diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2010-02-07 21:39:26 -0800 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2010-02-07 21:39:26 -0800 |
| commit | bca3eeb92399093214ac0f5a74a380b14ffd0405 (patch) | |
| tree | 606aaf54b9c0fdbc5b6c2fc9a9ac10cbabf66d33 | |
| parent | 9695041a86ffeb1bfc5ced654cb04a9833eb9288 (diff) | |
Import G2 permissions in the import process. Ignores user and item specific permissions.
| -rw-r--r-- | modules/g2_import/helpers/g2_import.php | 190 | ||||
| -rw-r--r-- | modules/g2_import/helpers/g2_import_task.php | 13 | ||||
| -rw-r--r-- | modules/g2_import/views/admin_g2_import.html.php | 2 |
3 files changed, 162 insertions, 43 deletions
diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index f13c63b1..31368a5b 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -357,45 +357,48 @@ class g2_import_Core { } if ($g2_album->getParentId() == null) { - return t("Skipping Gallery 2 root album"); - } - $parent_album = ORM::factory("item", self::map($g2_album->getParentId())); - - $album = ORM::factory("item"); - $album->type = "album"; - $album->parent_id = self::map($g2_album->getParentId()); - $album->name = $g2_album->getPathComponent(); - $album->title = self::_decode_html_special_chars($g2_album->getTitle()); - $album->description = self::_decode_html_special_chars(self::extract_description($g2_album)); - $album->owner_id = self::map($g2_album->getOwnerId()); - $album->view_count = g2(GalleryCoreApi::fetchItemViewCount($g2_album_id)); - $album->created = $g2_album->getCreationTimestamp(); - - $order_map = array( - "originationTimestamp" => "captured", - "creationTimestamp" => "created", - "description" => "description", - "modificationTimestamp" => "updated", - "orderWeight" => "weight", - "pathComponent" => "name", - "summary" => "description", - "title" => "title", - "viewCount" => "view_count"); - $direction_map = array( - ORDER_ASCENDING => "asc", - ORDER_DESCENDING => "desc"); - if (array_key_exists($g2_order = $g2_album->getOrderBy(), $order_map)) { - $album->sort_column = $order_map[$g2_order]; - $album->sort_order = $direction_map[$g2_album->getOrderDirection()]; - } - $album->save(); - - self::import_keywords_as_tags($g2_album->getKeywords(), $album); + $album = item::root(); + } else { + $parent_album = ORM::factory("item", self::map($g2_album->getParentId())); + + $album = ORM::factory("item"); + $album->type = "album"; + $album->parent_id = self::map($g2_album->getParentId()); + $album->name = $g2_album->getPathComponent(); + $album->title = self::_decode_html_special_chars($g2_album->getTitle()); + $album->description = self::_decode_html_special_chars(self::extract_description($g2_album)); + $album->owner_id = self::map($g2_album->getOwnerId()); + $album->view_count = g2(GalleryCoreApi::fetchItemViewCount($g2_album_id)); + $album->created = $g2_album->getCreationTimestamp(); + + $order_map = array( + "originationTimestamp" => "captured", + "creationTimestamp" => "created", + "description" => "description", + "modificationTimestamp" => "updated", + "orderWeight" => "weight", + "pathComponent" => "name", + "summary" => "description", + "title" => "title", + "viewCount" => "view_count"); + $direction_map = array( + ORDER_ASCENDING => "asc", + ORDER_DESCENDING => "desc"); + if (array_key_exists($g2_order = $g2_album->getOrderBy(), $order_map)) { + $album->sort_column = $order_map[$g2_order]; + $album->sort_order = $direction_map[$g2_album->getOrderDirection()]; + } + $album->save(); + + self::import_keywords_as_tags($g2_album->getKeywords(), $album); + } self::set_map( $g2_album_id, $album->id, "album", self::g2_url(array("view" => "core.ShowItem", "itemId" => $g2_album->getId()))); + + self::_import_permissions($g2_album, $album); } /** @@ -590,6 +593,125 @@ class g2_import_Core { array("&", "\"", "<", ">"), $value); } + private static $_permission_map = array( + "core.view" => "view", + "core.viewSource" => "view_full", + "core.edit" => "edit", + "core.addDataItem" => "add", + "core.addAlbumItem" => "add"); + + /** + * Imports G2 permissions, mapping G2's permission model to G3's + * much simplified permissions. + * + * - Ignores user permissions, G3 only supports group permissions. + * - Ignores item permissions, G3 only supports album permissions. + * + * G2 permission -> G3 permission + * --------------------------------- + * core.view view + * core.viewSource view_full + * core.edit edit + * core.addDataItem add + * core.addAlbumItem add + * core.viewResizes <ignored> + * core.delete <ignored> + * comment.