row(pwg_query($query)); -} +$page['cat'] = $category['id']; // +-----------------------------------------------------------------------+ // | form submission | // +-----------------------------------------------------------------------+ -if (isset($_POST['deny_groups_submit']) or isset($_POST['grant_groups_submit']) or isset($_POST['deny_users_submit']) or isset($_POST['grant_users_submit']) ) + +if (!empty($_POST)) { check_pwg_token(); -} -if (isset($_POST['deny_groups_submit']) - and isset($_POST['deny_groups']) - and count($_POST['deny_groups']) > 0) -{ - // if you forbid access to a category, all sub-categories become - // automatically forbidden - $query = ' + if ($category['status'] != $_POST['status']) + { + set_cat_status(array($page['cat']), $_POST['status']); + $category['status'] = $_POST['status']; + } + + if ('private' == $_POST['status']) + { + // + // manage groups + // + $query = ' +SELECT group_id + FROM '.GROUP_ACCESS_TABLE.' + WHERE cat_id = '.$page['cat'].' +;'; + $groups_granted = array_from_query($query, 'group_id'); + + if (!isset($_POST['groups'])) + { + $_POST['groups'] = array(); + } + + // + // remove permissions to groups + // + $deny_groups = array_diff($groups_granted, $_POST['groups']); + if (count($deny_groups) > 0) + { + // if you forbid access to an album, all sub-albums become + // automatically forbidden + $query = ' DELETE FROM '.GROUP_ACCESS_TABLE.' - WHERE group_id IN ('.implode(',', $_POST['deny_groups']).') + WHERE group_id IN ('.implode(',', $deny_groups).') AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).') ;'; - pwg_query($query); -} -else if (isset($_POST['grant_groups_submit']) - and isset($_POST['grant_groups']) - and count($_POST['grant_groups']) > 0) -{ - $cat_ids = (isset($_POST['apply_on_sub'])) ? implode(',', get_subcat_ids(array($page['cat']))).",".implode(',', get_uppercat_ids(array($page['cat']))) : implode(',', get_uppercat_ids(array($page['cat']))); + pwg_query($query); + } - $query = ' + // + // add permissions to groups + // + $grant_groups = array_diff($_POST['groups'], $groups_granted); + if (count($grant_groups) > 0) + { + $cat_ids = get_uppercat_ids(array($page['cat'])); + if (isset($_POST['apply_on_sub'])) + { + $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat']))); + } + + $query = ' SELECT id FROM '.CATEGORIES_TABLE.' - WHERE id IN ('.$cat_ids.') - AND status = \'private\' + WHERE id IN ('.implode(',', $cat_ids).') + AND status = \'private\' ;'; - $private_cats = array_from_query($query, 'id'); + $private_cats = array_from_query($query, 'id'); - // We must not reinsert already existing lines in group_access table - $granteds = array(); - foreach ($private_cats as $cat_id) - { - $granteds[$cat_id] = array(); - } + // We must not reinsert already existing lines in group_access table + $granteds = array(); + foreach ($private_cats as $cat_id) + { + $granteds[$cat_id] = array(); + } - $query = ' -SELECT group_id, cat_id + $query = ' +SELECT + group_id, + cat_id FROM '.GROUP_ACCESS_TABLE.' WHERE cat_id IN ('.implode(',', $private_cats).') - AND group_id IN ('.implode(',', $_POST['grant_groups']).') + AND group_id IN ('.implode(',', $grant_groups).') ;'; - $result = pwg_query($query); - while ($row = pwg_db_fetch_assoc($result)) - { - array_push($granteds[$row['cat_id']], $row['group_id']); - } + $result = pwg_query($query); + while ($row = pwg_db_fetch_assoc($result)) + { + array_push($granteds[$row['cat_id']], $row['group_id']); + } - $inserts = array(); - - foreach ($private_cats as $cat_id) - { - $group_ids = array_diff($_POST['grant_groups'], $granteds[$cat_id]); - foreach ($group_ids as $group_id) - { - array_push($inserts, array('group_id' => $group_id, - 'cat_id' => $cat_id)); + $inserts = array(); + + foreach ($private_cats as $cat_id) + { + $group_ids = array_diff($grant_groups, $granteds[$cat_id]); + foreach ($group_ids as $group_id) + { + array_push( + $inserts, + array( + 'group_id' => $group_id, + 'cat_id' => $cat_id + ) + ); + } + } + + mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); } - } - mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); -} -else if (isset($_POST['deny_users_submit']) - and isset($_POST['deny_users']) - and count($_POST['deny_users']) > 0) -{ - // if you forbid access to a category, all sub-categories become - // automatically forbidden - $query = ' + // + // users + // + $query = ' +SELECT user_id + FROM '.USER_ACCESS_TABLE.' + WHERE cat_id = '.