User Album default permissions

cseeber

Joined: 2005-11-29
Posts: 5

Posted: Tue, 2005-11-29 12:54

I looked for this in the forums but couldnt find an answer.

When a default album is created for a user, they can get in and rename the album title and directory, meaning if they take someone elses name it wont let them create an album.

In this file

modules/useralbum/classes/UserAlbumHelper.class

look for the following, and add these lines.

$ret = GalleryCoreApi::addGroupPermission($albumId, $core['id.adminGroup'], 'core.all');
if ($ret->isError()) {
GalleryCoreApi::releaseLocks($lockId);
return $ret->wrap(__FILE__, __LINE__);
}
$ret = GalleryCoreApi::addUserPermission($albumId, $user->getId(), 'core.all');
$ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.edit');
$ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.delete');
$ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.changePermissions');
if ($ret->isError()) {
GalleryCoreApi::releaseLocks($lockId);
return $ret->wrap(__FILE__, __LINE__);
}

valiant

Joined: 2003-01-04
Posts: 32509

Posted: Tue, 2005-11-29 14:40

good catch

i guess we handle this already alright.
- renaming of useralbums should be allowed, in general. don't you think? and we don't have a permission to deny changing the name only yet.
- we map username <-> useralbum not by the name of the album, but by the albumId of the useralbum. that's good.
- when renaming, we can deny renaming to another username, sure. but we don't know the names of the users that don't have registered yet.
so if a user registers, his name might already be taken. but that might happen anyway, since you're free as admin to create albums with any album name.
e.g. if you choose the root album as parent for all user albums and you create an album with the name "terminator" and if later a user registers with that name, we won't be able to create a useralbum with the exact same name anyway.

so that can happen anyway
(unless you choose a dedicated album as the parent for all useralbums and restrict yourself to not create other albums in this parent of all useralbums and if you don't allow changing useralbums).

and we handle it ok right now.
if user john renames his useralbum to anna.
and if then user anna registers, we create a useralbum with the title anna, but with the name anna_001.

it isn't 100% satisfactory if you can confuse other users by changing the title / name of the useralbum, but it's alright.
if you have less restrictive suggestions, i'm all ears. but it should always be just an option.

@your 3 lines:
good idea to just remove what you don't want to grant.
note: you should check $ret after each of the 4 lines, not just the last one.

cseeber

Joined: 2005-11-29
Posts: 5

Posted: Wed, 2005-11-30 09:38

I should have pointed out I used phpnuke as well.
So my unique registered users on phpnuke get an album when they click on your album button.
These albums are in a sub album, that I or anyone else shouldnt be creating albums in (only I have permissions)
My albums for site photos will be off the root, not the User Albums sub album.

now how to hide empty albums ....

valiant

Joined: 2003-01-04
Posts: 32509

Posted: Wed, 2005-11-30 12:40

what have empty (user) albums to do with this issue?

feel free to file a feature request, but be precise on what should be done.
http://sf.net/projects/gallery/ -> RFE

cseeber

Joined: 2005-11-29
Posts: 5

Posted: Fri, 2005-12-02 23:13

I was mearly commenting on the next thing I needed to fix .... fixed it and created a new thread for people who wanted to know how to remove empty albums .... Is there a problem with that?

Anyway, back to this issue.
This issue works to stop users from editing there directory and title, but then they cant upload images .... Will post a fix once I work it out.

cseeber

Joined: 2005-11-29
Posts: 5

Posted: Fri, 2005-12-02 23:52

This fixes the problem of not being able to add items after you remove the edit album permissions

http://gallery.menalto.com/node/35731?highlight=no%2Cedit%2CAdd+Items

reinerk

Joined: 2006-09-06
Posts: 12

Posted: Wed, 2006-09-13 19:26

cseeber wrote:

[b] $ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.edit');

I want to disable also "add new album".
Can someone tell me the right "keyword" (core.??????) fro this permission?

