63 lines
2.5 KiB
PHP
63 lines
2.5 KiB
PHP
<?php
|
|
|
|
namespace App\Helpers;
|
|
|
|
use App\Album;
|
|
use App\Facade\UserConfig;
|
|
use Illuminate\Database\Query\Builder;
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
class DbHelper
|
|
{
|
|
public static function getAlbumsForCurrentUser()
|
|
{
|
|
$albumsQuery = Album::query();
|
|
$user = Auth::user();
|
|
|
|
if (!is_null($user) && $user->is_admin)
|
|
{
|
|
/* Admin users always get everything, therefore no filters are necessary */
|
|
}
|
|
else if (is_null($user))
|
|
{
|
|
/* Anonymous users need to check the album_anonymous_permissions table. If not in this table, you're not allowed! */
|
|
|
|
$albumsQuery = Album::join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id')
|
|
->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id')
|
|
->where([
|
|
['permissions.section', 'album'],
|
|
['permissions.description', 'list']
|
|
]);
|
|
}
|
|
else
|
|
{
|
|
/*
|
|
Other users need to check either the album_group_permissions or album_user_permissions table. If not in either of these tables,
|
|
you're not allowed!
|
|
*/
|
|
|
|
$albumsQuery = Album::leftJoin('album_group_permissions', 'album_group_permissions.album_id', '=', 'albums.id')
|
|
->leftJoin('album_user_permissions', 'album_user_permissions.album_id', '=', 'albums.id')
|
|
->leftJoin('permissions AS group_permissions', 'group_permissions.id', '=', 'album_group_permissions.permission_id')
|
|
->leftJoin('permissions AS user_permissions', 'user_permissions.id', '=', 'album_user_permissions.permission_id')
|
|
->leftJoin('user_groups', 'user_groups.group_id', '=', 'album_group_permissions.group_id')
|
|
->where('albums.user_id', $user->id)
|
|
->orWhere([
|
|
['group_permissions.section', 'album'],
|
|
['group_permissions.description', 'list'],
|
|
['user_groups.user_id', $user->id]
|
|
])
|
|
->orWhere([
|
|
['user_permissions.section', 'album'],
|
|
['user_permissions.description', 'list'],
|
|
['album_user_permissions.user_id', $user->id]
|
|
]);
|
|
}
|
|
|
|
return $albumsQuery->select('albums.*')
|
|
->distinct()
|
|
->orderBy('name')
|
|
->withCount('photos')
|
|
->paginate(UserConfig::get('items_per_page'));
|
|
}
|
|
} |