diff options
| -rw-r--r-- | modules/gallery/helpers/access.php | 12 | ||||
| -rw-r--r-- | modules/gallery/helpers/album.php | 1 | ||||
| -rw-r--r-- | modules/gallery/models/item.php | 22 | ||||
| -rw-r--r-- | modules/gallery/tests/Access_Helper_Test.php | 42 | ||||
| -rw-r--r-- | modules/tag/helpers/tag_event.php | 2 | ||||
| -rw-r--r-- | modules/user/controllers/admin_users.php | 1 | ||||
| -rw-r--r-- | modules/user/helpers/user.php | 4 | ||||
| -rw-r--r-- | themes/default/css/fix-ie.css | 21 | ||||
| -rw-r--r-- | themes/default/css/screen.css | 51 | ||||
| -rw-r--r-- | themes/default/js/ui.init.js | 3 | ||||
| -rw-r--r-- | themes/default/views/header.html.php | 26 |
11 files changed, 107 insertions, 78 deletions
diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index 949aea84..fbe0b550 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -99,8 +99,16 @@ class access_Core { return true; } - $resource = $perm_name == "view" ? - $item : model_cache::get("access_cache", $item->id, "item_id"); + if ($item->owner_id == $user->id && + in_array($perm_name, array("view_full", "edit", "add"))) { + return true; + } + + if ($perm_name == "view") { + $resource = $item->owner_id == $user->id ? $item->parent() : $item; + } else { + $resource = model_cache::get("access_cache", $item->id, "item_id"); + } foreach ($user->groups as $group) { if ($resource->__get("{$perm_name}_{$group->id}") === self::ALLOW) { return true; diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index 0263e0e1..f146bfb3 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -104,6 +104,7 @@ class album_Core { $group->textarea("description")->label(t("Description"))->value($parent->description); if ($parent->id != 1) { $group->input("dirname")->label(t("Directory Name"))->value($parent->name) + ->rules("required") ->callback("item::validate_no_slashes") ->error_messages("no_slashes", t("The directory name can't contain a \"/\"")) ->callback("item::validate_no_trailing_period") diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index d9dd88f5..45561380 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -38,31 +38,17 @@ class Item_Model extends ORM_MPTT { if (user::active()->admin) { $this->view_restrictions = array(); } else { + $this->view_restrictions["owner_id"] = user::active()->id; foreach (user::group_ids() as $id) { - // Separate the first restriction from the rest to make it easier for us to formulate - // our where clause below - if (empty($this->view_restrictions)) { - $this->view_restrictions[0] = "view_$id"; - } else { - $this->view_restrictions[1]["view_$id"] = access::ALLOW; - } + $this->view_restrictions["view_$id"] = access::ALLOW; } } } - switch (count($this->view_restrictions)) { - case 0: - break; - case 1: - $this->where($this->view_restrictions[0], access::ALLOW); - break; - - default: + if (!empty($this->view_restrictions)) { $this->open_paren(); - $this->where($this->view_restrictions[0], access::ALLOW); - $this->orwhere($this->view_restrictions[1]); + $this->orwhere($this->view_restrictions); $this->close_paren(); - break; } return $this; diff --git a/modules/gallery/tests/Access_Helper_Test.php b/modules/gallery/tests/Access_Helper_Test.php index 59cec453..737ed8a6 100644 --- a/modules/gallery/tests/Access_Helper_Test.php +++ b/modules/gallery/tests/Access_Helper_Test.php @@ -101,6 +101,48 @@ class Access_Helper_Test extends Unit_Test_Case { $this->assert_false(access::user_can($user, "view", $item), "Should be unable to view"); } + public function owner_can_view_album_test() { + $user = user::create("access_test", "Access Test", ""); + foreach ($user->groups as $group) { + $user->remove($group); + } + $user->save(); + + $root = ORM::factory("item", 1); + $item = album::create($root, rand(), "test album", $user->id); + + $this->assert_true(access::user_can($user, "view", $item), "Should be able to view"); + } + + public function owner_can_view_photo_test() { + $user = user::create("access_test", "Access Test", ""); + foreach ($user->groups as $group) { + $user->remove($group); + } + $user->save(); + + $root = ORM::factory("item", 1); + $album = album::create($root, rand(), "test album", $user->id); + $item = photo::create($album, MODPATH . "gallery/images/gallery.png", "", "", null, $user->id); + + $this->assert_true(access::user_can($user, "view", $item), "Should be able to view"); + } + + public function owner_cant_view_photo_test() { + $user = user::create("access_test", "Access Test", ""); + foreach ($user->groups as $group) { + $user->remove($group); + } + $user->save(); + + $root = ORM::factory("item", 1); + $album = album::create($root, rand(), "test album"); + access::deny(group::everybody(), "view", $album); + $item = photo::create($album, MODPATH . "gallery/images/gallery.png", "", "", null, $user->id); + + $this->assert_false(access::user_can($user, "view", $item), "Should not be able to view"); + } + public function adding_and_removing_items_adds_ands_removes_rows_test() { $root = ORM::factory("item", 1); $item = album::create($root, rand(), "test album"); diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index 58034900..bf60978d 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -72,7 +72,7 @@ class tag_event_Core { ); });"; $tag_value = implode("; ", tag::item_tags($item)); - $view->form->edit_item->input("tags")->label(t("Tags (separate by , or ;)")) + $view->form->edit_item->input("tags")->label(t("Tags (comma or semicolon separated)")) ->value($tag_value); } diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index 0a0086ff..043a4ee5 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -130,6 +130,7 @@ class Admin_Users_Controller extends Controller { $user->password = $form->edit_user->password->value; } $user->email = $form->edit_user->email->value; + $user->url = $form->edit_user->url->value; if ($form->edit_user->locale) { $desired_locale = $form->edit_user->locale->value; $user->locale = $desired_locale == "none" ? null : $desired_locale; diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index a153ab69..b1722a1e 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -37,7 +37,7 @@ class user_Core { $group->submit("")->value(t("Save")); $form->add_rules_from($user); - module::event("user_edit_form", $user); + module::event("user_edit_form", $user, $form); return $form; } @@ -59,7 +59,7 @@ class user_Core { $form->add_rules_from($user); $form->edit_user->password->rules("-required"); - module::event("user_edit_form_admin", $user); + module::event("user_edit_form_admin", $user, $form); return $form; } diff --git a/themes/default/css/fix-ie.css b/themes/default/css/fix-ie.css index d071abac..c7c1ebad 100644 --- a/themes/default/css/fix-ie.css +++ b/themes/default/css/fix-ie.css @@ -1,26 +1,17 @@ /** * Fix display in IE 6, 7 */ -#gHeader, -#gSiteMenu, + +#gBanner, .gBreadcrumbs, #gAlbumGrid, #gPager, -#gViewMenu { +#gViewMenu { zoom: 1; } -#gHeader #gLogo img { - margin-top: 5px; - margin-bottom: 0; -} - -#gHeader #gSiteMenu { - margin-top: 28px; -} - -#gHeader #gQuickSearchForm { - margin-bottom: 0; +#gBanner { + z-index: 2; } input.submit { @@ -47,4 +38,4 @@ input.submit { .gQuickPane { height: 32px !important; -} +}
\ No newline at end of file diff --git a/themes/default/css/screen.css b/themes/default/css/screen.css index 88631e81..c5a9956d 100644 --- a/themes/default/css/screen.css +++ b/themes/default/css/screen.css @@ -131,7 +131,7 @@ fieldset { padding-bottom: .8em; } -#gHeader fieldset, +#gBanner fieldset, #gSidebar fieldset, .gShortForm fieldset { border: none; @@ -142,7 +142,7 @@ legend { margin-left: 1em; } -#gHeader legend, +#gBanner legend, #gSidebar legend, #gContent #gSearchForm legend, input[type="hidden"], @@ -387,16 +387,21 @@ form .gError, /* Layout containers ~~~~~~~~~~~~~~~~~~~~~ */ #gHeader { + margin-bottom: 1em; +} + +#gBanner { background-color: #e8e8e8; - border-bottom: 1px solid #fff; + border-bottom: 1px solid #ccc; font-size: .8em; - margin-bottom: 1em; - padding: 