// if you forbid access to an album, all sub-album become automatically // forbidden $query = ' DELETE FROM ' . USER_ACCESS_TABLE . ' WHERE user_id IN (' . implode(',', $deny_users) . ') AND cat_id IN (' . implode(',', get_subcat_ids(array($page['cat']))) . ') ;'; pwg_query($query); } // // add permissions to users // $grant_users = $_POST['users']; if (count($grant_users) > 0) { add_permission_on_category($page['cat'], $grant_users); } } $page['infos'][] = l10n('Album updated successfully'); } // +-----------------------------------------------------------------------+ // | template initialization | // +-----------------------------------------------------------------------+ $template->set_filename('cat_perm', 'cat_perm.tpl'); $template->assign(array('CATEGORIES_NAV' => get_cat_display_name_from_id($page['cat'], 'admin.php?page=album-'), 'U_HELP' => get_root_url() . 'admin/popuphelp.php?page=cat_perm', 'F_ACTION' => $admin_album_base_url . '-permissions', 'private' => 'private' == $category['status'])); // +-----------------------------------------------------------------------+ // | form construction | // +-----------------------------------------------------------------------+ // groups denied are the groups not granted. So we need to find all groups // minus groups granted to find groups denied. $groups = array();
/** * API method * Add permissions * @param mixed[] $params * @option int[] cat_id * @option int[] group_id (optional) * @option int[] user_id (optional) * @option bool recursive */ function ws_permissions_add($params, &$service) { if (get_pwg_token() != $params['pwg_token']) { return new PwgError(403, 'Invalid security token'); } include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; if (!empty($params['group_id'])) { $cat_ids = get_uppercat_ids($params['cat_id']); if ($params['recursive']) { $cat_ids = array_merge($cat_ids, get_subcat_ids($params['cat_id'])); } $query = ' SELECT id FROM ' . CATEGORIES_TABLE . ' WHERE id IN (' . implode(',', $cat_ids) . ') AND status = \'private\' ;'; $private_cats = array_from_query($query, 'id'); $inserts = array(); foreach ($private_cats as $cat_id) { foreach ($params['group_id'] as $group_id) { $inserts[] = array('group_id' => $group_id, 'cat_id' => $cat_id); } } mass_inserts(GROUP_ACCESS_TABLE, array('group_id', 'cat_id'), $inserts, array('ignore' => true)); } if (!empty($params['user_id'])) { if ($params['recursive']) { $_POST['apply_on_sub'] = true; } add_permission_on_category($params['cat_id'], $params['user_id']); } return $service->invoke('pwg.permissions.getList', array('cat_id' => $params['cat_id'])); }
/** * Create a virtual category. * * @param string $category_name * @param int $parent_id * @param array $options * - boolean commentable * - boolean visible * - string status * - string comment * - boolean inherit * @return array ('info', 'id') or ('error') */ function create_virtual_category($category_name, $parent_id = null, $options = array()) { global $conf, $user; // is the given category name only containing blank spaces ? if (preg_match('/^\\s*$/', $category_name)) { return array('error' => l10n('The name of an album must not be empty')); } $insert = array('name' => $category_name, 'rank' => 0, 'global_rank' => 0); // is the album commentable? if (isset($options['commentable']) and is_bool($options['commentable'])) { $insert['commentable'] = $options['commentable']; } else { $insert['commentable'] = $conf['newcat_default_commentable']; } $insert['commentable'] = boolean_to_string($insert['commentable']); // is the album temporarily locked? (only visible by administrators, // whatever permissions) (may be overwritten if parent album is not // visible) if (isset($options['visible']) and is_bool($options['visible'])) { $insert['visible'] = $options['visible']; } else { $insert['visible'] = $conf['newcat_default_visible']; } $insert['visible'] = boolean_to_string($insert['visible']); // is the album private? (may be overwritten if parent album is private) if (isset($options['status']) and 'private' == $options['status']) { $insert['status'] = 'private'; } else { $insert['status'] = $conf['newcat_default_status']; } // any description for this album? if (isset($options['comment'])) { $insert['comment'] = $conf['allow_html_descriptions'] ? $options['comment'] : strip_tags($options['comment']); } if (!empty($parent_id) and is_numeric($parent_id)) { $query = ' SELECT id, uppercats, global_rank, visible, status FROM ' . CATEGORIES_TABLE . ' WHERE id = ' . $parent_id . ' ;'; $parent = pwg_db_fetch_assoc(pwg_query($query)); $insert['id_uppercat'] = $parent['id']; $insert['global_rank'] = $parent['global_rank'] . '.' . $insert['rank']; // at