stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 19:39:16 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,221 Commits 4 Branches 0 Tags
2dcd8f8a25fc698f2279a09752cc7bb9dfe1d7ec
Commit Graph

178 Commits

Author SHA1 Message Date
Tim Almdal
e4eedbce22 Change the upgrader so that it never deactivactes the gallery nor the current identity provider modules. Call module::deactive to truly deactivate the module. 2009-10-26 09:35:41 -07:00
Tim Almdal
24bd8e4c28 Remove a redundant comment, change the name of the identity change event to 'identity_before_change' and change the name of 'login::get_login_form()' to 'login::get_form()' 2009-10-24 11:32:09 -07:00
Tim Almdal
923a322ef5 Change the Admin_Identity_Controller to not destroy the session until after the new provider is installed. 2009-10-23 06:09:24 -07:00
Chad Kieffer
367e6a8983 Standardize message markup, make the update block status message translatable. 2009-10-23 05:41:41 -07:00
Tim Almdal
b74b131e25 Change Identity adminstration to use the uninstall/install methods when changing providers. 2009-10-22 22:30:25 -07:00
Tim Almdal
3c936d661a Change the name of identity library from Identity to IdentityProvider. Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class 2009-10-22 13:11:03 -07:00
Tim Almdal
4cb9ec1d6d Use the request::referrer to determine if we are editting the photo or album 
from the context menu or from its photo or album page.
Fixes ticket #745.  Thanks to jankoprowski for the referrer approach.
 2009-10-22 13:11:02 -07:00
Tim Almdal
51a69d7218 Merge branch 'master' into talmdal_dev 2009-10-22 07:40:50 -07:00
Tim Almdal
95f3eb3aad When an album or photo is updated always return the photo/album location as 
part of the response.  This insures that if the internet address changes, then
the page will reload properly.
 2009-10-22 07:37:14 -07:00
Tim Almdal
5e4576632d Correct white space 2009-10-21 16:02:34 -07:00
Tim Almdal
b28c758d4a Add lookup_group Identity provider API and change the permissions controller to use it to get the group it is modifying 2009-10-20 17:21:33 -07:00
Tim Almdal
7f9441c33d Changes to Identity interface to allow for multiple Identity providers. What I've tested to this point, is you can install a new provider, switch to it, login as administrator, uninstall the default user module, reinstall the user module, switch back to the user module and login. 2009-10-20 16:32:22 -07:00
Tim Almdal
098b57bf18 Simplify the user interface by moving the password reset functionality into the user module 
Bagging the User_Definition and Group_Definition abstract classes and replacing them with interfaces with the same names.
Make sure all the unit tests work.
 2009-10-19 12:53:44 -07:00
Tim Almdal
1b530e4680 Merge branch 'master' into talmdal_dev 
Conflicts:
	modules/user/views/admin_users.html.php
 2009-10-19 06:27:18 -07:00
Chad Kieffer
5f56cbf997 Wrap all admin views in g-block and g-block content. This provides the means to visually separate the view's title and description from everything else. Primary admin view title should always be h1, and only one h1 per view. Removed some unused admin CSS id's. 2009-10-18 20:22:10 -06:00
Tim Almdal
301754db73 Create a administration page that allows the administrator to change the the Identity provider if more than two are Identity providers are installed 2009-10-18 18:16:19 -07:00
Tim Almdal
78ee4193b7 Remove all non Identity API methods from Identity.php. Created an MY_Session class to provide the user state changes in the session and a login.php helper that has the login form. 2009-10-16 10:06:58 -07:00
Tim Almdal
00eacd659f Start simplifying the interface by moving the static methods from user.php and group.php. Tried creating a identity helper, but the helper identity.php was confused with the library Identity.php. So got around this by making the methods on Identity static and calling the instance within the static methods. Also temporarily moved the user.php and group.php back into the user module. 2009-10-16 08:53:31 -07:00
Tim Almdal
be6765336e Finish integrating the move of the user edit/update functions into the user module. The premise is that the plugable user module will provide the update screens if the user backend supports updates. 2009-10-16 08:53:30 -07:00
Tim Almdal
7e4c0e7135 Merge branch 'master' into talmdal_dev 2009-10-15 09:05:44 -07:00
Tim Almdal
f5dd8d487e Move all the edit/update forms for users and groups back to the user module. 2009-10-15 08:56:31 -07:00
Tim Almdal
1ca835cea7 Merge branch 'master' into talmdal_dev 2009-10-15 07:58:46 -07:00
Tim Almdal
0d5d4c81bc Move the ui for user adminsitration back to the user module. 2009-10-14 21:20:30 -07:00
Tim Almdal
2af4806011 Refactor the ui component of the user module into the gallery core module. 2009-10-13 13:19:17 -07:00
Tim Almdal
d9720b77e9 Merge branch 'master' into talmdal_dev 
Conflicts:
	modules/gallery/controllers/admin_users.php
	modules/gallery/controllers/password.php
	modules/gallery/helpers/group.php
	modules/gallery/helpers/user.php
	modules/notification/helpers/notification.php
 2009-10-13 11:48:42 -07:00
Bharat Mediratta
0a66ef9cc7 Don't allow users to change the file extension of photos/movies 
If you can change the extension, then you can alter the way the server
handles the file, which is a security problem.  So for example, you
can change a .JPG to a .PHP and then if you put some malicious PHP
code in the EXIF data, you can get the server to execute
it. Vulnerability is low because only users who have edit permissions
could do this.

