diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2008-12-18 00:02:59 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2008-12-18 00:02:59 +0000 |
| commit | 55f63f6c9fb0f206ba7b8fde4310edbfc8c75eb5 (patch) | |
| tree | 815b9d30caf41965373aae1539a3b8f42f091ea0 | |
| parent | b37047ff557c88becd662bd6622bf27f7a9a78f2 (diff) | |
Add item view permission checks.
Switch from absolute urls to relative ones.
Relative urls break the flash based slideshow, but the Cooliris
extension works. I'll file a bug.
| -rw-r--r-- | modules/media_rss/controllers/media_rss.php | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/modules/media_rss/controllers/media_rss.php b/modules/media_rss/controllers/media_rss.php index 747ce7e1..3414d15f 100644 --- a/modules/media_rss/controllers/media_rss.php +++ b/modules/media_rss/controllers/media_rss.php @@ -22,7 +22,7 @@ class Media_RSS_Controller extends Controller { public function albums($id) { $item = ORM::factory("item", $id); - if (!$item->loaded) { + if (!access::can("view", $item)) { return Kohana::show_404(); } @@ -31,8 +31,10 @@ class Media_RSS_Controller extends Controller { url::redirect("media_rss/photos/{$item->id}"); } - $children = $item->descendants(self::$page_size, ($page - 1) * self::$page_size, "photo"); - $max_pages = ceil($item->descendants_count("photo") / self::$page_size); + $children = $item + ->viewable() + ->descendants(self::$page_size, ($page - 1) * self::$page_size, "photo"); + $max_pages = ceil($item->viewable()->descendants_count("photo") / self::$page_size); if ($page > $max_pages) { url::redirect("media_rss/photos/{$item->id}?page=$max_pages"); @@ -40,20 +42,19 @@ class Media_RSS_Controller extends Controller { $view = new View("feed.mrss"); $view->title = $item->title; - $view->link = url::abs_site("albums/{$item->id}"); + $view->link = url::site("albums/{$item->id}"); $view->description = $item->description; - $view->feed_link = url::abs_site("media_rss/albums/{$item->id}"); + $view->feed_link = url::site("media_rss/albums/{$item->id}"); $view->children = $children; if ($page > 1) { $previous_page = $page - 1; - $view->previous_page_link = - url::abs_site("media_rss/albums/{$item->id}?page={$previous_page}"); + $view->previous_page_link = url::site("media_rss/albums/{$item->id}?page={$previous_page}"); } if ($page < $max_pages) { $next_page = $page + 1; - $view->next_page_link = url::abs_site("media_rss/albums/{$item->id}?page={$next_page}"); + $view->next_page_link = url::site("media_rss/albums/{$item->id}?page={$next_page}"); } // @todo do we want to add an upload date to the items table? @@ -65,7 +66,6 @@ class Media_RSS_Controller extends Controller { public function tags($id) { $tag = ORM::factory("tag", $id); - if (!$tag->loaded) { return Kohana::show_404(); } @@ -84,19 +84,19 @@ class Media_RSS_Controller extends Controller { $view = new View("feed.mrss"); $view->title = $tag->name; - $view->link = url::abs_site("tags/{$tag->id}"); + $view->link = url::site("tags/{$tag->id}"); $view->description = sprintf(_("Photos related to %s"), $tag->name); - $view->feed_link = url::abs_site("media_rss/tags/{$tag->id}"); + $view->feed_link = url::site("media_rss/tags/{$tag->id}"); $view->children = $children; if ($page > 1) { $previous_page = $page - 1; - $view->previous_page_link = url::abs_site("media_rss/tags/{$tag->id}?page={$previous_page}"); + $view->previous_page_link = url::site("media_rss/tags/{$tag->id}?page={$previous_page}"); } if ($page < $max_pages) { $next_page = $page + 1; - $view->next_page_link = url::abs_site("media_rss/tags/{$tag->id}?page={$next_page}"); + $view->next_page_link = url::site("media_rss/tags/{$tag->id}?page={$next_page}"); } // @todo do we want to add an upload date to the items table? |