harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch '1.10RC' of https://github.com/redmatrix/hubzilla into 1.10RC_merge

Browse Source
This commit is contained in:
redmatrix 2016-07-28 13:15:10 -07:00
commit 35f17acb38
80 changed files with 45937 additions and 43464 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
Zotlabs/Access/PermissionLimits.php Normal file
View File

@ -0,0 +1,36 @@
<?php
namespace Zotlabs\Access;
use \Zotlabs\Lib as ZLib;
class PermissionLimits {
static public function Std_Limits() {
$perms = Permissions::Perms();
$limits = array();
foreach($perms as $k => $v) {
if(strstr($k,'view'))
$limits[$k] = PERMS_PUBLIC;
else
$limits[$k] = PERMS_SPECIFIC;
}
return $limits;
}
static public function Set($channel_id,$perm,$perm_limit) {
ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
}
static public function Get($channel_id,$perm = '') {
if($perm) {
return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
}
else {
Zlib\PConfig::Load($channel_id);
if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
return \App::$config[$channel_id]['perm_limits'];
return false;
}
}
}

215
Zotlabs/Access/PermissionRoles.php Normal file
View File

@ -0,0 +1,215 @@
<?php
namespace Zotlabs\Access;
use Zotlabs\Lib as Zlib;
class PermissionRoles {
static function role_perms($role) {
$ret = array();
$ret['role'] = $role;
switch($role) {
case 'social':
$ret['perms_auto'] = false;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like', 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'social_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'social_private':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' ];
$ret['limits'] = PermissionLimits::Std_Limits();
$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
$ret['limits']['view_storage'] = PERMS_SPECIFIC;
break;
case 'forum':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'forum_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'forum_private':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
$ret['limits']['view_profile'] = PERMS_SPECIFIC;
$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
$ret['limits']['view_storage'] = PERMS_SPECIFIC;
$ret['limits']['view_pages'] = PERMS_SPECIFIC;
break;
case 'feed':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'feed_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'soapbox':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'repository':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
default:
break;
}
$x = get_config('system','role_perms');
// let system settings over-ride any or all
if($x && is_array($x) && array_key_exists($role,$x))
$ret = array_merge($ret,$x[$role]);
call_hooks('get_role_perms',$ret);
return $ret;
}
static public function roles() {
$roles = [
t('Social Networking') => [
'social' => t('Social - Mostly Public'),
'social_restricted' => t('Social - Restricted'),
'social_private' => t('Social - Private')
],
t('Community Forum') => [
'forum' => t('Forum - Mostly Public'),
'forum_restricted' => t('Forum - Restricted'),
'forum_private' => t('Forum - Private')
],
t('Feed Republish') => [
'feed' => t('Feed - Mostly Public'),
'feed_restricted' => t('Feed - Restricted')
],
t('Special Purpose') => [
'soapbox' => t('Special - Celebrity/Soapbox'),
'repository' => t('Special - Group Repository')
],
t('Other') => [
'custom' => t('Custom/Expert Mode')
]
];
return $roles;
}
}

116
Zotlabs/Access/Permissions.php Normal file
View File

@ -0,0 +1,116 @@
<?php
namespace Zotlabs\Access;
use Zotlabs\Lib as Zlib;
class Permissions {
/**
* Extensible permissions.
* To add new permissions, add to the list of $perms below, with a simple description.
* Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
* if this permission should be granted to new connections.
*
* Permissions with 'view' in the name are considered read permissions. Anything
* else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
* is given PERMS_SPECIFIC.
*
* PermissionLimits::Std_limits() retrieves the standard limits. A permission role
* MAY alter an individual setting after retrieving the Std_limits if you require
* something different for a specific permission within the given role.
*
*/
static public function Perms($filter = '') {
$perms = [
'view_stream' => t('Can view my channel stream and posts'),
'send_stream' => t('Can send me their channel stream and posts'),
'view_profile' => t('Can view my default channel profile'),
'view_contacts' => t('Can view my connections'),
'view_storage' => t('Can view my file storage and photos'),
'write_storage' => t('Can upload/modify my file storage and photos'),
'view_pages' => t('Can view my channel webpages'),
'write_pages' => t('Can create/edit my channel webpages'),
'post_wall' => t('Can post on my channel (wall) page'),
'post_comments' => t('Can comment on or like my posts'),
'post_mail' => t('Can send me private mail messages'),
'post_like' => t('Can like/dislike profiles and profile things'),
'tag_deliver' => t('Can forward to all my channel connections via @+ mentions in posts'),
'chat' => t('Can chat with me'),
'republish' => t('Can source my public posts in derived channels'),
'delegate' => t('Can administer my channel')
];
$x = array('permissions' => $perms, 'filter' => $filter);
call_hooks('permissions_list',$x);
return($x['permissions']);
}
static public function BlockedAnonPerms() {
// Perms from the above list that are blocked from anonymous observers.
// e.g. you must be authenticated.
$res = array();
$perms = PermissionLimits::Std_limits();
foreach($perms as $perm => $limit) {
if($limit != PERMS_PUBLIC) {
$res[] = $perm;
}
}
$x = array('permissions' => $res);
call_hooks('write_perms',$x);
return($x['permissions']);
}
// converts [ 0 => 'view_stream', ... ]
// to [ 'view_stream' => 1 ]
// for any permissions in $arr;
// Undeclared permissions are set to 0
static public function FilledPerms($arr) {
$everything = self::Perms();
$ret = [];
foreach($everything as $k => $v) {
if(in_array($k,$arr))
$ret[$k] = 1;
else
$ret[$k] = 0;
}
return $ret;
}
static public function FilledAutoperms($channel_id) {
if(! intval(get_pconfig($channel_id,'system','autoperms')))
return false;
$arr = [];
$r = q("select * from pconfig where uid = %d and cat = 'autoperms'",
intval($channel_id)
);
if($r) {
foreach($r as $rr) {
$arr[$rr['k']] = $arr[$rr['v']];
}
}
return $arr;
}
static public function PermsCompare($p1,$p2) {
foreach($p1 as $k => $v) {
if(! array_key_exists($k,$p2))
return false;
if($p1[$k] != $p2[$k])
return false;
}
return true;
}
}

4
Zotlabs/Daemon/Onepoll.php
View File

@ -102,7 +102,9 @@ class Onepoll {
$fetch_feed = true; $fetch_feed = true;
$x = null; $x = null;
if(! ($contact['abook_their_perms'] & PERMS_R_STREAM )) $can_view_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'their_perms','view_stream'));
if(! $can_view_stream)
$fetch_feed = false; $fetch_feed = false;
if($fetch_feed) { if($fetch_feed) {

2
Zotlabs/Lib/AbConfig.php
View File

@ -7,7 +7,7 @@ class AbConfig {
static public function Load($chan,$xhash,$family = '') { static public function Load($chan,$xhash,$family = '') {
if($family) if($family)
$where = sprintf(" and family = '%s' ",dbesc($family)); $where = sprintf(" and cat = '%s' ",dbesc($family));
$r = q("select * from abconfig where chan = %d and xchan = '%s' $where", $r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
intval($chan), intval($chan),
dbesc($xhash) dbesc($xhash)

5
Zotlabs/Lib/Cache.php
View File

@ -8,6 +8,9 @@ namespace Zotlabs\Lib;
class Cache { class Cache {
public static function get($key) { public static function get($key) {
$key = substr($key,0,254);
$r = q("SELECT v FROM cache WHERE k = '%s' limit 1", $r = q("SELECT v FROM cache WHERE k = '%s' limit 1",
dbesc($key) dbesc($key)
); );
@ -19,6 +22,8 @@ class Cache {
public static function set($key,$value) { public static function set($key,$value) {
$key = substr($key,0,254);
$r = q("SELECT * FROM cache WHERE k = '%s' limit 1", $r = q("SELECT * FROM cache WHERE k = '%s' limit 1",
dbesc($key) dbesc($key)
); );

17
Zotlabs/Lib/PConfig.php
View File

@ -17,12 +17,20 @@ class PConfig {
*/ */
static public function Load($uid) { static public function Load($uid) {
if($uid === false) if(is_null($uid) || $uid === false)
return false; return false;
if(! array_key_exists($uid, \App::$config)) if(! array_key_exists($uid, \App::$config))
\App::$config[$uid] = array(); \App::$config[$uid] = array();
if(! is_array(\App::$config)) {
btlogger('App::$config not an array: ' . $uid);
}
if(! is_array(\App::$config[$uid])) {
btlogger('App::$config[$uid] not an array: ' . $uid);
}
$r = q("SELECT * FROM pconfig WHERE uid = %d", $r = q("SELECT * FROM pconfig WHERE uid = %d",
intval($uid) intval($uid)
); );
@ -61,7 +69,7 @@ class PConfig {
static public function Get($uid,$family,$key,$instore = false) { static public function Get($uid,$family,$key,$instore = false) {
if($uid === false) if(is_null($uid) || $uid === false)
return false; return false;
if(! array_key_exists($uid, \App::$config)) if(! array_key_exists($uid, \App::$config))
@ -102,7 +110,7 @@ class PConfig {
// we provide a function backtrace in the logs so that we can find // we provide a function backtrace in the logs so that we can find
// and fix the calling function. // and fix the calling function.
if($uid === false) { if(is_null($uid) || $uid === false) {
btlogger('UID is FALSE!', LOGGER_NORMAL, LOG_ERR); btlogger('UID is FALSE!', LOGGER_NORMAL, LOG_ERR);
return; return;
} }
@ -172,6 +180,9 @@ class PConfig {
static public function Delete($uid, $family, $key) { static public function Delete($uid, $family, $key) {
if(is_null($uid) || $uid === false)
return false;
$ret = false; $ret = false;
if(array_key_exists($key, \App::$config[$uid][$family])) if(array_key_exists($key, \App::$config[$uid][$family]))

15
Zotlabs/Lib/PermissionDescription.php
View File

@ -78,22 +78,13 @@ class PermissionDescription {
$result = null; $result = null;
$global_perms = get_perms(); $global_perms = \Zotlabs\Access\Permissions::Perms();
if (array_key_exists($permname, $global_perms)) { if (array_key_exists($permname, $global_perms)) {
$permDetails = $global_perms[$permname]; $channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname);
// It should be OK to always just read the permissions from App::$channel $result = new PermissionDescription('', $channelPerm);
//
// App::$profile is a union of channel and profile fields.
// The distinction is basically that App::$profile is pointing to the resource
// being observed. App::$channel is referring to the current logged-in channel
// member (if this is a local channel) e.g. the observer. We only show the ACL
// widget to the page owner (observer and observed are the same) so in that case
// I believe either may be safely used here.
$channelPerm = \App::$channel[$permDetails[0]];
$result = new PermissionDescription($permDetails[1], $channelPerm);
} else { } else {
// The acl dialog can handle null arguments, but it shouldn't happen // The acl dialog can handle null arguments, but it shouldn't happen
logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR); logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);

50
Zotlabs/Module/Acl.php
View File

@ -59,6 +59,22 @@ class Acl extends \Zotlabs\Web\Controller {
if( (! local_channel()) && (! ($type == 'x' || $type == 'c'))) if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
killme(); killme();
$permitted = [];
if(in_array($type, [ 'm', 'a', 'c' ])) {
// These queries require permission checking. We'll create a simple array of xchan_hash for those with
// the requisite permissions which we can check against.
$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1",
intval(local_channel()),
dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
);
$permitted = ids_to_array($x,'xchan');
}
if($search) { if($search) {
$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; $sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
@ -87,13 +103,13 @@ class Acl extends \Zotlabs\Web\Controller {
if($type == '' || $type == 'g') { if($type == '' || $type == 'g') {
$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname` $r = q("SELECT groups.id, groups.hash, groups.gname
FROM `groups`,`group_member` FROM groups,group_member
WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d WHERE groups.deleted = 0 AND groups.uid = %d
AND `group_member`.`gid`=`groups`.`id` AND group_member.gid=groups.id
$sql_extra $sql_extra
GROUP BY `groups`.`id` GROUP BY groups.id
ORDER BY `groups`.`gname` ORDER BY groups.gname
LIMIT %d OFFSET %d", LIMIT %d OFFSET %d",
intval(local_channel()), intval(local_channel()),
intval($count), intval($count),
@ -156,7 +172,7 @@ class Acl extends \Zotlabs\Web\Controller {
} }
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash FROM abook left join xchan on abook_xchan = xchan_hash
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" , WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
intval(local_channel()) intval(local_channel())
@ -222,15 +238,23 @@ class Acl extends \Zotlabs\Web\Controller {
} }
elseif($type == 'm') { elseif($type == 'm') {
$r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url $r = array();
$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
FROM abook left join xchan on abook_xchan = xchan_hash FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0) WHERE abook_channel = %d
and xchan_deleted = 0 and xchan_deleted = 0
$sql_extra3 $sql_extra3
ORDER BY `xchan_name` ASC ", ORDER BY xchan_name ASC ",
intval(local_channel()), intval(local_channel())
intval(PERMS_W_MAIL)
); );
if($z) {
foreach($z as $zz) {
if(in_array($zz['id'],$permitted)) {
$r[] = $zz;
}
}
}
} }
elseif($type == 'a') { elseif($type == 'a') {
@ -274,7 +298,7 @@ class Acl extends \Zotlabs\Web\Controller {
if(strpos($g['hash'],'/') && $type != 'a') if(strpos($g['hash'],'/') && $type != 'a')
continue; continue;
if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) { if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) {
$contacts[] = array( $contacts[] = array(
"type" => "c", "type" => "c",
"photo" => "images/twopeople.png", "photo" => "images/twopeople.png",