Fixes ticket #846
 2009-10-13 10:36:50 -07:00
Tim Almdal
6f315ad89c Part of the previous commit, forgot to save... again 2009-10-08 06:35:38 -07:00
Tim Almdal
3a0413901f Forgot to save these before the last commit 2009-10-07 21:46:26 -07:00
Tim Almdal
b3211cb2a8 Change the users.php controller so its no longer restful. The problem with our approach to restfulness is that it assumes that the resource will be found in the gallery database. It may well be there, but in the case of using plugable drivers from users, it could be in a ldap directory, it could be the gallery3 database, but the model could be wrapped in a control structure. So it was just easier to remove the restfulness and just call user::lookup instead. 2009-10-07 20:26:26 -07:00
Tim Almdal
7f38d6ff29 Change the focus of the user module from providing user/group management to providing the default Identity implementation. 
* Remove the user_event callbacks and move them to the gallery_event callbacks. This will insure that the active user is always loaded (because the gallery callbacks are always called first) to its available to other gallery_ready handlers.  Moved the method set_request_locale to the locales helper as it is more related to locales.
* Move the user controllers and views into the gallery module.
* Move the theme and block processing out of the user module and into core.
 2009-10-06 18:30:12 -07:00
Tim Almdal
b35051ff6f Move the graphics::rotate to gallery_graphics::rotate to be consistent with the other gallery graphics functions. 2009-10-06 18:30:08 -07:00
Tim Almdal
dc0d344b4a Move the graphics::rotate to gallery_graphics::rotate to be consistent with the other gallery graphics functions. 2009-10-06 12:58:53 -07:00
Tim Almdal
2634a683b3 Revert "Create a gallery::plugin_path which returns the appropriate path to the module or theme. This checks for the existence of an application/modules or application/themes first." 
This reverts commit e1e1461a77caf5bff457927f098366497de6ffff.
 2009-10-04 10:12:22 -07:00
Tim Almdal
aa0529d557 Create a gallery::plugin_path which returns the appropriate path to the module or theme. This checks for the existence of an application/modules or application/themes first. 2009-10-04 10:12:21 -07:00
Chad Kieffer
3e6ba7acc3 Renamed most, if not all css selectors from gName to g-name. Moved a few shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features. 2009-10-04 00:27:22 -06:00
Tim Almdal
4de412e722 Enable the administration screen for the sidebar. Fix for ticket #110. 2009-09-30 14:26:32 -07:00
Tim Almdal
60d35b8992 Use the block_manager to manage site sidebar panels. Fixes ticket #110. 
* Extend block_manager to handle sidebar blocks. get_available has become get_available_admin_blocks, get_list becomes get_admin_list.
* Create new functions get_available_site_blocks which will look for gallery_block get_available_site_blocks.
* Refactor sidebar_blocks into a separate function and then call block_manager::get_html(site.sidebar). Convert image_block to use block management instead of theme::sidebar_blocks
* Change the block_manager api so that the theme is passed into the get method. convert info to the new sidebar block approach
* Convert the user module to use the new sidebar block structure. remove the installers for info and image_block modules.
* Convert tag and rss modules to the new sidebar framework. reset the version number to 1 for info and image_block modules.
* Change the get_html method to ignore empty blocks and change the individual handlers to return an empty string if no block is generated
* Add a warning message if no sidebar blocks are active and provide a link to the admin page that configures the sidebar.
 2009-09-30 07:31:12 -07:00
Tim Almdal
467b74c310 This path requires the upgrader to be run and applies the following changes: 
* moves the composite method back into core
* requires that the operation be fully qualified i.e. gallery_graphics::resize
* caches the graphics rules on each request
 2009-09-27 15:24:51 -07:00
Tim Almdal
b79129e365 Clone the photo::get_edit_form to the movies helper and use it to generate the movie edit form. Fixes ticket #726. 2009-09-23 12:02:35 -07:00
Tim Almdal
faee4391a3 Remove a commented line I forgot to take out 2009-09-23 07:12:17 -07:00
Bharat Mediratta
91c99c9627 Simplify the "unchanged" status message. 2009-09-22 20:36:12 -07:00
Tim Almdal
bec620487a Wrap the login form with a view in order to include a forgot password link. Fixes ticket #620 2009-09-22 09:48:24 -07:00
Tim Almdal
f1366d275e Issue an information message if the user clicks "Save Settings" indicating that the key was not changed as it as identical. This addresses the obscure issue raised in ticket #756 2009-09-22 08:46:07 -07:00
Bharat Mediratta
e5a78d39ec Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/controllers/albums.php
 2009-09-21 21:29:13 -07:00
Bharat Mediratta
123afc9542 Set children_count to 0, photos have no children. 2009-09-21 21:22:07 -07:00
Bharat Mediratta
88350c5b88 Update the next/previous item calculations to match what we do in photos.php 
Force the children_count to be zero, movies have no children.
Rename $photo to $movie everywhere.
 2009-09-21 21:21:52 -07:00
Bharat Mediratta
9e6be40e31 Add viewable() protection to children() and children_count() calls. 
This is not currently necessary (nor is it a security hole) because we
don't constrain permissions at the child level in the core, but it
makes our security audits easier and will enable the scenario where
somebody writes a module to add per-photo permissions.
 2009-09-21 20:47:55 -07:00
Bharat Mediratta
a6581ede0b Fix Item_Model::get_position() so that our sort is stable when the comparison 
row has a null value in the sort field.  Fix for #627

Note: this changes get_position() to take an Item_Model instead of an id!
 2009-09-21 11:35:27 -07:00
Tim Almdal
9d76797b17 Changed the search module installer to explicitly specify MyISAM as the database type. Changed the packager to not remove the engine specification if the table is search_records. Fixes Ticket #774 2009-09-16 22:23:32 -07:00
Andy Staudacher
e168e0dfae CSRF / auth fixes, golden data file checkpoint 2009-09-15 21:50:48 -07:00