Merge branch 'master' of git@github.com:gallery/gallery3

installer/install.sql

@@ -10,7 +10,8 @@ CREATE TABLE {access_caches} (
   `view_full_2` binary(1) NOT NULL DEFAULT '0',
   `edit_2` binary(1) NOT NULL DEFAULT '0',
   `add_2` binary(1) NOT NULL DEFAULT '0',
-  PRIMARY KEY (`id`)
+  PRIMARY KEY (`id`),
+  KEY `item_id` (`item_id`)
 ) AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
 /*!40101 SET character_set_client = @saved_cs_client */;
 INSERT INTO {access_caches} VALUES (1,1,'1','0','0','1','0','0');
@@ -184,7 +185,8 @@ CREATE TABLE {items} (
   KEY `parent_id` (`parent_id`),
   KEY `type` (`type`),
   KEY `random` (`rand_key`),
-  KEY `weight` (`weight`)
+  KEY `weight` (`weight`),
+  KEY `left_ptr` (`left_ptr`)
 ) AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
 /*!40101 SET character_set_client = @saved_cs_client */;
 INSERT INTO {items} VALUES (1,NULL,NULL,UNIX_TIMESTAMP(),'',NULL,1,1,NULL,NULL,2,0,NULL,'','',1,NULL,NULL,2,NULL,'weight','ASC',1,NULL,NULL,'Gallery','album',UNIX_TIMESTAMP(),0,1,NULL,'1','1');
@@ -242,7 +244,7 @@ CREATE TABLE {modules} (
   KEY `weight` (`weight`)
 ) AUTO_INCREMENT=11 DEFAULT CHARSET=utf8;
 /*!40101 SET character_set_client = @saved_cs_client */;
-INSERT INTO {modules} VALUES (1,1,'gallery',32,1);
+INSERT INTO {modules} VALUES (1,1,'gallery',34,1);
 INSERT INTO {modules} VALUES (2,1,'user',3,2);
 INSERT INTO {modules} VALUES (3,1,'comment',3,3);
 INSERT INTO {modules} VALUES (4,1,'organize',1,4);

modules/gallery/controllers/file_proxy.php

@@ -116,6 +116,8 @@ public function __call($function, $args) {
       throw new Kohana_404_Exception();
     }
 
+    header("Content-Length: " . filesize($file));
+
     header("Pragma:");
     // Check that the content hasn't expired or it wasn't changed since cached
     expires::check(2592000, $item->updated);

modules/gallery/controllers/user_profile.php

@@ -56,7 +56,7 @@ public function send($id) {
         ->to($user->email)
         ->subject(html::clean($form->message->subject->value))
         ->header("Mime-Version", "1.0")
-        ->header("Content-type", "text/html; charset=iso-8859-1")
+        ->header("Content-type", "text/html; charset=UTF-8")
         ->reply_to($form->message->reply_to->value)
         ->message(html::purify($form->message->message->value))
         ->send();

modules/gallery/helpers/data_rest.php

@@ -57,9 +57,17 @@ static function get($request) {
     // We don't need to save the session for this request
     Session::instance()->abort_save();
 
+    if ($item->is_album() && !$item->album_cover_item_id) {
+      // No thumbnail.  Return nothing.
+      // @todo: what should we do here?
+      return;
+    }
+
     // Dump out the image.  If the item is a movie, then its thumbnail will be a JPG.
     if ($item->is_movie() && $p->size == "thumb") {
       header("Content-Type: image/jpeg");
+    } else if ($item->is_album()) {
+      header("Content-Type: " . $item->album_cover()->mime_type);
     } else {
       header("Content-Type: {$item->mime_type}");
     }

modules/gallery/helpers/gallery_installer.php

@@ -23,7 +23,8 @@ static function install() {
     $db->query("CREATE TABLE {access_caches} (
                  `id` int(9) NOT NULL auto_increment,
                  `item_id` int(9),
-                 PRIMARY KEY (`id`))
+                 PRIMARY KEY (`id`),
+                 KEY (`item_id`))
                DEFAULT CHARSET=utf8;");
 
