summaryrefslogtreecommitdiff
path: root/modules/gallery/helpers/access.php
AgeCommit message (Collapse)Author
2010-09-05Force "Options +FollowSymLinks" since that's a requirement forBharat Mediratta
mod_rewrite to work. This is surprisingly obscure in the docs. Thanks to bromide for turning this up in http://gallery.menalto.com/node/97791!
2010-07-27"public static" ==> "static" to match code conventions.Bharat Mediratta
2010-07-25Add a new maintenance task that resyncs album .htaccess files withBharat Mediratta
database access intents. Use this to fix up .htaccess files after you relocate your Gallery. Fixes ticket #1252.
2010-07-25Don't use hardcoded id 1 as the everybody group; it won't work with ↵Bharat Mediratta
alternative auth schemes.
2010-03-03Update the copyright to 2010. It's only 3 months into the year :-)Bharat Mediratta
2010-02-27Fix for ticket #1035: Make .htaccess access rules work for the case when ↵Andy Staudacher
index.php isn't part of generated URLs.
2010-02-14For consistency, use straight Kohana_404_Exception instead of the event system.Andy Staudacher
2010-02-12Fix for tickets 1009 and 603: Show a themed error page to guests / ↵Andy Staudacher
registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
2010-02-11Security: Fix leaking of album / photo names. Reject previous fix for ticket ↵Andy Staudacher
1009. Side effect: Renaming auth::required_login() to login_page().
2010-01-31htaccess_works() can't use var/tmp anymore because that's locked down.Bharat Mediratta
So just create var/security_test and delete it when we're done.
2010-01-20Throw Kohana_Exception instead of Exception on access denied, since that may ↵Bharat Mediratta
bubble all the way up
2010-01-20Forbidden is a 403, not a 503.Bharat Mediratta
2010-01-18Change DENY and ALLOW to "0" and "1" to match the fact that ORM noBharat Mediratta
longer typecasts values as of http://dev.kohanaphp.com/issues/2459
2009-12-17In Kohana 2.4, ORM no longer does the find_all() call for us when weBharat Mediratta
retrieve related ORMs. If we tack a find_all() on the end, it breaks the User_Definition interface so create User_Model::groups() and Groups_Model::users() as glue.
2009-12-17Update all database queries such that we can run "php index.phpBharat Mediratta
package" and generate the same SQL as before.
2009-12-01Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_devBharat Mediratta
2009-11-30Don't allow the extra "/?" sequence (ie: "/index.php/?kohana_uri=...") in ↵Bharat Mediratta
the generated .htaccess files.
2009-11-29Don't use PathInfo based urls to reroute access protection. FixesBharat Mediratta
ticket #922.
2009-11-26Convert all DB where() calls to take 3 arguments.Bharat Mediratta
Convert all open_paren() calls to and_open() or or_open() as appropriate.
2009-11-25ORM::orderby -> ORM::order_byBharat Mediratta
2009-11-25Preliminary work to cut over to Kohana 2.4Bharat Mediratta
- Kohana::log() -> Kohana_Log::add() - Kohana::config_XXX -> Kohana_Config::instance()->XXX - Implement View::set_global in MY_View - Updated Cache_Database_Driver to latest APIs - ORM::$loaded -> ORM::loaded() - Updated item::viewable() to use K2.4 parenthesization
2009-10-26Upgrade the gallery module to version 16 to reflect the refactoring of the ↵Tim Almdal
user module into an identity provider. Change how we determine if there are available groups that we need to export
2009-10-22Change the name of identity library from Identity to IdentityProvider. ↵Tim Almdal
Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class
2009-10-20Add a groups api method on the Identity provider and change ↵Tim Almdal
access_Core::_get_all_groups() to use this to get the defined groups.
2009-10-19Simplify the user interface by moving the password reset functionality into ↵Tim Almdal
the user module Bagging the User_Definition and Group_Definition abstract classes and replacing them with interfaces with the same names. Make sure all the unit tests work.
