quite a bit of work on default acl permissions and various acl quirks

include/acl_selectors.php

@@ -208,22 +208,22 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
 
 function fixacl(&$item) {
-	$item = intval(str_replace(array('<','>'),array('',''),$item));
+	$item = str_replace(array('<','>'),array('',''),$item);
 }
 
-function populate_acl($user = null,$celeb = false) {
+function populate_acl($defaults = null,$unused = false) {
 
 	$allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
 
-	if(is_array($user)) {
-		$allow_cid = ((strlen($user['allow_cid'])) 
-			? explode('><', $user['allow_cid']) : array() );
-		$allow_gid = ((strlen($user['allow_gid']))
-			? explode('><', $user['allow_gid']) : array() );
-		$deny_cid  = ((strlen($user['deny_cid']))
-			? explode('><', $user['deny_cid']) : array() );
-		$deny_gid  = ((strlen($user['deny_gid']))
-			? explode('><', $user['deny_gid']) : array() );
+	if(is_array($defaults)) {
+		$allow_cid = ((strlen($defaults['allow_cid'])) 
+			? explode('><', $defaults['allow_cid']) : array() );
+		$allow_gid = ((strlen($defaults['allow_gid']))
+			? explode('><', $defaults['allow_gid']) : array() );
+		$deny_cid  = ((strlen($defaults['deny_cid']))
+			? explode('><', $defaults['deny_cid']) : array() );
+		$deny_gid  = ((strlen($defaults['deny_gid']))
+			? explode('><', $defaults['deny_gid']) : array() );
 		array_walk($allow_cid,'fixacl');
 		array_walk($allow_gid,'fixacl');
 		array_walk($deny_cid,'fixacl');

mod/channel.php

@@ -131,6 +131,13 @@ function channel_content(&$a, $update = 0, $load = false) {
 
 		$o .= common_friends_visitor_widget($a->profile['profile_uid']);
 
+		$channel_acl = array(
+			'allow_cid' => $channel['channel_allow_cid'], 
+			'allow_gid' => $channel['channel_allow_gid'], 
+			'deny_cid' => $channel['channel_deny_cid'], 
+			'deny_gid' => $channel['channel_deny_gid']
+		); 
+
 
 		if($perms['post_wall']) {
 
@@ -140,7 +147,7 @@ function channel_content(&$a, $update = 0, $load = false) {
 	            'default_location' => (($is_owner) ? $a->profile['channel_location'] : ''),
     	        'nickname' => $a->profile['channel_address'],
         	    'lockstate' => (((strlen($a->profile['channel_allow_cid'])) || (strlen($a->profile['channel_allow_gid'])) || (strlen($a->profile['channel_deny_cid'])) || (strlen($a->profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
-            	'acl' => (($is_owner) ? populate_acl($channel, false) : ''),
+            	'acl' => (($is_owner) ? populate_acl($channel_acl) : ''),
 				'showacl' => (($is_owner) ? 'yes' : ''),
 	            'bang' => '',
     	        'visitor' => (($is_owner || $observer) ? 'block' : 'none'),

mod/display.php

@@ -40,6 +40,14 @@ function display_content(&$a, $update = 0, $load = false) {
 
 		$channel = $a->get_channel();
 
+
+		$channel_acl = array(
+			'allow_cid' => $channel['channel_allow_cid'], 
+			'allow_gid' => $channel['channel_allow_gid'], 
+			'deny_cid' => $channel['channel_deny_cid'], 
+			'deny_gid' => $channel['channel_deny_gid']
+		); 
+
 		$x = array(
 			'is_owner' => true,
 			'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
@@ -47,7 +55,7 @@ function display_content(&$a, $update = 0, $load = false) {
 			'nickname' => $channel['channel_address'],
 			'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
 