     $db->query("CREATE TABLE {access_intents} (
@@ -299,7 +300,7 @@ static function install() {
     module::set_var("gallery", "simultaneous_upload_limit", 5);
     module::set_var("gallery", "admin_area_timeout", 90 * 60);
     module::set_var("gallery", "maintenance_mode", 0);
-    module::set_version("gallery", 33);
+    module::set_version("gallery", 34);
   }
 
   static function upgrade($version) {
@@ -578,6 +579,11 @@ static function upgrade($version) {
       $db->query("ALTER TABLE {items} ADD KEY (`left_ptr`)");
       module::set_version("gallery", $version = 33);
     }
+
+    if ($version == 33) {
+      $db->query("ALTER TABLE {access_caches} ADD KEY (`item_id`)");
+      module::set_version("gallery", $version = 34);
+    }
   }
 
   static function uninstall() {

modules/gallery/helpers/gallery_task.php

@@ -26,7 +26,9 @@ class gallery_task_Core {
   const FIX_STATE_RUN_DUPE_SLUGS = 5;
   const FIX_STATE_START_DUPE_NAMES = 6;
   const FIX_STATE_RUN_DUPE_NAMES = 7;
-  const FIX_STATE_DONE = 8;
+  const FIX_STATE_START_MISSING_ACCESS_CACHES = 8;
+  const FIX_STATE_RUN_MISSING_ACCESS_CACHES = 9;
+  const FIX_STATE_DONE = 10;
 
   static function available_tasks() {
     $dirty_count = graphics::find_dirty_images_query()->count_records();
@@ -323,15 +325,14 @@ static function fix($task) {
     $total = $task->get("total");
     if (empty($total)) {
       // mptt: 2 operations for every item
-      // album audit (permissions and bogus album covers): 1 operation for every album
-      // dupe slugs: 1 operation for each unique conflicted slug
       $total = 2 * db::build()->count_records("items");
+      // album audit (permissions and bogus album covers): 1 operation for every album
       $total += db::build()->where("type", "=", "album")->count_records("items");
-      foreach (self::find_dupe_slugs() as $row) {
-        $total++;
-      }
-      foreach (self::find_dupe_names() as $row) {
-        $total++;
+      // one operation for each missing slug, name and access cache
+      foreach (array("find_dupe_slugs", "find_dupe_names", "find_missing_access_caches") as $func) {
+        foreach (self::$func() as $row) {
+          $total++;
+        }
       }
 
       $task->set("total", $total);
@@ -542,6 +543,36 @@ static function fix($task) {
         $completed++;
 
         if (empty($stack)) {
+          $state = self::FIX_STATE_START_MISSING_ACCESS_CACHES;
+        }
+        break;
+
+      case self::FIX_STATE_START_MISSING_ACCESS_CACHES:
+        $stack = array();
+        foreach (self::find_missing_access_caches() as $row) {
+          $stack[] = $row->id;
+        }
+        if ($stack) {
+          $task->set("stack", implode(" ", $stack));
+          $state = self::FIX_STATE_RUN_MISSING_ACCESS_CACHES;
+        } else {
+          $state = self::FIX_STATE_DONE;
+        }
+        break;
+
+      case self::FIX_STATE_RUN_MISSING_ACCESS_CACHES:
+        $stack = explode(" ", $task->get("stack"));
+        $id = array_pop($stack);
+        $access_cache = ORM::factory("access_cache");
+        $access_cache->item_id = $id;
+        $access_cache->save();
+        $task->set("stack", implode(" ", $stack));
+        $completed++;
+        if (empty($stack)) {
+          // The new cache rows are there, but they're incorrectly populated so we have to fix
+          // them.  If this turns out to be too slow, we'll have to refactor
+          // access::recalculate_permissions to allow us to do it in slices.
+          access::recalculate_permissions(item::root());
           $state = self::FIX_STATE_DONE;
         }
         break;
@@ -587,4 +618,13 @@ static function find_dupe_names() {
       ->group_by("parent_name")
       ->execute();
   }
+
+  static function find_missing_access_caches() {
+    return db::build()
+      ->select("items.id")
+      ->from("items")
+      ->join("access_caches", "items.id", "access_caches.item_id", "left")
+      ->where("access_caches.id", "is", null)
+      ->execute();
+  }
 }

modules/gallery/helpers/items_rest.php

@@ -80,7 +80,7 @@ private static function _format_restful_item($item) {
                        "relationships" => rest::relationships("item", $item));
     if ($item->type == "album") {
       $members = array();
-      foreach ($item->children() as $child) {
+      foreach ($item->viewable()->children() as $child) {
         $members[] = rest::url("item", $child);
       }
       $item_rest["members"] = $members;

