From eedfd5abdd53b381794d56a962e5f2bc7a5f3061 Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Sat, 28 Jul 2018 08:59:07 +0100 Subject: [PATCH 1/8] #84: Corrected permissions query for a non-admin user returning incorrect child albums --- app/Helpers/DbHelper.php | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/app/Helpers/DbHelper.php b/app/Helpers/DbHelper.php index 6a74f48..bba7315 100644 --- a/app/Helpers/DbHelper.php +++ b/app/Helpers/DbHelper.php @@ -70,17 +70,20 @@ class DbHelper ->leftJoin('permissions AS group_permissions', 'group_permissions.id', '=', 'album_group_permissions.permission_id') ->leftJoin('permissions AS user_permissions', 'user_permissions.id', '=', 'album_user_permissions.permission_id') ->leftJoin('user_groups', 'user_groups.group_id', '=', 'album_group_permissions.group_id') - ->where('albums.user_id', $user->id) - ->orWhere([ - ['group_permissions.section', 'album'], - ['group_permissions.description', $permission], - ['user_groups.user_id', $user->id] - ]) - ->orWhere([ - ['user_permissions.section', 'album'], - ['user_permissions.description', $permission], - ['album_user_permissions.user_id', $user->id] - ]); + ->where(function($query) use ($user, $permission) + { + $query->where('albums.user_id', $user->id) + ->orWhere([ + ['group_permissions.section', 'album'], + ['group_permissions.description', $permission], + ['user_groups.user_id', $user->id] + ]) + ->orWhere([ + ['user_permissions.section', 'album'], + ['user_permissions.description', $permission], + ['album_user_permissions.user_id', $user->id] + ]); + }); } $parentAlbumID = intval($parentAlbumID); From aa2998ac70b1de32bbd2d1c68c87129978bf034e Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Sat, 28 Jul 2018 08:59:51 +0100 Subject: [PATCH 2/8] #85: Changed the way next/previous buttons work, and introduced a more consistent ordering when large numbers of photos were uploaded at the same time --- .../Controllers/Gallery/AlbumController.php | 4 +- .../Controllers/Gallery/PhotoController.php | 42 +++++++++++++++---- 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/app/Http/Controllers/Gallery/AlbumController.php b/app/Http/Controllers/Gallery/AlbumController.php index e149f48..aaf936a 100644 --- a/app/Http/Controllers/Gallery/AlbumController.php +++ b/app/Http/Controllers/Gallery/AlbumController.php @@ -71,14 +71,14 @@ class AlbumController extends Controller else if ($requestedView != 'slideshow') { $photos = $album->photos() - ->orderBy(DB::raw('COALESCE(taken_at, created_at)')) + ->orderBy(DB::raw('COALESCE(taken_at, created_at), name, id')) ->paginate(UserConfig::get('items_per_page')); } else { // The slideshow view needs access to all photos, not paged $photos = $album->photos() - ->orderBy(DB::raw('COALESCE(taken_at, created_at)')) + ->orderBy(DB::raw('COALESCE(taken_at, created_at), name, id')) ->get(); } diff --git a/app/Http/Controllers/Gallery/PhotoController.php b/app/Http/Controllers/Gallery/PhotoController.php index 708fbd2..bd50bb0 100644 --- a/app/Http/Controllers/Gallery/PhotoController.php +++ b/app/Http/Controllers/Gallery/PhotoController.php @@ -105,14 +105,40 @@ class PhotoController extends Controller // Load the Next/Previous buttons $thisPhotoDate = is_null($photo->taken_at) ? $photo->created_at : $photo->taken_at; - $previousPhoto = $album->photos() - ->where(DB::raw('COALESCE(taken_at, created_at)'), '<', $thisPhotoDate) - ->orderBy(DB::raw('COALESCE(taken_at, created_at)'), 'desc') - ->first(); - $nextPhoto = $album->photos() - ->where(DB::raw('COALESCE(taken_at, created_at)'), '>', $thisPhotoDate) - ->orderBy(DB::raw('COALESCE(taken_at, created_at)')) - ->first(); + // I don't like the idea of using a totally raw SQL query, but it's the only sure-fire way to number the rows + // so we can get the previous/next photos accurately - and we don't have to load all data for the photo objects + $previousPhoto = null; + $nextPhoto = null; + + $allAlbumPhotos = DB::select( + DB::raw( + 'SELECT p.id, (@row_number:=@row_number + 1) AS row_number + FROM photos p, (SELECT @row_number:=0) AS t + WHERE p.album_id = :album_id + ORDER BY COALESCE(p.taken_at, p.created_at), p.name, p.id;' + ), + [ + 'album_id' => $album->id + ] + ); + + for ($i = 0; $i < count($allAlbumPhotos); $i++) + { + if ($allAlbumPhotos[$i]->id === $photo->id) + { + if ($i > 0) + { + $previousPhoto = Photo::where('id', $allAlbumPhotos[$i - 1]->id)->first(); + } + + if ($i + 1 < count($allAlbumPhotos)) + { + $nextPhoto = Photo::where('id', $allAlbumPhotos[$i + 1]->id)->first(); + } + + break; + } + } // Record the visit to the photo if (UserConfig::get('enable_visitor_hits')) From c029c6ca002f62ce3b318cfd09cdcf33eeba0a34 Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Sat, 28 Jul 2018 09:00:57 +0100 Subject: [PATCH 3/8] Bumped version for the 2.1.2 release --- config/app.