diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2009-07-22 11:11:48 -0700 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2009-07-22 11:11:48 -0700 |
| commit | 427e1130b26a75a59b5e180e2008f5eace398920 (patch) | |
| tree | c217d24fd6be2bad5bebac7feadb0ce267d1f50f /modules/notification/helpers | |
| parent | 4ddaaeb9dd3359226d0406f85c58ea219f559e4e (diff) | |
Modified the notification get_subscribers to ignore any users that don't
have "view" access to the item the notification is being generated for.
Fix for ticket: #538.
Diffstat (limited to 'modules/notification/helpers')
| -rw-r--r-- | modules/notification/helpers/notification.php | 14 | ||||
| -rw-r--r-- | modules/notification/helpers/notification_menu.php | 4 |
2 files changed, 12 insertions, 6 deletions
diff --git a/modules/notification/helpers/notification.php b/modules/notification/helpers/notification.php index e246af2c..c3ffeb18 100644 --- a/modules/notification/helpers/notification.php +++ b/modules/notification/helpers/notification.php @@ -67,6 +67,8 @@ class notification { } static function get_subscribers($item) { + // @todo don't access the user table directly + // @todo only return distinct email addresses $users = ORM::factory("user") ->join("subscriptions", "users.id", "subscriptions.user_id") ->join("items", "subscriptions.item_id", "items.id") @@ -77,9 +79,13 @@ class notification { $subscribers = array(); foreach ($users as $user) { - $subscribers[] = $user->email; + Kohana::log("error", "user: $user->name"); + + if (access::user_can($user, "view", $item)) { + $subscribers[$user->email] = 1; + } } - return $subscribers; + return array_keys($subscribers); } static function send_item_updated($item) { @@ -103,8 +109,8 @@ class notification { array("title" => $item->title, "parent_title" => $parent->title)) : ($item->is_photo() ? t("Photo %title added to %parent_title", - array("title" => $item->title, "parent_title" => $parent->title)) - : t("Movie %title added to %parent_title", + array("title" => $item->title, "parent_title" => $parent->title)) : + t("Movie %title added to %parent_title", array("title" => $item->title, "parent_title" => $parent->title))); self::_notify_subscribers($item, $v->render(), $v->subject); diff --git a/modules/notification/helpers/notification_menu.php b/modules/notification/helpers/notification_menu.php index 87478b8a..73d1dd03 100644 --- a/modules/notification/helpers/notification_menu.php +++ b/modules/notification/helpers/notification_menu.php @@ -22,10 +22,10 @@ class notification_menu_Core { if (!user::active()->guest) { $item = $theme->item(); - if ($item && $item->is_album()) { + if ($item && $item->is_album() && access::can("view", $item)) { $watching = notification::is_watching($item); - $watching ? $label = t("Remove notifications") : $label = t("Enable notifications"); + $label = $watching ? t("Remove notifications") : t("Enable notifications"); $menu->get("options_menu") ->append(Menu::factory("link") |