79
Zotlabs/Module/Connedit.php
View File

@ -127,14 +127,29 @@ class Connedit extends \Zotlabs\Web\Controller {
$rating_text = trim(escape_tags($_REQUEST['rating_text'])); $rating_text = trim(escape_tags($_REQUEST['rating_text']));
$abook_my_perms = 0; $all_perms = \Zotlabs\Access\Permissions::Perms();
foreach($_POST as $k => $v) { if($all_perms) {
if(strpos($k,'perms_') === 0) { foreach($all_perms as $perm => $desc) {
$abook_my_perms += $v; if(array_key_exists('perms_' . $perm, $_POST)) {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,
intval($_POST['perms_' . $perm]));
if($autoperms) {
set_pconfig($channel['channel_id'],'autoperms',$perm,intval($_POST['perms_' . $perm]));
}
}
else {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0);
if($autoperms) {
set_pconfig($channel['channel_id'],'autoperms',$perm,0);
}
}
} }
} }
if(! is_null($autoperms))
set_pconfig($channel['channel_id'],'system','autoperms',$autoperms);
$new_friend = false; $new_friend = false;
if(! $is_self) { if(! $is_self) {
@ -194,19 +209,25 @@ class Connedit extends \Zotlabs\Web\Controller {
$role = get_pconfig(local_channel(),'system','permissions_role'); $role = get_pconfig(local_channel(),'system','permissions_role');
if($role) { if($role) {
$x = get_role_perms($role); $x = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($x['perms_accept']) if($x['perms_connect']) {
$abook_my_perms = $x['perms_accept']; $abook_my_perms = $x['perms_connect'];
}
} }
$filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms);
foreach($filled_perms as $k => $v) {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
}
} }
$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
$r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d, $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
abook_incl = '%s', abook_excl = '%s' abook_incl = '%s', abook_excl = '%s'
where abook_id = %d AND abook_channel = %d", where abook_id = %d AND abook_channel = %d",
dbesc($profile_id), dbesc($profile_id),
intval($abook_my_perms),
intval($closeness), intval($closeness),
intval($abook_pending), intval($abook_pending),
dbesc($abook_incl), dbesc($abook_incl),
@ -228,9 +249,12 @@ class Connedit extends \Zotlabs\Web\Controller {
else else
notice( t('Failed to update connection record.') . EOL); notice( t('Failed to update connection record.') . EOL);
if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms if(! intval(\App::$poi['abook_self'])) {
&& (! intval(\App::$poi['abook_self']))) { \Zotlabs\Daemon\Master::Summon( [
\Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id)); 'Notifier',
(($new_friend) ? 'permission_create' : 'permission_update'),
$contact_id
]);
} }
if($new_friend) { if($new_friend) {
@ -371,9 +395,9 @@ class Connedit extends \Zotlabs\Web\Controller {
$my_perms = get_channel_default_perms(local_channel()); $my_perms = get_channel_default_perms(local_channel());
$role = get_pconfig(local_channel(),'system','permissions_role'); $role = get_pconfig(local_channel(),'system','permissions_role');
if($role) { if($role) {
$x = get_role_perms($role); $x = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($x['perms_accept']) if($x['perms_connect'])
$my_perms = $x['perms_accept']; $my_perms = $x['perms_connect'];
} }
$yes_no = array(t('No'),t('Yes')); $yes_no = array(t('No'),t('Yes'));
@ -654,7 +678,8 @@ class Connedit extends \Zotlabs\Web\Controller {
$perms = array(); $perms = array();
$channel = \App::get_channel(); $channel = \App::get_channel();
$global_perms = get_perms(); $global_perms = \Zotlabs\Access\Permissions::Perms();
$existing = get_all_perms(local_channel(),$contact['abook_xchan']); $existing = get_all_perms(local_channel(),$contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
@ -670,16 +695,32 @@ class Connedit extends \Zotlabs\Web\Controller {
if($slide && $multiprofs) if($slide && $multiprofs)
$affinity = t('Set Affinity & Profile'); $affinity = t('Set Affinity & Profile');
$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
intval(local_channel()),
dbesc($contact['abook_xchan'])
);
$their_perms = array();
if($theirs) {
foreach($theirs as $t) {
$their_perms[$t['k']] = $t['v'];
}
}
foreach($global_perms as $k => $v) { foreach($global_perms as $k => $v) {
$thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : ''); $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
$checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : ''); //fixme
$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
// For auto permissions (when $self is true) we don't want to look at existing // For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner // permissions because they are enabled for the channel owner
if((! $self) && ($existing[$k])) if((! $self) && ($existing[$k]))
$thisperm = "1"; $thisperm = "1";
$perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited);
$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
} }
$locstr = ''; $locstr = '';

4
Zotlabs/Module/Editpost.php
View File

@ -47,9 +47,9 @@ class Editpost extends \Zotlabs\Web\Controller {
if(intval($itm[0]['item_obscured'])) { if(intval($itm[0]['item_obscured'])) {
$key = get_config('system','prvkey'); $key = get_config('system','prvkey');
if($itm[0]['title']) if($itm[0]['title'])
$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
if($itm[0]['body']) if($itm[0]['body'])
$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
} }
$category = ''; $category = '';

4
Zotlabs/Module/Editwebpage.php
View File

@ -108,9 +108,9 @@ class Editwebpage extends \Zotlabs\Web\Controller {
if(intval($itm[0]['item_obscured'])) { if(intval($itm[0]['item_obscured'])) {
$key = get_config('system','prvkey'); $key = get_config('system','prvkey');
if($itm[0]['title']) if($itm[0]['title'])
$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
if($itm[0]['body']) if($itm[0]['body'])
$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
} }
$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1", $item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",

40
Zotlabs/Module/File_upload.php Normal file
View File

@ -0,0 +1,40 @@
<?php
namespace Zotlabs\Module;
require_once('include/attach.php');
require_once('include/channel.php');
require_once('include/photos.php');
class File_upload extends \Zotlabs\Web\Controller {
function post() {
// logger('file upload: ' . print_r($_REQUEST,true));
$channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null);
if(! $channel) {
logger('channel not found');
killme();
}
$_REQUEST['source'] = 'file_upload';
if($channel['channel_id'] != local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
if($_REQUEST['directory_name'])
$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
else
$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
goaway(z_root() . '/' . $_REQUEST['return_url']);
}
}

5
Zotlabs/Module/Follow.php
View File

@ -47,12 +47,13 @@ class Follow extends \Zotlabs\Web\Controller {
if($abconfig) if($abconfig)
$clone['abconfig'] = $abconfig; $clone['abconfig'] = $abconfig;
build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true);
$can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream'));
// If we can view their stream, pull in some posts // If we can view their stream, pull in some posts
if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss')) if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss'))
\Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id'])); \Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id']));
goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');

319
Zotlabs/Module/Id.php
View File

@ -1,319 +0,0 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/id.php
* @brief OpenID implementation
*/
require 'library/openid/provider/provider.php';
$attrMap = array(
'namePerson/first' => t('First Name'),
'namePerson/last' => t('Last Name'),
'namePerson/friendly' => t('Nickname'),
'namePerson' => t('Full Name'),
'contact/internet/email' => t('Email'),
'contact/email' => t('Email'),
'media/image/aspect11' => t('Profile Photo'),
'media/image' => t('Profile Photo'),
'media/image/default' => t('Profile Photo'),
'media/image/16x16' => t('Profile Photo 16px'),
'media/image/32x32' => t('Profile Photo 32px'),
'media/image/48x48' => t('Profile Photo 48px'),
'media/image/64x64' => t('Profile Photo 64px'),
'media/image/80x80' => t('Profile Photo 80px'),
'media/image/128x128' => t('Profile Photo 128px'),
'timezone' => t('Timezone'),
'contact/web/default' => t('Homepage URL'),
'language/pref' => t('Language'),
'birthDate/birthYear' => t('Birth Year'),
'birthDate/birthMonth' => t('Birth Month'),
'birthDate/birthday' => t('Birth Day'),
'birthDate' => t('Birthdate'),
'gender' => t('Gender'),
);
/**
* @brief Entrypoint for the OpenID implementation.
*
* @param App &$a
*/
class Id extends \Zotlabs\Web\Controller {
function init() {
logger('id: ' . print_r($_REQUEST, true));
if(argc() > 1) {
$which = argv(1);
} else {
\App::$error = 404;
return;
}
$profile = '';
$channel = \App::get_channel();
profile_load($which,$profile);
$op = new MysqlProvider;
$op->server();
}
/**
* @brief Returns user data needed for OpenID.
*
* If no $handle is provided we will use local_channel() by default.
*
* @param string $handle (default null)
* @return boolean|array
*/
static public function getUserData($handle = null) {
if (! local_channel()) {
notice( t('Permission denied.') . EOL);
\App::$page['content'] = login();
return false;
}
// logger('handle: ' . $handle);
if ($handle) {
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1",
dbesc($handle)
);
} else {
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d",
intval(local_channel())
);
}
if (! r)
return false;
$x = q("select * from account where account_id = %d limit 1",
intval($r[0]['channel_account_id'])
);
if ($x)
$r[0]['email'] = $x[0]['account_email'];
$p = q("select * from profile where is_default = 1 and uid = %d limit 1",
intval($r[0]['channel_account_id'])
);
$gender = '';
if ($p[0]['gender'] == t('Male'))
$gender = 'M';
if ($p[0]['gender'] == t('Female'))
$gender = 'F';
$r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']);
$r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : '');
$r[0]['namePerson'] = $r[0]['channel_name'];
$r[0]['pphoto'] = $r[0]['xchan_photo_l'];
$r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg';
$r[0]['timezone'] = $r[0]['channel_timezone'];
$r[0]['url'] = $r[0]['xchan_url'];
$r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en');
$r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : '');
$r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : '');
$r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : '');
$r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : '');
$r[0]['gender'] = $gender;
return $r[0];
/*
* if(isset($_POST['login'],$_POST['password'])) {
* $login = mysql_real_escape_string($_POST['login']);
* $password = sha1($_POST['password']);
* $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'");
* if($data = mysql_fetch_assoc($q)) {
* return $data;
* }
* if($handle) {
* echo 'Wrong login/password.';
* }
* }
* if($handle) {
* ?>
* <form action="" method="post">
* <input type="hidden" name="openid.assoc_handle" value="<?php
namespace Zotlabs\Module; echo $handle?>">
* Login: <input type="text" name="login"><br>
* Password: <input type="password" name="password"><br>
* <button>Submit</button>
* </form>
* <?php
namespace Zotlabs\Module;
* die();
* }
*/
}
}
/**
* @brief MySQL provider for OpenID implementation.
*
*/
class MysqlProvider extends \LightOpenIDProvider {
// See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html
// This list contains a few variations of these attributes to maintain
// compatibility with legacy clients
private $attrFieldMap = array(
'namePerson/first' => 'firstName',
'namePerson/last' => 'lastName',
'namePerson/friendly' => 'channel_address',
'namePerson' => 'namePerson',
'contact/internet/email' => 'email',
'contact/email' => 'email',
'media/image/aspect11' => 'pphoto',
'media/image' => 'pphoto',
'media/image/default' => 'pphoto',
'media/image/16x16' => 'pphoto16',
'media/image/32x32' => 'pphoto32',
'media/image/48x48' => 'pphoto48',
'media/image/64x64' => 'pphoto64',
'media/image/80x80' => 'pphoto80',
'media/image/128x128' => 'pphoto128',
'timezone' => 'timezone',
'contact/web/default' => 'url',
'language/pref' => 'language',
'birthDate/birthYear' => 'birthyear',
'birthDate/birthMonth' => 'birthmonth',
'birthDate/birthday' => 'birthday',
'birthDate' => 'birthdate',
'gender' => 'gender',
);
function setup($identity, $realm, $assoc_handle, $attributes) {
global $attrMap;
// logger('identity: ' . $identity);
// logger('realm: ' . $realm);
// logger('assoc_handle: ' . $assoc_handle);
// logger('attributes: ' . print_r($attributes,true));
$data = \Zotlabs\Module\Id::getUserData($assoc_handle);
/** @FIXME this needs to be a template with localised strings */
$o .= '<form action="" method="post">'
. '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">'
. '<input type="hidden" name="login" value="' . $_POST['login'] .'">'
. '<input type="hidden" name="password" value="' . $_POST['password'] .'">'
. "<b>$realm</b> wishes to authenticate you.";
if($attributes['required'] || $attributes['optional']) {
$o .= " It also requests following information (required fields marked with *):"
. '<ul>';
foreach($attributes['required'] as $attr) {
if(isset($this->attrMap[$attr])) {
$o .= '<li>'
. '<input type="checkbox" name="attributes[' . $attr . ']"> '
. $this->attrMap[$attr] . ' <span class="required">*</span></li>';
}
}
foreach($attributes['optional'] as $attr) {
if(isset($this->attrMap[$attr])) {
$o .= '<li>'
. '<input type="checkbox" name="attributes[' . $attr . ']"> '
. $this->attrMap[$attr] . '</li>';
}
}
$o .= '</ul>';
}
$o .= '<br>'
. '<button name="once">Allow once</button> '
. '<button name="always">Always allow</button> '
. '<button name="cancel">cancel</button> '
. '</form>';
\App::$page['content'] .= $o;
}
function checkid($realm, &$attributes) {
logger('checkid: ' . $realm);
logger('checkid attrs: ' . print_r($attributes,true));
if(isset($_POST['cancel'])) {
$this->cancel();
}
$data = \Zotlabs\Module\Id::getUserData();
if(! $data) {
return false;
}
$q = get_pconfig(local_channel(), 'openid', $realm);
$attrs = array();
if($q) {
$attrs = $q;
} elseif(isset($_POST['attributes'])) {
$attrs = array_keys($_POST['attributes']);
} elseif(!isset($_POST['once']) && !isset($_POST['always'])) {
return false;
}
$attributes = array();
foreach($attrs as $attr) {
if(isset($this->attrFieldMap[$attr])) {
$attributes[$attr] = $data[$this->attrFieldMap[$attr]];
}
}
if(isset($_POST['always'])) {
set_pconfig(local_channel(),'openid',$realm,array_keys($attributes));
}
return z_root() . '/id/' . $data['channel_address'];
}
function assoc_handle() {
logger('assoc_handle');
$channel = \App::get_channel();
return z_root() . '/channel/' . $channel['channel_address'];
}
function setAssoc($handle, $data) {
logger('setAssoc');
$channel = channelx_by_nick(basename($handle));
if($channel)
set_pconfig($channel['channel_id'],'openid','associate',$data);
}
function getAssoc($handle) {
logger('getAssoc: ' . $handle);
$channel = channelx_by_nick(basename($handle));
if($channel)
return get_pconfig($channel['channel_id'], 'openid', 'associate');
return false;
}
function delAssoc($handle) {
logger('delAssoc');
$channel = channelx_by_nick(basename($handle));
if($channel)
return del_pconfig($channel['channel_id'], 'openid', 'associate');
}
}

9
Zotlabs/Module/Import.php
View File

@ -8,6 +8,7 @@ namespace Zotlabs\Module;
require_once('include/zot.php'); require_once('include/zot.php');
require_once('include/channel.php'); require_once('include/channel.php');
require_once('include/import.php'); require_once('include/import.php');
require_once('include/perm_upgrade.php');
@ -340,6 +341,8 @@ class Import extends \Zotlabs\Web\Controller {
if($abooks) { if($abooks) {
foreach($abooks as $abook) { foreach($abooks as $abook) {
$abook_copy = $abook;
$abconfig = null; $abconfig = null;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
$abconfig = $abook['abconfig']; $abconfig = $abook['abconfig'];
@ -347,6 +350,10 @@ class Import extends \Zotlabs\Web\Controller {
unset($abook['abook_id']); unset($abook['abook_id']);
unset($abook['abook_rating']); unset($abook['abook_rating']);
unset($abook['abook_rating_text']); unset($abook['abook_rating_text']);
unset($abook['abconfig']);
unset($abook['abook_their_perms']);
unset($abook['abook_my_perms']);
$abook['abook_account'] = $account_id; $abook['abook_account'] = $account_id;
$abook['abook_channel'] = $channel['channel_id']; $abook['abook_channel'] = $channel['channel_id'];
if(! array_key_exists('abook_blocked',$abook)) { if(! array_key_exists('abook_blocked',$abook)) {
@ -386,6 +393,8 @@ class Import extends \Zotlabs\Web\Controller {
if(intval($abook['abook_feed'])) if(intval($abook['abook_feed']))
$feeds ++; $feeds ++;
translate_abook_perms_inbound($channel,$abook_copy);
if($abconfig) { if($abconfig) {
// @fixme does not handle sync of del_abconfig // @fixme does not handle sync of del_abconfig
foreach($abconfig as $abc) { foreach($abconfig as $abc) {

10
Zotlabs/Module/Item.php
View File

@ -319,8 +319,10 @@ class Item extends \Zotlabs\Web\Controller {
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
$view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
$comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
if($webpage) if($webpage)
$public_policy = ''; $public_policy = '';
if($public_policy) if($public_policy)
@ -528,11 +530,11 @@ class Item extends \Zotlabs\Web\Controller {
if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) {
$x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", $x = q("select abook_id, abconfig.v from abook left join abconfig on abook_xchan = abconfig.xchan and abook_channel = abconfig.chan and cat= 'their_perms' and abconfig.k = 'tag_deliver' and abconfig.v = 1 and abook_xchan = '%s' and abook_channel = %d limit 1",
dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)), dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)),
intval($profile_uid) intval($profile_uid)
); );
if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL)) if($x)
$body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n";
} }
@ -812,7 +814,7 @@ class Item extends \Zotlabs\Web\Controller {
$datarray['layout_mid'] = $layout_mid; $datarray['layout_mid'] = $layout_mid;
$datarray['public_policy'] = $public_policy; $datarray['public_policy'] = $public_policy;
$datarray['comment_policy'] = map_scope($channel['channel_w_comment']); $datarray['comment_policy'] = map_scope($comment_policy);
$datarray['term'] = $post_tags; $datarray['term'] = $post_tags;
$datarray['plink'] = $plink; $datarray['plink'] = $plink;
$datarray['route'] = $route; $datarray['route'] = $route;

