Posted by igorik on October 18, 2009 at 12:12pm
Jump to:
| Project: | Image Browser |
| Version: | 6.x-2.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Peter Törnstrand |
| Status: | closed (fixed) |
Issue Summary
Hi,
it would be great to have those permissions:
- browse own images
- delete own images
currently state is not very good, each user see each images, so when user wants to find his images, he/she have to browse a lot of pages other user's images.
thanks
Igor
Comments
#1
Hi
just wondering, Is it harded to do this permissions with imagefield as with image?
#2
yes... it would be nice if someone can make image browser to browse own images
#3
This could be done but the ib_browser view must be based on the User table instead of the Files table. I will have a look at this.
#4
Thanks, I am looking forward to it! It will be great.
#5
This is now implemented in 2.x-DEV.
#6
jupiii :) I can't wait till I come at home and I will try it :)
#7
doesn't work for me.. just show emty page while open by some user except admin...something wrong I thing, because earlier it was normal when open it by some user
#8
try download now development version, it took some time when it is switched to the latest version.
Don't forget to set new permissions at first.
Igor
#9
So it does work?
#10
permissions works. I can see only my image when I set appropriate permissions.
but I can't insert image into textarea, after click on it it throw javascript error, but it isn't for issue.
#11
I 've checked last dev now..
i checked new permissions (browse own images), but i can't insert any image in FCKEditor. I open Image Browser windows and click on the image but nothing happens.. and another user can also see images in IB which were uploaded by another user (admin) although permisssion for registered user is "Browser own images" and "view images" and "upload images" are turned on....
still returned for previous version without new permissions..
#12
Hi
i have the same problem, that after click no image is inserted.
I tried it with fck Editor and than with wysiwyg+ ck editor, tha same problem was with both of them.
#13
You are right. I missed to add a field to the view containing the File ID. It was available automatically when using Files as the base table for the view. When using User as base table the field had to be added manually.
The latest 2.x-DEV release should correct this problem.
#14
I've tried the last 2.x-DEV but it still doesn't work : when i click on image nothing happens (can not add to FCKEditor)
#15
I think that you have to wait a few hours when version will be replaced by drupal.
Or you can look at CVS changes and manualy add changes to your module code
#16
i've added mannualy through CVS.. but it doesn't work.. see my previous message!
#17
yes, I can confirm this error, now I added it from cvs too, it is better because I got window with choosing imagecache preset and css, but after press insert I still got javascript error and nothing was inserted.
the error is:
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Timestamp: Sat, 6 Feb 2010 19:06:50 UTC
Message: 'Selection' is null or not an object
Line: 22
Char: 3
Code: 0
URI: http://www.somvprahe.sk/sites/all/modules/imagebrowser/plugins/ib_fckedi...
#18
I can open IB window with thumbnails, but if i click any thumbnail on nothing happens..
It's strange if you see insert button because I m not...
#19
yes, after last change in imagebrowser.views_default.inc i can click on the thumbnail in imagebrowser and then on the insert button. But - nothing is happend, just javascript error. (fck editor)
#20
Ok. I did not discover this error in my testing. Are you using FCKEditor via Wysiwyg module or the FCKEditor module? I will work on correcting this tonight.
#21
igorik, blixxxa, gothica Hi
1.) I confirm that permissions work ! (this is fantastic !)
2.) For the new (updated) views to make it work:
a) i disable and unistalled all related modules (imagebrowser AND FCKEditor module)
b) deleted from modules directory
c) updated imagebrowser.views_default.inc file from cvs MANUALLy with copy paste from the diff file
(this was strange - when i was clicking download on v 1.1.4.5 the file was v 1.1.4.4)
see : http://drupalcode.org/viewvc/drupal/contributions/modules/imagebrowser/i...
anyway i did it manually....
d) folowed the instructions in readme file (also the readme file in imagebrowser\plugins\ib_fckeditor directory
Everything works fine now !
Edit: I did all these procedure above because i had WYSIWYG module on FCKEditor editor. No i have FCKEditor module on FCKEditor editor
cheers !
Thanks !
#22
Hi
thanks for your info.
I am using fck editor standalone module (not wysiwyg module)
is it really safe uninstall image browser module? I was affraid that it will remove all imagebrowser filters and images.
probably there will be need to again create the same image presets to have old images working?
thanks
Igor
#23
Hi igorik
Oh yes this is a good point...
Well as far as i know ib does nothing about (image) files when unistalling. (I assume that only uploads files and uses views to present them...)
After unistall:
All my images were there, and also all my imagecache image presets... The only image preset that was unistalled was ib_thumbnail, the one ib module creates. Also ib views were gone, but after install they are back again.
Anyway, the procedure presented in my previous post is not the (must do) procedure. I just presented , because i had wysiwyg module, before the permissions upgrade, and, after the last bug in views i was quite confused playing around and finally a had a mess. So i decided to make a clean install with FCKEditor module and not with wysiwyg module.
If it is possible make a full back up before. This is what i have done three-four times today !
(oh my ! this module worths it)
Thanks !
#24
Ok. So do I understand correct that the permission work but the "upgrade" from previous 2.x-DEV versions may be a bit tricky? Remember that this is a DEV version of the module and not intended for production sites. However I do appreciate that so many are installing it and helping out in finding bugs.
Once this module hits gold it will rock :-)
#25
Hi
Well, digging a little more i found that permissions are not working properly.
As "admin" (user id 1), i can see only my images (browse own).
Also, another user can only browse his images, even if browse all images permissions are set for this user role.