creation, must a category be visible or not ? Warning : if the // parent category is invisible, the category is automatically create // invisible. (invisible = locked) if ('false' == $parent['visible']) { $insert['visible'] = 'false'; } // at creation, must a category be public or private ? Warning : if the // parent category is private, the category is automatically create // private. if ('private' == $parent['status']) { $insert['status'] = 'private'; } $uppercats_prefix = $parent['uppercats'] . ','; } else { $uppercats_prefix = ''; } // we have then to add the virtual category single_insert(CATEGORIES_TABLE, $insert); $inserted_id = pwg_db_insert_id(CATEGORIES_TABLE); single_update(CATEGORIES_TABLE, array('uppercats' => $uppercats_prefix . $inserted_id), array('id' => $inserted_id)); update_global_rank(); if ('private' == $insert['status'] and !empty($insert['id_uppercat']) and (isset($options['inherit']) and $options['inherit'] or $conf['inheritance_by_default'])) { $query = ' SELECT group_id FROM ' . GROUP_ACCESS_TABLE . ' WHERE cat_id = ' . $insert['id_uppercat'] . ' ;'; $granted_grps = query2array($query, null, 'group_id'); $inserts = array(); foreach ($granted_grps as $granted_grp) { $inserts[] = array('group_id' => $granted_grp, 'cat_id' => $inserted_id); } mass_inserts(GROUP_ACCESS_TABLE, array('group_id', 'cat_id'), $inserts); $query = ' SELECT user_id FROM ' . USER_ACCESS_TABLE . ' WHERE cat_id = ' . $insert['id_uppercat'] . ' ;'; $granted_users = query2array($query, null, 'user_id'); add_permission_on_category($inserted_id, array_unique(array_merge(get_admins(), array($user['id']), $granted_users))); } elseif ('private' == $insert['status']) { add_permission_on_category($inserted_id, array_unique(array_merge(get_admins(), array($user['id'])))); } return array('info' => l10n('Virtual album added'), 'id' => $inserted_id); }
} if (isset($granted_users[$parent_id])) { foreach ($granted_users[$parent_id] as $granted_user) { $insert_granted_users[] = array('user_id' => $granted_user, 'cat_id' => $ids); } } foreach (get_admins() as $granted_user) { $insert_granted_users[] = array('user_id' => $granted_user, 'cat_id' => $ids); } } } mass_inserts(GROUP_ACCESS_TABLE, array('group_id', 'cat_id'), $insert_granted_grps); $insert_granted_users = array_unique($insert_granted_users, SORT_REGULAR); mass_inserts(USER_ACCESS_TABLE, array('user_id', 'cat_id'), $insert_granted_users); } else { add_permission_on_category($category_ids, get_admins()); } } $counts['new_categories'] = count($inserts); } // to delete categories $to_delete = array(); $to_delete_derivative_dirs = array(); foreach (array_diff(array_keys($db_fulldirs), $fs_fulldirs) as $fulldir) { $to_delete[] = $db_fulldirs[$fulldir]; unset($db_fulldirs[$fulldir]); $infos[] = array('path' => $fulldir, 'info' => l10n('deleted')); if (substr_compare($fulldir, '../', 0, 3) == 0) { $fulldir = substr($fulldir, 3); } $to_delete_derivative_dirs[] = PHPWG_ROOT_PATH . PWG_DERIVATIVE_DIR . $fulldir;
} // +-----------------------------------------------------------------------+ // | updates | // +-----------------------------------------------------------------------+ if (isset($_POST['falsify']) and isset($_POST['cat_true']) and count($_POST['cat_true']) > 0) { // if you forbid access to a category, all sub-categories become // automatically forbidden $subcats = get_subcat_ids($_POST['cat_true']); $query = ' DELETE FROM ' . USER_ACCESS_TABLE . ' WHERE user_id = ' . $page['user'] . ' AND cat_id IN (' . implode(',', $subcats) . ') ;'; pwg_query($query); } elseif (isset($_POST['trueify']) and isset($_POST['cat_false']) and count($_POST['cat_false']) > 0) { add_permission_on_category($_POST['cat_false'], $page['user']); } // +-----------------------------------------------------------------------+ // | template init | // +-----------------------------------------------------------------------+ $template->set_filenames(array('user_perm' => 'user_perm.tpl', 'double_select' => 'double_select.tpl')); $template->assign(array('TITLE' => l10n('Manage permissions for user "%s"', get_username($page['user'])), 'L_CAT_OPTIONS_TRUE' => l10n('Authorized'), 'L_CAT_OPTIONS_FALSE' => l10n('Forbidden'), 'F_ACTION' => PHPWG_ROOT_PATH . 'admin.php?page=user_perm' . '&user_id=' . $page['user'])); // retrieve category ids authorized to the groups the user belongs to $group_authorized = array(); $query = ' SELECT DISTINCT cat_id, c.uppercats, c.global_rank FROM ' . USER_GROUP_TABLE . ' AS ug INNER JOIN ' . GROUP_ACCESS_TABLE . ' AS ga ON ug.group_id = ga.group_id INNER JOIN ' . CATEGORIES_TABLE . ' AS c ON c.id = ga.cat_id