* <ignored> + */ + private static function _import_permissions($g2_album, $g3_album) { + // No need to do anything if this album has the same G2 ACL as its parent. + if ($g2_album->getParentId() != null && + g2(GalleryCoreApi::fetchAccessListId($g2_album->getId())) == + g2(GalleryCoreApi::fetchAccessListId($g2_album->getParentId()))) { + return; + } + + $granted_permissions = self::_map_permissions($g2_album->getId()); + + if ($g2_album->getParentId() == null) { + // Compare to current permissions, and change them if necessary. + $g3_parent_album = item::root(); + } else { + $g3_parent_album = $g3_album->parent(); + } + $granted_parent_permissions = array(); + $perm_ids = array_unique(array_values(self::$_permission_map)); + foreach (identity::groups() as $group) { + $granted_parent_permissions[$group->id] = array(); + foreach ($perm_ids as $perm_id) { + if (access::group_can($group, $perm_id, $g3_parent_album)) { + $granted_parent_permissions[$group->id][$perm_id] = 1; + } + } + } + + // Note: Only registering permissions if they're not the same as + // the inherited ones. + foreach ($granted_permissions as $group_id => $permissions) { + if (!isset($granted_parent_permissions[$group_id])) { + foreach (array_keys($permissions) as $perm_id) { + access::allow(identity::lookup_group($group_id), $perm_id, $g3_album); + } + } else if ($permissions != $granted_parent_permissions[$group_id]) { + $parent_permissions = $granted_parent_permissions[$group_id]; + // @todo Probably worth caching the group instances. + $group = identity::lookup_group($group_id); + // Note: Cannot use array_diff_key. + foreach (array_keys($permissions) as $perm_id) { + if (!isset($parent_permissions[$perm_id])) { + access::allow($group, $perm_id, $g3_album); + } + } + foreach (array_keys($parent_permissions) as $perm_id) { + if (!isset($permissions[$perm_id])) { + access::deny($group, $perm_id, $g3_album); + } + } + } + } + + foreach ($granted_parent_permissions as $group_id => $parent_permissions) { + if (isset($granted_permissions[$group_id])) { + continue; // handled above + } + $group = identity::lookup_group($group_id); + foreach (array_keys($parent_permissions) as $perm_id) { + access::deny($group, $perm_id, $g3_album); + } + } + } + + /** + * Loads all the granted group G2 permissions for a specific + * album and returns an array with G3 groups ids and G3 permission ids. + */ + private static function _map_permissions($g2_album_id) { + $g2_permissions = g2(GalleryCoreApi::fetchAllPermissionsForItem($g2_album_id)); + $permissions = array(); + foreach ($g2_permissions as $entry) { + // @todo Do something about user permissions? E.g. map G2's user albums + // to a user-specific group in G3? + if (!isset($entry["groupId"])) { + continue; + } + $g2_permission_id = $entry["permission"]; + if (!isset(self::$_permission_map[$g2_permission_id])) { + continue; + } + $group_id = self::map($entry["groupId"]); + if ($group_id == null) { + // E.g. the G2 admin group isn't mapped. + continue; + } + $permission_id = self::$_permission_map[$g2_permission_id]; + if (!isset($permissions[$group_id])) { + $permissions[$group_id] = array(); + } + $permissions[$group_id][$permission_id] = 1; + } + return $permissions; + } + /** * Import a single comment. */ diff --git a/modules/g2_import/helpers/g2_import_task.php b/modules/g2_import/helpers/g2_import_task.php index 1ec6870e..b1179e22 100644 --- a/modules/g2_import/helpers/g2_import_task.php +++ b/modules/g2_import/helpers/g2_import_task.php @@ -73,13 +73,8 @@ class g2_import_task_Core { } $task->set("done", $done); - $root_g2_id = g2(GalleryCoreApi::getDefaultAlbumId()); - $root = ORM::factory("g2_map")->where("g2_id", "=", $root_g2_id)->find(); - if (!$root->loaded()) { - $root->g2_id = $root_g2_id; - $root->g3_id = 1; - $root->save(); - } + // Ensure G2 ACLs are compacted to speed up import. + g2(GalleryCoreApi::compactAccessLists()); } $modes = array("groups", "users", "albums", "items", "comments", "tags", "highlights", "done"); @@ -128,7 +123,9 @@ class g2_import_task_Core { case "albums": if (empty($queue)) { - $task->set("queue", $queue = g2(GalleryCoreApi::fetchAlbumTree())); + $g2_root_id = g2(GalleryCoreApi::getDefaultAlbumId()); + $tree = g2(GalleryCoreApi::fetchAlbumTree()); + $task->set("queue", $queue = array($g2_root_id => $tree)); } $log_message = g2_import::import_album($queue); if ($log_message) { diff --git a/modules/g2_import/views/admin_g2_import.html.php b/modules/g2_import/views/admin_g2_import.html.php index 41ef7f85..3b7afec2 100644 --- a/modules/g2_import/views/admin_g2_import.html.php +++ b/modules/g2_import/views/admin_g2_import.html.php @@ -13,7 +13,7 @@ </p> <ul> <li> - <?= t("Permissions are <b>not imported</b>. You will have to set them again manually (for now).") ?> + <?= t("Please <b>review album permissions</b> after the import! Permissions are imported, but user specific and item specific permissions are not supported in Gallery 3 and thus ignored.") ?> </li> <li> <?= t("The only supported file formats are JPG, PNG and GIF, FLV and MP4. Other formats will be skipped.") ?> |