Skip to content

Commit

Permalink
Merge branch 'master' of git@github.com:gallery/gallery3
Browse files Browse the repository at this point in the history
  • Loading branch information
@andyst
andyst committed Jul 27, 2009
2 parents d18f31a + 4edf86f commit e68599f
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 56 deletions.
12 changes: 2 additions & 10 deletions modules/gallery/helpers/access.php
View file
Expand Up @@ -99,16 +99,8 @@ static function user_can($user, $perm_name, $item) {
return true;
}

if ($item->owner_id == $user->id &&
in_array($perm_name, array("view_full", "edit", "add"))) {
return true;
}

if ($perm_name == "view") {
$resource = $item->owner_id == $user->id ? $item->parent() : $item;
} else {
$resource = model_cache::get("access_cache", $item->id, "item_id");
}
$resource = $perm_name == "view" ?
$item : model_cache::get("access_cache", $item->id, "item_id");
foreach ($user->groups as $group) {
if ($resource->__get("{$perm_name}_{$group->id}") === self::ALLOW) {
return true;
Expand Down
22 changes: 18 additions & 4 deletions modules/gallery/models/item.php
View file
Expand Up @@ -38,17 +38,31 @@ public function viewable() {
if (user::active()->admin) {
$this->view_restrictions = array();
} else {
$this->view_restrictions["owner_id"] = user::active()->id;
foreach (user::group_ids() as $id) {
$this->view_restrictions["view_$id"] = access::ALLOW;
// Separate the first restriction from the rest to make it easier for us to formulate
// our where clause below
if (empty($this->view_restrictions)) {
$this->view_restrictions[0] = "view_$id";
} else {
$this->view_restrictions[1]["view_$id"] = access::ALLOW;
}
}
}
}
switch (count($this->view_restrictions)) {
case 0:
break;

if (!empty($this->view_restrictions)) {
case 1:
$this->where($this->view_restrictions[0], access::ALLOW);
break;

default:
$this->open_paren();
$this->orwhere($this->view_restrictions);
$this->where($this->view_restrictions[0], access::ALLOW);
$this->orwhere($this->view_restrictions[1]);
$this->close_paren();
break;
}

return $this;
Expand Down
42 changes: 0 additions & 42 deletions modules/gallery/tests/Access_Helper_Test.php
View file
Expand Up @@ -101,48 +101,6 @@ public function user_can_no_access_test() {
$this->assert_false(access::user_can($user, "view", $item), "Should be unable to view");
}

public function owner_can_view_album_test() {
$user = user::create("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
$user->save();

$root = ORM::factory("item", 1);
$item = album::create($root, rand(), "test album", $user->id);

$this->assert_true(access::user_can($user, "view", $item), "Should be able to view");
}

public function owner_can_view_photo_test() {
$user = user::create("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
$user->save();

$root = ORM::factory("item", 1);
$album = album::create($root, rand(), "test album", $user->id);
$item = photo::create($album, MODPATH . "gallery/images/gallery.png", "", "", null, $user->id);

$this->assert_true(access::user_can($user, "view", $item), "Should be able to view");
}

public function owner_cant_view_photo_test() {
$user = user::create("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
$user->save();

$root = ORM::factory("item", 1);
$album = album::create($root, rand(), "test album");
access::deny(group::everybody(), "view", $album);
$item = photo::create($album, MODPATH . "gallery/images/gallery.png", "", "", null, $user->id);

$this->assert_false(access::user_can($user, "view", $item), "Should not be able to view");
}

public function adding_and_removing_items_adds_ands_removes_rows_test() {
$root = ORM::factory("item", 1);
$item = album::create($root, rand(), "test album");
Expand Down

0 comments on commit e68599f

Please sign in to comment.