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/app.php b/config/app.php index f34c40a..62c7e52 100644 --- a/config/app.php +++ b/config/app.php @@ -2,7 +2,7 @@ return [ // Version number of Blue Twilight - 'version' => '2.1.1', + 'version' => '2.1.2', /* |-------------------------------------------------------------------------- From 4456cd5fa7f6be28ee9d77852898d3da5f13658a Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Sun, 29 Jul 2018 21:58:28 +0100 Subject: [PATCH 4/8] #86: Switched the update check from Github to Gitea --- .../Controllers/Admin/DefaultController.php | 9 +- app/Services/GiteaService.php | 112 ++++++++++++++++++ config/services.php | 30 +---- 3 files changed, 123 insertions(+), 28 deletions(-) create mode 100644 app/Services/GiteaService.php diff --git a/app/Http/Controllers/Admin/DefaultController.php b/app/Http/Controllers/Admin/DefaultController.php index 9f43ac7..4c2d851 100644 --- a/app/Http/Controllers/Admin/DefaultController.php +++ b/app/Http/Controllers/Admin/DefaultController.php @@ -15,6 +15,7 @@ use App\Http\Requests\SaveSettingsRequest; use App\Label; use App\Mail\TestMailConfig; use App\Photo; +use App\Services\GiteaService; use App\Services\GithubService; use App\Services\PhotoService; use App\Storage; @@ -46,18 +47,18 @@ class DefaultController extends Controller { try { - $githubService = new GithubService(); - $releaseInfo = $githubService->checkForLatestRelease(); + $giteaService = new GiteaService(); + $releaseInfo = $giteaService->checkForLatestRelease(); // Convert the publish date so we can re-format it with the user's settings - $publishDate = \DateTime::createFromFormat('Y-m-d\TH:i:s\Z', $releaseInfo->published_at); + $publishDate = \DateTime::createFromFormat('Y-m-d\TH:i:sP', $releaseInfo->published_at); // HTML-ify the body text $body = nl2br($releaseInfo->body); $body = preg_replace('/\*\*(.+)\*\*/', '$1', $body); // Remove the "v" from the release name - $version = substr($releaseInfo->name, 1); + $version = substr($releaseInfo->tag_name, 1); // Determine if we can upgrade $canUpgrade = version_compare($version, config('app.version')) > 0; diff --git a/app/Services/GiteaService.php b/app/Services/GiteaService.php new file mode 100644 index 0000000..e37b7da --- /dev/null +++ b/app/Services/GiteaService.php @@ -0,0 +1,112 @@ +config = config('services.gitea'); + $this->cacheFile = storage_path('app/gitea_cache.txt'); + } + + public function checkForLatestRelease() + { + $cacheData = null; + + if ($this->doesCacheExist()) + { + // Get the etag from the cache + $cacheData = $this->getCacheData(); + } + else + { + // Lookup and store the version information + $statusCode = -1; + $result = $this->getLatestReleaseFromGitea($statusCode); + + if ($statusCode == 200) + { + $releases = json_decode($result[1]); + + $latestRelease = null; + foreach ($releases as $release) + { + if (is_null($latestRelease) || version_compare($release->tag_name, $latestRelease->tag_name) > 0) + { + $latestRelease = $release; + } + } + + $cacheData = $this->setCacheData($latestRelease); + } + } + + // GitHub compatibility + $cacheData->html_url = sprintf($this->config['releases_url'], $this->config['repo_owner'], $this->config['repo_name']); + + return $cacheData; + } + + private function doesCacheExist() + { + $exists = file_exists($this->cacheFile); + + if ($exists) + { + // Check modified time on the file + $stat = stat($this->cacheFile); + + $diff = time() - $stat['mtime']; + if ($diff > $this->config['cache_time_seconds']) + { + $exists = false; + } + } + + return $exists; + } + + private function getCacheData() + { + return json_decode(file_get_contents($this->cacheFile)); + } + + private function getLatestReleaseFromGitea(&$statusCode) + { + $httpHeaders = [ + sprintf('User-Agent: aheathershaw/blue-twilight (v%s)', config('app.version')) + ]; + + if (isset($this->config['api_key']) && !empty($this->config['api_key'])) + { + $httpHeaders[] = sprintf('Authorization: %s', $this->config['api_key']); + } + + $apiUrl = sprintf('%s/repos/%s/%s/releases', $this->config['api_url'], $this->config['repo_owner'], $this->config['repo_name']); + + $ch = curl_init($apiUrl); + curl_setopt($ch, CURLOPT_HTTPHEADER, $httpHeaders); + curl_setopt($ch, CURLOPT_HEADER, true); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + $result = curl_exec($ch); + + if ($result === false) + { + throw new \Exception(sprintf('Error from Gitea: %s', curl_error($ch))); + } + + $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); + + return explode("\r\n\r\n", $result, 2); + } + + private function setCacheData($data) + { + file_put_contents($this->cacheFile, json_encode(get_object_vars($data))); + return $data; + } +} \ No newline at end of file diff --git a/config/services.php b/config/services.php index b539f9f..eab4683 100644 --- a/config/services.php +++ b/config/services.php @@ -14,33 +14,15 @@ return [ | */ - 'github' => [ - 'latest_release_url' => 'https://api.github.com/repos/andysh-uk/blue-twilight/releases/latest' + 'gitea' => [ + 'api_url' => 'https://apps.andysh.uk/api/v1', + 'cache_time_seconds' => 3600, + 'releases_url' => 'https://apps.andysh.uk/%s/%s/releases', + 'repo_name' => 'blue-twilight', + 'repo_owner' => 'aheathershaw' ], 'recaptcha' => [ 'verify_url' => 'https://www.google.com/recaptcha/api/siteverify' ] - - /*'mailgun' => [ - 'domain' => env('MAILGUN_DOMAIN'), - 'secret' => env('MAILGUN_SECRET'), - ], - - 'ses' => [ - 'key' => env('SES_KEY'), - 'secret' => env('SES_SECRET'), - 'region' => 'us-east-1', - ], - - 'sparkpost' => [ - 'secret' => env('SPARKPOST_SECRET'), - ], - - 'stripe' => [ - 'model' => App\User::class, - 'key' => env('STRIPE_KEY'), - 'secret' => env('STRIPE_SECRET'), - ],*/ - ]; From 3904d29c5c3e6517c7b27589f5ad3fb4c35c6c15 Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Tue, 31 Jul 2018 08:46:03 +0100 Subject: [PATCH 5/8] #86: Updated contributing file with the new web page and updated links in the readme to Gitea instead of Github, and the rebrand of andysh.uk --- contributing.md | 5 +++-- readme.md | 16 ++++++++-------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/contributing.md b/contributing.md index e815289..42b8d18 100644 --- a/contributing.md +++ b/contributing.md @@ -1,6 +1,7 @@ # Contributing to Blue Twilight + Blue Twilight is an open-source project. The source code is freely available for you to use and modify as appropriate to your needs. -If you would like to contribute your changes back to the project, please fork the repository and submit a pull request on Github. +If you would like to contribute your changes back to the project for everyone to enjoy, I will glady provide hosting for a fork of your Git repository. -Please feel free to contact me any time through [the contact form](https://www.andyheathershaw.uk/contact) on my website. +Please [follow the instructions here](https://andysh.uk/software/blue-twilight-php-photo-gallery/contributing/) and get developing! \ No newline at end of file diff --git a/readme.md b/readme.md index cf416aa..bff3812 100644 --- a/readme.md +++ b/readme.md @@ -12,11 +12,11 @@ Version 2 is the first version I have released as open-source. The previous vers This is a major update that includes 2 key new features: fine-grained security controls, and nested albums. It also updates the default template to Bootstrap v4 and VueJS (replacing KnockoutJS.) -With the launch of version 2.0.0, this has now been officially released - see the [Releases](https://github.com/pandy06269/blue-twilight/releases) page for the latest version. +With the launch of version 2.0.0, this has now been officially released - see the [Releases](https://apps.andysh.uk/aheathershaw/blue-twilight/releases) page for the latest version. ## Demo System -See Blue Twilight in action using the demo system. Full details are [available here](https://www.andyheathershaw.uk/software/blue-twilight-php-photo-gallery/demo/). +See Blue Twilight in action using the demo system. Full details are [available here](https://andysh.uk/software/blue-twilight-php-photo-gallery/demo/). The link to the demo system is: http://demo.showmy.photos. Login with: @@ -25,17 +25,17 @@ The link to the demo system is: http://demo.showmy.photos. Login with: ## Useful Links -* [Blue Twilight website](https://www.andyheathershaw.uk/software/blue-twilight-php-photo-gallery/) -* [User Manual](https://www.andyheathershaw.uk/software/blue-twilight-php-photo-gallery/manual/) -* [Installation