[CPG1.2.1 only]: assigning exclusive and 'no config' right to users [CPG1.2.1 only]: assigning exclusive and 'no config' right to users
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

[CPG1.2.1 only]: assigning exclusive and 'no config' right to users

Started by king2, March 26, 2004, 12:01:48 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

king2

OK, as I see, there are no possibility to assign some exclisive privileges to some specific user without gambling with groups, and no possibility to enable all privileges but config to some users (moderators). I asked a question but got no way to solve problem, so I made a patch for Coppermine. May be, this patch will be useful for somebody...

This patch (or mod) adds possibility to assign to specific users all privileges from Groups menu + Admin (user = admin) + Moderator (user = admin - config :)).

I cannot post files to this forum, so I will try to describe process here :)

First, you have to download file http://king2.kaluga.ru/exclude.zip, place it to gallery root path and unzip. There two files in zip - excludemgr.php and excludecheck.php.

Next, you have to edit groupmgr.php file. Find code at the end of file:

endtable();
pagefooter();
ob_end_flush();

and change it to the:

endtable();
include("excludemgr.php");
pagefooter();
ob_end_flush();

OK, now we have to edit include/init.inc.php. Look for

error_reporting(E_ALL);

and add a line, you'll get:

error_reporting(E_ALL);
include("excludecheck.php");


Now find

define('USER_GROUP', $USER_DATA['group_name']);
define('USER_GROUP_SET', '(' . $USER_DATA['group_id'] . ')');
define('USER_IS_ADMIN', USER_ID ? ($USER_DATA['mgroup'] == IB_ADMIN_GROUP) : 0);
define('USER_CAN_SEND_ECARDS', (int)$USER_DATA['can_send_ecards']);
define('USER_CAN_RATE_PICTURES', (int)$USER_DATA['can_rate_pictures']);
define('USER_CAN_POST_COMMENTS', (int)$USER_DATA['can_post_comments']);
define('USER_CAN_UPLOAD_PICTURES', (int)$USER_DATA['can_upload_pictures']);
define('USER_CAN_CREATE_ALBUMS', USER_ID ? (int)$USER_DATA['can_create_albums'] : 0);
mysql_free_result($result);

and add two lines:

define('USER_GROUP', $USER_DATA['group_name']);
define('USER_GROUP_SET', '(' . $USER_DATA['group_id'] . ')');
if (!special_user()) {
 define('USER_IS_ADMIN', USER_ID ? ($USER_DATA['mgroup'] == IB_ADMIN_GROUP) : 0);
 define('USER_CAN_SEND_ECARDS', (int)$USER_DATA['can_send_ecards']);
 define('USER_CAN_RATE_PICTURES', (int)$USER_DATA['can_rate_pictures']);
 define('USER_CAN_POST_COMMENTS', (int)$USER_DATA['can_post_comments']);
 define('USER_CAN_UPLOAD_PICTURES', (int)$USER_DATA['can_upload_pictures']);
 define('USER_CAN_CREATE_ALBUMS', USER_ID ? (int)$USER_DATA['can_create_albums'] : 0);
}
mysql_free_result($result);

It is very important to add first line (special_user) before USER_IS_ADMIN line and second line (}) just before mysql_free_result($result);.

A 10-15 lines below you will find very similar piece of defines, change it same way. You'll get:

define('USER_ID', 0);
define('USER_NAME', 'Anonymous');
define('USER_GROUP_SET', '(' . IB_GUEST_GROUP . ')');
if (!special_user()) {
 define('USER_IS_ADMIN', 0);
 define('USER_CAN_SEND_ECARDS', (int)$USER_DATA['can_send_ecards']);
 define('USER_CAN_RATE_PICTURES', (int)$USER_DATA['can_rate_pictures']);
 define('USER_CAN_POST_COMMENTS', (int)$USER_DATA['can_post_comments']);
 define('USER_CAN_UPLOAD_PICTURES', (int)$USER_DATA['can_upload_pictures']);
 define('USER_CAN_CREATE_ALBUMS', 0);
}
mysql_free_result($result);


If you are using bulletin integration, you have to patch same way bridge/YOURBOARDNAME.inc.php (another two places).