21
Zotlabs/Module/Like.php
View File

@ -266,21 +266,20 @@ class Like extends \Zotlabs\Web\Controller {
} }
xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel()));
$item = $r[0]; $item = $r[0];
$owner_uid = $item['uid'];
$owner_aid = $item['aid'];
$owner_uid = $r[0]['uid'];
$owner_aid = $r[0]['aid'];
$sys = get_sys_channel(); $can_comment = false;
if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self']))
$can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments');
else
$can_comment = can_comment_on_post($observer['xchan_hash'],$item);
if(! $can_comment) {
// if this is a "discover" item, (item['uid'] is the sys channel),
// fallback to the item comment policy, which should've been
// respected when generating the conversation thread.
// Even if the activity is rejected by the item owner, it should still get attached
// to the local discover conversation on this site.
if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) {
notice( t('Permission denied') . EOL); notice( t('Permission denied') . EOL);
killme(); killme();
} }

12
Zotlabs/Module/Mail.php
View File

@ -57,8 +57,6 @@ class Mail extends \Zotlabs\Web\Controller {
$their_perms = 0; $their_perms = 0;
$global_perms = get_perms();
if($j['permissions']['data']) { if($j['permissions']['data']) {
$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']); $permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
if($permissions) if($permissions)
@ -68,13 +66,7 @@ class Mail extends \Zotlabs\Web\Controller {
else else
$permissions = $j['permissions']; $permissions = $j['permissions'];
foreach($permissions as $k => $v) { if(! ($permissions['post_mail'])) {
if($v) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
if(! ($their_perms & PERMS_W_MAIL)) {
notice( t('Selected channel has private message restrictions. Send failed.')); notice( t('Selected channel has private message restrictions. Send failed.'));
// reported issue: let's still save the message and continue. We'll just tell them // reported issue: let's still save the message and continue. We'll just tell them
// that nothing useful is likely to happen. They might have spent hours on it. // that nothing useful is likely to happen. They might have spent hours on it.
@ -120,7 +112,7 @@ class Mail extends \Zotlabs\Web\Controller {
} }
function get() { function get() {
$o = ''; $o = '';
nav_set_selected('messages'); nav_set_selected('messages');

4
Zotlabs/Module/Manage.php
View File

@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller {
$create = array( 'new_channel', t('Create a new channel'), t('Create New')); $create = array( 'new_channel', t('Create a new channel'), t('Create New'));
$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where
abook_channel = %d and (abook_their_perms & %d) > 0", abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )",
intval(local_channel()), intval(local_channel()),
intval(PERMS_A_DELEGATE) intval(local_channel())
); );
if($delegates) { if($delegates) {

198
Zotlabs/Module/Openid.php
View File

@ -1,198 +0,0 @@
<?php
namespace Zotlabs\Module;
require_once('library/openid/openid.php');
require_once('include/auth.php');
class Openid extends \Zotlabs\Web\Controller {
function get() {
$noid = get_config('system','disable_openid');
if($noid)
goaway(z_root());
logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
if(x($_REQUEST,'openid_mode')) {
$openid = new LightOpenID(z_root());
if($openid->validate()) {
logger('openid: validate');
$authid = normalise_openid($_REQUEST['openid_identity']);
if(! strlen($authid)) {
logger( t('OpenID protocol error. No ID returned.') . EOL);
goaway(z_root());
}
$x = match_openid($authid);
if($x) {
$r = q("select * from channel where channel_id = %d limit 1",
intval($x)
);
if($r) {
$y = q("select * from account where account_id = %d limit 1",
intval($r[0]['channel_account_id'])
);
if($y) {
foreach($y as $record) {
if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) {
logger('mod_openid: openid success for ' . $x[0]['channel_name']);
$_SESSION['uid'] = $r[0]['channel_id'];
$_SESSION['account_id'] = $r[0]['channel_account_id'];
$_SESSION['authenticated'] = true;
authenticate_success($record,$r[0],true,true,true,true);
goaway(z_root());
}
}
}
}
}
// Successful OpenID login - but we can't match it to an existing account.
// See if they've got an xchan
$r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1",
dbesc($authid)
);
if($r) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
$_SESSION['my_url'] = $r[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['xchan_addr'];
$arr = array('xchan' => $r[0], 'session' => $_SESSION);
call_hooks('magic_auth_openid_success',$arr);
\App::set_observer($r[0]);
require_once('include/security.php');
\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
if($_SESSION['return_url'])
goaway($_SESSION['return_url']);
goaway(z_root());
}
// no xchan...
// create one.
// We should probably probe the openid url and figure out if they have any kind of social presence we might be able to
// scrape some identifying info from.
$name = $authid;
$url = trim($_REQUEST['openid_identity'],'/');
if(strpos($url,'http') === false)
$url = 'https://' . $url;
$pphoto = z_root() . '/' . get_default_profile_photo();
$parsed = @parse_url($url);
if($parsed) {
$host = $parsed['host'];
}
$attr = $openid->getAttributes();
if(is_array($attr) && count($attr)) {
foreach($attr as $k => $v) {
if($k === 'namePerson/friendly')
$nick = notags(trim($v));
if($k === 'namePerson/first')
$first = notags(trim($v));
if($k === 'namePerson')
$name = notags(trim($v));
if($k === 'contact/email')
$addr = notags(trim($v));
if($k === 'media/image/aspect11')
$photosq = trim($v);
if($k === 'media/image/default')
$photo_other = trim($v);
}
}
if(! $nick) {
if($first)
$nick = $first;
else
$nick = $name;
}
require_once('library/urlify/URLify.php');
$x = strtolower(\URLify::transliterate($nick));
if($nick & $host)
$addr = $nick . '@' . $host;
$network = 'unknown';
if($photosq)
$pphoto = $photosq;
elseif($photo_other)
$pphoto = $photo_other;
$mimetype = guess_image_type($pphoto);
$x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date,
xchan_name_date, xchan_hidden)
values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 1) ",
dbesc($url),
dbesc(''),
dbesc(''),
dbesc(''),
dbesc($mimetype),
dbesc($pphoto),
dbesc($addr),
dbesc($url),
dbesc(''),
dbesc(''),
dbesc(''),
dbesc($name),
dbesc($network),
dbesc(datetime_convert()),
dbesc(datetime_convert())
);
if($x) {
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($url)
);
if($r) {
$photos = import_xchan_photo($pphoto,$url);
if($photos) {
$z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s',
xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
dbesc(datetime_convert()),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
dbesc($photos[3]),
dbesc($url)
);
}
set_xconfig($url,'system','openid',$authid);
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
$_SESSION['my_url'] = $r[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['xchan_addr'];
$arr = array('xchan' => $r[0], 'session' => $_SESSION);
call_hooks('magic_auth_openid_success',$arr);
\App::set_observer($r[0]);
info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
if($_SESSION['return_url'])
goaway($_SESSION['return_url']);
goaway(z_root());
}
}
}
}
notice( t('Login failed.') . EOL);
goaway(z_root());
// NOTREACHED
}
}

2
Zotlabs/Module/Probe.php
View File

@ -23,8 +23,6 @@ class Probe extends \Zotlabs\Web\Controller {
$j = \Zotlabs\Zot\Finger::run($addr,$channel,false); $j = \Zotlabs\Zot\Finger::run($addr,$channel,false);
// $res = zot_finger($addr,$channel,false);
$o .= '<pre>'; $o .= '<pre>';
if(! $j['success']) { if(! $j['success']) {
$o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n"); $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n");

4
Zotlabs/Module/Profiles.php
View File

@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$profile_id' => $r[0]['id'], '$profile_id' => $r[0]['id'],
'$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'), '$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'),
'$is_default' => $is_default, '$is_default' => $is_default,
'$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])), '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))),
'$advanced' => $advanced, '$advanced' => $advanced,
'$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'),
'$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']), '$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']),
@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$alt' => t('Profile Image'), '$alt' => t('Profile Image'),
'$profile_name' => $rr['profile_name'], '$profile_name' => $rr['profile_name'],
'$visible' => (($rr['is_default']) '$visible' => (($rr['is_default'])
? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>' ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>'
: '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') : '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
)); ));
} }

4
Zotlabs/Module/Ratingsearch.php
View File

@ -58,7 +58,9 @@ class Ratingsearch extends \Zotlabs\Web\Controller {
$ret['success'] = true; $ret['success'] = true;
$r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash
where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 order by xchan_name asc", where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1
and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
order by xchan_name asc",
dbesc($target) dbesc($target)
); );

13
Zotlabs/Module/Rmagic.php
View File

@ -2,7 +2,6 @@
namespace Zotlabs\Module; namespace Zotlabs\Module;
class Rmagic extends \Zotlabs\Web\Controller { class Rmagic extends \Zotlabs\Web\Controller {
function init() { function init() {
@ -32,18 +31,6 @@ class Rmagic extends \Zotlabs\Web\Controller {
$arr = array('address' => $address); $arr = array('address' => $address);
call_hooks('reverse_magic_auth', $arr); call_hooks('reverse_magic_auth', $arr);
try {
require_once('library/openid/openid.php');
$openid = new \LightOpenID(z_root());
$openid->identity = $address;
$openid->returnUrl = z_root() . '/openid';
$openid->required = array('namePerson/friendly', 'namePerson');
$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
goaway($openid->authUrl());
} catch (\Exception $e) {
notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
}
// if they're still here... // if they're still here...
notice( t('Authentication failed.') . EOL); notice( t('Authentication failed.') . EOL);
return; return;

52
Zotlabs/Module/Settings.php
View File

@ -22,9 +22,6 @@ class Settings extends \Zotlabs\Web\Controller {
\App::$argc = 2; \App::$argc = 2;
\App::$argv[] = 'channel'; \App::$argv[] = 'channel';
} }
} }
@ -38,7 +35,7 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel(); $channel = \App::get_channel();
logger('mod_settings: ' . print_r($_REQUEST,true)); // logger('mod_settings: ' . print_r($_REQUEST,true));
if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){
@ -363,10 +360,10 @@ class Settings extends \Zotlabs\Web\Controller {
intval(local_channel()) intval(local_channel())
); );
$global_perms = get_perms(); $global_perms = \Zotlabs\Access\Permissions::Perms();
foreach($global_perms as $k => $v) { foreach($global_perms as $k => $v) {
$set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' '; \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
} }
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_POST); $acl->set_from_array($_POST);
@ -382,7 +379,7 @@ class Settings extends \Zotlabs\Web\Controller {
); );
} }
else { else {
$role_permissions = get_role_perms($_POST['permissions_role']); $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
if(! $role_permissions) { if(! $role_permissions) {
notice('Permissions category could not be found.'); notice('Permissions category could not be found.');
return; return;
@ -422,20 +419,25 @@ class Settings extends \Zotlabs\Web\Controller {
); );
} }
$r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1", $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0), foreach($x as $k => $v) {
intval(local_channel()) set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
); if($role_permissions['perms_auto']) {
set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0)); set_pconfig(local_channel(),'autoperms',$k,$v);
}
else {
del_pconfig(local_channel(),'autoperms',$k);
}
}
foreach($role_permissions as $p => $v) { if($role_permissions['limits']) {
if(strpos($p,'channel_') !== false) { foreach($role_permissions['limits'] as $k => $v) {
$set_perms .= ', ' . $p . ' = ' . intval($v) . ' '; \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v);
}
if($p === 'directory_publish') {
$publish = intval($v);
} }
} }
if(array_key_exists('directory_publish',$role_permissions)) {
$publish = intval($role_permissions['directory_publish']);
}
} }
set_pconfig(local_channel(),'system','hide_online_status',$hide_presence); set_pconfig(local_channel(),'system','hide_online_status',$hide_presence);
@ -964,10 +966,6 @@ class Settings extends \Zotlabs\Web\Controller {
return $o; return $o;
} }
if(argv(1) === 'channel') { if(argv(1) === 'channel') {
require_once('include/acl_selectors.php'); require_once('include/acl_selectors.php');
@ -984,8 +982,7 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel(); $channel = \App::get_channel();
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
$permiss = array(); $permiss = array();
@ -1000,19 +997,18 @@ class Settings extends \Zotlabs\Web\Controller {
array( t('Anybody on the internet'), PERMS_PUBLIC) array( t('Anybody on the internet'), PERMS_PUBLIC)
); );
$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
foreach($global_perms as $k => $perm) { foreach($global_perms as $k => $perm) {
$options = array(); $options = array();
foreach($perm_opts as $opt) { foreach($perm_opts as $opt) {
if((! $perm[2]) && $opt[1] == PERMS_PUBLIC)
continue;
$options[$opt[1]] = $opt[0]; $options[$opt[1]] = $opt[0];
} }
$permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options); $permiss[] = array($k,$perm,$limits[$k],'',$options);
} }
// logger('permiss: ' . print_r($permiss,true)); //logger('permiss: ' . print_r($permiss,true));

2
Zotlabs/Storage/BasicAuth.php
View File

@ -219,7 +219,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
} }
/** /**
* @brief Sets the timezone from the channel in RedBasicAuth. * @brief Sets the timezone from the channel in BasicAuth.
* *
* Set in mod/cloud.php if the channel has a timezone set. * Set in mod/cloud.php if the channel has a timezone set.
* *

24
Zotlabs/Storage/Browser.php
View File

@ -274,6 +274,22 @@ class Browser extends DAV\Browser\Plugin {
// SimpleCollection, we won't need to show the panel either. // SimpleCollection, we won't need to show the panel either.
if (get_class($node) === 'Sabre\\DAV\\SimpleCollection') if (get_class($node) === 'Sabre\\DAV\\SimpleCollection')
return; return;
require_once('include/acl_selectors.php');
$aclselect = null;
$lockstate = '';
if($this->auth-owner_id) {
$channel = channelx_by_n($this->auth->owner_id);
if($channel) {
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
$aclselect = ((local_channel() == $this->auth->owner_id) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
}
}
// Storage and quota for the account (all channels of the owner of this directory)! // Storage and quota for the account (all channels of the owner of this directory)!
$limit = engr_units_to_bytes(service_class_fetch($owner, 'attach_upload_limit')); $limit = engr_units_to_bytes(service_class_fetch($owner, 'attach_upload_limit'));
@ -293,7 +309,6 @@ class Browser extends DAV\Browser\Plugin {
userReadableSize($limit), userReadableSize($limit),
round($used / $limit, 1) * 100); round($used / $limit, 1) * 100);
} }
// prepare quota for template // prepare quota for template
$quota = array(); $quota = array();
$quota['used'] = $used; $quota['used'] = $used;
@ -306,7 +321,12 @@ class Browser extends DAV\Browser\Plugin {
'$folder_submit' => t('Create'), '$folder_submit' => t('Create'),
'$upload_header' => t('Upload file'), '$upload_header' => t('Upload file'),
'$upload_submit' => t('Upload'), '$upload_submit' => t('Upload'),
'$quota' => $quota '$quota' => $quota,
'$channick' => $this->auth->owner_nick,
'$aclselect' => $aclselect,
'$lockstate' => $lockstate,
'$return_url' => \App::$cmd,
'$dragdroptext' => t('Drop files here to immediately upload')
)); ));
} }

1
Zotlabs/Web/Router.php
View File

@ -152,6 +152,7 @@ class Router {
// pretend this is a module so it will initialise the theme // pretend this is a module so it will initialise the theme
\App::$module = '404'; \App::$module = '404';
\App::$module_loaded = true; \App::$module_loaded = true;
\App::$error = true;
} }
} }
} }