2009-10-16Remove all non Identity API methods from Identity.php. Created an ↵Tim Almdal
MY_Session class to provide the user state changes in the session and a login.php helper that has the login form.
2009-10-16Start simplifying the interface by moving the static methods from user.php ↵Tim Almdal
and group.php. Tried creating a identity helper, but the helper identity.php was confused with the library Identity.php. So got around this by making the methods on Identity static and calling the instance within the static methods. Also temporarily moved the user.php and group.php back into the user module.
2009-07-27Revert "Fix for ticket #452"Tim Almdal
This reverts commit 809e52d80cbf3beb75b238fddb0da3951fb9a8e7.
2009-07-27Back out the fix for ticket #452Tim Almdal
Revert "Changed access::user_can to force the owner of an item to have" This reverts commit 0b97cfd6f098be08be5f3cf1dbca1cce580ae330.
2009-07-27Back out fixes for ticket #452Tim Almdal
Revert "It helps to save before committing :-)" This reverts commit 0d76d6fd77f53e9e92a9a013cd112c69217f3ceb.
2009-07-26Merge branch 'master' of git://github.com/rledisez/gallery3 into rledisez/masterAndy Staudacher
2009-07-26It helps to save before committing :-)Tim Almdal
2009-07-26Changed access::user_can to force the owner of an item to haveTim Almdal
view permission on the parent. Added a whitelist of allowable owner permissions. If the requested permission is view and the user requesting access is the owner, check that they have view permission to the parent.
2009-07-25Fix for ticket #452Tim Almdal
1) Change access_Core::user_can to return true for all permissions if the owner is the specified user. 2) Change Item_Model::viewable to set the owner_id is the first view_restriction This allowed simplification of the generating the where clause to a single $this->orwhere instead of a where and an orwhere.
2009-07-25Rename columns that use reserved SQL words : items.left and items.rightRomain LE DISEZ
2009-07-23Fix a typo in a commentBharat Mediratta
2009-07-23Consistency : always use self::XXXRomain LE DISEZ
(cherry picked from commit c9017ae2f21ff8f5d745f296a636b80a30add6a1)
2009-07-23Use BOOLEAN instead of integer to describe the permissions :Romain LE DISEZ
- DENY = false - ALLOW = true - UNKNOW = null (for intent only) - INHERIT = null (for cache) Upgrade is not included for now. (cherry picked from commit 719c59e0402464a0e2b14915f6d10218ff5d4729)
2009-07-22remove an extra ->reload() that was there for testingTim Almdal
2009-07-22Add explicit unit tests for access::user_canTim Almdal
2009-07-22Duh... when I added user_can, I passed in the user, but still used the ↵Tim Almdal
groups from the session
2009-07-21Add an API method user_can that allows for checking a specific user has theTim Almdal
specified permission to the item. Changed can to delegate to this method passing in the active user.
2009-07-17Change model_cache::clear() API to clear everything. This preventsBharat Mediratta
old ORM relationships from hanging around, which was causing problems when doing MPTT manipulations (resulting in incorrect permission propagation-- very bad!)
2009-07-17Fix a bug where moved items don't properly inherit permissions fromBharat Mediratta
their new target. After each move, recalculate the permissions for the new parent's hierarchy. Fixes ticket #552
2009-05-27Update all references to the core application to now point to theBharat Mediratta
gallery module. This type of mass update is prone to some small bugs.
2009-05-27Restructure things so that the application is now just another module.Bharat Mediratta
Kohana makes this type of transition fairly straightforward in that all controllers/helpers/etc are still located in the cascading filesystem without any extra effort, except that I've temporarily added a hack to force modules/gallery into the module path. Rename what's left of "core" to be "application" so that it conforms more closely to the Kohana standard (basically, just application/config/config.php which is the minimal thing that you need in the application directory) There's still considerable work left to be done here.
generated by cgit v1.2.3 (git 2.51.0) at 2025-11-23 03:45:30 +0000