diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-08-09 22:55:58 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-08-09 22:55:58 -0700 |
| commit | 9de371e1b3bda42fdaf564af502c0c986eeada10 (patch) | |
| tree | ae577c8e7a1b6b13bc00bba04cdc52fbeb99c98a /modules | |
| parent | 3c18762fda9a91717b5defc300ace6bda61eb233 (diff) | |
Use the data_rest implementation to proxy access to raw
thumb/resize/full data files when permissions are in play.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/gallery/models/item.php | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 5257bbb9..1dea60e8 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -974,13 +974,26 @@ class Item_Model extends ORM_MPTT { unset($data["album_cover_item_id"]); if (access::can("view_full", $this) && $this->is_photo()) { - $data["file_url"] = $this->file_url(true); + if (access::user_can(identity::guest(), "view_full", $this)) { + $data["file_url"] = $this->file_url(true); + } else { + $data["file_url"] = rest::url("data", $this, "full"); + } } if (($tmp = $this->resize_url(true)) && $this->is_photo()) { - $data["resize_url"] = $tmp; + if (access::user_can(identity::guest(), "view", $this)) { + $data["resize_url"] = $tmp; + } else { + $data["resize_url"] = rest::url("data", $this, "resize"); + } + } + + if (access::user_can(identity::guest(), "view", $this)) { + $data["thumb_url"] = $this->thumb_url(true); + } else { + $data["thumb_url"] = rest::url("data", $this, "thumb"); } - $data["thumb_url"] = $this->thumb_url(true); $data["can_edit"] = access::can("edit", $this); // Elide some internal-only data that is going to cause confusion in the client. |