diff --git a/app/Helpers/PermissionsHelper.php b/app/Helpers/PermissionsHelper.php
index de42934..50649be 100644
--- a/app/Helpers/PermissionsHelper.php
+++ b/app/Helpers/PermissionsHelper.php
@@ -16,6 +16,25 @@ class PermissionsHelper
public function getAlbumIDs($permission = 'list', User $user = null)
{
$result = [];
+
+ // First check if the anonymous user can do what is being requested - if so, the permission would also inherit
+ // to logged-in users
+ $anonymousUsersCan = DB::table('album_permissions_cache')
+ ->join('permissions', 'permissions.id', '=', 'album_permissions_cache.permission_id')
+ ->where([
+ ['album_permissions_cache.user_id', null],
+ ['permissions.section', 'album'],
+ ['permissions.description', $permission]
+ ])
+ ->select('album_permissions_cache.album_id')
+ ->distinct()
+ ->get();
+
+ foreach ($anonymousUsersCan as $item)
+ {
+ $result[] = $item->album_id;
+ }
+
$query = DB::table('album_permissions_cache')
->join('permissions', 'permissions.id', '=', 'album_permissions_cache.permission_id')
->where([
@@ -29,7 +48,10 @@ class PermissionsHelper
foreach ($query as $item)
{
- $result[] = $item->album_id;
+ if (!in_array($item->album_id, $result))
+ {
+ $result[] = $item->album_id;
+ }
}
return $result;
@@ -42,6 +64,23 @@ class PermissionsHelper
public function userCan_Album(Album $album, User $user, $permission)
{
+ // First check if the anonymous user can do what is being requested - if so, the permission would also inherit
+ // to logged-in users
+ $anonymousUsersCan = DB::table('album_permissions_cache')
+ ->join('permissions', 'permissions.id', '=', 'album_permissions_cache.permission_id')
+ ->where([
+ ['album_permissions_cache.album_id', $album->id],
+ ['album_permissions_cache.user_id', null],
+ ['permissions.section', 'album'],
+ ['permissions.description', $permission]
+ ])
+ ->count() > 0;
+
+ if ($anonymousUsersCan)
+ {
+ return true;
+ }
+
return DB::table('album_permissions_cache')
->join('permissions', 'permissions.id', '=', 'album_permissions_cache.permission_id')
->where([
diff --git a/app/Http/Controllers/Admin/AlbumController.php b/app/Http/Controllers/Admin/AlbumController.php
index f8582a0..da86365 100644
--- a/app/Http/Controllers/Admin/AlbumController.php
+++ b/app/Http/Controllers/Admin/AlbumController.php
@@ -23,6 +23,7 @@ use App\Services\AlbumService;
use App\Services\PhotoService;
use App\Storage;
use App\User;
+use App\UserActivity;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Auth;
@@ -698,6 +699,9 @@ class AlbumController extends Controller
}
}
+ // Add an activity record
+ $this->createActivityRecord($album, 'album.created');
+
// Rebuild the permissions cache
$helper = new PermissionsHelper();
$helper->rebuildCache();
@@ -782,6 +786,21 @@ class AlbumController extends Controller
return redirect(route('albums.show', ['id' => $id]));
}
+ private function createActivityRecord(Album $album, $type, $activityDateTime = null)
+ {
+ if (is_null($activityDateTime))
+ {
+ $activityDateTime = new \DateTime();
+ }
+
+ $userActivity = new UserActivity();
+ $userActivity->user_id = $this->getUser()->id;
+ $userActivity->activity_at = $activityDateTime;
+ $userActivity->type = $type;
+ $userActivity->album_id = $album->id;
+ $userActivity->save();
+ }
+
/**
* @param $id
* @return Album
diff --git a/app/Http/Controllers/Gallery/UserController.php b/app/Http/Controllers/Gallery/UserController.php
index 3bf7231..699093d 100644
--- a/app/Http/Controllers/Gallery/UserController.php
+++ b/app/Http/Controllers/Gallery/UserController.php
@@ -70,8 +70,31 @@ class UserController extends Controller
$params = [];
$params['user_name'] = $userName;
$params['user_url'] = $userProfileUrl;
- $params['photo_name'] = $activity->photo->name;
- $params['photo_url'] = $activity->photo->url();
+
+ if (!is_null($activity->photo))
+ {
+ // Check the user has access
+ if (!$this->getUser()->can('view', $activity->photo))
+ {
+ continue;
+ }
+
