From 5126effdfb53a622523dcade777a391680aac58a Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Fri, 10 Jul 2009 22:42:22 +0000 Subject: better checks on who can tag for group albums --- views/default/object/image.php | 3 ++- views/default/tidypics/image_menu.php | 17 ++++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) (limited to 'views') diff --git a/views/default/object/image.php b/views/default/object/image.php index 93c79e174..e5ccd2276 100644 --- a/views/default/object/image.php +++ b/views/default/object/image.php @@ -212,7 +212,8 @@ if ($photo_tags) { echo elgg_view('tidypics/image_menu', array('file_guid' => $file_guid, 'viewer' => $viewer, 'owner' => $owner, - 'anytags' => $photo_tags != '',) ); + 'anytags' => $photo_tags != '', + 'album' => $album, ) ); echo ''; // tagging code diff --git a/views/default/tidypics/image_menu.php b/views/default/tidypics/image_menu.php index b4597a99f..d6568360c 100644 --- a/views/default/tidypics/image_menu.php +++ b/views/default/tidypics/image_menu.php @@ -10,14 +10,25 @@ * **************************************************************************/ - $file_guid = $vars['file_guid']; + $image_guid = $vars['file_guid']; $viewer = $vars['viewer']; $owner = $vars['owner']; $anytags = $vars['anytags']; + $album = $vars['album']; if (get_plugin_setting('tagging', 'tidypics') != "disabled") { + + $can_tag = false; + + $container = get_entity($album->container_guid); + if ($container instanceof ElggGroup) { + $can_tag = $viewer && $container->isMember($viewer); + } else { + $can_tag = $viewer && $viewer->guid == $owner->guid || user_is_friend($owner->guid, $viewer->guid); + } + // only owner and friends of owner can tag - if ($viewer && $viewer->guid == $owner->guid || user_is_friend($owner->guid, $viewer->guid)) { + if ($can_tag) { ?>
    • -
    • +
    • \ No newline at end of file -- cgit v1.2.3