2
Zotlabs/Web/WebServer.php
View File

@ -124,7 +124,7 @@ class WebServer {
// now that we've been through the module content, see if the page reported // now that we've been through the module content, see if the page reported
// a permission problem and if so, a 403 response would seem to be in order. // a permission problem and if so, a 403 response would seem to be in order.
if(stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) { if(is_array($_SESSION['sysmsg']) && stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) {
header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.')); header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.'));
} }

71
boot.php
View File

@ -44,10 +44,10 @@ require_once('include/account.php');
define ( 'PLATFORM_NAME', 'hubzilla' ); define ( 'PLATFORM_NAME', 'hubzilla' );
define ( 'STD_VERSION', '1.10RC' ); define ( 'STD_VERSION', '1.11' );
define ( 'ZOT_REVISION', '1.1' ); define ( 'ZOT_REVISION', '1.1' );
define ( 'DB_UPDATE_VERSION', 1180 ); define ( 'DB_UPDATE_VERSION', 1181 );
/** /**
@ -765,6 +765,7 @@ class App {
public static $pdl = null; // Comanche page description public static $pdl = null; // Comanche page description
private static $perms = null; // observer permissions private static $perms = null; // observer permissions
private static $widgets = array(); // widgets for this page private static $widgets = array(); // widgets for this page
public static $config = array(); // config cache
public static $session = null; public static $session = null;
public static $groups; public static $groups;
@ -774,7 +775,6 @@ class App {
public static $plugins_admin; public static $plugins_admin;
public static $module_loaded = false; public static $module_loaded = false;
public static $query_string; public static $query_string;
public static $config; // config cache
public static $page; public static $page;
public static $profile; public static $profile;
public static $user; public static $user;
@ -1551,6 +1551,9 @@ function check_config(&$a) {
load_hooks(); load_hooks();
check_for_new_perms();
check_cron_broken(); check_cron_broken();
} }
@ -2440,6 +2443,67 @@ function cert_bad_email() {
} }
function check_for_new_perms() {
$pregistered = get_config('system','perms');
$pcurrent = array_keys(\Zotlabs\Access\Permissions::Perms());
if(! $pregistered) {
set_config('system','perms',$pcurrent);
return;
}
$found_new_perm = false;
foreach($pcurrent as $p) {
if(! in_array($p,$pregistered)) {
$found_new_perm = true;
// for all channels
$c = q("select channel_id from channel where true");
if($c) {
foreach($c as $cc) {
// get the permission role
$r = q("select v from pconfig where uid = %d and cat = 'system' and k = 'permissions_role'",
intval($cc['uid'])
);
if($r) {
// get a list of connections
$x = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
intval($cc['uid'])
);
// get the permissions role details
$rp = \Zotlabs\Access\PermissionRoles::role_perms($r[0]['v']);
if($rp) {
// set the channel limits if appropriate or 0
if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
}
else {
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
}
$set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
// foreach connection set to the perms_connect value
if($x) {
foreach($x as $xx) {
set_abconfig($cc['uid'],$xx['abook_xchan'],'my_perms',$p,intval($set));
}
}
}
}
}
}
}
}
// We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency
if($found_new_perm)
set_config('system','perms',$pcurrent);
}
/** /**
* @brief Send warnings every 3-5 days if cron is not running. * @brief Send warnings every 3-5 days if cron is not running.
*/ */
@ -2449,6 +2513,7 @@ function check_cron_broken() {
if((! $d) || ($d < datetime_convert('UTC','UTC','now - 4 hours'))) { if((! $d) || ($d < datetime_convert('UTC','UTC','now - 4 hours'))) {
Zotlabs\Daemon\Master::Summon(array('Cron')); Zotlabs\Daemon\Master::Summon(array('Cron'));
set_config('system','lastcron',datetime_convert());
} }
$t = get_config('system','lastcroncheck'); $t = get_config('system','lastcroncheck');

110
include/api.php
View File

@ -72,7 +72,7 @@ require_once('include/api_auth.php');
* MAIN API ENTRY POINT * * MAIN API ENTRY POINT *
**************************/ **************************/
function api_call(&$a){ function api_call($a){
GLOBAL $API, $called_api; GLOBAL $API, $called_api;
// preset // preset
@ -166,7 +166,7 @@ require_once('include/api_auth.php');
/** /**
* RSS extra info * RSS extra info
*/ */
function api_rss_extra(&$a, $arr, $user_info){ function api_rss_extra($a, $arr, $user_info){
if (is_null($user_info)) $user_info = api_get_user($a); if (is_null($user_info)) $user_info = api_get_user($a);
$arr['$user'] = $user_info; $arr['$user'] = $user_info;
$arr['$rss'] = array( $arr['$rss'] = array(
@ -186,7 +186,7 @@ require_once('include/api_auth.php');
* Returns user info array. * Returns user info array.
*/ */
function api_get_user(&$a, $contact_id = null, $contact_xchan = null){ function api_get_user($a, $contact_id = null, $contact_xchan = null){
global $called_api; global $called_api;
$user = null; $user = null;
$extra_query = ""; $extra_query = "";
@ -282,7 +282,8 @@ require_once('include/api_auth.php');
intval($uinfo[0]['xchan_hash']) intval($uinfo[0]['xchan_hash'])
); );
$countitms = $r[0]['count']; $countitms = $r[0]['count'];
$following = (($uinfo[0]['abook_myperms'] & PERMS_R_STREAM) ? true : false );
$following = ((get_abconfig($uinfo[0]['abook_channel'],$uinfo[0]['abook_xchan'],'my_perms','view_stream')) ? true : false );
} }
@ -355,7 +356,7 @@ require_once('include/api_auth.php');
} }
function api_client_register(&$a,$type) { function api_client_register($a,$type) {
$ret = array(); $ret = array();
$key = random_string(16); $key = random_string(16);
@ -388,7 +389,7 @@ require_once('include/api_auth.php');
function api_item_get_user(&$a, $item) { function api_item_get_user($a, $item) {
// The author is our direct contact, in a conversation with us. // The author is our direct contact, in a conversation with us.
@ -472,7 +473,7 @@ require_once('include/api_auth.php');
* returns a 401 status code and an error message if not. * returns a 401 status code and an error message if not.
* http://developer.twitter.com/doc/get/account/verify_credentials * http://developer.twitter.com/doc/get/account/verify_credentials
*/ */
function api_account_verify_credentials(&$a, $type){ function api_account_verify_credentials($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -482,7 +483,7 @@ require_once('include/api_auth.php');
api_register_func('api/account/verify_credentials','api_account_verify_credentials', true); api_register_func('api/account/verify_credentials','api_account_verify_credentials', true);
function api_account_logout(&$a, $type){ function api_account_logout($a, $type){
require_once('include/auth.php'); require_once('include/auth.php');
App::$session->nuke(); App::$session->nuke();
return api_apply_template("user", $type, array('$user' => null)); return api_apply_template("user", $type, array('$user' => null));
@ -506,7 +507,7 @@ require_once('include/api_auth.php');
* Red basic channel export * Red basic channel export
*/ */
function api_export_basic(&$a, $type) { function api_export_basic($a, $type) {
if(api_user() === false) { if(api_user() === false) {
logger('api_export_basic: no user'); logger('api_export_basic: no user');
return false; return false;
@ -520,7 +521,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/channel/export/basic','api_export_basic', true); api_register_func('api/red/channel/export/basic','api_export_basic', true);
function api_channel_stream(&$a, $type) { function api_channel_stream($a, $type) {
if(api_user() === false) { if(api_user() === false) {
logger('api_channel_stream: no user'); logger('api_channel_stream: no user');
return false; return false;
@ -536,7 +537,7 @@ require_once('include/api_auth.php');
} }
api_register_func('api/red/channel/stream','api_channel_stream', true); api_register_func('api/red/channel/stream','api_channel_stream', true);
function api_attach_list(&$a,$type) { function api_attach_list($a,$type) {
logger('api_user: ' . api_user()); logger('api_user: ' . api_user());
json_return_and_die(attach_list_files(api_user(),get_observer_hash(),'','','','created asc')); json_return_and_die(attach_list_files(api_user(),get_observer_hash(),'','','','created asc'));
} }
@ -546,7 +547,7 @@ require_once('include/api_auth.php');
function api_file_meta(&$a,$type) { function api_file_meta($a,$type) {
if (api_user()===false) return false; if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false; if(! $_REQUEST['file_id']) return false;
$r = q("select * from attach where uid = %d and hash = '%s' limit 1", $r = q("select * from attach where uid = %d and hash = '%s' limit 1",
@ -564,7 +565,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/filemeta', 'api_file_meta', true); api_register_func('api/red/filemeta', 'api_file_meta', true);
function api_file_data(&$a,$type) { function api_file_data($a,$type) {
if (api_user()===false) return false; if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false; if(! $_REQUEST['file_id']) return false;
$start = (($_REQUEST['start']) ? intval($_REQUEST['start']) : 0); $start = (($_REQUEST['start']) ? intval($_REQUEST['start']) : 0);
@ -608,7 +609,7 @@ require_once('include/api_auth.php');
function api_file_detail(&$a,$type) { function api_file_detail($a,$type) {
if (api_user()===false) return false; if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false; if(! $_REQUEST['file_id']) return false;
$r = q("select * from attach where uid = %d and hash = '%s' limit 1", $r = q("select * from attach where uid = %d and hash = '%s' limit 1",
@ -632,18 +633,18 @@ require_once('include/api_auth.php');
api_register_func('api/red/file', 'api_file_detail', true); api_register_func('api/red/file', 'api_file_detail', true);
function api_albums(&$a,$type) { function api_albums($a,$type) {
json_return_and_die(photos_albums_list(App::get_channel(),App::get_observer())); json_return_and_die(photos_albums_list(App::get_channel(),App::get_observer()));
} }
api_register_func('api/red/albums','api_albums', true); api_register_func('api/red/albums','api_albums', true);
function api_photos(&$a,$type) { function api_photos($a,$type) {
$album = $_REQUEST['album']; $album = $_REQUEST['album'];
json_return_and_die(photos_list_photos(App::get_channel(),App::get_observer(),$album)); json_return_and_die(photos_list_photos(App::get_channel(),App::get_observer(),$album));
} }
api_register_func('api/red/photos','api_photos', true); api_register_func('api/red/photos','api_photos', true);
function api_photo_detail(&$a,$type) { function api_photo_detail($a,$type) {
if (api_user()===false) return false; if (api_user()===false) return false;
if(! $_REQUEST['photo_id']) return false; if(! $_REQUEST['photo_id']) return false;
$scale = ((array_key_exists('scale',$_REQUEST)) ? intval($_REQUEST['scale']) : 0); $scale = ((array_key_exists('scale',$_REQUEST)) ? intval($_REQUEST['scale']) : 0);
@ -685,7 +686,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/photo', 'api_photo_detail', true); api_register_func('api/red/photo', 'api_photo_detail', true);
function api_group_members(&$a,$type) { function api_group_members($a,$type) {
if(api_user() === false) if(api_user() === false)
return false; return false;
@ -709,7 +710,7 @@ require_once('include/api_auth.php');
function api_group(&$a,$type) { function api_group($a,$type) {
if(api_user() === false) if(api_user() === false)
return false; return false;
@ -721,7 +722,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/group','api_group', true); api_register_func('api/red/group','api_group', true);
function api_red_xchan(&$a,$type) { function api_red_xchan($a,$type) {
logger('api_xchan'); logger('api_xchan');
if(api_user() === false) if(api_user() === false)
@ -739,7 +740,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/xchan','api_red_xchan',true); api_register_func('api/red/xchan','api_red_xchan',true);
function api_statuses_mediap(&$a, $type) { function api_statuses_mediap($a, $type) {
if (api_user() === false) { if (api_user() === false) {
logger('api_statuses_update: no user'); logger('api_statuses_update: no user');
return false; return false;
@ -785,7 +786,7 @@ require_once('include/api_auth.php');
} }
api_register_func('api/statuses/mediap','api_statuses_mediap', true); api_register_func('api/statuses/mediap','api_statuses_mediap', true);
function api_statuses_update(&$a, $type) { function api_statuses_update($a, $type) {
if (api_user() === false) { if (api_user() === false) {
logger('api_statuses_update: no user'); logger('api_statuses_update: no user');
return false; return false;
@ -906,7 +907,7 @@ require_once('include/api_auth.php');
api_register_func('api/statuses/update','api_statuses_update', true); api_register_func('api/statuses/update','api_statuses_update', true);
function red_item_new(&$a, $type) { function red_item_new($a, $type) {
if (api_user() === false) { if (api_user() === false) {
logger('api_red_item_new: no user'); logger('api_red_item_new: no user');
@ -940,7 +941,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/item/new','red_item_new', true); api_register_func('api/red/item/new','red_item_new', true);
function red_item(&$a, $type) { function red_item($a, $type) {
if (api_user() === false) { if (api_user() === false) {
logger('api_red_item_full: no user'); logger('api_red_item_full: no user');
@ -1041,7 +1042,7 @@ require_once('include/api_auth.php');
return $status_info; return $status_info;
} }
function api_status_show(&$a, $type){ function api_status_show($a, $type){
$user_info = api_get_user($a); $user_info = api_get_user($a);
// get last public message // get last public message
@ -1119,7 +1120,7 @@ require_once('include/api_auth.php');
// FIXME - this is essentially the same as api_status_show except for the template formatting at the end. Consolidate. // FIXME - this is essentially the same as api_status_show except for the template formatting at the end. Consolidate.
function api_users_show(&$a, $type){ function api_users_show($a, $type){
$user_info = api_get_user($a); $user_info = api_get_user($a);
require_once('include/security.php'); require_once('include/security.php');
@ -1191,7 +1192,7 @@ require_once('include/api_auth.php');
* TODO: Add reply info * TODO: Add reply info
*/ */
function api_statuses_home_timeline(&$a, $type){ function api_statuses_home_timeline($a, $type){
if (api_user() === false) if (api_user() === false)
return false; return false;
@ -1273,7 +1274,7 @@ require_once('include/api_auth.php');
api_register_func('api/statuses/home_timeline','api_statuses_home_timeline', true); api_register_func('api/statuses/home_timeline','api_statuses_home_timeline', true);
api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true); api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true);
function api_statuses_public_timeline(&$a, $type){ function api_statuses_public_timeline($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1337,7 +1338,7 @@ require_once('include/api_auth.php');
* *
*/ */
function api_statuses_show(&$a, $type){ function api_statuses_show($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1387,7 +1388,7 @@ require_once('include/api_auth.php');
/** /**
* *
*/ */
function api_statuses_repeat(&$a, $type){ function api_statuses_repeat($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1433,7 +1434,7 @@ require_once('include/api_auth.php');
* *
*/ */
function api_statuses_destroy(&$a, $type){ function api_statuses_destroy($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1497,7 +1498,7 @@ require_once('include/api_auth.php');
*/ */
function api_statuses_mentions(&$a, $type){ function api_statuses_mentions($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1564,7 +1565,7 @@ require_once('include/api_auth.php');
api_register_func('api/statuses/replies','api_statuses_mentions', true); api_register_func('api/statuses/replies','api_statuses_mentions', true);
function api_statuses_user_timeline(&$a, $type){ function api_statuses_user_timeline($a, $type){
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1648,7 +1649,7 @@ require_once('include/api_auth.php');
* *
* api v1 : https://web.archive.org/web/20131019055350/https://dev.twitter.com/docs/api/1/post/favorites/create/%3Aid * api v1 : https://web.archive.org/web/20131019055350/https://dev.twitter.com/docs/api/1/post/favorites/create/%3Aid
*/ */
function api_favorites_create_destroy(&$a, $type){ function api_favorites_create_destroy($a, $type){
logger('favorites_create_destroy'); logger('favorites_create_destroy');
@ -1716,7 +1717,7 @@ require_once('include/api_auth.php');
function api_favorites(&$a, $type){ function api_favorites($a, $type){
if (api_user()===false) if (api_user()===false)
return false; return false;
@ -1985,7 +1986,7 @@ require_once('include/api_auth.php');
} }
function api_account_rate_limit_status(&$a,$type) { function api_account_rate_limit_status($a,$type) {
$hash = array( $hash = array(
'reset_time_in_seconds' => strtotime('now + 1 hour'), 'reset_time_in_seconds' => strtotime('now + 1 hour'),
@ -2001,7 +2002,7 @@ require_once('include/api_auth.php');
} }
api_register_func('api/account/rate_limit_status','api_account_rate_limit_status',true); api_register_func('api/account/rate_limit_status','api_account_rate_limit_status',true);
function api_help_test(&$a,$type) { function api_help_test($a,$type) {
if ($type == 'xml') if ($type == 'xml')
$ok = "true"; $ok = "true";
@ -2018,7 +2019,7 @@ require_once('include/api_auth.php');
* This function is deprecated by Twitter * This function is deprecated by Twitter
* returns: json, xml * returns: json, xml
**/ **/
function api_statuses_f(&$a, $type, $qtype) { function api_statuses_f($a, $type, $qtype) {
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -2039,6 +2040,7 @@ require_once('include/api_auth.php');
return false; return false;
} }
// @fixme - update for hubzilla extensible perms using abconfig or find a better way to do it
// For Red, the closest thing we can do to figure out if you're friends is if both of you are sending each other your streams. // For Red, the closest thing we can do to figure out if you're friends is if both of you are sending each other your streams.
// This won't work if either of you send your stream to everybody on the network // This won't work if either of you send your stream to everybody on the network
if($qtype == 'friends') if($qtype == 'friends')
@ -2059,12 +2061,12 @@ require_once('include/api_auth.php');
return array('$users' => $ret); return array('$users' => $ret);
} }
function api_statuses_friends(&$a, $type){ function api_statuses_friends($a, $type){
$data = api_statuses_f($a,$type,"friends"); $data = api_statuses_f($a,$type,"friends");
if ($data===false) return false; if ($data===false) return false;
return api_apply_template("friends", $type, $data); return api_apply_template("friends", $type, $data);
} }
function api_statuses_followers(&$a, $type){ function api_statuses_followers($a, $type){
$data = api_statuses_f($a,$type,"followers"); $data = api_statuses_f($a,$type,"followers");
if ($data===false) return false; if ($data===false) return false;
return api_apply_template("friends", $type, $data); return api_apply_template("friends", $type, $data);
@ -2077,7 +2079,7 @@ require_once('include/api_auth.php');
function api_statusnet_config(&$a,$type) { function api_statusnet_config($a,$type) {
load_config('system'); load_config('system');
@ -2114,7 +2116,7 @@ require_once('include/api_auth.php');
api_register_func('api/friendica/config','api_statusnet_config',false); api_register_func('api/friendica/config','api_statusnet_config',false);
api_register_func('api/red/config','api_statusnet_config',false); api_register_func('api/red/config','api_statusnet_config',false);
function api_statusnet_version(&$a,$type) { function api_statusnet_version($a,$type) {
// liar // liar
@ -2132,7 +2134,7 @@ require_once('include/api_auth.php');
api_register_func('api/statusnet/version','api_statusnet_version',false); api_register_func('api/statusnet/version','api_statusnet_version',false);
function api_friendica_version(&$a,$type) { function api_friendica_version($a,$type) {
if($type === 'xml') { if($type === 'xml') {
header("Content-type: application/xml"); header("Content-type: application/xml");
@ -2149,7 +2151,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/version','api_friendica_version',false); api_register_func('api/red/version','api_friendica_version',false);
function api_ff_ids(&$a,$type,$qtype) { function api_ff_ids($a,$type,$qtype) {
if(! api_user()) if(! api_user())
return false; return false;
@ -2185,17 +2187,17 @@ require_once('include/api_auth.php');
} }
} }
function api_friends_ids(&$a,$type) { function api_friends_ids($a,$type) {
api_ff_ids($a,$type,'friends'); api_ff_ids($a,$type,'friends');
} }
function api_followers_ids(&$a,$type) { function api_followers_ids($a,$type) {
api_ff_ids($a,$type,'followers'); api_ff_ids($a,$type,'followers');
} }
api_register_func('api/friends/ids','api_friends_ids',true); api_register_func('api/friends/ids','api_friends_ids',true);
api_register_func('api/followers/ids','api_followers_ids',true); api_register_func('api/followers/ids','api_followers_ids',true);
function api_direct_messages_new(&$a, $type) { function api_direct_messages_new($a, $type) {
if (api_user()===false) return false; if (api_user()===false) return false;
if (!x($_POST, "text") || !x($_POST,"screen_name")) return; if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
@ -2253,7 +2255,7 @@ require_once('include/api_auth.php');
} }
api_register_func('api/direct_messages/new','api_direct_messages_new',true); api_register_func('api/direct_messages/new','api_direct_messages_new',true);
function api_direct_messages_box(&$a, $type, $box) { function api_direct_messages_box($a, $type, $box) {
if (api_user()===false) return false; if (api_user()===false) return false;
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -2313,16 +2315,16 @@ require_once('include/api_auth.php');
} }
function api_direct_messages_sentbox(&$a, $type){ function api_direct_messages_sentbox($a, $type){
return api_direct_messages_box($a, $type, "sentbox"); return api_direct_messages_box($a, $type, "sentbox");
} }
function api_direct_messages_inbox(&$a, $type){ function api_direct_messages_inbox($a, $type){
return api_direct_messages_box($a, $type, "inbox"); return api_direct_messages_box($a, $type, "inbox");
} }
function api_direct_messages_all(&$a, $type){ function api_direct_messages_all($a, $type){
return api_direct_messages_box($a, $type, "all"); return api_direct_messages_box($a, $type, "all");
} }
function api_direct_messages_conversation(&$a, $type){ function api_direct_messages_conversation($a, $type){
return api_direct_messages_box($a, $type, "conversation"); return api_direct_messages_box($a, $type, "conversation");
} }
api_register_func('api/direct_messages/conversation','api_direct_messages_conversation',true); api_register_func('api/direct_messages/conversation','api_direct_messages_conversation',true);
@ -2331,7 +2333,7 @@ require_once('include/api_auth.php');
api_register_func('api/direct_messages','api_direct_messages_inbox',true); api_register_func('api/direct_messages','api_direct_messages_inbox',true);
function api_oauth_request_token(&$a, $type){ function api_oauth_request_token($a, $type){
try{ try{
$oauth = new ZotOAuth1(); $oauth = new ZotOAuth1();
$req = OAuth1Request::from_request(); $req = OAuth1Request::from_request();
@ -2346,7 +2348,7 @@ require_once('include/api_auth.php');
killme(); killme();
} }
function api_oauth_access_token(&$a, $type){ function api_oauth_access_token($a, $type){
try{ try{
$oauth = new ZotOAuth1(); $oauth = new ZotOAuth1();
$req = OAuth1Request::from_request(); $req = OAuth1Request::from_request();

