blue-twilight/app/Helpers/DbHelper.php

63 lines
2.5 KiB
PHP

<?php
namespace App\Helpers;
use App\Album;
use App\Facade\UserConfig;
use Illuminate\Database\Query\Builder;
use Illuminate\Support\Facades\Auth;
class DbHelper
{
public static function getAlbumsForCurrentUser()
{
$albumsQuery = Album::query();
$user = Auth::user();
if (!is_null($user) && $user->is_admin)
{
/* Admin users always get everything, therefore no filters are necessary */
}
else if (is_null($user))
{
/* Anonymous users need to check the album_anonymous_permissions table. If not in this table, you're not allowed! */
$albumsQuery = Album::join('album_anonymous_permissions', 'album_anonymous_permissions.album_id', '=', 'albums.id')
->join('permissions', 'permissions.id', '=', 'album_anonymous_permissions.permission_id')
->where([
['permissions.section', 'album'],
['permissions.description', 'list']
]);
}
else
{
/*
Other users need to check either the album_group_permissions or album_user_permissions table. If not in either of these tables,
you're not allowed!
*/
$albumsQuery = Album::leftJoin('album_group_permissions', 'album_group_permissions.album_id', '=', 'albums.id')
->leftJoin('album_user_permissions', 'album_user_permissions.album_id', '=', 'albums.id')
->leftJoin('permissions AS group_permissions', 'group_permissions.id', '=', 'album_group_permissions.permission_id')
->leftJoin('permissions AS user_permissions', 'user_permissions.id', '=', 'album_user_permissions.permission_id')
->leftJoin('user_groups', 'user_groups.group_id', '=', 'album_group_permissions.group_id')
->where('albums.user_id', $user->id)
->orWhere([
['group_permissions.section', 'album'],
['group_permissions.description', 'list'],
['user_groups.user_id', $user->id]
])
->orWhere([
['user_permissions.section', 'album'],
['user_permissions.description', 'list'],
['album_user_permissions.user_id', $user->id]
]);
}
return $albumsQuery->select('albums.*')
->distinct()
->orderBy('name')
->withCount('photos')
->paginate(UserConfig::get('items_per_page'));
}
}