Thanks
Reiner

reinerk

Joined: 2006-09-06
Posts: 12

Posted: Thu, 2006-09-14 16:56

O.k.... The following Code seems to deactivate the "Add album" function

Quote:

$ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.addAlbumItem');

But still two unwanted functions are left and i can't find the right keywords to deacicate them:

- Album delete
- Album move

Could someone give me a hint ?

cseeber Joined: 2005-11-29 Posts: 5	Posted: Tue, 2005-11-29 12:54
	I looked for this in the forums but couldnt find an answer. When a default album is created for a user, they can get in and rename the album title and directory, meaning if they take someone elses name it wont let them create an album. In this file modules/useralbum/classes/UserAlbumHelper.class look for the following, and add these lines. $ret = GalleryCoreApi::addGroupPermission($albumId, $core['id.adminGroup'], 'core.all'); if ($ret->isError()) { GalleryCoreApi::releaseLocks($lockId); return $ret->wrap(__FILE__, __LINE__); } $ret = GalleryCoreApi::addUserPermission($albumId, $user->getId(), 'core.all'); $ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.edit'); $ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.delete'); $ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.changePermissions'); if ($ret->isError()) { GalleryCoreApi::releaseLocks($lockId); return $ret->wrap(__FILE__, __LINE__); }
	XUser login Username: * Password: * Create new account Request new password
valiant Joined: 2003-01-04 Posts: 32509	Posted: Tue, 2005-11-29 14:40
	good catch i guess we handle this already alright. - renaming of useralbums should be allowed, in general. don't you think? and we don't have a permission to deny changing the name only yet. - we map username <-> useralbum not by the name of the album, but by the albumId of the useralbum. that's good. - when renaming, we can deny renaming to another username, sure. but we don't know the names of the users that don't have registered yet. so if a user registers, his name might already be taken. but that might happen anyway, since you're free as admin to create albums with any album name. e.g. if you choose the root album as parent for all user albums and you create an album with the name "terminator" and if later a user registers with that name, we won't be able to create a useralbum with the exact same name anyway. so that can happen anyway (unless you choose a dedicated album as the parent for all useralbums and restrict yourself to not create other albums in this parent of all useralbums and if you don't allow changing useralbums). and we handle it ok right now. if user john renames his useralbum to anna. and if then user anna registers, we create a useralbum with the title anna, but with the name anna_001. it isn't 100% satisfactory if you can confuse other users by changing the title / name of the useralbum, but it's alright. if you have less restrictive suggestions, i'm all ears. but it should always be just an option. @your 3 lines: good idea to just remove what you don't want to grant. note: you should check $ret after each of the 4 lines, not just the last one.

cseeber Joined: 2005-11-29 Posts: 5	Posted: Wed, 2005-11-30 09:38
	I should have pointed out I used phpnuke as well. So my unique registered users on phpnuke get an album when they click on your album button. These albums are in a sub album, that I or anyone else shouldnt be creating albums in (only I have permissions) My albums for site photos will be off the root, not the User Albums sub album. now how to hide empty albums ....

valiant Joined: 2003-01-04 Posts: 32509	Posted: Wed, 2005-11-30 12:40
	what have empty (user) albums to do with this issue? feel free to file a feature request, but be precise on what should be done. http://sf.net/projects/gallery/ -> RFE

cseeber Joined: 2005-11-29 Posts: 5	Posted: Fri, 2005-12-02 23:13
	I was mearly commenting on the next thing I needed to fix .... fixed it and created a new thread for people who wanted to know how to remove empty albums .... Is there a problem with that? Anyway, back to this issue. This issue works to stop users from editing there directory and title, but then they cant upload images .... Will post a fix once I work it out.

cseeber Joined: 2005-11-29 Posts: 5	Posted: Fri, 2005-12-02 23:52
	This fixes the problem of not being able to add items after you remove the edit album permissions http://gallery.menalto.com/node/35731?highlight=no%2Cedit%2CAdd+Items

reinerk Joined: 2006-09-06 Posts: 12	Posted: Wed, 2006-09-13 19:26
	cseeber wrote: [b] $ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.edit'); I want to disable also "add new album". Can someone tell me the right "keyword" (core.??????) fro this permission? Thanks Reiner

reinerk Joined: 2006-09-06 Posts: 12	Posted: Thu, 2006-09-14 16:56
	O.k.... The following Code seems to deactivate the "Add album" function Quote: $ret = GalleryCoreApi::removeUserPermission($albumId, $user->getId(), 'core.addAlbumItem'); But still two unwanted functions are left and i can't find the right keywords to deacicate them: - Album delete - Album move Could someone give me a hint ?

User Album default permissions

XUser login