2
include/api_auth.php
View File

@ -64,6 +64,8 @@ function api_login(&$a){
} }
} }
if($record['account']) { if($record['account']) {
authenticate_success($record['account']); authenticate_success($record['account']);

1
include/attach.php
View File

@ -74,6 +74,7 @@ function z_mime_content_type($filename) {
// 'webm' => 'audio/webm', // 'webm' => 'audio/webm',
'mp4' => 'video/mp4', 'mp4' => 'video/mp4',
// 'mp4' => 'audio/mp4', // 'mp4' => 'audio/mp4',
'mkv' => 'video/x-matroska',
// adobe // adobe
'pdf' => 'application/pdf', 'pdf' => 'application/pdf',

105
include/channel.php
View File

@ -6,6 +6,7 @@
require_once('include/zot.php'); require_once('include/zot.php');
require_once('include/crypto.php'); require_once('include/crypto.php');
require_once('include/menu.php'); require_once('include/menu.php');
require_once('include/perm_upgrade.php');
/** /**
* @brief Called when creating a new channel. * @brief Called when creating a new channel.
@ -225,42 +226,26 @@ function create_identity($arr) {
if(array_key_exists('publish', $arr)) if(array_key_exists('publish', $arr))
$publish = intval($arr['publish']); $publish = intval($arr['publish']);
$role_permissions = null;
if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) {
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($arr['permissions_role']);
}
if($role_permissions && array_key_exists('directory_publish',$role_permissions))
$publish = intval($role_permissions['directory_publish']);
$primary = true; $primary = true;
if(array_key_exists('primary', $arr)) if(array_key_exists('primary', $arr))
$primary = intval($arr['primary']); $primary = intval($arr['primary']);
$role_permissions = null;
$global_perms = get_perms();
if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) {
$role_permissions = get_role_perms($arr['permissions_role']);
if($role_permissions) {
foreach($role_permissions as $p => $v) {
if(strpos($p,'channel_') !== false) {
$perms_keys .= ', ' . $p;
$perms_vals .= ', ' . intval($v);
}
if($p === 'directory_publish')
$publish = intval($v);
}
}
}
else {
$defperms = site_default_perms();
foreach($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
}
$expire = 0; $expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary, $r = q("insert into channel ( channel_account_id, channel_primary,
channel_name, channel_address, channel_guid, channel_guid_sig, channel_name, channel_address, channel_guid, channel_guid_sig,
channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone $perms_keys ) channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone )
values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' $perms_vals ) ", values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ",
intval($arr['account_id']), intval($arr['account_id']),
intval($primary), intval($primary),
@ -288,6 +273,17 @@ function create_identity($arr) {
return $ret; return $ret;
} }
if($role_permissions && array_key_exists('limits',$role_permissions))
$perm_limits = $role_permissions['limits'];
else
$perm_limits = site_default_perms();
foreach($perm_limits as $p => $v)
\Zotlabs\Access\PermissionLimits::Set($r[0]['channel_id'],$p,$v);
if($role_permissions && array_key_exists('perms_auto',$role_permissions))
set_pconfig($r[0]['channel_id'],'system','autoperms',intval($role_permissions['perms_auto']));
$ret['channel'] = $r[0]; $ret['channel'] = $r[0];
if(intval($arr['account_id'])) if(intval($arr['account_id']))
@ -351,25 +347,29 @@ function create_identity($arr) {
); );
if($role_permissions) { if($role_permissions) {
$myperms = ((array_key_exists('perms_accept',$role_permissions)) ? intval($role_permissions['perms_accept']) : 0); $myperms = ((array_key_exists('perms_connect',$role_permissions)) ? $role_permissions['perms_connect'] : array());
}
else {
$x = \Zotlabs\Access\PermissionRoles::role_perms('social');
$myperms = $x['perms_connect'];
} }
else
$myperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self, abook_my_perms ) $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self )
values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ", values ( %d, %d, '%s', %d, '%s', '%s', %d ) ",
intval($ret['channel']['channel_account_id']), intval($ret['channel']['channel_account_id']),
intval($newuid), intval($newuid),
dbesc($hash), dbesc($hash),
intval(0), intval(0),
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval(1), intval(1)
intval($myperms)
); );
$x = \Zotlabs\Access\Permissions::FilledPerms($myperms);
foreach($x as $k => $v) {
set_abconfig($newuid,$hash,'my_perms',$k,$v);
}
if(intval($ret['channel']['channel_account_id'])) { if(intval($ret['channel']['channel_account_id'])) {
// Save our permissions role so we can perhaps call it up and modify it later. // Save our permissions role so we can perhaps call it up and modify it later.
@ -378,8 +378,21 @@ function create_identity($arr) {
set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']); set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']);
if(array_key_exists('online',$role_permissions)) if(array_key_exists('online',$role_permissions))
set_pconfig($newuid,'system','hide_presence',1-intval($role_permissions['online'])); set_pconfig($newuid,'system','hide_presence',1-intval($role_permissions['online']));
if(array_key_exists('perms_auto',$role_permissions)) if(array_key_exists('perms_auto',$role_permissions)) {
set_pconfig($newuid,'system','autoperms',(($role_permissions['perms_auto']) ? $role_permissions['perms_accept'] : 0)); $autoperms = intval($role_permissions['perms_auto']);
set_pconfig($newuid,'system','autoperms',$autoperms);
if($autoperms) {
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
foreach($x as $k => $v) {
set_pconfig($newuid,'autoperms',$k,$v);
}
}
else {
$r = q("delete from pconfig where uid = %d and cat = 'autoperms'",
intval($newuid)
);
}
}
} }
// Create a group with yourself as a member. This allows somebody to use it // Create a group with yourself as a member. This allows somebody to use it
@ -497,6 +510,7 @@ function identity_basic_export($channel_id, $items = false) {
intval($channel_id) intval($channel_id)
); );
if($r) { if($r) {
translate_channel_perms_outbound($r[0]);
$ret['channel'] = $r[0]; $ret['channel'] = $r[0];
$ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()]; $ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()];
} }
@ -519,6 +533,7 @@ function identity_basic_export($channel_id, $items = false) {
$abconfig = load_abconfig($channel_id,$ret['abook'][$x]['abook_xchan']); $abconfig = load_abconfig($channel_id,$ret['abook'][$x]['abook_xchan']);
if($abconfig) if($abconfig)
$ret['abook'][$x]['abconfig'] = $abconfig; $ret['abook'][$x]['abconfig'] = $abconfig;
translate_abook_perms_outbound($ret['abook'][$x]);
} }
stringify_array_elms($xchans); stringify_array_elms($xchans);
} }
@ -1552,9 +1567,11 @@ function is_public_profile() {
if(intval(get_config('system','block_public'))) if(intval(get_config('system','block_public')))
return false; return false;
$channel = App::get_channel(); $channel = App::get_channel();
if($channel && $channel['channel_r_profile'] == PERMS_PUBLIC) if($channel) {
return true; $perm = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile');
if($perm == PERMS_PUBLIC)
return true;
}
return false; return false;
} }
@ -1626,13 +1643,13 @@ function notifications_on($channel_id,$value) {
function get_channel_default_perms($uid) { function get_channel_default_perms($uid) {
$r = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1", $r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1",
intval($uid) intval($uid)
); );
if($r) if($r)
return $r[0]['abook_my_perms']; return load_abconfig($uid,$r[0]['abook_xchan'],'my_perms');
return 0; return array();
} }

1
include/config.php
View File

@ -97,7 +97,6 @@ function del_aconfig($account_id, $family, $key) {
return Zlib\AConfig::Delete($account_id, $family, $key); return Zlib\AConfig::Delete($account_id, $family, $key);
} }
function load_abconfig($chan, $xhash, $family = '') { function load_abconfig($chan, $xhash, $family = '') {
return Zlib\AbConfig::Load($chan,$xhash,$family); return Zlib\AbConfig::Load($chan,$xhash,$family);
} }

10
include/connections.php
View File

@ -260,15 +260,15 @@ function channel_remove($channel_id, $local = true, $unset_session=false) {
if(! $local) { if(! $local) {
$r = q("update channel set channel_deleted = '%s', channel_removed = 1, channel_r_stream = 0, channel_r_profile = 0, $r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d",
channel_r_photos = 0, channel_r_abook = 0, channel_w_stream = 0, channel_w_wall = 0, channel_w_tagwall = 0,
channel_w_comment = 0, channel_w_mail = 0, channel_w_photos = 0, channel_w_chat = 0, channel_a_delegate = 0,
channel_r_storage = 0, channel_w_storage = 0, channel_r_pages = 0, channel_w_pages = 0, channel_a_republish = 0
where channel_id = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($channel_id) intval($channel_id)
); );
q("delete from pconfig where uid = %d",
intval($channel_id)
);
logger('deleting hublocs',LOGGER_DEBUG); logger('deleting hublocs',LOGGER_DEBUG);
$r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'", $r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'",

