mirrors/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2025-05-13 21:45:36 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

- deletion of calculated permissions when deleting a user

Browse source 
- taking into account locked categories during permissions calculation


git-svn-id: http://piwigo.org/svn/trunk@680 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall 2005-01-08 11:23:52 +00:00
parent baf609b26a
commit 971d0c5a95
3 changed files with 29 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
admin/include/functions.php
View file

@ -321,7 +321,7 @@ DELETE FROM '.IMAGES_TABLE.'
// - all the links to any group // - all the links to any group
// - all the favorites linked to this user // - all the favorites linked to this user
// - all sessions linked to this user // - all sessions linked to this user
// - all categories informations linked to this user // - calculated permissions linked to the user
function delete_user($user_id) function delete_user($user_id)
{ {
// destruction of the access linked to the user // destruction of the access linked to the user
@ -352,6 +352,13 @@ DELETE FROM '.SESSIONS_TABLE.'
;'; ;';
pwg_query($query); pwg_query($query);
// deletion of calculated permissions linked to the user
$query = '
DELETE FROM '.USER_FORBIDDEN_TABLE.'
WHERE user_id = '.$user_id.'
;';
pwg_query($query);
// destruction of the user // destruction of the user
$query = ' $query = '
DELETE FROM '.USERS_TABLE.' DELETE FROM '.USERS_TABLE.'

20
include/functions_user.inc.php
View file

@ -267,9 +267,10 @@ DELETE FROM '.FAVORITES_TABLE.'
* belongs to minus the categories directly authorized to the user * belongs to minus the categories directly authorized to the user
* *
* @param int user_id * @param int user_id
* @param string user_status
* @return string forbidden_categories * @return string forbidden_categories
*/ */
function calculate_permissions($user_id) function calculate_permissions($user_id, $user_status)
{ {
$private_array = array(); $private_array = array();
$authorized_array = array(); $authorized_array = array();
@ -284,6 +285,23 @@ SELECT id
{ {
array_push($private_array, $row['id']); array_push($private_array, $row['id']);
} }
// if user is not an admin, locked categories can be considered as private$
if ($user_status != 'admin')
{
$query = '
SELECT id
FROM '.CATEGORIES_TABLE.'
WHERE visible = \'false\'
;';
$result = pwg_query($query);
while ($row = mysql_fetch_array($result))
{
array_push($private_array, $row['id']);
}
$private_array = array_unique($private_array);
}
// retrieve category ids directly authorized to the user // retrieve category ids directly authorized to the user
$query = ' $query = '

3
include/user.inc.php
View file

@ -128,7 +128,8 @@ if (!defined('IN_ADMIN') or !IN_ADMIN)
or !is_bool($user['need_update']) or !is_bool($user['need_update'])
or $user['need_update'] == true) or $user['need_update'] == true)
{ {
$user['forbidden_categories'] = calculate_permissions($user['id']); $user['forbidden_categories'] = calculate_permissions($user['id'],
$user['status']);
} }
} }