Continue with include/init.inc.php. Find

require "themes/{$CONFIG['theme']}/theme.php";
$THEME_DIR = "themes/{$CONFIG['theme']}/";

and add a line:

require "themes/{$CONFIG['theme']}/theme.php";
if (DISABLE_CONFIG) template_extract_block($template_gallery_admin_menu, 'config');
$THEME_DIR = "themes/{$CONFIG['theme']}/";


Now we have to patch themes. Open each themes/THEMENAME/theme.php file and find lines:
<td class="admin_menu"><a href="editpics.php?mode=upload_approval" title="">{UPL_APP_LNK}</a></td>
<td class="admin_menu"><a href="config.php" title="">{CONFIG_LNK}</a></td>
<td class="admin_menu"><a href="albmgr.php{CATL}" title="">{ALBUMS_LNK}</a></td>

add two lines:
<td class="admin_menu"><a href="editpics.php?mode=upload_approval" title="">{UPL_APP_LNK}</a></td>
<!-- BEGIN config -->
<td class="admin_menu"><a href="config.php" title="">{CONFIG_LNK}</a></td>
<!-- END config -->
<td class="admin_menu"><a href="albmgr.php{CATL}" title="">{ALBUMS_LNK}</a></td>

OK, we got a part of theme marked as 'config'. This part of HTML (actually, config tab) will be removed if user has Moderator flag set.

OK, now you have to browse http://youserver.yourdomain/gallerypath/groupmgr.php?create_table=1. Your SQL user must have rights to create tables. OK, patching is finished.

Click to Groups. You will see second edit form (below groups editor) with one empty record. You can enter some username here and change its privileges. Press Apply changes (after second table). Now you will see two records - one you just entered and second empty. To delete user just make its username empty and Apply changes. Settings in second table will override settings from user's group.

Second table has two new fields - Admin and Moderator. If you set Admin to Yes, user will have admin rights. If you set Moderator to Yes, user wil have admin rights, but he will have no access to Config menu.

So, that's all. Use it if you need it. :)
Is it useful?
king2

Casper

Nice work. Please post what system, and which bulletin board integration, you have tested this on.  

This is something many have asked for, so I think you're going to be very popular if this works  :wink:
On of the dev team will move it to the mods board if there are no problems.
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

king2

Quote from: "casper"Nice work. Please post what system, and which bulletin board integration, you have tested this on.  

Thanks! I've tested it with Invision board and without any board. It works ;-) I think it will work with other 3 boards supported.

Quote from: "casper"This is something many have asked for, so I think you're going to be very popular if this works  :wink:

Thanks :roll:

Quote from: "casper"On of the dev team will move it to the mods board if there are no problems.

May be include it to the future release of Coppermine if it useful?
king2

lancefiasco

Please let us know if you have installed this (I want to see if I want to go for it).  I really need this mod for my board.

king2

Quote from: "lancefiasco"Please let us know if you have installed this (I want to see if I want to go for it).  I really need this mod for my board.

Of course, I have this mod installed, I made it for using. :)

See screenshot below:
(https://coppermine-gallery.com/forum/proxy.php?request=http%3A%2F%2Fking2.kaluga.ru%2Fgroupedit.jpg&hash=749f46bd3674fc1a37b081c160a7e4aff3a6b121)
king2


athlonkmf

Not sure if this is right, but this is what happens to me.

If a person is a moderator, but not admin, he can still get to config.php, groupmgr.php, etc if he just types the right addresss.

So... if you want a moderator not to be able to do banning, groupmanaging, etc. it's best to set chmod those files, or rename them, so they can't access it.

Or change the code in those files a bit.

Just a hint.
My coppermine gallery with 35000 images: http://www.asianfanatics.net/
Another coppermine gallery with images over the 1MB http://dsample.kmfstudio.com

athlonkmf

My coppermine gallery with 35000 images: http://www.asianfanatics.net/
Another coppermine gallery with images over the 1MB http://dsample.kmfstudio.com

Casper

That's not really a surprise.  version 1.3 has a lot of code changes from 1.2.1, which this mod was written for.  it will undoubted require some work to be used for 1.3., which remember is still in the beta stage.
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

athlonkmf

Quote from: "casper"That's not really a surprise.  version 1.3 has a lot of code changes from 1.2.1, which this mod was written for.  it will undoubted require some work to be used for 1.3., which remember is still in the beta stage.