Guide](https://www.andyheathershaw.uk/software/blue-twilight-php-photo-gallery/manual/installation/) -* [Issues/Tasks](https://github.com/pandy06269/blue-twilight/issues) -* [Roadmap](https://github.com/pandy06269/blue-twilight/milestones) +* [Blue Twilight website](https://andysh.uk/software/blue-twilight-php-photo-gallery/) +* [User Manual](https://andysh.uk/software/blue-twilight-php-photo-gallery/manual/) +* [Installation Guide](https://andysh.uk/software/blue-twilight-php-photo-gallery/manual/installation/) +* [Issues/Tasks](https://apps.andysh.uk/aheathershaw/blue-twilight/issues) +* [Roadmap](https://apps.andysh.uk/aheathershaw/blue-twilight/milestones) ## Need Help? I'd love to get you up and running. If you need assistance installing the Blue Twilight PHP photo gallery, or would like to me to do it for you, please get in touch using the contact form located at: -[www.andyheathershaw.uk/contact](https://www.andyheathershaw.uk/contact) +[www.andyheathershaw.uk/contact](https://andysh.uk/contact) ## More Apps by Andy From 30dd0c807dfb226f7622defe0089d7428ba5471a Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Tue, 31 Jul 2018 21:26:43 +0100 Subject: [PATCH 6/8] Update 'contributing.md' --- contributing.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/contributing.md b/contributing.md index 42b8d18..854832b 100644 --- a/contributing.md +++ b/contributing.md @@ -1,7 +1,7 @@ # Contributing to Blue Twilight -Blue Twilight is an open-source project. The source code is freely available for you to use and modify as appropriate to your needs. +Blue Twilight is an open-source project. The source code is freely available for anyone to use and modify as appropriate to their needs. -If you would like to contribute your changes back to the project for everyone to enjoy, I will glady provide hosting for a fork of your Git repository. +If you wish to contribute your changes back to the project, I will glady provide the hosting for you to manage your own fork of the Blue Twilight repository. Please [follow the instructions here](https://andysh.uk/software/blue-twilight-php-photo-gallery/contributing/) and get developing! \ No newline at end of file From 031accdf78f2b8e62902318f7568cc0d621a6f1f Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Tue, 31 Jul 2018 21:29:22 +0100 Subject: [PATCH 7/8] Update 'contributing.md' --- contributing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributing.md b/contributing.md index 854832b..505e509 100644 --- a/contributing.md +++ b/contributing.md @@ -2,6 +2,6 @@ Blue Twilight is an open-source project. The source code is freely available for anyone to use and modify as appropriate to their needs. -If you wish to contribute your changes back to the project, I will glady provide the hosting for you to manage your own fork of the Blue Twilight repository. +If you wish to contribute your changes back to the project, I will glady provide you with a Git repository stored on my server for your own fork of the Blue Twilight repository. Please [follow the instructions here](https://andysh.uk/software/blue-twilight-php-photo-gallery/contributing/) and get developing! \ No newline at end of file From 1553bd862065c6987685b8ab2fbe7bd7fd669de8 Mon Sep 17 00:00:00 2001 From: Andy Heathershaw Date: Tue, 31 Jul 2018 22:16:53 +0100 Subject: [PATCH 8/8] Update 'readme.md' --- readme.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/readme.md b/readme.md index bff3812..de4f604 100644 --- a/readme.md +++ b/readme.md @@ -4,7 +4,7 @@ Blue Twilight is a web-based application to store, manage and display collection It takes advantage of modern frameworks (Laravel, Bootstrap 4, VueJS) as well as new approaches to photo management - such as storing photos on cloud storage providers (Memstore, Rackspace, Amazon S3) and serving the images directly from the respective CDNs. -You can see Blue Twilight in action on my own photo gallery - the reason I wrote Blue Twilight - at: https://photos.andyheathershaw.uk +You can see Blue Twilight in action on my own photo gallery - the reason I wrote Blue Twilight - at: [photos.andysh.uk](https://photos.andysh.uk) ## Version 2 Branch (2.0, 2.1, etc.) @@ -35,7 +35,7 @@ The link to the demo system is: http://demo.showmy.photos. Login with: I'd love to get you up and running. If you need assistance installing the Blue Twilight PHP photo gallery, or would like to me to do it for you, please get in touch using the contact form located at: -[www.andyheathershaw.uk/contact](https://andysh.uk/contact) +[andysh.uk/contact](https://andysh.uk/contact) ## More Apps by Andy