Move images from one folder where group A has no permissions to folder B where group B has viewing permissions. Not as expected

diwolf

Joined: 2005-12-25
Posts: 7
Posted: Tue, 2006-03-07 21:06

I'm having an issue. To make it easier to post new photos and 'sort through' the pics before they are visible to a group of users, I upload to a folder where only the site admins have access. I then 'move' the photo to the folder where it should live, which has viewing rights given to group 'A'. However, the photos don't acquire the rights of the folder they are being moved to. To fix it, I have to remove all permissions from the entire folder, then, recreate them all (which is time consuming and tedious). Is there any way to make it work differently and adopt the security of the destination album vs. the originating album?


Gallery version = 2.1-rc-1a core 1.0.28
PHP version = 5.0.5-2ubuntu1.1 apache2handler
Webserver = Apache/2.0.54 (Ubuntu) PHP/5.0.5-2ubuntu1.1 mod_perl/2.0.1 Perl/v5.8.7
Database = mysql 4.0.24_Debian-10ubuntu2-log
Toolkits = ArchiveUpload, Exif, Getid3, ImageMagick, NetPBM, Thumbnail, Gd, Dcraw, Ffmpeg
Operating system = Linux mordor 2.6.12-10-386 #1 Mon Feb 13 12:13:15 UTC 2006 i686
Browser = Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1

 
ckdake
ckdake's picture

Joined: 2004-02-18
Posts: 2258
Posted: Tue, 2006-03-14 05:20

When moving an item, it keeps its premissions and thats probably the most sensible way of doing it. You could use the hidden album feature to haide the upload album but give it the right permissions otherwise, and then just move them out of there. It's not as super secure, but since you are approving or trashing the pictures, it should be acceptable.

--
http://ckdake.com/

If you found my help useful, please consider donating to Gallery.

 
slydog
slydog's picture

Joined: 2008-09-05
Posts: 3
Posted: Fri, 2008-09-05 13:56

This would be very useful for one of my applications. I have integrated gallery2 into a project management program and it is working quite nicely. When a new project is created, the embedding class tells gallery to create a set of default albums. Two of the albums are readable by Everybody, two are only accessible by registered users. We have one group of users who upload photos into albums only accessible by registered users. Then a different group of users move selected photos to an album visible to the Everybody group so our customers can see them.

It is problematic and tedious to reassign permissions. Further, I don't trust the project managers to do it correctly; they are too busy with their jobs to learn something new like how to properly assign gallery permissions. I know and understand gallery2 to be very easy to use and learn, but my users are who they are and I am stuck with them :)

I believe the current behavior when moving items is correct for most gallery sites, but it would be nice to have an option on the album permissions editor to "force new sub items to adopt this album's settings". Maybe it could be made as a plugin? I have not tried making any plugins yet, so I'm not sure if that is feasible, but there is the plugin for adding a password to an album, so I would think this could be done.

 
slydog
slydog's picture

Joined: 2008-09-05
Posts: 3
Posted: Wed, 2008-09-10 21:09

If anyone is interested in this, I made a module to do force inheritance of permissions after moving items. This is the first g2 module I have written, so it may need to be picked over, but it seems to work quite well for my requirement.

Here is the module.inc:

<?php
/*
 * Gallery - a web based photo album viewer and editor
 * Copyright (C) 2000-2007 Bharat Mediratta
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or (at
 * your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
 */
/**
 * @package Force Permissions
 * @version $Revision: 15513 $
 * @author 
 */

/**
 * Force Permissions
 *
 * Force all items moved into an album to adopt the same permissions as
 * the containing album.
 *
 * @package Forcepermissions
 */
class ForcepermissionsModule extends GalleryModule {

function ForcepermissionsModule () {
	
  global $gallery;
  $this->setId ('forcepermissions');
  $this->setName($gallery->i18n ('Force Permissions'));
  $this->setDescription ($gallery->i18n ('Force all items moved into an album to adopt the same permissions as the containing album.'));
  $this->setVersion ('1.0.0');
  $this->setCallbacks('registerEventListeners');
  $this->setGroup ('data', $gallery->i18n ('Extra Data'));
  $this->setRequiredCoreApi (array (7, 0));
  $this->setRequiredModuleApi (array (3, 0));
  
} // End ForcepermissionsModule ()


/**
 * @see GalleryModule::registerEventListeners
 */
function registerEventListeners () {
  GalleryCoreApi::registerEventListener ('GalleryEntity::save', new ForcepermissionsModule ());
} // End registerEventListeners ()


/**
 * Event handler for GalleryEntity::save event.
 * Apply permissions of parent album to items moved into it.
 *
 * @see GalleryEventListener::handleEvent
 */
function handleEvent ($event) {
  
  $entity = $event->getEntity ();
  if (GalleryUtilities::isA ($entity, 'GalleryItem')
    && !$entity->testPersistentFlag(STORAGE_FLAG_NEWLY_CREATED)
    && $entity->isModified('parentId')) {
    
    // Copy the parent album's permissions to the item
    if (GalleryUtilities::isA ($entity, 'GalleryAlbumItem')) {
      $ret = GalleryCoreApi::copyPermissions ($entity->id, $entity->parentId);
      if ($ret) {
        return array($ret, null);
      }
      
      list ($ret, $childIds) = GalleryCoreApi::fetchDescendentItemIds ($entity);
      if ($ret) {
        return array($ret, null);
      }
      
      foreach ($childIds as $childId) {
        $ret = GalleryCoreApi::copyPermissions ($childId, $entity->parentId);
        if ($ret) {
          return array($ret, null);
        }
      }
      
    } else {
      $ret = GalleryCoreApi::copyPermissions ($entity->id, $entity->parentId);
      if ($ret) {
        return array($ret, null);
      }
    }
  }
  
  return array(null, null);
  
} // End handleEvent ()

} // End ForcepermissionsModule class

?>
 
floridave
floridave's picture

Joined: 2003-12-22
Posts: 27300
Posted: Wed, 2008-09-10 22:09

Slydog,
Thanks for the contribution! It does not help me but I suspect it will others. I did not test it but did install and activate it.

I have created a codex page: http://codex.gallery2.org/Gallery2:Modules:forcepermissions
please feel free to update as necessary.

Dave
_____________________________________________
Blog & G2 || floridave - Gallery Team