1em 20px 0 20px; + padding: 1em 20px; + position: relative; } #gContent { font-size: 1.2em; padding-left: 20px; + position: relative; width: 696px; } @@ -421,18 +426,17 @@ form .gError, /* Header ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ -#gHeader #gLogo img { - float: left; - margin: -4px 10px 0 0; +#gBanner #gLogo img { + margin: 0; } -#gHeader #gQuickSearchForm { +#gBanner #gQuickSearchForm { clear: right; float: right; - margin: 1em 0; + margin-top: 1em; } -#gHeader #gQuickSearchForm input[type='text'] { +#gBanner #gQuickSearchForm input[type='text'] { width: 17em; } @@ -535,12 +539,12 @@ form .gError, /* Footer content ~~~~~~~~~~~~~~~~~~~~~~~~ */ -#gHeader #gLoginMenu li, +#gBanner #gLoginMenu li, #gFooter #gCredits li { display: inline; } -#gHeader #gLoginMenu li { +#gBanner #gLoginMenu li { padding-left: 1.2em; } @@ -558,14 +562,13 @@ form .gError, *********************************************************************/ #gSiteMenu, -.gBreadcrumbs, #gTagCloud ul { font-size: 1.2em; } /* Login menu ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ -#gHeader #gLoginMenu { +#gBanner #gLoginMenu { color: #999; float: right; } @@ -573,13 +576,14 @@ form .gError, /* Site Menu ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ #gSiteMenu { - float: left; - margin-top: 20px; - padding: 0 20px 0 0; + bottom: 0; + display: none; + left: 140px; + position: absolute; } #gSiteMenu ul { - margin-bottom: 0; + margin-bottom: 0 !important; } /* Thumb Menu ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ @@ -641,11 +645,7 @@ form .gError, /* Breadcrumbs ~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ .gBreadcrumbs { - background-color: #fff; - border-top: 1px solid #ccc; - clear: both; - margin: 0 -20px; - padding-left: 20px; + padding: 0 20px; } .gBreadcrumbs li { @@ -763,9 +763,7 @@ form .gError, * 6) Browser hacks *********************************************************************/ -#gSiteMenu:after, #gHeader:after, -.gBreadcrumbs:after, #gAlbumGrid:after, .gPager:after, #gViewMenu:after { @@ -823,7 +821,6 @@ form .gError, .ui-widget-overlay { background: #000; opacity: .7; - filter: Alpha(Opacity=70); } #gDialog { diff --git a/themes/default/js/ui.init.js b/themes/default/js/ui.init.js index 92a42ded..11cd06ed 100644 --- a/themes/default/js/ui.init.js +++ b/themes/default/js/ui.init.js @@ -57,6 +57,9 @@ $(document).ready(function() { if ($("#gAlbumGrid").length) { // Vertical align thumbnails/metadata in album grid $(".gItem").vAlign(); + $(".gQuick").ajaxStop(function(){ + $(".gItem").vAlign(); + }); } // Photo/Item item view only diff --git a/themes/default/views/header.html.php b/themes/default/views/header.html.php index c903edf5..2ba1e923 100644 --- a/themes/default/views/header.html.php +++ b/themes/default/views/header.html.php @@ -1,19 +1,19 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<?= $theme->header_top() ?> -<? if ($header_text = module::get_var("gallery", "header_text")): ?> -<?= $header_text ?> -<? else: ?> -<a id="gLogo" href="<?= url::site("albums/1") ?>" title="<?= t("go back to the Gallery home") ?>"> - <img width="107" height="48" alt="<?= t("Gallery logo: Your photos on your web site") ?>" src="<?= $theme->url("images/logo.png") ?>" /> -</a> -<? endif ?> - -<div id="gSiteMenu" style="display: none"> -<?= $theme->site_menu() ?> +<div id="gBanner"> + <?= $theme->header_top() ?> + <? if ($header_text = module::get_var("gallery", "header_text")): ?> + <?= $header_text ?> + <? else: ?> + <a id="gLogo" href="<?= url::site("albums/1") ?>" title="<?= t("go back to the Gallery home") ?>"> + <img width="107" height="48" alt="<?= t("Gallery logo: Your photos on your web site") ?>" src="<?= $theme->url("images/logo.png") ?>" /> + </a> + <? endif ?> + <div id="gSiteMenu"> + <?= $theme->site_menu() ?> + </div> + <?= $theme->header_bottom() ?> </div> -<?= $theme->header_bottom() ?> - <? if (!empty($parents)): ?> <ul class="gBreadcrumbs"> <? foreach ($parents as $parent): ?> |