diff --git a/app/Http/Controllers/Admin/AlbumController.php b/app/Http/Controllers/Admin/AlbumController.php
index bf30e02..0ea7710 100644
--- a/app/Http/Controllers/Admin/AlbumController.php
+++ b/app/Http/Controllers/Admin/AlbumController.php
@@ -417,7 +417,7 @@ class AlbumController extends Controller
* @param $id
* @return Album
*/
- private function loadAlbum($id)
+ private function loadAlbum($id, $permission = 'edit')
{
$album = Album::where('id', intval($id))->first();
if (is_null($album))
@@ -425,7 +425,7 @@ class AlbumController extends Controller
App::abort(404);
return null;
}
- else if (!Auth::user()->can('edit', $album))
+ else if (!Auth::user()->can($permission, $album))
{
App::abort(403);
return null;
diff --git a/database/seeds/PermissionsSeeder.php b/database/seeds/PermissionsSeeder.php
index 476398b..d151356 100644
--- a/database/seeds/PermissionsSeeder.php
+++ b/database/seeds/PermissionsSeeder.php
@@ -27,12 +27,60 @@ class PermissionsSeeder extends Seeder
'sort_order' => 20
]);
- // album:edit = controls if the album is visible and can be edited in the admin panel
+ // album:edit = controls if the album can be edited in the admin panel
DatabaseSeeder::createOrUpdate('permissions', [
'section' => 'album',
'description' => 'edit',
'is_default' => true,
'sort_order' => 10
]);
+
+ // album:delete = controls if the album can be deleted from the admin panel
+ DatabaseSeeder::createOrUpdate('permissions', [
+ 'section' => 'album',
+ 'description' => 'delete',
+ 'is_default' => true,
+ 'sort_order' => 20
+ ]);
+
+ // album:upload-photos = controls if photos can be uploaded into the album
+ DatabaseSeeder::createOrUpdate('permissions', [
+ 'section' => 'album',
+ 'description' => 'upload-photos',
+ 'is_default' => true,
+ 'sort_order' => 30
+ ]);
+
+ // album:edit-own-photos = controls if existing photos, owned by the current user, in the album can be edited
+ DatabaseSeeder::createOrUpdate('permissions', [
+ 'section' => 'album',
+ 'description' => 'edit-own-photos',
+ 'is_default' => true,
+ 'sort_order' => 40
+ ]);
+
+ // album:edit-other-photos = controls if existing photos, owned by other users, in the album can be edited
+ DatabaseSeeder::createOrUpdate('permissions', [
+ 'section' => 'album',
+ 'description' => 'edit-other-photos',
+ 'is_default' => true,
+ 'sort_order' => 50
+ ]);
+
+ // album:delete-own-photos = controls if existing photos, owned by the current user, in the album can be deleted
+ DatabaseSeeder::createOrUpdate('permissions', [
+ 'section' => 'album',
+ 'description' => 'delete-own-photos',
+ 'is_default' => true,
+ 'sort_order' => 60
+ ]);
+
+ // album:delete-other-photos = controls if existing photos, owned by other users, in the album can be deleted
+ DatabaseSeeder::createOrUpdate('permissions', [
+ 'section' => 'album',
+ 'description' => 'delete-other-photos',
+ 'is_default' => true,
+ 'sort_order' => 70
+ ]);
}
}
diff --git a/resources/lang/en/permissions.php b/resources/lang/en/permissions.php
index 9c221b2..6a0afb5 100644
--- a/resources/lang/en/permissions.php
+++ b/resources/lang/en/permissions.php
@@ -1,8 +1,14 @@
[
+ 'delete' => 'Delete this album',
+ 'delete-other-photos' => 'Delete photos owned by other users',
+ 'delete-own-photos' => 'Delete user\'s own photos',
'edit' => 'Manage this album',
+ 'edit-other-photos' => 'Edit photos owned by other users',
+ 'edit-own-photos' => 'Edit user\'s own photos',
'list' => 'See this album in listings',
+ 'upload-photos' => 'Upload photos into this album',
'view' => 'Access this album'
]
];
\ No newline at end of file
diff --git a/resources/views/themes/base/admin/list_albums.blade.php b/resources/views/themes/base/admin/list_albums.blade.php
index a30e597..9c80b27 100644
--- a/resources/views/themes/base/admin/list_albums.blade.php
+++ b/resources/views/themes/base/admin/list_albums.blade.php
@@ -50,6 +50,8 @@
|
@can('edit', $album)
@lang('forms.edit_action')
+ @endcan
+ @can('delete', $album)
@lang('forms.delete_action')
@endcan
|
diff --git a/resources/views/themes/base/partials/album_permissions.blade.php b/resources/views/themes/base/partials/album_permissions.blade.php
index f0fa9d9..c1c10b9 100644
--- a/resources/views/themes/base/partials/album_permissions.blade.php
+++ b/resources/views/themes/base/partials/album_permissions.blade.php
@@ -9,6 +9,9 @@
Select All · Select None
@foreach ($all_permissions as $permission)
+ @if ($object_id == 'anonymous' && $permission->section == 'album' && $permission->description != 'list' && $permission->description != 'view')
+ @continue
+ @endif