$page['cat'].' +;'; + $users_granted = array_from_query($query, 'user_id'); + + if (!isset($_POST['users'])) + { + $_POST['users'] = array(); + } + + // + // remove permissions to users + // + $deny_users = array_diff($users_granted, $_POST['users']); + if (count($deny_users) > 0) + { + // if you forbid access to an album, all sub-album become automatically + // forbidden + $query = ' DELETE FROM '.USER_ACCESS_TABLE.' - WHERE user_id IN ('.implode(',', $_POST['deny_users']).') + WHERE user_id IN ('.implode(',', $deny_users).') AND cat_id IN ('.implode(',', get_subcat_ids(array($page['cat']))).') ;'; - pwg_query($query); -} -else if (isset($_POST['grant_users_submit']) - and isset($_POST['grant_users']) - and count($_POST['grant_users']) > 0) -{ - add_permission_on_category($page['cat'], $_POST['grant_users']); + pwg_query($query); + } + + // + // add permissions to users + // + $grant_users = array_diff($_POST['users'], $users_granted); + if (count($grant_users) > 0) + { + add_permission_on_category($page['cat'], $grant_users); + } + } + + array_push($page['infos'], l10n('Album updated successfully')); } // +-----------------------------------------------------------------------+ @@ -170,6 +208,7 @@ $template->assign( ), 'U_HELP' => get_root_url().'admin/popuphelp.php?page=cat_perm', 'F_ACTION' => $admin_album_base_url.'-permissions', + 'private' => ('private' == $category['status']), ) ); @@ -188,7 +227,7 @@ SELECT id, name ORDER BY name ASC ;'; $groups = simple_hash_from_query($query, 'id', 'name'); -$template->assign('all_groups', $groups); +$template->assign('groups', $groups); // groups granted to access the category $query = ' @@ -197,14 +236,7 @@ SELECT group_id WHERE cat_id = '.$page['cat'].' ;'; $group_granted_ids = array_from_query($query, 'group_id'); -$group_granted_ids = order_by_name($group_granted_ids, $groups); -$template->assign('group_granted_ids', $group_granted_ids); - - -// groups denied -$template->assign('group_denied_ids', - order_by_name(array_diff(array_keys($groups), $group_granted_ids), $groups) - ); +$template->assign('groups_selected', $group_granted_ids); // users... $users = array(); @@ -215,7 +247,7 @@ SELECT '.$conf['user_fields']['id'].' AS id, FROM '.USERS_TABLE.' ;'; $users = simple_hash_from_query($query, 'id', 'username'); -$template->assign('all_users', $users); +$template->assign('users', $users); $query = ' @@ -224,9 +256,7 @@ SELECT user_id WHERE cat_id = '.$page['cat'].' ;'; $user_granted_direct_ids = array_from_query($query, 'user_id'); -$user_granted_direct_ids = order_by_name($user_granted_direct_ids, $users); -$template->assign('user_granted_direct_ids', $user_granted_direct_ids); - +$template->assign('users_selected', $user_granted_direct_ids); $user_granted_indirect_ids = array(); @@ -282,13 +312,6 @@ SELECT user_id, group_id } } -$user_denied_ids = array_diff(array_keys($users), - $user_granted_indirect_ids, - $user_granted_direct_ids); -$user_denied_ids = order_by_name($user_denied_ids, $users); -$template->assign('user_denied_ids', $user_denied_ids); - - // +-----------------------------------------------------------------------+ // | sending html code | // +-----------------------------------------------------------------------+ diff --git a/admin/themes/default/template/cat_modify.tpl b/admin/themes/default/template/cat_modify.tpl