harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

introduce a new privacy level "PERMS_AUTHED" to indicate somebody that is able to successfully authenticate (but is not necessarily in this network).

Browse Source
This commit is contained in:
friendica 2014-02-18 20:59:25 -08:00
parent 6ac81c9360
commit 24d119b8c4
6 changed files with 84 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
boot.php
View File

@ -279,6 +279,7 @@ define ( 'PERMS_NETWORK' , 0x0002 );
define ( 'PERMS_SITE' , 0x0004 ); define ( 'PERMS_SITE' , 0x0004 );
define ( 'PERMS_CONTACTS' , 0x0008 ); define ( 'PERMS_CONTACTS' , 0x0008 );
define ( 'PERMS_SPECIFIC' , 0x0080 ); define ( 'PERMS_SPECIFIC' , 0x0080 );
define ( 'PERMS_AUTHED' , 0x0100 );
// Address book flags // Address book flags

2
include/auth.php
View File

@ -93,7 +93,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
} }
} }
$r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_hash = '%s' limit 1", $r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where xchan_hash = '%s' limit 1",
dbesc($_SESSION['visitor_id']) dbesc($_SESSION['visitor_id'])
); );
if($r) { if($r) {

8
include/permissions.php
View File

@ -88,6 +88,11 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
// These take priority over all other settings. // These take priority over all other settings.
if($observer_xchan) { if($observer_xchan) {
if($r[0][$channel_perm] & PERMS_AUTHED) {
$ret[$perm_name] = true;
continue;
}
if(! $abook_checked) { if(! $abook_checked) {
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
@ -240,6 +245,9 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
return false; return false;
if($observer_xchan) { if($observer_xchan) {
if($r[0][$channel_perm] & PERMS_AUTHED)
return true;
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
intval($uid), intval($uid),

68
mod/openid.php
View File

@ -76,10 +76,11 @@ function openid_content(&$a) {
// no xchan... // no xchan...
// create one. // create one.
// We should probably probe the openid url. // We should probably probe the openid url and figure out if they have any kind of social presence we might be able to
// scrape some identifying info from.
$name = $authid; $name = $authid;
$url = $_REQUEST['openid_identity']; $url = trim($_REQUEST['openid_identity'],'/');
if(strpos($url,'http') === false) if(strpos($url,'http') === false)
$url = 'https://' . $url; $url = 'https://' . $url;
$pphoto = get_default_profile_photo(); $pphoto = get_default_profile_photo();
@ -115,19 +116,70 @@ function openid_content(&$a) {
require_once('library/urlify/URLify.php'); require_once('library/urlify/URLify.php');
$x = strtolower(URLify::transliterate($nick)); $x = strtolower(URLify::transliterate($nick));
if(! $addr) if($nick & $host)
$addr = $nick . '@' . $host; $addr = $nick . '@' . $host;
$network = 'unknown'; $network = 'unknown';
if($photosq) if($photosq)
$pphoto = $photosq; $pphoto = $photosq;
elseif($photo) elseif($photo_other)
$pphoto = $photo; $pphoto = $photo_other;
// add the xchan record and xconfig for the openid $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date,
xchan_name_date, xchan_flags)
values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d) ",
dbesc($url),
dbesc(''),
dbesc(''),
dbesc(''),
dbesc('image/jpeg'),
dbesc($pphoto),
dbesc($addr),
dbesc($url),
dbesc(''),
dbesc(''),
dbesc(''),
dbesc($name),
dbesc($network),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval(XCHAN_FLAGS_HIDDEN)
);
if($x) {
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($url)
);
if($r) {
$photos = import_profile_photo($pphoto,$url);
if($photos) {
$z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s',
xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1",
dbesc(datetime_convert()),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
dbesc($photos[3]),
dbesc($url)
);
}
set_xconfig($url,'system','openid',$authid);
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
$_SESSION['my_address'] = $r[0]['xchan_addr'];
$arr = array('xchan' => $r[0], 'session' => $_SESSION);
call_hooks('magic_auth_openid_success',$arr);
$a->set_observer($r[0]);
info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
if($_SESSION['return_url'])
goaway($_SESSION['return_url']);
goaway(z_root());
}
}
// NOTREACHED
// actually it is reached until the other bits get written
} }
} }
notice( t('Login failed.') . EOL); notice( t('Login failed.') . EOL);