-			'acl' => populate_acl($channel, false),
+			'acl' => populate_acl($channel_acl, false),
 			'bang' => '',
 			'visitor' => 'block',
 			'profile_uid' => local_user(),

mod/network.php

@@ -278,8 +278,21 @@ function network_content(&$a, $update = 0, $load = false) {
 		$_GET['order'] = 'post';
 
 	if($gid) {
+        $r = q("SELECT * FROM `group` WHERE id = %d AND uid = %d LIMIT 1",
+            intval($gid),
+            intval(local_user())
+        );
+        if(! $r) {
+			if($update)
+				killme();
+			notice( t('No such group') . EOL );
+			goaway($a->get_baseurl(true) . '/network');
+			// NOTREACHED
+		}
+
 		$group = $gid;
-		$def_acl = array('allow_gid' => '<' . $group . '>');
+		$group_hash = $r[0]['hash'];
+		$def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>');
 	}
 
 	$o = '';
@@ -409,7 +422,13 @@ function network_content(&$a, $update = 0, $load = false) {
 
 		nav_set_selected('network');
 
-		$celeb = false;
+		$channel_acl = array(
+			'allow_cid' => $channel['channel_allow_cid'], 
+			'allow_gid' => $channel['channel_allow_gid'], 
+			'deny_cid' => $channel['channel_deny_cid'], 
+			'deny_gid' => $channel['channel_deny_gid']
+		); 
+
 
 		$x = array(
 			'is_owner' => true,
@@ -417,8 +436,7 @@ function network_content(&$a, $update = 0, $load = false) {
 			'default_location' => $channel['channel_location'],
 			'nickname' => $channel['channel_address'],
 			'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-// FIXME
-			'acl' => populate_acl((($group || $cid || $nets) ? $def_acl : $channel), $celeb),
+			'acl' => populate_acl((($group || $cid) ? $def_acl : $channel_acl)),
 			'bang' => (($group || $cid) ? '!' : ''),
 			'visitor' => 'block',
 			'profile_uid' => local_user()
@@ -443,18 +461,6 @@ function network_content(&$a, $update = 0, $load = false) {
 	$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) ";
 
 	if($group) {
-        $r = q("SELECT * FROM `group` WHERE id = %d AND uid = %d LIMIT 1",
-            intval($group),
-            intval(local_user())
-        );
-        if(! $r) {
-			if($update)
-				killme();
-			notice( t('No such group') . EOL );
-			goaway($a->get_baseurl(true) . '/network');
-			// NOTREACHED
-		}
-
 		$contact_str = '';
         $contacts = group_get_members($group);
         if($contacts) {
@@ -469,7 +475,7 @@ function network_content(&$a, $update = 0, $load = false) {
 			info( t('Group is empty'));
         }
 
-        $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str)) or allow_gid like '" . protect_sprintf('%<' . dbesc($r[0]['hash']) . '>%') . "' ) and id = parent and item_restrict = 0 ) ";
+        $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent and item_restrict = 0 ) ";
 
     }
 

mod/photos.php

@@ -699,8 +699,19 @@ function photos_content(&$a) {
 			$usage_message = sprintf( t('You have used %1$.2f Mbytes of photo storage.'), $r[0]['total'] / 1024000 );
  		}
 
+		if($_is_owner) {
+			$channel = $a->get_channel();
+
+			$channel_acl = array(
+				'allow_cid' => $channel['channel_allow_cid'], 
+				'allow_gid' => $channel['channel_allow_gid'], 
+				'deny_cid' => $channel['channel_deny_cid'], 
+				'deny_gid' => $channel['channel_deny_gid']
+			);
+		} 
+
 		$albumselect_e = $albumselect;
-		$aclselect_e = (($_is_owner) ? populate_acl($a->get_channel(), false) : '');
+		$aclselect_e = (($_is_owner) ? populate_acl($channel_acl) : '');
 
 		$tpl = get_markup_template('photos_upload.tpl');
 		$o .= replace_macros($tpl,array(

mod/settings.php

@@ -141,6 +141,8 @@ function settings_post(&$a) {
 	if(! local_user())
 		return;
 
+// logger('mod_settings: ' . print_r($_REQUEST,true));
+
 	if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
 		return;
 
@@ -502,6 +504,8 @@ function settings_post(&$a) {
 	set_pconfig(local_user(),'system','blocktags',$blocktags);
 
 
+
+
 /*
 	if($page_flags == PAGE_PRVGROUP) {
 		$hidewall = 1;
@@ -545,7 +549,7 @@ function settings_post(&$a) {
 	);
 */
 
-	$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d, channel_default_group = '%s', channel_r_stream = %d, channel_r_profile = %d, channel_r_photos = %d, channel_r_abook = %d, channel_w_stream = %d, channel_w_wall = %d, channel_w_tagwall = %d, channel_w_comment = %d, channel_w_mail = %d, channel_w_photos = %d, channel_w_chat = %d, channel_a_delegate = %d, channel_r_storage = %d, channel_w_storage = %d, channel_r_pages = %d, channel_w_pages = %d, channel_a_republish = %d where channel_id = %d limit 1",
+	$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d, channel_default_group = '%s', channel_r_stream = %d, channel_r_profile = %d, channel_r_photos = %d, channel_r_abook = %d, channel_w_stream = %d, channel_w_wall = %d, channel_w_tagwall = %d, channel_w_comment = %d, channel_w_mail = %d, channel_w_photos = %d, channel_w_chat = %d, channel_a_delegate = %d, channel_r_storage = %d, channel_w_storage = %d, channel_r_pages = %d, channel_w_pages = %d, channel_a_republish = %d, channel_allow_cid = '%s', channel_allow_gid = '%s', channel_deny_cid = '%s', channel_deny_gid = '%s'  where channel_id = %d limit 1",
 		dbesc($username),
 		intval($pageflags),
 		dbesc($timezone),
@@ -572,6 +576,10 @@ function settings_post(&$a) {
 		intval($arr['channel_r_pages']),
 		intval($arr['channel_w_pages']),
 		intval($arr['channel_a_republish']),
+		dbesc($str_contact_allow),
+		dbesc($str_group_allow),
+		dbesc($str_contact_deny),
+		dbesc($str_group_deny),
 		intval(local_user())
 	);   
 
@@ -1042,7 +1050,12 @@ function settings_content(&$a) {
 		);
 
 
-
+		$perm_defaults = array(
+			'allow_cid' => $channel['channel_allow_cid'], 
+			'allow_gid' => $channel['channel_allow_gid'], 
+			'deny_cid' => $channel['channel_deny_cid'], 
+			'deny_gid' => $channel['channel_deny_gid']
+		); 
 
 
 		require_once('include/group.php');
@@ -1079,7 +1092,7 @@ function settings_content(&$a) {
 			'$maxreq' 	=> array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')),
 			'$permissions' => t('Default Post Permissions'),
 			'$permdesc' => t("\x28click to open/close\x29"),
-			'$aclselect' => populate_acl($a->user,$celeb),
+			'$aclselect' => populate_acl($perm_defaults),
 			'$suggestme' => $suggestme,
 
 			'$group_select' => $group_select,

view/js/mod_settings.js

@@ -3,6 +3,11 @@ var ispublic = aStr['everybody'] ;
 
 $(document).ready(function() {
 
+			  $("a#settings-default-perms-menu").colorbox({ 
+				  'inline' : true, 
+				  'transition' : 'elastic' 
+			});
+
 	$('#contact_allow, #contact_deny, #group_allow, #group_deny').change(function() {
 		var selstr;
 		$('#contact_allow option:selected, #contact_deny option:selected, #group_allow option:selected, #group_deny option:selected').each( function() {

view/tpl/settings.tpl

@@ -4,7 +4,7 @@
 {{$nickname_block}}
 
 <form action="settings" id="settings-form" method="post" autocomplete="off" >
-<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
+<input type='hidden' name='form_security_token' value='{{$form_security_token}}' />
 
 <h3 class="settings-heading">{{$h_basic}}</h3>
 
@@ -73,7 +73,7 @@
 {{/if}}
 
 <div id="settings-default-perms" class="settings-default-perms" >
-	<a href="#profile-jot-acl-wrapper" id="settings-default-perms-menu" class='popupbox'>{{$permissions}} {{$permdesc}}</a>
+	<a href="#profile-jot-acl-wrapper" id="settings-default-perms-menu" >{{$permissions}} {{$permdesc}}</a>
 	<div id="settings-default-perms-menu-end"></div>
 
 	<div id="settings-default-perms-select" style="display: none; margin-bottom: 20px" >