6
include/conversation.php
View File

@ -99,7 +99,7 @@ function localize_item(&$item){
if(intval($item['item_thread_top'])) if(intval($item['item_thread_top']))
return; return;
$obj = json_decode_plus($item['obj']); $obj = json_decode($item['obj'],true);
if((! $obj) && ($item['obj'])) { if((! $obj) && ($item['obj'])) {
logger('localize_item: failed to decode object: ' . print_r($item['obj'],true)); logger('localize_item: failed to decode object: ' . print_r($item['obj'],true));
} }
@ -186,7 +186,7 @@ function localize_item(&$item){
$Alink = $item['author']['xchan_url']; $Alink = $item['author']['xchan_url'];
$obj= json_decode_plus($item['obj']); $obj= json_decode($item['obj'],true);
$Blink = $Bphoto = ''; $Blink = $Bphoto = '';
@ -219,7 +219,7 @@ function localize_item(&$item){
$Aname = $item['author']['xchan_name']; $Aname = $item['author']['xchan_name'];
$Alink = $item['author']['xchan_url']; $Alink = $item['author']['xchan_url'];
$obj= json_decode_plus($item['obj']); $obj= json_decode($item['obj'],true);
$Blink = $Bphoto = ''; $Blink = $Bphoto = '';

48
include/follow.php
View File

@ -66,12 +66,11 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$role = get_pconfig($uid,'system','permissions_role'); $role = get_pconfig($uid,'system','permissions_role');
if($role) { if($role) {
$x = get_role_perms($role); $x = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($x['perms_follow']) if($x['perms_connect'])
$my_perms = $x['perms_follow']; $my_perms = $x['perms_connect'];
} }
if($is_red && $j) { if($is_red && $j) {
logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG); logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG);
@ -104,10 +103,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$xchan_hash = $x['hash']; $xchan_hash = $x['hash'];
$their_perms = 0;
$global_perms = get_perms();
if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) { if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) {
$permissions = crypto_unencapsulate(array( $permissions = crypto_unencapsulate(array(
'data' => $j['permissions']['data'], 'data' => $j['permissions']['data'],
@ -121,16 +116,14 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
else else
$permissions = $j['permissions']; $permissions = $j['permissions'];
if(is_array($permissions) && $permissions) {
foreach($permissions as $k => $v) { foreach($permissions as $k => $v) {
if($v) { set_abconfig($channel['channel_uid'],$xchan_hash,'their_perms',$k,intval($v));
$their_perms = $their_perms | intval($global_perms[$k][1]);
} }
} }
} }
else { else {
$their_perms = 0;
$xchan_hash = ''; $xchan_hash = '';
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
@ -190,6 +183,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$result['message'] = t('Protocol disabled.'); $result['message'] = t('Protocol disabled.');
return $result; return $result;
} }
$singleton = intval($x['singleton']); $singleton = intval($x['singleton']);
$aid = $channel['channel_account_id']; $aid = $channel['channel_account_id'];
@ -222,6 +216,15 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
intval($uid) intval($uid)
); );
if($is_http) {
// Always set these "remote" permissions for feeds since we cannot interact with them
// to negotiate a suitable permission response
set_abconfig($uid,$xchan_hash,'their_perms','view_stream',1);
set_abconfig($uid,$xchan_hash,'their_perms','republish',1);
}
if($r) { if($r) {
$abook_instance = $r[0]['abook_instance']; $abook_instance = $r[0]['abook_instance'];
@ -231,8 +234,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$abook_instance .= z_root(); $abook_instance .= z_root();
} }
$x = q("update abook set abook_their_perms = %d, abook_instance = '%s' where abook_id = %d", $x = q("update abook set abook_instance = '%s' where abook_id = %d",
intval($their_perms),
dbesc($abook_instance), dbesc($abook_instance),
intval($r[0]['abook_id']) intval($r[0]['abook_id'])
); );
@ -242,15 +244,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
if($closeness === false) if($closeness === false)
$closeness = 80; $closeness = 80;
$r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_instance ) $r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_created, abook_updated, abook_instance )
values( %d, %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s' ) ", values( %d, %d, %d, '%s', %d, '%s', '%s', '%s' ) ",
intval($aid), intval($aid),
intval($uid), intval($uid),
intval($closeness), intval($closeness),
dbesc($xchan_hash), dbesc($xchan_hash),
intval(($is_http) ? 1 : 0), intval(($is_http) ? 1 : 0),
intval(($is_http) ? $their_perms|PERMS_R_STREAM|PERMS_A_REPUBLISH : $their_perms),
intval($my_perms),
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc(($singleton) ? z_root() : '') dbesc(($singleton) ? z_root() : '')
@ -260,6 +260,16 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
if(! $r) if(! $r)
logger('mod_follow: abook creation failed'); logger('mod_follow: abook creation failed');
$all_perms = \Zotlabs\Access\Permissions::Perms();
if($all_perms) {
foreach($all_perms as $k => $v) {
if(in_array($k,$my_perms))
set_abconfig($uid,$xchan_hash,'my_perms',$k,1);
else
set_abconfig($uid,$xchan_hash,'my_perms',$k,0);
}
}
$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash
where abook_xchan = '%s' and abook_channel = %d limit 1", where abook_xchan = '%s' and abook_channel = %d limit 1",
dbesc($xchan_hash), dbesc($xchan_hash),

43
include/import.php
View File

@ -1,6 +1,7 @@
<?php <?php
require_once('include/menu.php'); require_once('include/menu.php');
require_once('include/perm_upgrade.php');
function import_channel($channel, $account_id, $seize) { function import_channel($channel, $account_id, $seize) {
@ -62,14 +63,34 @@ function import_channel($channel, $account_id, $seize) {
$channel['channel_pageflags'] = $channel['channel_pageflags'] ^ PAGE_ALLOWCODE; $channel['channel_pageflags'] = $channel['channel_pageflags'] ^ PAGE_ALLOWCODE;
} }
dbesc_array($channel); // remove all the permissions related settings, we will import/upgrade them after the channel
// is created.
$r = dbq("INSERT INTO channel (`" $disallowed = [
. implode("`, `", array_keys($channel)) 'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
. "`) VALUES ('" 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
. implode("', '", array_values($channel)) 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
. "')" 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
); 'channel_a_delegate', 'perm_limits'
];
$clean = array();
foreach($channel as $k => $v) {
if(in_array($k,$disallowed))
continue;
$clean[$k] = $v;
}
if($clean) {
dbesc_array($clean);
$r = dbq("INSERT INTO channel (`"
. implode("`, `", array_keys($clean))
. "`) VALUES ('"
. implode("', '", array_values($clean))
. "')"
);
}
if(! $r) { if(! $r) {
logger('mod_import: channel clone failed. ', print_r($channel,true)); logger('mod_import: channel clone failed. ', print_r($channel,true));
@ -86,6 +107,14 @@ function import_channel($channel, $account_id, $seize) {
notice( t('Cloned channel not found. Import failed.') . EOL); notice( t('Cloned channel not found. Import failed.') . EOL);
return false; return false;
} }
// extract the permissions from the original imported array and use our new channel_id to set them
// These could be in the old channel permission stule or the new pconfig. We have a function to
// translate and store them no matter which they throw at us.
$channel['channel_id'] = $r[0]['channel_id'];
translate_channel_perms_inbound($channel);
// reset // reset
$channel = $r[0]; $channel = $r[0];

39
include/items.php
View File

@ -183,7 +183,7 @@ function is_item_normal($item) {
* This function examines the comment_policy attached to an item and decides if the current observer has * This function examines the comment_policy attached to an item and decides if the current observer has
* sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed() * sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed()
* will not be suitable because the post owner does not have a local channel_id. * will not be suitable because the post owner does not have a local channel_id.
* Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set. * Generally we should look at the item - in particular the author['abook_flags'] and see if ABOOK_FLAG_SELF is set.
* If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call * If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call
* can_comment_on_post() * can_comment_on_post()
* We also check the comments_closed date/time on the item if this is set. * We also check the comments_closed date/time on the item if this is set.
@ -224,8 +224,7 @@ function can_comment_on_post($observer_xchan, $item) {
case 'contacts': case 'contacts':
case 'authenticated': case 'authenticated':
case '': case '':
if(array_key_exists('owner',$item)) { if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT))
return true; return true;
} }
break; break;
@ -386,7 +385,7 @@ function post_activity_item($arr) {
return $ret; return $ret;
} }
$arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); $arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true));
if($arr['public_policy']) if($arr['public_policy'])
$arr['item_private'] = 1; $arr['item_private'] = 1;
@ -422,7 +421,7 @@ function post_activity_item($arr) {
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']); $arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']);
$arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']); $arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']);
$arr['comment_policy'] = map_scope($channel['channel_w_comment']); $arr['comment_policy'] = map_scope(\Zotlabs\Access/PermissionLimits::Get($channel['channel_id'],'post_comments'));
if ((! $arr['plink']) && (intval($arr['item_thread_top']))) { if ((! $arr['plink']) && (intval($arr['item_thread_top']))) {
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
@ -971,12 +970,12 @@ function encode_item($item,$mirror = false) {
// logger('encode_item: ' . print_r($item,true)); // logger('encode_item: ' . print_r($item,true));
$r = q("select channel_r_stream, channel_w_comment from channel where channel_id = %d limit 1", $r = q("select channel_id from channel where channel_id = %d limit 1",
intval($item['uid']) intval($item['uid'])
); );
if($r) if($r)
$comment_scope = $r[0]['channel_w_comment']; $comment_scope = \Zotlabs\Access\PermissionLimits::Get($item['uid'],'post_comments');
else else
$comment_scope = 0; $comment_scope = 0;
@ -990,9 +989,9 @@ function encode_item($item,$mirror = false) {
if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) {
if($item['title']) if($item['title'])
$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key); $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key);
if($item['body']) if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key); $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key);
} }
// If we're trying to backup an item so that it's recoverable or for export/imprt, // If we're trying to backup an item so that it's recoverable or for export/imprt,
@ -1062,11 +1061,11 @@ function encode_item($item,$mirror = false) {
$x['owner'] = encode_item_xchan($item['owner']); $x['owner'] = encode_item_xchan($item['owner']);
$x['author'] = encode_item_xchan($item['author']); $x['author'] = encode_item_xchan($item['author']);
if($item['obj']) if($item['obj'])
$x['object'] = json_decode_plus($item['obj']); $x['object'] = json_decode($item['obj'],true);
if($item['target']) if($item['target'])
$x['target'] = json_decode_plus($item['target']); $x['target'] = json_decode($item['target'],true);
if($item['attach']) if($item['attach'])
$x['attach'] = json_decode_plus($item['attach']); $x['attach'] = json_decode($item['attach'],true);
if($y = encode_item_flags($item)) if($y = encode_item_flags($item))
$x['flags'] = $y; $x['flags'] = $y;
@ -1382,7 +1381,7 @@ function encode_mail($item,$extended = false) {
$x['to'] = encode_item_xchan($item['to']); $x['to'] = encode_item_xchan($item['to']);
if($item['attach']) if($item['attach'])
$x['attach'] = json_decode_plus($item['attach']); $x['attach'] = json_decode($item['attach'],true);
$x['flags'] = array(); $x['flags'] = array();
@ -2390,7 +2389,7 @@ function tag_deliver($uid, $item_id) {
if(($item['obj_type'] == "") || ($item['obj_type'] !== ACTIVITY_OBJ_PERSON) || (! $item['obj'])) if(($item['obj_type'] == "") || ($item['obj_type'] !== ACTIVITY_OBJ_PERSON) || (! $item['obj']))
$poke_notify = false; $poke_notify = false;
$obj = json_decode_plus($item['obj']); $obj = json_decode($item['obj'],true);
if($obj) { if($obj) {
if($obj['id'] !== $u[0]['channel_hash']) if($obj['id'] !== $u[0]['channel_hash'])
$poke_notify = false; $poke_notify = false;
@ -2427,14 +2426,14 @@ function tag_deliver($uid, $item_id) {
if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) { if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) {
logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']); logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']);
$j_tgt = json_decode_plus($item['target']); $j_tgt = json_decode($item['target'],true);
if($j_tgt && $j_tgt['id']) { if($j_tgt && $j_tgt['id']) {
$p = q("select * from item where mid = '%s' and uid = %d limit 1", $p = q("select * from item where mid = '%s' and uid = %d limit 1",
dbesc($j_tgt['id']), dbesc($j_tgt['id']),
intval($u[0]['channel_id']) intval($u[0]['channel_id'])
); );
if($p) { if($p) {
$j_obj = json_decode_plus($item['obj']); $j_obj = json_decode($item['obj'],true);
logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA); logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA);
if($j_obj && $j_obj['id'] && $j_obj['title']) { if($j_obj && $j_obj['id'] && $j_obj['title']) {
if(is_array($j_obj['link'])) if(is_array($j_obj['link']))
@ -2519,7 +2518,7 @@ function tag_deliver($uid, $item_id) {
if(intval($item['item_obscured'])) { if(intval($item['item_obscured'])) {
$key = get_config('system','prvkey'); $key = get_config('system','prvkey');
if($item['body']) if($item['body'])
$body = crypto_unencapsulate(json_decode_plus($item['body']),$key); $body = crypto_unencapsulate(json_decode($item['body'],true),$key);
} }
else else
$body = $item['body']; $body = $item['body'];
@ -2762,7 +2761,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
$private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] $private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0); || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0);
$new_public_policy = map_scope($channel['channel_r_stream'],true); $new_public_policy = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if((! $private) && $new_public_policy) if((! $private) && $new_public_policy)
$private = 1; $private = 1;
@ -2807,7 +2806,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
dbesc($channel['channel_deny_gid']), dbesc($channel['channel_deny_gid']),
intval($private), intval($private),
dbesc($new_public_policy), dbesc($new_public_policy),
dbesc(map_scope($channel['channel_w_comment'])), dbesc(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'))),
dbesc($title), dbesc($title),
dbesc($body), dbesc($body),
intval($item_wall), intval($item_wall),
@ -2856,7 +2855,7 @@ function check_item_source($uid, $item) {
if(! $x) if(! $x)
return false; return false;
if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH)) if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish'))
return false; return false;
if($item['item_private'] && (! intval($x[0]['abook_feed']))) if($item['item_private'] && (! intval($x[0]['abook_feed'])))

11
include/oembed.php
View File

@ -215,6 +215,17 @@ function oembed_fetch_url($embedurl){
if($j->html != $orig) { if($j->html != $orig) {
logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j->html, LOGGER_DEBUG, LOG_INFO); logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j->html, LOGGER_DEBUG, LOG_INFO);
} }
$orig_len = trim(mb_strlen($orig));
$new_len = trim(mb_strlen($j->html));
if(! $new_len)
$j->type = 'error';
elseif($orig_len) {
$ratio = $new_len / $orig_len;
if($ratio < 0.8)
$j->type = 'error';
}
} }
} }

