Home General support

Is it possible to limit unpublished albums to users with admin privileges only?

special-k Member
in General support
So the site I operate using zenphoto has only 3 administrators. Due to the nature of the content (highly endangered species + their locations), we cannot open the site up to everyone. Thus we have a "gallery" level password.

We want to offer access to appropriate people by creating accounts for them but without any admin priviliges. But even when I uncheck all priviliges, these accounts are still able to view unpublished galleries. Is there a way to prevent this? What we want is for admin to see all content, and so called guest accounts to see only published content.

Is there a way to acheive this? I am very comfortable with php, mysql and coding but find it rather daunting to figure out which file and where to look under zp_core.

Essentially, I want to do:

If (admin)
show all
else
select zp_albums where show=1

Can someone offer some advice?

Comments

  • acrylian Administrator, Developer
    We don't have rights for unpublished albums specifially. Generally the logged in admin sees all unpublished albums, too. The only way to achieve is to unset the "view all albums" rights:
    http://www.zenphoto.org/2008/07/an-overview-of-zenphoto-users/
  • sbillard Member
    You could place your code into a customized version of the filter-file_search plugin. But really, using the combination of album passwords and view all rights you should get what you wish.
  • special-k Member
    Actually just un-checking "View all" worked fine. Now the guest users cannot see unpublished albums. However, now the guest cannot search any of the published albums. Any search (even with known keywords) returns nothing.
    When I re-check "view all", search works fine.

    Is there a reason it's set up this way?
  • special-k Member
    By the way, I just want to say I greatly appreciate both developers chiming in on questions.
  • sbillard Member
    I don't think I understand. When I try this, it works as expected. You say "guest user" but it sounds like you are really describing a gallery user. (Otherwise "view all" is irellevant.)
  • special-k Member
    Right, I meant gallery user. I just created an account under admin called "guest". But really it just means a visitor.
  • sbillard Member
    Well, it works correctly for me
  • special-k Member
    You mean, the search works when you have a user with no "view all" privileges?
  • sbillard Member
    That is what I mean.
  • special-k Member
    hmm. Honesty I've tried looking through this and every time I check the "view all", search works fine. The same search shows no results when the option is unchecked. I wondered if somehow I modified my search.php but it still happens even when I choose the default theme (or any other).

    I did a little more sleuthing and here are what the "rights" look like under the zp_administrators folder.

    For me (full admin privileges) my rights are: 78622
    For a user with no "view all" option: 6
    If I check view all, it goes to 14.

    Is there something else I can do to figure this out? Like perhaps change the rights?
  • sbillard Member
    Well, I generally run the current development build. You might try that. Maybe this is something that has got fixed some time in the past.

    I really never pay attention to what the "values" of the rights are. These are defined by the lib-auth.php script.
Sign In or Register to comment.