Commit 3441131d authored by jlaval's avatar jlaval
Browse files

* Ajout dans user/photos.php la possibilite de voir les photos où l'on est photographe

* Enlève le check des droits pour plusieurs partie du code (photo.inc.php, cat.inc.php, photos.php) dans le cas où nous voulons voir les photos qui nous concernent (i.e. celles où on est photographe et celles où on apparait)
* Ajout d'un support basique pour que les anciens cotisants puisse voir les photos des périodes où ils étaient cotisant.
parent aa78d8bd
......@@ -746,6 +746,26 @@ class utilisateur extends stdentity
return $this->_grps;
}
/**
* Renvoie un fragment SQL qui gère les autorisations de groupe de manière
* permissive en prenant en compte la date de dernière cotisation par rapport
* à la date passée en paramètre
*/
function get_grps_authorization_fragment ($date_field, $grps, $id_groupe)
{
$fragment = $id_groupe.' IN ('.$grps.')';
if ($this->ae)
return $fragment;
$derniere_cotiz = $this->date_derniere_cotiz_a_lae();
if (!$derniere_cotiz)
return $fragment;
$fragment = '('.$fragment.' OR ('.$id_groupe.' = \'ae_membres\' AND '.$date_field.' <= '.$derniere_cotiz.'))';
}
/* Extra infos management */
/** Change toutes les informations secondaires de l'utilisateur
*/
......@@ -2485,6 +2505,19 @@ http://ae.utbm.fr";
$this->id = null;
return false;
}
function date_derniere_cotiz_a_lae ()
{
$req = new requete($this->db,
'SELECT date_fin_cotis FROM `ae_cotisations` '.
'WHERE `id_utilisateur` = \''.$this->id.'\' '.
'ORDER BY date_fin_cotis DESC '.
'LIMIT 1');
$row = $req->lines > 0 ? $req->get_row () : false;
return $req->lines > 0 ? $row['date_fin_cotis'] : false;
}
}
?>
......@@ -192,7 +192,7 @@ class catphoto extends basedb
"WHERE " .
"id_catph='".$id_cat."'$filter AND " .
"((((droits_acces_ph & 0x1) OR " .
"((droits_acces_ph & 0x10) AND id_groupe IN ($grps))) " .
"((droits_acces_ph & 0x10) AND ".$user->get_grps_authorization_fragment('date_debut_catph', $grps, 'id_groupe').")) " .
"AND droits_acquis='1' AND modere_ph='1' ) OR " .
"(id_groupe_admin IN ($grps)) OR " .
"((droits_acces_ph & 0x100) AND sas_photos.id_utilisateur='".$user->id."') OR " .
......@@ -216,7 +216,7 @@ class catphoto extends basedb
"WHERE " .
"id_catph_parent='$id_cat' AND " .
"((droits_acces_catph & 0x1) OR " .
"((droits_acces_catph & 0x10) AND id_groupe IN ($grps)) OR " .
"((droits_acces_catph & 0x10) AND ".$user->get_grps_authorization_fragment('date_debut_catph', $grps, 'id_groupe').") OR " .
"(id_groupe_admin IN ($grps)) OR " .
"((droits_acces_catph & 0x100) AND id_utilisateur='".$user->id."')) " .
"ORDER BY `date_debut_catph` DESC,`nom_catph`");
......@@ -255,7 +255,7 @@ class catphoto extends basedb
"WHERE " .
"id_catph_parent='".$this->id."' AND " .
"((droits_acces_catph & 0x1) OR " .
"((droits_acces_catph & 0x10) AND id_groupe IN ($grps)) OR " .
"((droits_acces_catph & 0x10) AND ".$user->get_grps_authorization_fragment('date_debut_catph', $grps).") OR " .
"(id_groupe_admin IN ($grps)) OR " .
"((droits_acces_catph & 0x100) AND id_utilisateur='".$user->id."')) ";
......@@ -286,6 +286,7 @@ class catphoto extends basedb
"AND (sas_cat_photos.meta_id_asso_catph!='".$this->meta_id_asso."' OR sas_cat_photos.meta_id_asso_catph IS NULL)";
$query .= "UNION ".
"SELECT sas_cat_photos.id_catph, ".
"sas_cat_photos.nom_catph, ".
"sas_cat_photos.id_photo, ".
......@@ -583,6 +584,14 @@ class catphoto extends basedb
if (!$user->is_asso_role($meta_id_asso, ROLEASSO_PRESIDENT) && !$user->is_asso_role($meta_id_asso, ROLEASSO_RESPCOM))
return false;
// Droit de lecture de toutes les catégories pour les utilisateurs qui ont déjà été à l'AE.