236
include/perm_upgrade.php Normal file
View File

@ -0,0 +1,236 @@
<?php
function perm_limits_upgrade($channel) {
set_pconfig($channel['channel_id'],'perm_limits','view_stream',$channel['channel_r_stream']);
set_pconfig($channel['channel_id'],'perm_limits','view_profile',$channel['channel_r_profile']);
set_pconfig($channel['channel_id'],'perm_limits','view_contacts',$channel['channel_r_abook']);
set_pconfig($channel['channel_id'],'perm_limits','view_storage',$channel['channel_r_storage']);
set_pconfig($channel['channel_id'],'perm_limits','view_pages',$channel['channel_r_pages']);
set_pconfig($channel['channel_id'],'perm_limits','send_stream',$channel['channel_w_stream']);
set_pconfig($channel['channel_id'],'perm_limits','post_wall',$channel['channel_w_wall']);
set_pconfig($channel['channel_id'],'perm_limits','post_comments',$channel['channel_w_comment']);
set_pconfig($channel['channel_id'],'perm_limits','post_mail',$channel['channel_w_mail']);
set_pconfig($channel['channel_id'],'perm_limits','post_like',$channel['channel_w_like']);
set_pconfig($channel['channel_id'],'perm_limits','tag_deliver',$channel['channel_w_tagwall']);
set_pconfig($channel['channel_id'],'perm_limits','chat',$channel['channel_w_chat']);
set_pconfig($channel['channel_id'],'perm_limits','write_storage',$channel['channel_w_storage']);
set_pconfig($channel['channel_id'],'perm_limits','write_pages',$channel['channel_w_pages']);
set_pconfig($channel['channel_id'],'perm_limits','republish',$channel['channel_a_republish']);
set_pconfig($channel['channel_id'],'perm_limits','delegate',$channel['channel_a_delegate']);
}
function perms_int_to_array($p) {
$ret = [];
$ret['view_stream'] = (($p & PERMS_R_STREAM) ? 1 : 0);
$ret['view_profile'] = (($p & PERMS_R_PROFILE) ? 1 : 0);
$ret['view_contacts'] = (($p & PERMS_R_ABOOK) ? 1 : 0);
$ret['view_storage'] = (($p & PERMS_R_STORAGE) ? 1 : 0);
$ret['view_pages'] = (($p & PERMS_R_PAGES) ? 1 : 0);
$ret['send_stream'] = (($p & PERMS_W_STREAM) ? 1 : 0);
$ret['post_wall'] = (($p & PERMS_W_WALL) ? 1 : 0);
$ret['post_comments'] = (($p & PERMS_W_COMMENT) ? 1 : 0);
$ret['post_mail'] = (($p & PERMS_W_MAIL) ? 1 : 0);
$ret['post_like'] = (($p & PERMS_W_LIKE) ? 1 : 0);
$ret['tag_deliver'] = (($p & PERMS_W_TAGWALL) ? 1 : 0);
$ret['chat'] = (($p & PERMS_W_CHAT) ? 1 : 0);
$ret['write_storage'] = (($p & PERMS_W_STORAGE) ? 1 : 0);
$ret['write_pages'] = (($p & PERMS_W_PAGES) ? 1 : 0);
$ret['republish'] = (($p & PERMS_A_REPUBLISH) ? 1 : 0);
$ret['delegate'] = (($p & PERMS_A_DELEGATE) ? 1 : 0);
return $ret;
}
function autoperms_upgrade($channel) {
$x = get_pconfig($channel['channel_id'],'system','autoperms');
if(intval($x)) {
$y = perms_int_to_array($x);
if($y) {
foreach($y as $k => $v) {
set_pconfig($channel['channel_id'],'autoperms',$k,$v);
}
}
}
}
function perm_abook_upgrade($abook) {
$x = perms_int_to_array($abook['abook_their_perms']);
if($x) {
foreach($x as $k => $v) {
set_abconfig($abook['abook_channel'],$abook['abook_xchan'],'their_perms',$k, $v);
}
}
$x = perms_int_to_array($abook['abook_my_perms']);
if($x) {
foreach($x as $k => $v) {
set_abconfig($abook['abook_channel'],$abook['abook_xchan'],'my_perms',$k, $v);
}
}
}
function translate_channel_perms_outbound(&$channel) {
$r = q("select * from pconfig where uid = %d and cat = 'perm_limits' ",
intval($channel['channel_id'])
);
if($r) {
foreach($r as $rr) {
if($rr['k'] === 'view_stream')
$channel['channel_r_stream'] = $rr['v'];
if($rr['k'] === 'view_profile')
$channel['channel_r_profile'] = $rr['v'];
if($rr['k'] === 'view_contacts')
$channel['channel_r_abook'] = $rr['v'];
if($rr['k'] === 'view_storage')
$channel['channel_r_storage'] = $rr['v'];
if($rr['k'] === 'view_pages')
$channel['channel_r_pages'] = $rr['v'];
if($rr['k'] === 'send_stream')
$channel['channel_w_stream'] = $rr['v'];
if($rr['k'] === 'post_wall')
$channel['channel_w_wall'] = $rr['v'];
if($rr['k'] === 'post_comments')
$channel['channel_w_comment'] = $rr['v'];
if($rr['k'] === 'post_mail')
$channel['channel_w_mail'] = $rr['v'];
if($rr['k'] === 'post_like')
$channel['channel_w_like'] = $rr['v'];
if($rr['k'] === 'tag_deliver')
$channel['channel_w_tagwall'] = $rr['v'];
if($rr['k'] === 'chat')
$channel['channel_w_chat'] = $rr['v'];
if($rr['k'] === 'write_storage')
$channel['channel_w_storage'] = $rr['v'];
if($rr['k'] === 'write_pages')
$channel['channel_w_pages'] = $rr['v'];
if($rr['k'] === 'republish')
$channel['channel_a_republish'] = $rr['v'];
if($rr['k'] === 'delegate')
$channel['channel_a_delegate'] = $rr['v'];
}
$channel['perm_limits'] = $r;
}
}
function translate_channel_perms_inbound($channel) {
if($channel['perm_limits']) {
foreach($channel['perm_limits'] as $p) {
set_pconfig($channel['channel_id'],'perm_limits',$p['k'],$p['v']);
}
}
else {
perm_limits_upgrade($channel);
}
}
function translate_abook_perms_outbound(&$abook) {
$my_perms = 0;
$their_perms = 0;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && $abook['abconfig']) {
foreach($abook['abconfig'] as $p) {
if($p['cat'] === 'their_perms') {
if($p['k'] === 'view_stream' && intval($p['v']))
$their_perms += PERMS_R_STREAM;
if($p['k'] === 'view_profile' && intval($p['v']))
$their_perms += PERMS_R_PROFILE;
if($p['k'] === 'view_contacts' && intval($p['v']))
$their_perms += PERMS_R_ABOOK;
if($p['k'] === 'view_storage' && intval($p['v']))
$their_perms += PERMS_R_STORAGE;
if($p['k'] === 'view_pages' && intval($p['v']))
$their_perms += PERMS_R_PAGES;
if($p['k'] === 'send_stream' && intval($p['v']))
$their_perms += PERMS_W_STREAM;
if($p['k'] === 'post_wall' && intval($p['v']))
$their_perms += PERMS_W_WALL;
if($p['k'] === 'post_comments' && intval($p['v']))
$their_perms += PERMS_W_COMMENT;
if($p['k'] === 'post_mail' && intval($p['v']))
$their_perms += PERMS_W_MAIL;
if($p['k'] === 'post_like' && intval($p['v']))
$their_perms += PERMS_W_LIKE;
if($p['k'] === 'tag_deliver' && intval($p['v']))
$their_perms += PERMS_W_TAGWALL;
if($p['k'] === 'chat' && intval($p['v']))
$their_perms += PERMS_W_CHAT;
if($p['k'] === 'write_storage' && intval($p['v']))
$their_perms += PERMS_W_STORAGE;
if($p['k'] === 'write_pages' && intval($p['v']))
$their_perms += PERMS_W_PAGES;
if($p['k'] === 'republish' && intval($p['v']))
$their_perms += PERMS_A_REPUBLISH;
if($p['k'] === 'delegate' && intval($p['v']))
$their_perms += PERMS_A_DELEGATE;
}
if($p['cat'] === 'my_perms') {
if($p['k'] === 'view_stream' && intval($p['v']))
$my_perms += PERMS_R_STREAM;
if($p['k'] === 'view_profile' && intval($p['v']))
$my_perms += PERMS_R_PROFILE;
if($p['k'] === 'view_contacts' && intval($p['v']))
$my_perms += PERMS_R_ABOOK;
if($p['k'] === 'view_storage' && intval($p['v']))
$my_perms += PERMS_R_STORAGE;
if($p['k'] === 'view_pages' && intval($p['v']))
$my_perms += PERMS_R_PAGES;
if($p['k'] === 'send_stream' && intval($p['v']))
$my_perms += PERMS_W_STREAM;
if($p['k'] === 'post_wall' && intval($p['v']))
$my_perms += PERMS_W_WALL;
if($p['k'] === 'post_comments' && intval($p['v']))
$my_perms += PERMS_W_COMMENT;
if($p['k'] === 'post_mail' && intval($p['v']))
$my_perms += PERMS_W_MAIL;
if($p['k'] === 'post_like' && intval($p['v']))
$my_perms += PERMS_W_LIKE;
if($p['k'] === 'tag_deliver' && intval($p['v']))
$my_perms += PERMS_W_TAGWALL;
if($p['k'] === 'chat' && intval($p['v']))
$my_perms += PERMS_W_CHAT;
if($p['k'] === 'write_storage' && intval($p['v']))
$my_perms += PERMS_W_STORAGE;
if($p['k'] === 'write_pages' && intval($p['v']))
$my_perms += PERMS_W_PAGES;
if($p['k'] === 'republish' && intval($p['v']))
$my_perms += PERMS_A_REPUBLISH;
if($p['k'] === 'delegate' && intval($p['v']))
$my_perms += PERMS_A_DELEGATE;
}
}
$abook['abook_their_perms'] = $their_perms;
$abook['abook_my_perms'] = $my_perms;
}
}
function translate_abook_perms_inbound($channel,$abook) {
$new_perms = false;
$abook['abook_channel'] = $channel['channel_id'];
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && $abook['abconfig']) {
foreach($abook['abconfig'] as $p) {
if($p['cat'] == 'their_perms' || $p['cat'] == 'my_perms') {
$new_perms = true;
break;
}
}
}
if($new_perms == false) {
perm_abook_upgrade($abook);
}
}

