Change default Album Owner permissions?
|
divya108
Joined: 2005-11-05
Posts: 19 |
Posted: Tue, 2005-12-06 13:23
|
|
Hi, Is it possible to change the default 'All access' Album Owner permissions to just So that when a user adds an album this is what they get, and because they can't edit permissions, this is how it stays? David |
|
Posts: 8601
permissions are inherited to new subalbums/items as they are created.. so if you (as admin) setup permissions that way then when a user creates new albums/items they will get the same.
Posts: 19
OK, but I am not sure this enables me to do what I would like. I have tried, but the album owners always seem to start with all access. The way I have things set up is that permissions gradually increase through to a maximum of 3 levels of albums ... here (in detail) is the way I would like permissions to work
Top level album:
Group Permissions
Site Admins All access
################
2nd level Album (added by myself, this example for group1)
Group Permissions
Everybody [core] View item
group1 [core] Add sub-album
Site Admins All access
User Permissions
admin All access
################
3rd Level Album [Example 1] (added by group1 member 'group1user1' within the 2nd level album):
Group Permissions
group1 [comment] Add comments
Everybody [core] View item
Everybody [comment] View comments
Site Admins All access
User Permissions
group1user1 [core] View all versions
group1user1 [core] Add sub-item
group1user1 [core] Delete item
group1user1 [comment] Delete comments
admin All access
##################
3rd Level Album [Example 2] (added by group1 member 'group1user2' within the 2nd level album):
Group Permissions
group1 [comment] Add comments
Everybody [core] View item
Everybody [comment] View comments
Site Admins All access
User Permissions
group1user2 [core] View all versions
group1user2 [core] Add sub-item
group1user2 [core] Delete item
group1user2 [comment] Delete comments
admin All access
##############
... and so on.
Using the above example, the key thing for me is that as new users are added to group1, that enables them to set up their own 3rd level album (with desired permissions already in place), and add comments to 3rd level albums owned by other group1 members. This system would expand in width (i.e. more groups), but not to deeper than 3rd level albums. Does the inherited permission system work for this?
David
Posts: 2
I was looking to do the exact same thing, but specifically I want users to be able to add a Sub-Album, then only be able to add items and comments, and not be able to edit the album itself. Here's how I accomplished it:
Under modules/core, edit the ItemAddAlbum.inc file:
1. Redirect to the new album
Edit the following code under:
/* Figure out where to redirect upon success */ code:
I changed the redirect code to:
$redirect['view'] = 'core.ShowItem';
$redirect['itemId'] = $instance->getId();
This spits the user into the album they just created. So that's good.
2. Now, to remove the All Access permissions, I did the following:
Just above the redirect code you should see:
if (empty($error)) {
$ret = GalleryCoreApi::addUserPermission($instance->getId(),
$instance->getOwnerId(),
'core.all',false);
I changed 'core.all' to 'core.addDataItem' which seemed to take care of the All Access situation, EXCEPT, for some reason, I cannot remove the Add Album permission. Does anyone have any suggestions? I have my gallery to not apply permissions to sub-items. And I currently have my gallery set up like this:
1. There is Gallery A, which users can add Sub Albums to. I added the Add Sub Album to gallery A but did NOT check off to apply to sub-items option, so the album that gets created should NOT have the Add Sub Album permission correct? Is this a bug? Or am I missing something somewhere? This is the only thing left that's really bugging me about my gallery, other than that it's working great.
Posts: 19
Cheers, works great, except it makes sense for me to also allow the user to delete the album they just created ... so might there be another value for 'core.addDataItem' that would allow that?
Posts: 8601
core.delete
Posts: 19
OK, but not just delete ... add sub-item, delete comments as well as delete the album
Posts: 8601
view the html source of the "edit permissions" page.. i think the names/ids of the items there should reveal the ids for each permission.
Posts: 19
Yes they are, so the ones I am interested in are identified as core.delete, core.addDataItem and comment.delete ... but is it possible to replace the single 'core.all' in the ItemAddAlbum.inc file coding ...
$instance->getOwnerId(),
'core.all',false);
... with something calling all of the ones I need (core.delete, core.addDataItem and comment.delete)?
David
Posts: 8601
unfortunately not.. you need separate permission API calls for each one.
we really should have apis to take a list of permission ids.
Posts: 2
The other thing I tried was to first give the user all permissions, then remove the permissions that I did not want them to have using the removeUserPermission function, but it didn't work. I tried leaving the original all access permissions, then removing certain ones, but the code seems to ignore the removeUserPermission function, any ideas on why this is?
$ret = GalleryCoreApi::addUserPermission($instance->getId(),
$instance->getOwnerId(),
'core.all',false);
$ret = GalleryCoreApi::removeUserPermission($instance->getId(),
$instance->getOwnerId(),
'core.PERMISSION_YOU_WANT_TO_REMOVE_GOES_HERE',false);
ret = GalleryCoreApi::removeUserPermission($instance->getId(),
$instance->getOwnerId(),
'core.PERMISSION_YOU_WANT_TO_REMOVE_GOES_HERE',false);
ret = GalleryCoreApi::removeUserPermission($instance->getId(),
$instance->getOwnerId(),
'core.PERMISSION_YOU_WANT_TO_REMOVE_GOES_HERE',false);
I had tried to remove a couple of permissions, but like I said, it just doesn't seem to work...
Posts: 19
this would be the perfect solution
Posts: 2
Wondering if anyone found a solution to erikwithak's post regarding children NOT inheriting Add Sub Album permissions by unchecking apply to sub-items on the parent.
Gallery A should have Add Sub Album
Gallery A kids should have Add Item, Edit Item, Delete Item, Make Highlight
Anyone have a workaround?
Posts: 81
Does you patch work for G2.2? Could you share the modified file please?
So that I can see it in action.
My need is describe in this post:
http://gallery.menalto.com/node/26165?page=1#comment-222745
"How can I restrict the Album Owner Permission so that all the use have only following permission when thay create new album:
- add an album from simple module
- edit an album from simple module
- delete from simple module
- edit all from simple module
- addcomment
"
thanks in advance.
Florian
Posts: 4
erikwithak : THANK YOU! That worked like a charm!
I am using v2.2.5 and there is a slight change to the code that needs to be modified for restricting permissions. Where the original instructions say:
Just above the redirect code you should see:
if (empty($error)) {
$ret = GalleryCoreApi::addUserPermission($instance->getId(),
$instance->getOwnerId(),
'core.all',false);
In 2.2.5 there are five or six nested 'if' and other statements between 'if (empty($error))' and the rest of the code.
____________________________________
I had been tearing my hair out over this, being a complete non-programmer and not knowing my PHP from my elbow, but now I have a gallery that does what I want it to do AND that integrates seamlessly into my CMS (Drupal). How cool is that?
Thank you again, very much indeed.
Posts: 7
The mod works great except some minor problems!
When you set All Access permission to users, they can even delete albums created by others!
Therefore you have to set restrictions on users (simply get rid of the All Access and grant users with specified permissions).
Anyway, thank you, erikwithak!