$derniere_cotiz = false;
if (!$result && ($dernier_cotiz = $user->date_derniere_cotiz_a_lae ()) && $required == DROIT_LECTURE) {
$date_derniere_cotiz = strtotime($dernier_cotiz);
if ($date_derniere_cotiz >= $date_debut)
return true;
}
return $result;
}
......
......@@ -841,6 +841,17 @@ class photo extends basedb
if ( $this->is_on_photo($user->id) )
return true;
if ( $this->id_utilisateur_photographe == $user->id )
return true;
// Droit de lecture de toutes les photos pour les utilisateurs qui ont déjà été à l'AE.
$derniere_cotiz = false;
if (($dernier_cotiz = $user->date_derniere_cotiz_a_lae ()) && $required == DROIT_LECTURE) {
$date_derniere_cotiz = strtotime($dernier_cotiz);
if ( $date_derniere_cotiz >= $date_debut)
return true;
}
if ( $this->meta_id_asso )
if ( $user->is_asso_role($this->meta_id_asso,ROLEASSO_MEMBREBUREAU) )
return true;
......@@ -896,7 +907,6 @@ class photo extends basedb
array("id_catph"=>$this->id_catph),
array("id_photo"=>$this->id ));
}
}
?>
......@@ -66,7 +66,8 @@ $cts->add(new tabshead($user->get_tabs($site->user),"photos"));
if ( $user->id==$site->user->id )
{
$tabs = array(
array("","user/photos.php?id_utilisateur=".$user->id,"Photos"),
array("","user/photos.php?id_utilisateur=".$user->id,"Photos où je suis présent"),
array("","user/photos.php?see=photograph&id_utilisateur=".$user->id,"Photos comme photographe"),
array("stats","user/photos.php?see=stats&id_utilisateur=".$user->id,"Statistiques"),
array("new","user/photos.php?see=new&id_utilisateur=".$user->id,"Nouvelles photos"));
}
......@@ -119,24 +120,18 @@ elseif ( $user->id == $site->user->id && isset($_REQUEST["see"]) && $_REQUEST["s
else
{
$req = new requete($site->db,"SELECT sas_photos.*,sas_cat_photos.nom_catph " .
"FROM sas_personnes_photos AS `p2` " .
"INNER JOIN sas_photos ON p2.id_photo=sas_photos.id_photo " .
"INNER JOIN sas_cat_photos ON sas_cat_photos.id_catph=sas_photos.id_catph " .
"LEFT JOIN sas_personnes_photos AS `p1` ON " .
"(p1.id_photo=sas_photos.id_photo " .
"AND p1.id_utilisateur='". $user->id."' " .
"AND p1.modere_phutl='1') " .
"WHERE " .
"p2.vu_phutl='0' AND " .
"p2.id_utilisateur='". $user->id."' AND " .
"((((droits_acces_ph & 0x1) OR " .
"((droits_acces_ph & 0x10) AND sas_photos.id_groupe IN ($grps))) " .
"AND droits_acquis='1') OR " .
"(sas_photos.id_groupe_admin IN ($grps)) OR " .
"((droits_acces_ph & 0x100) AND sas_photos.id_utilisateur='". $site->user->id."') OR " .
"((droits_acces_ph & 0x100) AND p1.id_utilisateur IS NOT NULL) ) " .
"ORDER BY sas_cat_photos.date_debut_catph DESC, sas_cat_photos.id_catph DESC, date_prise_vue "
);
"FROM sas_personnes_photos AS `p2` " .
"INNER JOIN sas_photos ON p2.id_photo=sas_photos.id_photo " .
"INNER JOIN sas_cat_photos ON sas_cat_photos.id_catph=sas_photos.id_catph " .
"LEFT JOIN sas_personnes_photos AS `p1` ON " .
"(p1.id_photo=sas_photos.id_photo " .
"AND p1.id_utilisateur='". $user->id."' " .
"AND p1.modere_phutl='1') " .
"WHERE " .
"p2.vu_phutl='0' AND " .
"p2.id_utilisateur='". $user->id."' ".
"ORDER BY sas_cat_photos.date_debut_catph DESC, sas_cat_photos.id_catph DESC, date_prise_vue "
);
$prev_id_catph=-1;
$gal=null;
......@@ -166,30 +161,70 @@ elseif ( $user->id == $site->user->id && isset($_REQUEST["see"]) && $_REQUEST["s
}
}
}
else
{
elseif ( $user->id == $site->user->id && isset($_REQUEST["see"]) && $_REQUEST["see"] == "photograph" ) {
$req = new requete($site->db,"SELECT sas_photos.*,sas_cat_photos.nom_catph " .
