Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Is it possible to give some users the rights to only edit tags in albums ?  (Read 7561 times)

0 Members and 1 Guest are viewing this topic.

denerwin

  • Coppermine newbie
  • Offline Offline
  • Posts: 3

I have a private gallery with some categories and albums. (about Agnetha Fältskog)
Only registered users have access to the gallery and no new users can register.

I have uploaded all the images myself, but now I'd like to edit the tags.

There are many pics in the albums so I don't want to do all the work myself  ;D.
Can I give some users the rights to only edit the tags of pics in one or all albums ?
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764

You'll have to edit some files. Currently it's not possible to do that.
Logged

denerwin

  • Coppermine newbie
  • Offline Offline
  • Posts: 3

Okay, can you help me with that ?  ;D
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764

We need to adjust 3 'levels' I think:
1. Display the edit file/album button
2. Adjust the permission check for the edit form
3. Adjust the permission check while processing the form data


What exactly do you prefer? Should your users edit the keywords (and just the keywords) file by file (= edit_one_pic.php) or should they be able to edit all files of an album at the same time (= editpics.php).
Logged

denerwin

  • Coppermine newbie
  • Offline Offline
  • Posts: 3

I would prefer that they were able to edit all the pics in an album ...... :)
Logged

suleyman

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Re: Is it possible to give some users the rights to only edit tags in albums ?
« Reply #5 on: December 15, 2010, 01:12:59 pm »

Hi FCG-Team & users,
iam new to this board and the first thing i wanna do is tha nk you for your work, because this gallery is great and your support helped me alot in the past.
But, iam on a point where i cant do anything further. I've got the same problem like denerwin, and i don't know where to start!

Could someone please help me with these 3 steps, that was advised by André?

1. Display the edit file/album button
2. Adjust the permission check for the edit form
3. Adjust the permission check while processing the form data

It would be really great.

Wish you a good day!
Post.scriptum: The page (with the gallery) is a Parliament/Funkadelic Tour Archive. If someone is interested to see page, it's no problem. I dont inserted the url here because the site not public yet! =)
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: Is it possible to give some users the rights to only edit tags in albums ?
« Reply #6 on: December 15, 2010, 02:27:56 pm »

1. Display the edit file/album button
Open index.php, find
Code: [Select]
    if (USER_ADMIN_MODE) {
        //check if it is the user's gallery
        if ($cat == USER_ID + FIRST_USER_CAT) {
            return html_albummenu($aid);
        }
       
        if ($owner == USER_ID) {
            //check if admin allows editing after closing category
            if ($CONFIG['allow_user_edit_after_cat_close'] == 0) {
                //Disallowed -> Check if albums is in such a category
                $result = cpg_db_query("SELECT DISTINCT alb.category FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON alb.category=catm.cid WHERE alb.owner = '" . $USER_DATA['user_id'] . "' AND alb.aid='$aid' AND catm.group_id='" . $USER_DATA['group_id'] . "'");
                $allowed_albums = cpg_db_fetch_rowset($result);
                if (!$allowed_albums || ($allowed_albums[0]['category'] == '')) {
                    return "<strong>" . $lang_album_admin_menu['cat_locked'] . "</strong>";
                }
            }
            if (!$CONFIG['users_can_edit_pics']) {
                //return menu without edit pics button
                return html_albummenu3($aid);
            } else {
                //return whole menu
                return html_albummenu($aid);
            } 
        } else {
            return '';
        }
    }
and replace with
Code: [Select]
    if (USER_ADMIN_MODE) {
        //check if it is the user's gallery
        if ($cat == USER_ID + FIRST_USER_CAT) {
            return html_albummenu($aid);
        }
       
        if ($owner == USER_ID) {
            //check if admin allows editing after closing category
            if ($CONFIG['allow_user_edit_after_cat_close'] == 0) {
                //Disallowed -> Check if albums is in such a category
                $result = cpg_db_query("SELECT DISTINCT alb.category FROM {$CONFIG['TABLE_ALBUMS']} AS alb INNER JOIN {$CONFIG['TABLE_CATMAP']} AS catm ON alb.category=catm.cid WHERE alb.owner = '" . $USER_DATA['user_id'] . "' AND alb.aid='$aid' AND catm.group_id='" . $USER_DATA['group_id'] . "'");
                $allowed_albums = cpg_db_fetch_rowset($result);
                if (!$allowed_albums || ($allowed_albums[0]['category'] == '')) {
                    return "<strong>" . $lang_album_admin_menu['cat_locked'] . "</strong>";
                }
            }
            if (!$CONFIG['users_can_edit_pics']) {
                //return menu without edit pics button
                return html_albummenu3($aid);
            } else {
                //return whole menu
                return html_albummenu($aid);
            } 
        } else {
            return html_albummenu2($aid);
        }
    }


2. Adjust the permission check for the edit form
3. Adjust the permission check while processing the form data
Open editpics.php, find
Code: [Select]
" WHERE p.aid = '$album_id' $owner_str" .and replace with
Code: [Select]
" WHERE p.aid = '$album_id'" .
Now all registered users can also delete files. Use this mod at your own risk!
Logged
Pages: [1]   Go Up
 

Page created in 0.022 seconds with 20 queries.