MyBBHacks.com Plugins for  MyBB

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Access to ezGallery
#1
Hi,

first, my english is really bad, sorry.
I have an access issue with the ezGallery package download on mybb.com.

ezGallery work as 'deny,allow' and use '$mybb->user['usergroup']'. this var only contain first usergroup, but not additionnals groups.

i have add additionnals groups support in my ezGallery /inc/ezgallery.lib.php to handle access.

here the rewritted function.

Code:
function allowedTo($permission = '')
{
    global $mybb, $galleryPermissions;
    $permRow = $galleryPermissions[$mybb->user['usergroup']];

    // access are : deny, allow
    if ($permission == 'view'        && $permRow['view'])        return $permRow['view'];
    if ($permission == 'add'         && $permRow['add'])         return $permRow['add'];
    if ($permission == 'edit'        && $permRow['edit'])        return $permRow['edit'];
    if ($permission == 'delete'      && $permRow['delete'])      return $permRow['delete'];
    if ($permission == 'comment'     && $permRow['comment'])     return $permRow['comment'];
    if ($permission == 'report'      && $permRow['report'])      return $permRow['report'];        
    if ($permission == 'autoapprove' && $permRow['autoapprove']) return $permRow['autoapprove'];
    if ($permission == 'manage'      && $permRow['manage'])      return $permRow['manage'];    
    
    // Get access for additionnal userGroups
    $additionalGroups = preg_split('/,/', $mybb->user['additionalgroups']);
    foreach ($additionalGroups as $additionalGroup) {
        $permRow = $galleryPermissions[$additionalGroup];
        if ($permission == 'view'        && $permRow['view'])        return $permRow['view'];
        if ($permission == 'add'         && $permRow['add'])         return $permRow['add'];
        if ($permission == 'edit'        && $permRow['edit'])        return $permRow['edit'];
        if ($permission == 'delete'      && $permRow['delete'])      return $permRow['delete'];
        if ($permission == 'comment'     && $permRow['comment'])     return $permRow['comment'];
        if ($permission == 'report'      && $permRow['report'])      return $permRow['report'];        
        if ($permission == 'autoapprove' && $permRow['autoapprove']) return $permRow['autoapprove'];
        if ($permission == 'manage'      && $permRow['manage'])      return $permRow['manage'];
    }
    
    return 0;
}
Reply
#2
Nice TY very very much will use in next ezGallery Update
Like what I do? Support me at https://www.patreon.com/vbgamer45/
Reply
#3
This kind of permission system is really needed. We only want to allow members of a "higher level" group to have galleries, but their primary group is still "Registered". The "Registered" users that are not part of the higher group may still view and comment on galleries.

I have reworked this same function to take a user's additional groups into consideration when determining permissions, the result is quite compact.

I release this code into the Public Domain, you are free to include this in ezGallery Pro. There is no warranty either expressed or implied.

Code:
function allowedTo($permission = '')
{
global $mybb, $galleryPermissions;

   // Note that this function returns strings, not integers.

   // Check against user's primary group.
$permRow = $galleryPermissions[$mybb->user['usergroup']];
   if (isset($permRow[$permission]) && $permRow[$permission] !== '0') {
       // Only return permission if it exists and is non-zero.
       return $permRow[$permission];
   }

   // Check against users additional/secondary groups.
   $additionalGroups = explode(',', $mybb->user['additionalgroups']);
   foreach ($additionalGroups as $additionalGroup) {
   $permRow = $galleryPermissions[$additionalGroup];
       if (isset($permRow[$permission]) && $permRow[$permission] !== '0') {
           // Only return permission if it exists and is non-zero.
           return $permRow[$permission];
       }
   }

   // Fall through to the default if permission was never found, or was zero.
   return '0';
}

And as a unified diff (patch):
Code:
--- ezgallery.lib.php.orig 2015-07-01 16:15:31.736558646 +1000
+++ ezgallery.lib.php 2015-07-01 16:14:09.316439715 +1000
@@ -337,53 +337,27 @@
{
global $mybb, $galleryPermissions;

- $permRow = $galleryPermissions[$mybb->user['usergroup']];
-
- if ($permission == 'view')
- return $permRow['view'];
-
- if ($permission == 'add')
- return $permRow['add'];
-
-
-
- if ($permission == 'edit')
- return $permRow['edit'];
-
- if ($permission == 'delete')
- return $permRow['delete'];
-
- if ($permission == 'comment')
- return $permRow['comment'];
-
- if ($permission == 'report')
- return $permRow['report'];
-
- if ($permission == 'autoapprove')
- return $permRow['autoapprove'];
+    // Note that this function returns strings, not integers.

- if ($permission == 'manage')
- return $permRow['manage'];
-
-
-
- if ($permission == 'addvideo')
- return $permRow['addvideo'];
-
- if ($permission == 'bulk')
- return $permRow['bulk'];
-
- if ($permission == 'ratepic')
- return $permRow['ratepic'];
-
- if ($permission == 'autocomment')
- return $permRow['autocomment'];
+    // Check against user's primary group.
+ $permRow = $galleryPermissions[$mybb->user['usergroup']];
+    if (isset($permRow[$permission]) && $permRow[$permission] !== '0') {
+        // Only return permission if it exists and is non-zero.
+        return $permRow[$permission];
+    }

- if ($permission == 'usergallery')
- return $permRow['usergallery'];
+    // Check against users additional/secondary groups.
+    $additionalGroups = explode(',', $mybb->user['additionalgroups']);
+    foreach ($additionalGroups as $additionalGroup) {
+    $permRow = $galleryPermissions[$additionalGroup];
+        if (isset($permRow[$permission]) && $permRow[$permission] !== '0') {
+            // Only return permission if it exists and is non-zero.
+            return $permRow[$permission];
+        }
+    }

- if ($permission == 'editcomment')
- return $permRow['editcomment'];
+    // Fall through to the default if permission was never found, or was zero.
+    return '0';
}

function GalleryLoadPermissions()
Reply
#4
Nice mgrindel! Looks good thanks!
Like what I do? Support me at https://www.patreon.com/vbgamer45/
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)