select('albums.id'); $ids = []; foreach ($query->get() as $album) { $ids[] = $album->id; } self::$allowedAlbumIDs = $ids; } return self::$allowedAlbumIDs; } public static function getAlbumsForCurrentUser($parentID = -1) { $query = self::getAlbumsForCurrentUser_NonPaged('list', $parentID); return $query->paginate(UserConfig::get('items_per_page')); } public static function getAlbumsForCurrentUser_NonPaged($permission = 'list', $parentAlbumID = -1) { $albumsQuery = Album::query(); $user = Auth::user(); if (!is_null($user) && $user->is_admin) { /* Admin users always get everything, therefore no filters are necessary */ } else if (is_null($user)) { /* Anonymous users need to check the album_anonymous_permissions table. If not in this table, you're not allowed! */ $albumsQuery = Album::join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id') ->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id') ->where([ ['permissions.section', 'album'], ['permissions.description', $permission] ]); } else { /* Other users need to check either the album_group_permissions or album_user_permissions table. If not in either of these tables, you're not allowed! */ $albumsQuery = Album::leftJoin('album_group_permissions', 'album_group_permissions.album_id', '=', 'albums.id') ->leftJoin('album_user_permissions', 'album_user_permissions.album_id', '=', 'albums.id') ->leftJoin('permissions AS group_permissions', 'group_permissions.id', '=', 'album_group_permissions.permission_id') ->leftJoin('permissions AS user_permissions', 'user_permissions.id', '=', 'album_user_permissions.permission_id') ->leftJoin('user_groups', 'user_groups.group_id', '=', 'album_group_permissions.group_id') ->where('albums.user_id', $user->id) ->orWhere([ ['group_permissions.section', 'album'], ['group_permissions.description', $permission], ['user_groups.user_id', $user->id] ]) ->orWhere([ ['user_permissions.section', 'album'], ['user_permissions.description', $permission], ['album_user_permissions.user_id', $user->id] ]); } $parentAlbumID = intval($parentAlbumID); if ($parentAlbumID == 0) { $albumsQuery->where('albums.parent_album_id', null); } else if ($parentAlbumID > 0) { $albumsQuery->where('albums.parent_album_id', $parentAlbumID); } return $albumsQuery->select('albums.*') ->distinct() ->orderBy('name') ->withCount('photos'); } public static function getAlbumById($albumID) { return Album::where('id', $albumID)->first(); } public static function getAlbumByPath($urlPath) { return Album::where('url_path', $urlPath)->first(); } public static function getChildAlbumsCount(Album $album) { return self::getAlbumsForCurrentUser_NonPaged('list', $album->id)->count(); } public static function getChildAlbums(Album $album) { return self::getAlbumsForCurrentUser_NonPaged('list', $album->id)->get(); } }