Conclusion: New permissions - as per this issue- work, but old permisions not : (Browse all images not working)
#26
FanisTsiros, thanks for the help.
I uninstall the imagebrowser module, then enable it, and now evrything works fine. I started to use Wysiwyg + ck editor + image browser
#27
Yes! I can confirm that now new permissions work! I've just uninstalled previous version and delete folder imagebrowser and installed new version. I also delete ib_browser view after uninstalling old version! Without it - were not working...
It's a GOLD module now!
#28
As per #25
The Browse All images is not working even if Browse own images is unchecked in permissions.
We can browse only own images either way...
I think that the problem is with the uid Argumnet in views.
When browse OWN images is set, then the uid argument is set in views.
Is the uid argument, UNSET in views, (after browse all images permissions set) or is there by default ?
#29
per #27
Ah... you also delete the folder...
But, are you sure that BROWSE ALL IMAGES still working ? (not only new permissions : browse own)
But i will check it again !
Thanks Igorik !
#30
Hi FanisTsiros, you are right, browse all images doesn't work for me now. Only browse own images.
#31
Browse all images still not working...
also with unistall - install - clear cache e.t.c.
and also with wysiwyg module on FCKEditior and CKEditor editors.
(previously tested with FCKEditor module on FCKEditor editor)
#32
Hi,
i am back again. I think that the problem with "browse all images" permissions is the uid argument provided to views by the ImageBrowser module when we check "browse all images" permissions.
So i added a line of code (the else statement) in line 351 (imagebrowser.module file) providing the 'all' wildcard argument.
if (!user_access('browse all images') && user_access('browse own images')) {$view->set_arguments(array($user->uid));
}
else {
$view->set_arguments(array('all'));
}
Sorry i cannot provide a patch for this...
And of course this needs review, i 'm not sure if this is the way to go.
All i did with this code was to provide the 'all' wildcard to views argument to return all values, (all images)
Please review and test if this is the solution. With this code permissions work !
Cheers
#33
Coding looks sound to me. Cheers
#34
hmm...
This permissions issue is going to be long...
Above Code in #32 is wrong.
The problem is that the "all" argument provided in views is provided only once.
So, when a user with "browse all images" permissions presses the "next page" button (below in the pager of ib interface) - then the argument provided into views is again the default argument, and this is the current loged in user id, se views return only own images... ;-(
Is there a way to provide the "all" argument in every page of the view ? Or maybe change the view ?
Another problem is that, traditionally, site administrators should browse all images by default (or not) ?
So the only way for the administrator to have 'browse all images' permissions is to have another role with these permissions.
Anyway, i'll try to modify the views (and / or ib code) to have the functionality we want and i'll be back !
#35
Ok. The problem with the argument not remaning on page switch is that it's not provided via the path but manually via code. And we can't just provide the argument via path beacuse it is not secure enough.
As stated in #34, user 1 should always be able to browse all images. So this should be added to the code as well.
#36
Ok. One solution to this problem is to modify the view. Instead of "Provide default argument > User ID from logged in user" we use "Provide default argument > PHP code" and use this snippet:
global $user;if($user->uid == 1 || user_access('browse all images')):
return 'all';
elseif(user_access('browse own images')):
return $user->uid;
endif;
This works with my limited preliminary testing. Can someone else please test this.
#37
One more step ... to rock !
1. Commented the following 4 lines in imagebrowser.module file:
// Add uid argument if user only has permissions to browse own images.global $user;
if (!user_access('browse all images') && user_access('browse own images')) {
$view->set_arguments(array($user->uid));
2. Modified the ib_browser views (per #36)
So now, the views argument is not provided by ImageBrowser module, but from the views.
Works fine and the "Browse Images" permissions work fine,
but not working for deleting own images. (Dead white screen in ImageBrowser pop-up user interface and the image not deleted)
Well, i found that the problem is with the following function in imagebrowser.module file:
function imagebrowser_delete($program, $fid = 0) {if (user_access('delete any image')) {
$query = db_query("SELECT filepath FROM {files} WHERE fid = %d", $fid);
$filepath = db_result($query);
unlink($filepath);
$query = db_query("DELETE FROM {files} WHERE fid = %d", $fid);
drupal_set_message(t('Image deleted successfully.'));
header("Location: ". base_path() ."imagebrowser/". $program);
exit();
}
}
As seen the function deletes the file only if the user has 'delete any image' permissions.
So i changed this to
function imagebrowser_delete($program, $fid = 0) {if (user_access('delete any image') || user_access('delete own images'))the rest remains tha same
{$query = db_query("SELECT filepath FROM {files} WHERE fid = %d", $fid);
$filepath = db_result($query);
unlink($filepath);
$query = db_query("DELETE FROM {files} WHERE fid = %d", $fid);
drupal_set_message(t('Image deleted successfully.'));
header("Location: ". base_path() ."imagebrowser/". $program);
exit();
}
}
I'm not sure if this is right though (i mean if this is secure). Maybe the user id should be in the query with a modified if else statement and withoute the || (or).
(Sorry but i'm not a PHP guru.... to include it in query...)
With this modifications Delete Own permissions Also Worked !
I also tested all combinations with browse-delete all-own with authenticated user and also with another role. Everthing is OK.
cheers !
#38
Ok. This is now implemented in 2.x-DEV. Latest snapshot should fix the problem. However, since there was modifications to the view you may have to uninstall any previous version of the module in order for this to work.
#39
Automatically closed -- issue fixed for 2 weeks with no activity.