modules/gallery/models/item.php

@@ -668,9 +668,9 @@ public function scale_dimensions($max) {
   public function resize_img($extra_attrs) {
     $attrs = array_merge($extra_attrs,
             array("src" => $this->resize_url(),
-              "alt" => $this->title,
-              "width" => $this->resize_width,
-              "height" => $this->resize_height)
+                  "alt" => $this->title,
+                  "width" => $this->resize_width,
+                  "height" => $this->resize_height)
             );
     // html::image forces an absolute url which we don't want
     return "<img" . html::attributes($attrs) . "/>";
@@ -973,27 +973,25 @@ public function as_restful_array() {
     }
     unset($data["album_cover_item_id"]);
 
-    if (access::can("view_full", $this) && $this->is_photo()) {
-      if (access::user_can(identity::guest(), "view_full", $this)) {
-        $data["file_url"] = $this->file_url(true);
-      } else {
-        $data["file_url"] = rest::url("data", $this, "full");
-      }
+    if (access::can("view_full", $this) && !$this->is_album()) {
+      $data["file_url"] = rest::url("data", $this, "full");
+    }
+    if (access::user_can(identity::guest(), "view_full", $this)) {
+      $data["file_url_public"] = $this->file_url(true);
     }
 
-    if (($tmp = $this->resize_url(true)) && $this->is_photo()) {
+    if ($this->is_photo()) {
+      $data["resize_url"] = rest::url("data", $this, "resize");
       if (access::user_can(identity::guest(), "view", $this)) {
-        $data["resize_url"] = $tmp;
-      } else {
-        $data["resize_url"] = rest::url("data", $this, "resize");
+        $data["resize_url_public"] = $this->resize_url(true);
       }
     }
 
+    $data["thumb_url"] = rest::url("data", $this, "thumb");
     if (access::user_can(identity::guest(), "view", $this)) {
-      $data["thumb_url"] = $this->thumb_url(true);
-    } else {
-      $data["thumb_url"] = rest::url("data", $this, "thumb");
+      $data["thumb_url_public"] = $this->thumb_url(true);
     }
+
     $data["can_edit"] = access::can("edit", $this);
 
     // Elide some internal-only data that is going to cause confusion in the client.

modules/gallery/module.info

@@ -1,3 +1,3 @@
 name = "Gallery 3"
 description = "Gallery core application"
-version = 33
+version = 34

modules/gallery/tests/Sendmail_Test.php

@@ -65,14 +65,14 @@ public function sendmail_html_message_test() {
                 "From: from@gallery3.com\n" .
                 "Reply-To: public@gallery3.com\n" .
                 "MIME-Version: 1.0\n" .
-                "Content-type: text/html; charset=iso-8859-1\r\n" .
+                "Content-Type: text/html; charset=UTF-8\r\n" .
                 "Subject: Test Email Unit test\r\n\r\n" .
                 "<html><body><p>This is an html msg</p></body></html>";
     $result = Sendmail_For_Test::factory()
       ->to("receiver@someemail.com")
       ->subject("Test Email Unit test")
       ->header("MIME-Version", "1.0")
-      ->header("Content-type", "text/html; charset=iso-8859-1")
+      ->header("Content-Type", "text/html; charset=UTF-8")
       ->message("<html><body><p>This is an html msg</p></body></html>")
       ->send()
       ->send_text;

modules/gallery/tests/controller_auth_data.txt

@@ -25,6 +25,8 @@ modules/gallery/controllers/welcome_message.php              index
 modules/organize/controllers/organize.php                    dialog               DIRTY_CSRF
 modules/organize/controllers/organize.php                    add_album_fields     DIRTY_AUTH
 modules/rest/controllers/rest.php                            index                DIRTY_CSRF|DIRTY_AUTH
+modules/rest/controllers/rest.php                            reset_api_key_confirm DIRTY_AUTH
+modules/rest/controllers/rest.php                            reset_api_key        DIRTY_AUTH
 modules/rest/controllers/rest.php                            __call               DIRTY_CSRF|DIRTY_AUTH
 modules/rss/controllers/rss.php                              feed                 DIRTY_CSRF|DIRTY_AUTH
 modules/search/controllers/search.php                        index                DIRTY_CSRF|DIRTY_AUTH