Hi, I tried to solve this with some additons to admin/functions.php admin/manage.php and admin/manage-images.php
Well, in my case, I just want the User_ID #1 (admin) can edit or delete galleries or pictures, and other user with permissions sets on the role-capabilities of nextgen-gallery can create and upload pictures to their own galleries.
In admin/functions.php I add this code inside swfupload_image, upload_images and import_zipfile functions (adding global $user_ID where needed):
if($galleryID != '0') {
$elautor = $wpdb->get_var("SELECT author FROM $wpdb->nggallery WHERE gid = '$galleryID' ");
if($user_ID != $elautor){
if($user_ID != 1){
nggGallery::show_error( __('No puedes subir archivos a esta galería. No tienes permisos suficientes.', 'nggallery') );
return;
}
}
}
In manage.php file I add this code for the “If” $this->mode ‘delpic’, ‘delete’ and ‘bulkaction’, in the “processor” function.
$elautor = $wpdb->get_var("SELECT author FROM $wpdb->nggallery WHERE gid = '$this->gid' ");
if($user_ID == 1) {
// ... the code for $this->mode delpic, delete or bulkaction
} else { nggGallery::show_message( __('No tiene permisos suficientes para ejecutar esta acción',"nggallery") ); $this->mode = 'main'; }
And manage-images… well, more code too…
It is not clean, but it works for me. Hope I can help more.
I have a problem with roles.
Im using the plugin Role Manager, and I made a new user and role and assigned ALL NextGen permissions for it, and also editing pages.
From the new user, I can see the Gallery menu on the left, and I can edit all the settings, photos..etc.
But when I want to add a gallery to a page, and I click on the editor button for the little gallery selection window, I get a message in the window that says “you are not authorized to access this”.
I checked and in Role Manager the Tiny MCE Editor button permission is ok.
Maybe a bug?