3
mod/settings.php
View File

@ -798,6 +798,7 @@ function settings_content(&$a) {
array( t('Anybody in your address book'), PERMS_CONTACTS), array( t('Anybody in your address book'), PERMS_CONTACTS),
array( t('Anybody on this website'), PERMS_SITE), array( t('Anybody on this website'), PERMS_SITE),
array( t('Anybody in this network'), PERMS_NETWORK), array( t('Anybody in this network'), PERMS_NETWORK),
array( t('Anybody authenticated'), PERMS_AUTHED),
array( t('Anybody on the internet'), PERMS_PUBLIC) array( t('Anybody on the internet'), PERMS_PUBLIC)
); );
@ -979,7 +980,7 @@ function settings_content(&$a) {
'$h_descadvn' => t('Change the behaviour of this account for special situations'), '$h_descadvn' => t('Change the behaviour of this account for special situations'),
'$pagetype' => $pagetype, '$pagetype' => $pagetype,
'$expert' => feature_enabled(local_user(),'expert'), '$expert' => feature_enabled(local_user(),'expert'),
'$hint' => t('Please enable expert mode (in Settings > Additional features) to adjust!'), '$hint' => t('Please enable expert mode (in <a href="settings/features">Settings > Additional features</a>) to adjust!'),
)); ));

24
view/js/mod_settings.js
View File

@ -72,12 +72,12 @@ function channel_privacy_macro(n) {
$('#id_profile_in_directory').val(0); $('#id_profile_in_directory').val(0);
} }
if(n == 2) { if(n == 2) {
$('#id_view_stream option').eq(5).attr('selected','selected'); $('#id_view_stream option').eq(6).attr('selected','selected');
$('#id_view_profile option').eq(5).attr('selected','selected'); $('#id_view_profile option').eq(6).attr('selected','selected');
$('#id_view_photos option').eq(5).attr('selected','selected'); $('#id_view_photos option').eq(6).attr('selected','selected');
$('#id_view_contacts option').eq(5).attr('selected','selected'); $('#id_view_contacts option').eq(6).attr('selected','selected');
$('#id_view_storage option').eq(5).attr('selected','selected'); $('#id_view_storage option').eq(6).attr('selected','selected');
$('#id_view_pages option').eq(5).attr('selected','selected'); $('#id_view_pages option').eq(6).attr('selected','selected');
$('#id_send_stream option').eq(2).attr('selected','selected'); $('#id_send_stream option').eq(2).attr('selected','selected');
$('#id_post_wall option').eq(1).attr('selected','selected'); $('#id_post_wall option').eq(1).attr('selected','selected');
$('#id_post_comments option').eq(2).attr('selected','selected'); $('#id_post_comments option').eq(2).attr('selected','selected');
@ -95,12 +95,12 @@ function channel_privacy_macro(n) {
$('#id_profile_in_directory').val(1); $('#id_profile_in_directory').val(1);
} }
if(n == 3) { if(n == 3) {
$('#id_view_stream option').eq(5).attr('selected','selected'); $('#id_view_stream option').eq(6).attr('selected','selected');
$('#id_view_profile option').eq(5).attr('selected','selected'); $('#id_view_profile option').eq(6).attr('selected','selected');
$('#id_view_photos option').eq(5).attr('selected','selected'); $('#id_view_photos option').eq(6).attr('selected','selected');
$('#id_view_contacts option').eq(5).attr('selected','selected'); $('#id_view_contacts option').eq(6).attr('selected','selected');
$('#id_view_storage option').eq(5).attr('selected','selected'); $('#id_view_storage option').eq(6).attr('selected','selected');
$('#id_view_pages option').eq(5).attr('selected','selected'); $('#id_view_pages option').eq(6).attr('selected','selected');
$('#id_send_stream option').eq(4).attr('selected','selected'); $('#id_send_stream option').eq(4).attr('selected','selected');
$('#id_post_wall option').eq(4).attr('selected','selected'); $('#id_post_wall option').eq(4).attr('selected','selected');
$('#id_post_comments option').eq(4).attr('selected','selected'); $('#id_post_comments option').eq(4).attr('selected','selected');