harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more permissions optimisations

Browse Source
This commit is contained in:
zotlabs 2017-02-09 19:52:13 -08:00
parent fce33402e7
commit 1fb37f93cc
6 changed files with 64 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -12,7 +12,7 @@ Hubzilla - Community Server
Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online. Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online.
Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework. Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework - and it is all decentralised.
Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services. Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services.

4
Zotlabs/Access/Permissions.php
View File

@ -94,6 +94,10 @@ class Permissions {
// Undeclared permissions are set to 0 // Undeclared permissions are set to 0
static public function FilledPerms($arr) { static public function FilledPerms($arr) {
if(is_null($arr)) {
btlogger('FilledPerms: null');
}
$everything = self::Perms(); $everything = self::Perms();
$ret = []; $ret = [];
foreach($everything as $k => $v) { foreach($everything as $k => $v) {

54
Zotlabs/Lib/Permcat.php
View File

@ -10,24 +10,52 @@ class Permcat {
public function __construct($channel_id) { public function __construct($channel_id) {
$name = 'default'; $perms = [];
$localname = t('default','permcat');
// first check role perms for a perms_connect setting
$perms = Zaccess\Permissions::FilledAutoPerms($channel_id);
if(! $perms) { $role = get_pconfig($channel_id,'system','permissions_role');
$role = get_pconfig($channel_id,'system','permissions_role'); if($role) {
if($role) { $x = Zaccess\PermissionRoles::role_perms($role);
$x = Zaccess\PermissionRoles::role_perms($role); if($x['perms_connect']) {
$perms = Zaccess\Permissions::FilledPerms($x['perms_connect']); $perms = Zaccess\Permissions::FilledPerms($x['perms_connect']);
} }
if(! $perms) { }
$perms = Zaccess\Permissions::FilledPerms([]);
} // if no role perms it may be a custom role, see if there any autoperms
if(! $perms) {
$perms = Zaccess\Permissions::FilledAutoPerms($channel_id);
}
// if no autoperms it may be a custom role with manual perms
if(! $perms) {
$r = q("select channel_hash from channel where channel_id = %d",
intval($channel_id)
);
if($r) {
$x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
intval($channel_id),
dbesc($r[0]['channel_hash'])
);
if($x) {
foreach($x as $xv) {
$perms[$xv['k']] = intval($xv['v']);
}
}
}
}
// nothing was found - create a filled permission array where all permissions are 0
if(! $perms) {
$perms = Zaccess\Permissions::FilledPerms([]);
} }
$this->permcats[] = [ $this->permcats[] = [
'name' => $name, 'name' => 'default',
'localname' => $localname, 'localname' => t('default','permcat'),
'perms' => Zaccess\Permissions::Operms($perms), 'perms' => Zaccess\Permissions::Operms($perms),
'system' => 1 'system' => 1
]; ];

19
Zotlabs/Module/Connedit.php
View File

@ -212,6 +212,7 @@ class Connedit extends \Zotlabs\Web\Controller {
} }
if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) { if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) {
$new_friend = true; $new_friend = true;
// @fixme it won't be common, but when you accept a new connection request // @fixme it won't be common, but when you accept a new connection request
@ -221,21 +222,13 @@ class Connedit extends \Zotlabs\Web\Controller {
// request. The workaround is to approve the connection, then go back and // request. The workaround is to approve the connection, then go back and
// adjust permissions as desired. // adjust permissions as desired.
$abook_my_perms = get_channel_default_perms(local_channel()); $p = \Zotlabs\Access\Permissions::connect_perms(local_channel());
$my_perms = $p['perms'];
$role = get_pconfig(local_channel(),'system','permissions_role'); if($my_perms) {
if($role) { foreach($my_perms as $k => $v) {
$x = \Zotlabs\Access\PermissionRoles::role_perms($role); set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
if($x['perms_connect']) {
$abook_my_perms = $x['perms_connect'];
} }
} }
$filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms);
foreach($filled_perms as $k => $v) {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
}
} }
$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);

20
Zotlabs/Module/Settings/Channel.php
View File

@ -88,15 +88,17 @@ class Channel {
intval(local_channel()) intval(local_channel())
); );
} }
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); if($role_permissions['perms_connect']) {
foreach($x as $k => $v) { $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v); foreach($x as $k => $v) {
if($role_permissions['perms_auto']) { set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
set_pconfig(local_channel(),'autoperms',$k,$v); if($role_permissions['perms_auto']) {
} set_pconfig(local_channel(),'autoperms',$k,$v);
else { }
del_pconfig(local_channel(),'autoperms',$k); else {
del_pconfig(local_channel(),'autoperms',$k);
}
} }
} }

2
doc/README.md
View File

@ -12,7 +12,7 @@ Hubzilla - Community Server
Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online. Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online.
Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework. Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework - and it is all decentralised.
Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services. Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services.