+ $params['photo_name'] = $activity->photo->name;
+ $params['photo_url'] = $activity->photo->url();
+ }
+
+ if (!is_null($activity->album))
+ {
+ // Check the user has access
+ if (!$this->getUser()->can('view', $activity->album))
+ {
+ continue;
+ }
+
+ $params['album_name'] = $activity->album->name;
+ $params['album_url'] = $activity->album->url();
+ }
+
$newItem['params'] = $params;
$result[] = $newItem;
@@ -238,6 +261,7 @@ class UserController extends Controller
$result = [];
$activities = UserActivity::with('photo')
->with('photoComment')
+ ->with('album')
->where([
'user_id' => $user->id
])
@@ -261,8 +285,31 @@ class UserController extends Controller
$params = [];
$params['user_name'] = $userName;
$params['user_url'] = $userProfileUrl;
- $params['photo_name'] = $activity->photo->name;
- $params['photo_url'] = $activity->photo->url();
+
+ if (!is_null($activity->photo))
+ {
+ // Check the user has access
+ if (!$this->getUser()->can('view', $activity->photo))
+ {
+ continue;
+ }
+
+ $params['photo_name'] = $activity->photo->name;
+ $params['photo_url'] = $activity->photo->url();
+ }
+
+ if (!is_null($activity->album))
+ {
+ // Check the user has access
+ if (!$this->getUser()->can('view', $activity->album))
+ {
+ continue;
+ }
+
+ $params['album_name'] = $activity->album->name;
+ $params['album_url'] = $activity->album->url();
+ }
+
$newItem['params'] = $params;
$result[] = $newItem;
diff --git a/app/Policies/PhotoPolicy.php b/app/Policies/PhotoPolicy.php
index eaa0626..bc87ed3 100644
--- a/app/Policies/PhotoPolicy.php
+++ b/app/Policies/PhotoPolicy.php
@@ -83,4 +83,15 @@ class PhotoPolicy
return $user->can('post-comment', $photo->album);
}
+
+ public function view(User $user, Photo $photo)
+ {
+ if ($user->id == $photo->user_id)
+ {
+ // The photo's owner can do everything
+ return true;
+ }
+
+ return $user->can('view', $photo->album);
+ }
}
diff --git a/app/UserActivity.php b/app/UserActivity.php
index 78416e5..12f2823 100644
--- a/app/UserActivity.php
+++ b/app/UserActivity.php
@@ -8,6 +8,11 @@ class UserActivity extends Model
{
protected $table = 'user_activity';
+ public function album()
+ {
+ return $this->belongsTo(Album::class);
+ }
+
public function photo()
{
return $this->belongsTo(Photo::class);
diff --git a/database/migrations/2018_11_18_205607_add_album_activity_column.php b/database/migrations/2018_11_18_205607_add_album_activity_column.php
new file mode 100644
index 0000000..7be467a
--- /dev/null
+++ b/database/migrations/2018_11_18_205607_add_album_activity_column.php
@@ -0,0 +1,39 @@
+unsignedInteger('album_id')->nullable(true);
+
+ $table->foreign('album_id')
+ ->references('id')->on('albums')
+ ->onDelete('cascade');
+ });
+ }
+
+ /**
+ * Reverse the migrations.
+ *
+ * @return void
+ */
+ public function down()
+ {
+ Schema::table('user_activity', function (Blueprint $table)
+ {
+ $table->dropForeign('user_activity_album_id_foreign');
+ $table->dropColumn('album_id');
+ });
+ }
+}
diff --git a/resources/assets/js/gallery.js b/resources/assets/js/gallery.js
index 8dee7fa..1999546 100644
--- a/resources/assets/js/gallery.js
+++ b/resources/assets/js/gallery.js
@@ -181,6 +181,16 @@ function UserViewModel(urls)
'' + data[i].params.photo_name + ''
);
}
+
+ // Album name
+ if (data[i].params.album_name && data[i].params.album_url)
+ {
+ data[i].description = data[i].description
+ .replace(
+ ':album_name',
+ '' + data[i].params.album_name + ''
+ );
+ }
}
self.feed_items = data;
diff --git a/resources/lang/en/gallery.php b/resources/lang/en/gallery.php
index bed4f39..d432a69 100644
--- a/resources/lang/en/gallery.php
+++ b/resources/lang/en/gallery.php
@@ -93,6 +93,9 @@ return [
'title' => 'My Activity Feed'
],
'user_feed_type' => [
+ 'album' => [
+ 'created' => ':user_name created the :album_name album.'
+ ],
'photo' => [
'comment_replied' => ':user_name replied to a comment on the :photo_name photo.',
'commented' => ':user_name commented on the :photo_name photo.',