Compare commits
5 Commits
Author | SHA1 | Date |
---|---|---|
Andy Heathershaw | 0ce4c368a3 | |
Andy Heathershaw | 1173b2baba | |
Andy Heathershaw | c3ce6e1d71 | |
Andy Heathershaw | e1ad66c9ef | |
Andy Heathershaw | 2caa1c8fbc |
|
@ -9,6 +9,28 @@ use Illuminate\Support\Facades\Auth;
|
||||||
|
|
||||||
class DbHelper
|
class DbHelper
|
||||||
{
|
{
|
||||||
|
private static $allowedAlbumIDs = null;
|
||||||
|
|
||||||
|
public static function getAlbumIDsForCurrentUser()
|
||||||
|
{
|
||||||
|
if (is_null(self::$allowedAlbumIDs))
|
||||||
|
{
|
||||||
|
$query = self::getAlbumsForCurrentUser_NonPaged();
|
||||||
|
$query->select('albums.id');
|
||||||
|
|
||||||
|
$ids = [];
|
||||||
|
|
||||||
|
foreach ($query->get() as $album)
|
||||||
|
{
|
||||||
|
$ids[] = $album->id;
|
||||||
|
}
|
||||||
|
|
||||||
|
self::$allowedAlbumIDs = $ids;
|
||||||
|
}
|
||||||
|
|
||||||
|
return self::$allowedAlbumIDs;
|
||||||
|
}
|
||||||
|
|
||||||
public static function getAlbumsForCurrentUser($parentID = -1)
|
public static function getAlbumsForCurrentUser($parentID = -1)
|
||||||
{
|
{
|
||||||
$query = self::getAlbumsForCurrentUser_NonPaged();
|
$query = self::getAlbumsForCurrentUser_NonPaged();
|
||||||
|
|
|
@ -51,8 +51,11 @@ class DefaultController extends Controller
|
||||||
$lastModifiedPhoto = Photo::orderBy('updated_at', 'desc')->first();
|
$lastModifiedPhoto = Photo::orderBy('updated_at', 'desc')->first();
|
||||||
$this->createSitemapNode($xml, $root, route('home'), (is_null($lastModifiedPhoto) ? '' : $lastModifiedPhoto->updated_at), '1.0');
|
$this->createSitemapNode($xml, $root, route('home'), (is_null($lastModifiedPhoto) ? '' : $lastModifiedPhoto->updated_at), '1.0');
|
||||||
|
|
||||||
|
// Albums the current user is allowed to access
|
||||||
|
$albumIDs = DbHelper::getAlbumIDsForCurrentUser();
|
||||||
|
|
||||||
// Add each album URL
|
// Add each album URL
|
||||||
$albums = Album::orderBy('name');
|
$albums = Album::whereIn('id', $albumIDs)->orderBy('name');
|
||||||
$albums->chunk(100, function($albumsChunk) use ($xml, $root)
|
$albums->chunk(100, function($albumsChunk) use ($xml, $root)
|
||||||
{
|
{
|
||||||
/** @var Album $album */
|
/** @var Album $album */
|
||||||
|
@ -64,7 +67,7 @@ class DefaultController extends Controller
|
||||||
});
|
});
|
||||||
|
|
||||||
// Add each photo URL
|
// Add each photo URL
|
||||||
$photos = Photo::orderBy('name');
|
$photos = Photo::whereIn('album_id', $albumIDs)->orderBy('name');
|
||||||
$photos->chunk(100, function($tempPhotos) use ($xml, $root)
|
$photos->chunk(100, function($tempPhotos) use ($xml, $root)
|
||||||
{
|
{
|
||||||
/** @var Photo $photo */
|
/** @var Photo $photo */
|
||||||
|
|
|
@ -54,6 +54,23 @@ class AlbumPolicy
|
||||||
return $this->userHasPermission($user, $album, $permission);
|
return $this->userHasPermission($user, $album, $permission);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function delete(User $user, Album $album)
|
||||||
|
{
|
||||||
|
if ($user->id == $album->user_id)
|
||||||
|
{
|
||||||
|
// The album's owner and can do everything
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the edit permission
|
||||||
|
$permission = Permission::where([
|
||||||
|
'section' => 'album',
|
||||||
|
'description' => 'delete'
|
||||||
|
])->first();
|
||||||
|
|
||||||
|
return $this->userHasPermission($user, $album, $permission);
|
||||||
|
}
|
||||||
|
|
||||||
public function deletePhotos(User $user, Album $album)
|
public function deletePhotos(User $user, Album $album)
|
||||||
{
|
{
|
||||||
if ($user->id == $album->user_id)
|
if ($user->id == $album->user_id)
|
||||||
|
@ -145,7 +162,10 @@ class AlbumPolicy
|
||||||
{
|
{
|
||||||
$query = Album::query()->join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id')
|
$query = Album::query()->join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id')
|
||||||
->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id')
|
->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id')
|
||||||
->where('permissions.id', $permission->id);
|
->where([
|
||||||
|
['albums.id', $album->id],
|
||||||
|
['permissions.id', $permission->id]
|
||||||
|
]);
|
||||||
|
|
||||||
return $query->count() > 0;
|
return $query->count() > 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
return [
|
return [
|
||||||
// Version number of Blue Twilight
|
// Version number of Blue Twilight
|
||||||
'version' => '2.0.1',
|
'version' => '2.0.2',
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
Loading…
Reference in New Issue