prevent uploads to comments if the channel has a default private ACL.
This commit is contained in:
zotlabs
parent
5f6eedcc1a
commit
1408e3da3b
@ -739,7 +739,7 @@ class ThreadItem {
|
||||
'$edvideo' => t('Video'),
|
||||
'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
|
||||
'$indent' => $indent,
|
||||
'$can_upload' => perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage'),
|
||||
'$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()),
|
||||
'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
|
||||
'$encrypt' => t('Encrypt text'),
|
||||
'$cipher' => $conv->get_cipher(),
|
||||
|
||||
@ -28,9 +28,10 @@ class ThreadStream {
|
||||
// wherein we've already prepared a top level item which doesn't look anything like
|
||||
// a normal "post" item
|
||||
|
||||
public function __construct($mode, $preview, $prepared_item = '') {
|
||||
public function __construct($mode, $preview, $uploadable, $prepared_item = '') {
|
||||
$this->set_mode($mode);
|
||||
$this->preview = $preview;
|
||||
$this->uploadable = $uploadable;
|
||||
$this->prepared_item = $prepared_item;
|
||||
$c = ((local_channel()) ? get_pconfig(local_channel(),'system','default_cipher') : '');
|
||||
if($c)
|
||||
@ -61,6 +62,7 @@ class ThreadStream {
|
||||
// pull some trickery which allows us to re-invoke this function afterward
|
||||
// it's an ugly hack so @FIXME
|
||||
$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
|
||||
$this->uploadable = false;
|
||||
break;
|
||||
case 'page':
|
||||
$this->profile_owner = \App::$profile['uid'];
|
||||
@ -92,6 +94,11 @@ class ThreadStream {
|
||||
return $this->commentable;
|
||||
}
|
||||
|
||||
public function is_uploadable() {
|
||||
return $this->uploadable;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check if page is a preview
|
||||
*/
|
||||
|
||||
@ -550,6 +550,19 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
|
||||
if (! feature_enabled($profile_owner,'multi_delete'))
|
||||
$page_dropping = false;
|
||||
|
||||
$uploading = true;
|
||||
|
||||
if($profile_owner > 0) {
|
||||
$owner_channel = channelx_by_n($profile_owner);
|
||||
if($owner_channel['channel_allow_cid'] || $owner_channel['channel_allow_gid']
|
||||
|| $owner_channel['channel_deny_cid'] || $owner_channel['channel_deny_gid']) {
|
||||
$uploading = false;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$uploading = false;
|
||||
}
|
||||
|
||||
|
||||
$channel = App::get_channel();
|
||||
$observer = App::get_observer();
|
||||
@ -753,7 +766,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa
|
||||
// Normal View
|
||||
// logger('conv: items: ' . print_r($items,true));
|
||||
|
||||
$conv = new Zotlabs\Lib\ThreadStream($mode, $preview, $prepared_item);
|
||||
$conv = new Zotlabs\Lib\ThreadStream($mode, $preview, $uploading, $prepared_item);
|
||||
|
||||
// In the display mode we don't have a profile owner.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user