"FROM sas_personnes_photos AS `p2` " .
"INNER JOIN sas_photos ON p2.id_photo=sas_photos.id_photo " .
"INNER JOIN sas_cat_photos ON sas_cat_photos.id_catph=sas_photos.id_catph " .
"LEFT JOIN sas_personnes_photos AS `p1` ON " .
"(p1.id_photo=sas_photos.id_photo " .
"AND p1.id_utilisateur='". $site->user->id."' " .
"AND p1.modere_phutl='1') " .
"WHERE " .
"p2.id_utilisateur='". $user->id."' AND " .
"((((droits_acces_ph & 0x1) OR " .
"((droits_acces_ph & 0x10) AND sas_photos.id_groupe IN ($grps))) " .
"AND droits_acquis='1') OR " .
"(sas_photos.id_groupe_admin IN ($grps)) OR " .
"((droits_acces_ph & 0x100) AND sas_photos.id_utilisateur='". $site->user->id."') OR " .
"((droits_acces_ph & 0x100) AND p1.id_utilisateur IS NOT NULL) ) " .
"ORDER BY sas_cat_photos.date_debut_catph DESC, sas_cat_photos.id_catph DESC, date_prise_vue "
);
"FROM sas_photos" .
"INNER JOIN sas_cat_photos ON sas_cat_photos.id_catph=sas_photos.id_catph " .
"WHERE " .
"sas_photos.id_utilisateur_photographe = '". $user->id."' ".
"ORDER BY sas_cat_photos.date_debut_catph DESC, sas_cat_photos.id_catph DESC, date_prise_vue "
);
$prev_id_catph=-1;
$gal=null;
while ( $row = $req->get_row())
{
if ( $prev_id_catph != $row['id_catph'] )
{
if ( $gal )
$cts->add($gal,true);
$gal = new gallery($row['nom_catph'],"photos");
$prev_id_catph = $row['id_catph'];
}
$img = "../sas2/images.php?/".$row['id_photo'].".vignette.jpg";
$gal->add_item("<a href=\"../sas2/?id_photo=".$row['id_photo']."\"><img src=\"$img\" alt=\"Photo\"></a>");
}
if ( $gal )
$cts->add($gal,true);
}
else
{
$req = false;
if ($site->user->id != $user->id) {
$req = new requete($site->db,"SELECT sas_photos.*,sas_cat_photos.nom_catph " .
"FROM sas_personnes_photos AS `p2` " .
"INNER JOIN sas_photos ON p2.id_photo=sas_photos.id_photo " .
"INNER JOIN sas_cat_photos ON sas_cat_photos.id_catph=sas_photos.id_catph " .
"LEFT JOIN sas_personnes_photos AS `p1` ON " .
"(p1.id_photo=sas_photos.id_photo " .
"AND p1.id_utilisateur='". $site->user->id."' " .
"AND p1.modere_phutl='1') " .
"WHERE " .
"p2.id_utilisateur='". $user->id."' AND " .
"((((droits_acces_ph & 0x1) OR " .
"((droits_acces_ph & 0x10) AND sas_photos.id_groupe IN ($grps))) " .
"AND droits_acquis='1') OR " .
"(sas_photos.id_groupe_admin IN ($grps)) OR " .
"((droits_acces_ph & 0x100) AND sas_photos.id_utilisateur='". $site->user->id."') OR " .
"((droits_acces_ph & 0x100) AND p1.id_utilisateur IS NOT NULL) ) " .
"ORDER BY sas_cat_photos.date_debut_catph DESC, sas_cat_photos.id_catph DESC, date_prise_vue "
);
} else {
// Dans le cas où on regarde les photos où on apparait, pas de calcul de droit
$req = new requete($site->db,"SELECT sas_photos.*,sas_cat_photos.nom_catph " .
"FROM sas_personnes_photos AS `p` " .
"INNER JOIN sas_photos ON p2.id_photo=sas_photos.id_photo " .
"INNER JOIN sas_cat_photos ON sas_cat_photos.id_catph=sas_photos.id_catph " .
"WHERE " .
"p.id_utilisateur='".$user->id."' ".
"ORDER BY sas_cat_photos.date_debut_catph DESC, sas_cat_photos.id_catph DESC, date_prise_vue "
);
}
$prev_id_catph=-1;
$gal=null;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment