#29: Corrected permission check when displaying photos linked to a label. Multiple instances of a new label are no longer duplicated (separated out the creation logic into the LabelController.)

This commit is contained in:
Andy Heathershaw 2017-09-10 12:40:24 +01:00
parent f46d9e1101
commit 1f2552c743
3 changed files with 39 additions and 20 deletions

View File

@ -6,6 +6,7 @@ use App\Facade\Theme;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Requests\StoreLabelRequest; use App\Http\Requests\StoreLabelRequest;
use App\Label; use App\Label;
use App\Photo;
use Illuminate\Support\Facades\App; use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\View; use Illuminate\Support\Facades\View;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
@ -18,6 +19,38 @@ class LabelController extends Controller
View::share('is_admin', true); View::share('is_admin', true);
} }
/**
* Applies a comma-separated string of label IDs and/or new label texts to a photo. This is called from the
* PhotoController - not directly via a route.
* @param Photo $photo Photo to apply the labels to
* @param string $labelString CSV string of label IDs and new labels to create (e.g. "1,2,Florida,nature" would
* link label IDs 1 and 2, and create 2 new labels called Florida and nature.)
*/
public function applyLabelsToPhoto(Photo $photo, $labelString)
{
foreach (explode(',', $labelString) as $labelText)
{
$labelID = intval($labelText);
if (intval($labelID) == 0)
{
// Check if the label already exists
$labelToUse = Label::where('name', $labelText)->first();
if (is_null($labelToUse))
{
// Create new label
$labelToUse = new Label();
$labelToUse->name = $labelText;
$labelToUse->save();
}
$labelID = $labelToUse->id;
}
$photo->labels()->attach(intval($labelID));
}
}
public function delete($id) public function delete($id)
{ {
$this->authorizeAccessToAdminPanel(); $this->authorizeAccessToAdminPanel();

View File

@ -586,26 +586,12 @@ class PhotoController extends Controller
$photo->fill($value); $photo->fill($value);
// Update the photo labels // Update the photo labels
$labelIDs = trim($value['labels']); $labelString = trim($value['labels']);
$photo->labels()->detach(); $photo->labels()->detach();
if (strlen($labelIDs) > 0) if (strlen($labelString) > 0)
{ {
foreach (explode(',', $labelIDs) as $labelID) app(LabelController::class)->applyLabelsToPhoto($photo, $labelString);
{
if (intval($labelID) == 0)
{
// Create new label
$newLabel = new Label();
$newLabel->name = $labelID;
$newLabel->save();
$newLabel->save();
$labelID = $newLabel->id;
}
$photo->labels()->attach(intval($labelID));
}
} }
// Save all changes // Save all changes

View File

@ -38,7 +38,7 @@ class LabelController extends Controller
else if ($requestedView != 'slideshow') else if ($requestedView != 'slideshow')
{ {
$photos = $label->photos() $photos = $label->photos()
->where('album_id', $allowedAlbumIDs) ->whereIn('album_id', $allowedAlbumIDs)
->orderBy(DB::raw('COALESCE(photos.taken_at, photos.created_at)')) ->orderBy(DB::raw('COALESCE(photos.taken_at, photos.created_at)'))
->paginate(UserConfig::get('items_per_page')); ->paginate(UserConfig::get('items_per_page'));
} }
@ -46,12 +46,12 @@ class LabelController extends Controller
{ {
// The slideshow view needs access to all photos, not paged // The slideshow view needs access to all photos, not paged
$photos = $label->photos() $photos = $label->photos()
->where('album_id', $allowedAlbumIDs) ->whereIn('album_id', $allowedAlbumIDs)
->orderBy(DB::raw('COALESCE(photos.taken_at, photos.created_at)')) ->orderBy(DB::raw('COALESCE(photos.taken_at, photos.created_at)'))
->get(); ->get();
} }
if (count($photos) == 0) if ($photos->count() == 0)
{ {
$requestedView = 'empty'; $requestedView = 'empty';
} }