コード例 #1
0
ファイル: cat_perm.php プロジェクト: donseba/Piwigo
            // if you forbid access to an album, all sub-albums become
            // automatically forbidden
            $query = '
DELETE
  FROM ' . GROUP_ACCESS_TABLE . '
  WHERE group_id IN (' . implode(',', $deny_groups) . ')
    AND cat_id IN (' . implode(',', get_subcat_ids(array($page['cat']))) . ')
;';
            pwg_query($query);
        }
        //
        // add permissions to groups
        //
        $grant_groups = $_POST['groups'];
        if (count($grant_groups) > 0) {
            $cat_ids = get_uppercat_ids(array($page['cat']));
            if (isset($_POST['apply_on_sub'])) {
                $cat_ids = array_merge($cat_ids, get_subcat_ids(array($page['cat'])));
            }
            $query = '
SELECT id
  FROM ' . CATEGORIES_TABLE . '
  WHERE id IN (' . implode(',', $cat_ids) . ')
    AND status = \'private\'
;';
            $private_cats = array_from_query($query, 'id');
            $inserts = array();
            foreach ($private_cats as $cat_id) {
                foreach ($grant_groups as $group_id) {
                    $inserts[] = array('group_id' => $group_id, 'cat_id' => $cat_id);
                }
コード例 #2
0
ファイル: group_perm.php プロジェクト: donseba/Piwigo
// |                                updates                                |
// +-----------------------------------------------------------------------+
if (isset($_POST['falsify']) and isset($_POST['cat_true']) and count($_POST['cat_true']) > 0) {
    // if you forbid access to a category, all sub-categories become
    // automatically forbidden
    $subcats = get_subcat_ids($_POST['cat_true']);
    $query = '
DELETE
  FROM ' . GROUP_ACCESS_TABLE . '
  WHERE group_id = ' . $page['group'] . '
  AND cat_id IN (' . implode(',', $subcats) . ')
;';
    pwg_query($query);
} else {
    if (isset($_POST['trueify']) and isset($_POST['cat_false']) and count($_POST['cat_false']) > 0) {
        $uppercats = get_uppercat_ids($_POST['cat_false']);
        $private_uppercats = array();
        $query = '
SELECT id
  FROM ' . CATEGORIES_TABLE . '
  WHERE id IN (' . implode(',', $uppercats) . ')
  AND status = \'private\'
;';
        $result = pwg_query($query);
        while ($row = pwg_db_fetch_assoc($result)) {
            $private_uppercats[] = $row['id'];
        }
        // retrying to authorize a category which is already authorized may cause
        // an error (in SQL statement), so we need to know which categories are
        // accesible
        $authorized_ids = array();
コード例 #3
0
ファイル: pwg.permissions.php プロジェクト: squidjam/Piwigo
/**
 * API method
 * Add permissions
 * @param mixed[] $params
 *    @option int[] cat_id
 *    @option int[] group_id (optional)
 *    @option int[] user_id (optional)
 *    @option bool recursive
 */
function ws_permissions_add($params, &$service)
{
    if (get_pwg_token() != $params['pwg_token']) {
        return new PwgError(403, 'Invalid security token');
    }
    include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
    if (!empty($params['group_id'])) {
        $cat_ids = get_uppercat_ids($params['cat_id']);
        if ($params['recursive']) {
            $cat_ids = array_merge($cat_ids, get_subcat_ids($params['cat_id']));
        }
        $query = '
SELECT id
  FROM ' . CATEGORIES_TABLE . '
  WHERE id IN (' . implode(',', $cat_ids) . ')
    AND status = \'private\'
;';
        $private_cats = array_from_query($query, 'id');
        $inserts = array();
        foreach ($private_cats as $cat_id) {
            foreach ($params['group_id'] as $group_id) {
                $inserts[] = array('group_id' => $group_id, 'cat_id' => $cat_id);
            }
        }
        mass_inserts(GROUP_ACCESS_TABLE, array('group_id', 'cat_id'), $inserts, array('ignore' => true));
    }
    if (!empty($params['user_id'])) {
        if ($params['recursive']) {
            $_POST['apply_on_sub'] = true;
        }
        add_permission_on_category($params['cat_id'], $params['user_id']);
    }
    return $service->invoke('pwg.permissions.getList', array('cat_id' => $params['cat_id']));
}
コード例 #4
0
ファイル: functions.php プロジェクト: lcorbasson/Piwigo
/**
 * Grant access to a list of categories for a list of users.
 *
 * @param int[] $category_ids
 * @param int[] $user_ids
 */
function add_permission_on_category($category_ids, $user_ids)
{
    if (!is_array($category_ids)) {
        $category_ids = array($category_ids);
    }
    if (!is_array($user_ids)) {
        $user_ids = array($user_ids);
    }
    // check for emptiness
    if (count($category_ids) == 0 or count($user_ids) == 0) {
        return;
    }
    // make sure categories are private and select uppercats or subcats
    $cat_ids = get_uppercat_ids($category_ids);
    if (isset($_POST['apply_on_sub'])) {
        $cat_ids = array_merge($cat_ids, get_subcat_ids($category_ids));
    }
    $query = '
SELECT id
  FROM ' . CATEGORIES_TABLE . '
  WHERE id IN (' . implode(',', $cat_ids) . ')
    AND status = \'private\'
;';
    $private_cats = query2array($query, null, 'id');
    if (count($private_cats) == 0) {
        return;
    }
    $inserts = array();
    foreach ($private_cats as $cat_id) {
        foreach ($user_ids as $user_id) {
            $inserts[] = array('user_id' => $user_id, 'cat_id' => $cat_id);
        }
    }
    mass_inserts(USER_ACCESS_TABLE, array('user_id', 'cat_id'), $inserts, array('ignore' => true));
}