The code needed to modified for this mod was the same so I thought it'll be no problem to implement this too. Too bad, it give SQL errors now. So maybe the excludemod use some different kind of tables. didn;'t have time (too lazy to open up phpmyadmin) to look into it
My coppermine gallery with 35000 images: http://www.asianfanatics.net/
Another coppermine gallery with images over the 1MB http://dsample.kmfstudio.com

athlonkmf

Hmm.. i've found out... somehow the users_exclude table can't be created by the mod, so i had to insert the table myself


CREATE TABLE cpg11d_userexcludes (
  user_id int(11) NOT NULL auto_increment,
  user_name varchar(255) NOT NULL default '',
  user_quota int(11) NOT NULL default '0',
  has_admin_access tinyint(4) NOT NULL default '0',
  can_rate_pictures tinyint(4) NOT NULL default '0',
  can_send_ecards tinyint(4) NOT NULL default '0',
  can_post_comments tinyint(4) NOT NULL default '0',
  can_upload_pictures tinyint(4) NOT NULL default '0',
  can_create_albums tinyint(4) NOT NULL default '0',
  pub_upl_need_approval tinyint(4) NOT NULL default '1',
  priv_upl_need_approval tinyint(4) NOT NULL default '1',
  is_moderator tinyint(4) NOT NULL default '0',
  PRIMARY KEY  (user_id),
  KEY username (user_name)
) TYPE=MyISAM;


WIth this it iwll work .


[EDIT]

Ah, it's too good to be true. The "moderators" can't add pictures anymore. I think it's because they have less values in the database on user_excludes. I'll check if I can do something about that.
My coppermine gallery with 35000 images: http://www.asianfanatics.net/
Another coppermine gallery with images over the 1MB http://dsample.kmfstudio.com

meleth

Hrm all i get is

Fatal error :
There was an error while processing a database query

Edit: The reason for this seems to be the checks 'if (!special_user()) {' for some reason special_user isn't created by the script. Any idea on how to fix this?

DefenceTalk.com

Hi,

Does this work with the latest CPG release?

Help would be nice in this area.
(https://coppermine-gallery.com/forum/proxy.php?request=http%3A%2F%2Fwww.defencetalk.com%2Fpictures%2Fsignature_cpg.php&hash=c0098ed5314d39beb9e8799c7c8787a9a0353b45)

Casper

No, it won't work, as the posts above show.
This hack was a user contribution, and is quite buggy anyway, and is not supported by the dev team.

So it will need someone else to look into any changes required for it to work with 1.3.1. sorry.
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

m0nty

for now u have to create the table manually in phpmyadmin..

CREATE TABLE prefix_userexcludes (
user_id int(11) NOT NULL auto_increment,
user_name varchar(255) NOT NULL default '',
user_quota int(11) NOT NULL default '0',
has_admin_access tinyint(4) NOT NULL default '0',
can_rate_pictures tinyint(4) NOT NULL default '0',
can_send_ecards tinyint(4) NOT NULL default '0',
can_post_comments tinyint(4) NOT NULL default '0',
can_upload_pictures tinyint(4) NOT NULL default '0',
can_create_albums tinyint(4) NOT NULL default '0',
pub_upl_need_approval tinyint(4) NOT NULL default '1',
priv_upl_need_approval tinyint(4) NOT NULL default '1',
is_moderator tinyint(4) NOT NULL default '0',
PRIMARY KEY  (user_id),
KEY username (user_name)
) TYPE=MyISAM;

but whereas was previously posted.. u need to change the prefix (highlighted in red) to match that of the prefix of your own gallery..

except i now get an error when trying to upload?

the message:

Invalid action for form creation. when clicking the upload button when user is moderator..

can anybody suggest a reason for this?