Compare commits
5 Commits
Author | SHA1 | Date |
---|---|---|
Andy Heathershaw | 0ce4c368a3 | |
Andy Heathershaw | 1173b2baba | |
Andy Heathershaw | c3ce6e1d71 | |
Andy Heathershaw | e1ad66c9ef | |
Andy Heathershaw | 2caa1c8fbc |
|
@ -9,6 +9,28 @@ use Illuminate\Support\Facades\Auth;
|
|||
|
||||
class DbHelper
|
||||
{
|
||||
private static $allowedAlbumIDs = null;
|
||||
|
||||
public static function getAlbumIDsForCurrentUser()
|
||||
{
|
||||
if (is_null(self::$allowedAlbumIDs))
|
||||
{
|
||||
$query = self::getAlbumsForCurrentUser_NonPaged();
|
||||
$query->select('albums.id');
|
||||
|
||||
$ids = [];
|
||||
|
||||
foreach ($query->get() as $album)
|
||||
{
|
||||
$ids[] = $album->id;
|
||||
}
|
||||
|
||||
self::$allowedAlbumIDs = $ids;
|
||||
}
|
||||
|
||||
return self::$allowedAlbumIDs;
|
||||
}
|
||||
|
||||
public static function getAlbumsForCurrentUser($parentID = -1)
|
||||
{
|
||||
$query = self::getAlbumsForCurrentUser_NonPaged();
|
||||
|
|
|
@ -51,8 +51,11 @@ class DefaultController extends Controller
|
|||
$lastModifiedPhoto = Photo::orderBy('updated_at', 'desc')->first();
|
||||
$this->createSitemapNode($xml, $root, route('home'), (is_null($lastModifiedPhoto) ? '' : $lastModifiedPhoto->updated_at), '1.0');
|
||||
|
||||
// Albums the current user is allowed to access
|
||||
$albumIDs = DbHelper::getAlbumIDsForCurrentUser();
|
||||
|
||||
// Add each album URL
|
||||
$albums = Album::orderBy('name');
|
||||
$albums = Album::whereIn('id', $albumIDs)->orderBy('name');
|
||||
$albums->chunk(100, function($albumsChunk) use ($xml, $root)
|
||||
{
|
||||
/** @var Album $album */
|
||||
|
@ -64,7 +67,7 @@ class DefaultController extends Controller
|
|||
});
|
||||
|
||||
// Add each photo URL
|
||||
$photos = Photo::orderBy('name');
|
||||
$photos = Photo::whereIn('album_id', $albumIDs)->orderBy('name');
|
||||
$photos->chunk(100, function($tempPhotos) use ($xml, $root)
|
||||
{
|
||||
/** @var Photo $photo */
|
||||
|
|
|
@ -54,6 +54,23 @@ class AlbumPolicy
|
|||
return $this->userHasPermission($user, $album, $permission);
|
||||
}
|
||||
|
||||
public function delete(User $user, Album $album)
|
||||
{
|
||||
if ($user->id == $album->user_id)
|
||||
{
|
||||
// The album's owner and can do everything
|
||||
return true;
|
||||
}
|
||||
|
||||
// Get the edit permission
|
||||
$permission = Permission::where([
|
||||
'section' => 'album',
|
||||
'description' => 'delete'
|
||||
])->first();
|
||||
|
||||
return $this->userHasPermission($user, $album, $permission);
|
||||
}
|
||||
|
||||
public function deletePhotos(User $user, Album $album)
|
||||
{
|
||||
if ($user->id == $album->user_id)
|
||||
|
@ -145,7 +162,10 @@ class AlbumPolicy
|
|||
{
|
||||
$query = Album::query()->join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id')
|
||||
->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id')
|
||||
->where('permissions.id', $permission->id);
|
||||
->where([
|
||||
['albums.id', $album->id],
|
||||
['permissions.id', $permission->id]
|
||||
]);
|
||||
|
||||
return $query->count() > 0;
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
return [
|
||||
// Version number of Blue Twilight
|
||||
'version' => '2.0.1',
|
||||
'version' => '2.0.2',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
Loading…
Reference in New Issue