index 31a9e6ef9..47272ec3e 100644 --- a/admin/themes/default/template/cat_modify.tpl +++ b/admin/themes/default/template/cat_modify.tpl @@ -81,12 +81,6 @@ {/if} <p> - <strong>{'Access type'|@translate}</strong> - <br> - {html_radios name='status' values=$status_values output=$status_values|translate selected=$CAT_STATUS} - </p> - - <p> <strong>{'Lock'|@translate}</strong> <br> {html_radios name='visible' values='true,false'|@explode output='No,Yes'|@explode|translate selected=$CAT_VISIBLE} diff --git a/admin/themes/default/template/cat_perm.tpl b/admin/themes/default/template/cat_perm.tpl index c44d918ae..728669894 100644 --- a/admin/themes/default/template/cat_perm.tpl +++ b/admin/themes/default/template/cat_perm.tpl @@ -1,9 +1,62 @@ +{combine_script id='jquery.chosen' load='footer' path='themes/default/js/plugins/chosen.jquery.min.js'} +{combine_css path="themes/default/js/plugins/chosen.css"} + +{footer_script}{literal} +jQuery(document).ready(function() { + jQuery(".chzn-select").chosen(); + + function checkStatusOptions() { + if (jQuery("input[name=status]:checked").val() == "private") { + jQuery("#privateOptions, #applytoSubAction").show(); + } + else { + jQuery("#privateOptions, #applytoSubAction").hide(); + } + } + + checkStatusOptions(); + jQuery("#selectStatus").change(function() { + checkStatusOptions(); + }); +}); +{/literal}{/footer_script} + <div class="titrePage"> <h2><span style="letter-spacing:0">{$CATEGORIES_NAV}</span> › {'Edit album'|@translate} {$TABSHEET_TITLE}</h2> </div> <form action="{$F_ACTION}" method="post" id="categoryPermissions"> +<fieldset> + <legend>{'Access type'|@translate}</legend> + + <p id="selectStatus"> + <label><input type="radio" name="status" value="public" {if not $private}checked="checked"{/if}> <strong>{'public'|@translate}</strong> : <em>{'any visitor can see this album'|@translate}</em></label> + <br> + <label><input type="radio" name="status" value="private" {if $private}checked="checked"{/if}> <strong>{'private'|@translate}</strong> : <em>{'visitors need to login and have the appropriate permissions to see this album'|@translate}</em></label> + </p> +</fieldset> + +<fieldset id="privateOptions"> + <legend>{'Groups and users'|@translate}</legend> + + <p> + <strong>{'Permission granted for groups'|@translate}</strong> + <br> + <select data-placeholder="{'Select groups...'|@translate}" class="chzn-select" multiple style="width:700px;" name="groups[]"> + {html_options options=$groups selected=$groups_selected} + </select> + </p> + + <p> + <strong>{'Permission granted for users'|@translate}</strong> + <br> + <select data-placeholder="{'Select users...'|@translate}" class="chzn-select" multiple style="width:700px;" name="users[]"> + {html_options options=$users selected=$users_selected} + </select> + </p> + +{* <h4>{'Groups'|@translate}</h4> <fieldset> @@ -60,6 +113,13 @@ <input class="submit" type="submit" name="grant_users_submit" value="{'Grant selected users'|@translate}"> <label><input type="checkbox" name="apply_on_sub">{'Apply to sub-albums'|@translate}</label> </fieldset> +*} +</fieldset> + + <p style="margin:12px;text-align:left;"> + <input class="submit" type="submit" value="{'Save Settings'|@translate}" name="submit"> + <label id="applytoSubAction" style="display:none;"><input type="checkbox" name="apply_on_sub">{'Apply to sub-albums'|@translate}</label> + </p> <input type="hidden" name="pwg_token" value="{$PWG_TOKEN}"> </form> diff --git a/admin/themes/default/theme.css b/admin/themes/default/theme.css index c669d8e21..006a56d8a 100644 --- a/admin/themes/default/theme.css +++ b/admin/themes/default/theme.css @@ -244,11 +244,6 @@ TABLE.doubleSelect SELECT.categoryList { width: 100%; max-width: 100%; overflow-x: auto; } -FORM#categoryPermissions LI { - display:inline; - white-space: nowrap; -} - .statBar { height: 10px; background-color: #ff7700; |