519
include/permissions.php
View File

@ -67,7 +67,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
if($api) if($api)
return get_all_api_perms($uid,$api); return get_all_api_perms($uid,$api);
$global_perms = get_perms(); $global_perms = \Zotlabs\Access\Permissions::Perms();
// Save lots of individual lookups // Save lots of individual lookups
@ -81,11 +81,13 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$ret = array(); $ret = array();
$abperms = (($uid && $observer_xchan) ? load_abconfig($uid,$observer_xchan,'my_perms') : array());
foreach($global_perms as $perm_name => $permission) { foreach($global_perms as $perm_name => $permission) {
// First find out what the channel owner declared permissions to be. // First find out what the channel owner declared permissions to be.
$channel_perm = $permission[0]; $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name);
if(! $channel_checked) { if(! $channel_checked) {
$r = q("select * from channel where channel_id = %d limit 1", $r = q("select * from channel where channel_id = %d limit 1",
@ -105,7 +107,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// These take priority over all other settings. // These take priority over all other settings.
if($observer_xchan) { if($observer_xchan) {
if($r[0][$channel_perm] & PERMS_AUTHED) { if($channel_perm & PERMS_AUTHED) {
$ret[$perm_name] = true; $ret[$perm_name] = true;
continue; continue;
} }
@ -136,7 +138,10 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// Check if this is a write permission and they are being ignored // Check if this is a write permission and they are being ignored
// This flag is only visible internally. // This flag is only visible internally.
if(($x) && ($internal_use) && (! $global_perms[$perm_name][2]) && intval($x[0]['abook_ignored'])) { $blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
$ret[$perm_name] = false; $ret[$perm_name] = false;
continue; continue;
} }
@ -154,7 +159,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// if you've moved elsewhere, you will only have read only access // if you've moved elsewhere, you will only have read only access
if(($observer_xchan) && ($r[0]['channel_hash'] === $observer_xchan)) { if(($observer_xchan) && ($r[0]['channel_hash'] === $observer_xchan)) {
if($r[0]['channel_moved'] && (! $permission[2])) if($r[0]['channel_moved'] && (in_array($perm_name,$blocked_anon_perms)))
$ret[$perm_name] = false; $ret[$perm_name] = false;
else else
$ret[$perm_name] = true; $ret[$perm_name] = true;
@ -163,7 +168,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// Anybody at all (that wasn't blocked or ignored). They have permission. // Anybody at all (that wasn't blocked or ignored). They have permission.
if($r[0][$channel_perm] & PERMS_PUBLIC) { if($channel_perm & PERMS_PUBLIC) {
$ret[$perm_name] = true; $ret[$perm_name] = true;
continue; continue;
} }
@ -178,7 +183,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// If we're still here, we have an observer, check the network. // If we're still here, we have an observer, check the network.
if($r[0][$channel_perm] & PERMS_NETWORK) { if($channel_perm & PERMS_NETWORK) {
if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) { if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) {
$ret[$perm_name] = true; $ret[$perm_name] = true;
continue; continue;
@ -187,7 +192,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// If PERMS_SITE is specified, find out if they've got an account on this hub // If PERMS_SITE is specified, find out if they've got an account on this hub
if($r[0][$channel_perm] & PERMS_SITE) { if($channel_perm & PERMS_SITE) {
if(! $onsite_checked) { if(! $onsite_checked) {
$c = q("select channel_hash from channel where channel_hash = '%s' limit 1", $c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
dbesc($observer_xchan) dbesc($observer_xchan)
@ -214,7 +219,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// They are in your address book, but haven't been approved // They are in your address book, but haven't been approved
if($r[0][$channel_perm] & PERMS_PENDING) { if($channel_perm & PERMS_PENDING) {
$ret[$perm_name] = true; $ret[$perm_name] = true;
continue; continue;
} }
@ -226,16 +231,21 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// They're a contact, so they have permission // They're a contact, so they have permission
if($r[0][$channel_perm] & PERMS_CONTACTS) { if($channel_perm & PERMS_CONTACTS) {
$ret[$perm_name] = true; $ret[$perm_name] = true;
continue; continue;
} }
// Permission granted to certain channels. Let's see if the observer is one of them // Permission granted to certain channels. Let's see if the observer is one of them
if($r[0][$channel_perm] & PERMS_SPECIFIC) { if($channel_perm & PERMS_SPECIFIC) {
if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) { if($abperms) {
$ret[$perm_name] = true; foreach($abperms as $ab) {
if(($ab['cat'] == 'my_perms') && ($ab['k'] == $perm_name)) {
$ret[$perm_name] = (intval($ab['v']) ? true : false);
break;
}
}
continue; continue;
} }
} }
@ -284,21 +294,23 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
if($arr['result']) if($arr['result'])
return true; return true;
$global_perms = get_perms(); $global_perms = \Zotlabs\Access\Permissions::Perms();
// First find out what the channel owner declared permissions to be. // First find out what the channel owner declared permissions to be.
$channel_perm = $global_perms[$permission][0]; $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$permission);
$r = q("select %s, channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1", $r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
dbesc($channel_perm),
intval($uid) intval($uid)
); );
if(! $r) if(! $r)
return false; return false;
$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
if($observer_xchan) { if($observer_xchan) {
if($r[0][$channel_perm] & PERMS_AUTHED) if($channel_perm & PERMS_AUTHED)
return true; return true;
$x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash $x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash
@ -312,7 +324,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
if(($x) && intval($x[0]['abook_blocked'])) if(($x) && intval($x[0]['abook_blocked']))
return false; return false;
if(($x) && (! $global_perms[$permission][2]) && intval($x[0]['abook_ignored'])) if(($x) && in_array($permission,$blocked_anon_perms) && intval($x[0]['abook_ignored']))
return false; return false;
if(! $x) { if(! $x) {
@ -321,8 +333,10 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
dbesc($observer_xchan) dbesc($observer_xchan)
); );
} }
$abperms = load_abconfig($uid,$observer_xchan,'my_perms');
} }
// system is blocked to anybody who is not authenticated // system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system', 'block_public'))) if((! $observer_xchan) && intval(get_config('system', 'block_public')))
@ -333,13 +347,13 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// in which case you will have read_only access // in which case you will have read_only access
if($r[0]['channel_hash'] === $observer_xchan) { if($r[0]['channel_hash'] === $observer_xchan) {
if($r[0]['channel_moved'] && (! $global_perms[$permission][2])) if($r[0]['channel_moved'] && (in_array($permission,$blocked_anon_perms)))
return false; return false;
else else
return true; return true;
} }
if($r[0][$channel_perm] & PERMS_PUBLIC) if($channel_perm & PERMS_PUBLIC)
return true; return true;
// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set // If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
@ -350,14 +364,14 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// If we're still here, we have an observer, check the network. // If we're still here, we have an observer, check the network.
if($r[0][$channel_perm] & PERMS_NETWORK) { if($channel_perm & PERMS_NETWORK) {
if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot'))
return true; return true;
} }
// If PERMS_SITE is specified, find out if they've got an account on this hub // If PERMS_SITE is specified, find out if they've got an account on this hub
if($r[0][$channel_perm] & PERMS_SITE) { if($channel_perm & PERMS_SITE) {
$c = q("select channel_hash from channel where channel_hash = '%s' limit 1", $c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
dbesc($observer_xchan) dbesc($observer_xchan)
); );
@ -376,7 +390,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// They are in your address book, but haven't been approved // They are in your address book, but haven't been approved
if($r[0][$channel_perm] & PERMS_PENDING) { if($channel_perm & PERMS_PENDING) {
return true; return true;
} }
@ -386,15 +400,20 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// They're a contact, so they have permission // They're a contact, so they have permission
if($r[0][$channel_perm] & PERMS_CONTACTS) { if($channel_perm & PERMS_CONTACTS) {
return true; return true;
} }
// Permission granted to certain channels. Let's see if the observer is one of them // Permission granted to certain channels. Let's see if the observer is one of them
if(($r) && $r[0][$channel_perm] & PERMS_SPECIFIC) { if(($r) && ($channel_perm & PERMS_SPECIFIC)) {
if($x[0]['abook_my_perms'] & $global_perms[$permission][1]) if($abperms) {
return true; foreach($abperms as $ab) {
if($ab['cat'] == 'my_perms' && $ab['k'] == $permission) {
return ((intval($ab['v'])) ? true : false);
}
}
}
} }
// No permissions allowed. // No permissions allowed.
@ -560,28 +579,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false; $ret['default_collection'] = false;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = true; $ret['online'] = true;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK $ret['perms_connect'] = [
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; 'view_pages', 'send_stream', 'post_wall', 'post_comments',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'post_mail', 'chat', 'post_like', 'republish' ];
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['limits'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
$ret['channel_w_like'] = PERMS_NETWORK; ];
break; break;
@ -590,28 +609,29 @@ function get_role_perms($role) {
$ret['default_collection'] = true; $ret['default_collection'] = true;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = true; $ret['online'] = true;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK $ret['perms_connect'] = [
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_pages', 'send_stream', 'post_wall', 'post_comments',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'post_mail', 'chat', 'post_like' ];
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['limits'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
$ret['channel_w_like'] = PERMS_SPECIFIC; ];
break; break;
@ -620,28 +640,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true; $ret['default_collection'] = true;
$ret['directory_publish'] = false; $ret['directory_publish'] = false;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK $ret['perms_connect'] = [
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_pages', 'send_stream', 'post_wall', 'post_comments',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'post_mail', 'post_like' ];
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['limits'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_contacts' => PERMS_SPECIFIC,
$ret['channel_r_abook'] = PERMS_SPECIFIC; 'view_storage' => PERMS_SPECIFIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_SPECIFIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
$ret['channel_w_like'] = PERMS_SPECIFIC; ];
break; break;
@ -650,28 +670,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false; $ret['default_collection'] = false;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK $ret['perms_connect'] = [
|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'post_mail', 'post_like' , 'republish', 'chat' ];
|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['limits'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
$ret['channel_w_like'] = PERMS_NETWORK; ];
break; break;
@ -680,28 +700,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true; $ret['default_collection'] = true;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK $ret['perms_connect'] = [
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'post_mail', 'post_like' , 'chat' ];
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['limits'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
$ret['channel_w_like'] = PERMS_SPECIFIC; ];
break; break;
@ -710,28 +730,29 @@ function get_role_perms($role) {
$ret['default_collection'] = true; $ret['default_collection'] = true;
$ret['directory_publish'] = false; $ret['directory_publish'] = false;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['perms_connect'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILEPERMS_R_ABOOK 'view_pages', 'post_wall', 'post_comments',
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'post_mail', 'post_like' , 'chat' ];
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; $ret['limits'] = [
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_SPECIFIC; 'view_profile' => PERMS_SPECIFIC,
$ret['channel_r_abook'] = PERMS_SPECIFIC; 'view_contacts' => PERMS_SPECIFIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_storage' => PERMS_SPECIFIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'view_pages' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_w_like'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
];
break; break;
@ -740,28 +761,29 @@ function get_role_perms($role) {
$ret['default_collection'] = false; $ret['default_collection'] = false;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL $ret['perms_connect'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'view_pages', 'send_stream', 'post_wall', 'post_comments',
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL 'post_mail', 'post_like' , 'republish' ];
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; $ret['limits'] = [
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_NETWORK; 'republish' => PERMS_SPECIFIC,
$ret['channel_w_like'] = PERMS_NETWORK; 'delegate' => PERMS_SPECIFIC
];
break; break;
@ -770,28 +792,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true; $ret['default_collection'] = true;
$ret['directory_publish'] = false; $ret['directory_publish'] = false;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK $ret['perms_connect'] = [
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_pages', 'send_stream', 'post_wall', 'post_comments',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'post_mail', 'post_like' , 'republish' ];
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL $ret['limits'] = [
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'delegate' => PERMS_SPECIFIC
$ret['channel_w_like'] = PERMS_NETWORK; ];
break; break;
@ -800,26 +822,29 @@ function get_role_perms($role) {
$ret['default_collection'] = false; $ret['default_collection'] = false;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; $ret['perms_connect'] = [
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; 'view_pages', 'post_like' , 'republish' ];
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['limits'] = [
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_stream' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_w_like'] = PERMS_NETWORK; 'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break; break;
@ -828,28 +853,30 @@ function get_role_perms($role) {
$ret['default_collection'] = false; $ret['default_collection'] = false;
$ret['directory_publish'] = true; $ret['directory_publish'] = true;
$ret['online'] = false; $ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT $ret['perms_connect'] = [
|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT 'post_mail', 'post_like' , 'republish', 'chat' ];
|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; $ret['limits'] = [
$ret['channel_r_stream'] = PERMS_PUBLIC; 'view_stream' => PERMS_PUBLIC,
$ret['channel_r_profile'] = PERMS_PUBLIC; 'view_profile' => PERMS_PUBLIC,
$ret['channel_r_abook'] = PERMS_PUBLIC; 'view_contacts' => PERMS_PUBLIC,
$ret['channel_w_stream'] = PERMS_SPECIFIC; 'view_storage' => PERMS_PUBLIC,
$ret['channel_w_wall'] = PERMS_SPECIFIC; 'view_pages' => PERMS_PUBLIC,
$ret['channel_w_tagwall'] = PERMS_SPECIFIC; 'send_stream' => PERMS_SPECIFIC,
$ret['channel_w_comment'] = PERMS_SPECIFIC; 'post_wall' => PERMS_SPECIFIC,
$ret['channel_w_mail'] = PERMS_SPECIFIC; 'post_comments' => PERMS_SPECIFIC,
$ret['channel_w_chat'] = PERMS_SPECIFIC; 'post_mail' => PERMS_SPECIFIC,
$ret['channel_a_delegate'] = PERMS_SPECIFIC; 'post_like' => PERMS_SPECIFIC,
$ret['channel_r_storage'] = PERMS_PUBLIC; 'tag_deliver' => PERMS_SPECIFIC,
$ret['channel_w_storage'] = PERMS_SPECIFIC; 'chat' => PERMS_SPECIFIC,
$ret['channel_r_pages'] = PERMS_PUBLIC; 'write_storage' => PERMS_SPECIFIC,
$ret['channel_w_pages'] = PERMS_SPECIFIC; 'write_pages' => PERMS_SPECIFIC,
$ret['channel_a_republish'] = PERMS_SPECIFIC; 'republish' => PERMS_SPECIFIC,
$ret['channel_w_like'] = PERMS_NETWORK; 'delegate' => PERMS_SPECIFIC
];
break; break;

2
include/photos.php
View File

@ -412,7 +412,7 @@ function photo_upload($channel, $observer, $args) {
// in the photos pages - using the photos permissions instead. We need the public policy to keep the photo // in the photos pages - using the photos permissions instead. We need the public policy to keep the photo
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions. // linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
$arr['public_policy'] = map_scope($channel['channel_r_stream'],true); $arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if($arr['public_policy']) if($arr['public_policy'])
$arr['item_private'] = 1; $arr['item_private'] = 1;

41
include/security.php
View File

@ -128,6 +128,7 @@ function atoken_xchan($atoken) {
* *
* @return bool|array false or channel record of the new channel * @return bool|array false or channel record of the new channel
*/ */
function change_channel($change_channel) { function change_channel($change_channel) {
$ret = false; $ret = false;
@ -477,14 +478,19 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {
$random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : ''); $random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : '');
if(local_channel()) if(local_channel())
$ret[] = local_channel(); $ret[] = local_channel();
$r = q("select channel_id from channel where channel_r_stream > 0 and ( channel_r_stream & %d )>0 and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ", $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ",
intval($perms), intval($perms)
intval(PAGE_ADULT|PAGE_CENSORED)
); );
if($r) { if($x) {
foreach($r as $rr) $ids = ids_to_querystr($x,'uid');
if(! in_array($rr['channel_id'], $ret)) $r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ",
$ret[] = $rr['channel_id']; intval(PAGE_ADULT|PAGE_CENSORED)
);
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
}
} }
$str = ''; $str = '';
@ -510,16 +516,21 @@ function stream_perms_xchans($perms = NULL ) {
if(local_channel()) if(local_channel())
$ret[] = get_observer_hash(); $ret[] = get_observer_hash();
$r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0 and channel_system = 0 and channel_removed = 0 ", $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ",
intval($perms), intval($perms)
intval(PAGE_ADULT|PAGE_CENSORED)
); );
if($r) { if($x) {
foreach($r as $rr) $ids = ids_to_querystr($x,'uid');
if(! in_array($rr['channel_hash'], $ret)) $r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ",
$ret[] = $rr['channel_hash']; intval(PAGE_ADULT|PAGE_CENSORED)
} );
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
}
}
$str = ''; $str = '';
if($ret) { if($ret) {
foreach($ret as $rr) { foreach($ret as $rr) {

49
include/text.php
View File

@ -1284,9 +1284,9 @@ function unobscure(&$item) {
if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) {
$key = get_config('system','prvkey'); $key = get_config('system','prvkey');
if($item['title']) if($item['title'])
$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key); $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key);
if($item['body']) if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key); $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key);
if(get_config('system','item_cache')) { if(get_config('system','item_cache')) {
q("update item set title = '%s', body = '%s', item_obscured = 0 where id = %d", q("update item set title = '%s', body = '%s', item_obscured = 0 where id = %d",
dbesc($item['title']), dbesc($item['title']),
@ -1309,7 +1309,7 @@ function unobscure_mail(&$item) {
function theme_attachments(&$item) { function theme_attachments(&$item) {
$arr = json_decode_plus($item['attach']); $arr = json_decode($item['attach'],true);
if(is_array($arr) && count($arr)) { if(is_array($arr) && count($arr)) {
$attaches = array(); $attaches = array();
foreach($arr as $r) { foreach($arr as $r) {
@ -2212,20 +2212,12 @@ function jindent($json) {
return $result; return $result;
} }
function json_decode_plus($s) {
$x = json_decode($s,true);
if(! $x)
$x = json_decode(str_replace(array('\\"','\\\\'),array('"','\\'),$s),true);
return $x;
}
/** /**
* @brief Creates navigation menu for webpage, layout, blocks, menu sites. * @brief Creates navigation menu for webpage, layout, blocks, menu sites.
* *
* @return string * @return string
*/ */
function design_tools() { function design_tools() {
$channel = App::get_channel(); $channel = App::get_channel();
@ -2616,32 +2608,33 @@ function getIconFromType($type) {
'application/octet-stream' => 'fa-file-o', 'application/octet-stream' => 'fa-file-o',
//Text //Text
'text/plain' => 'fa-file-text-o', 'text/plain' => 'fa-file-text-o',
'application/msword' => 'fa-file-text-o', 'application/msword' => 'fa-file-word-o',
'application/pdf' => 'fa-file-text-o', 'application/pdf' => 'fa-file-pdf-o',
'application/vnd.oasis.opendocument.text' => 'fa-file-text-o', 'application/vnd.oasis.opendocument.text' => 'fa-file-word-o',
'application/epub+zip' => 'fa-book', 'application/epub+zip' => 'fa-book',
//Spreadsheet //Spreadsheet
'application/vnd.oasis.opendocument.spreadsheet' => 'fa-table', 'application/vnd.oasis.opendocument.spreadsheet' => 'fa-file-excel-o',
'application/vnd.ms-excel' => 'fa-table', 'application/vnd.ms-excel' => 'fa-file-excel-o',
//Image //Image
'image/jpeg' => 'fa-picture-o', 'image/jpeg' => 'fa-picture-o',
'image/png' => 'fa-picture-o', 'image/png' => 'fa-picture-o',
'image/gif' => 'fa-picture-o', 'image/gif' => 'fa-picture-o',
'image/svg+xml' => 'fa-picture-o', 'image/svg+xml' => 'fa-picture-o',
//Archive //Archive
'application/zip' => 'fa-archive', 'application/zip' => 'fa-file-archive-o',
'application/x-rar-compressed' => 'fa-archive', 'application/x-rar-compressed' => 'fa-file-archive-o',
//Audio //Audio
'audio/mpeg' => 'fa-music', 'audio/mpeg' => 'fa-file-audio-o',
'audio/wav' => 'fa-music', 'audio/wav' => 'fa-file-audio-o',
'application/ogg' => 'fa-music', 'application/ogg' => 'fa-file-audio-o',
'audio/ogg' => 'fa-music', 'audio/ogg' => 'fa-file-audio-o',
'audio/webm' => 'fa-music', 'audio/webm' => 'fa-file-audio-o',
'audio/mp4' => 'fa-music', 'audio/mp4' => 'fa-file-audio-o',
//Video //Video
'video/quicktime' => 'fa-film', 'video/quicktime' => 'fa-file-video-o',
'video/webm' => 'fa-film', 'video/webm' => 'fa-file-video-o',
'video/mp4' => 'fa-film' 'video/mp4' => 'fa-file-video-o',
'video/x-matroska' => 'fa-file-video-o'
); );
$iconFromType = 'fa-file-o'; $iconFromType = 'fa-file-o';

11
include/widgets.php
View File

@ -1356,9 +1356,14 @@ function widget_forums($arr) {
$perms_sql = item_permissions_sql(local_channel()) . item_normal(); $perms_sql = item_permissions_sql(local_channel()) . item_normal();
$r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where ( xchan_pubforum = 1 or ((abook_their_perms & %d ) != 0 and (abook_their_perms & %d ) = 0) ) and xchan_deleted = 0 and abook_channel = %d order by xchan_name $limit ", /**
intval(PERMS_W_TAGWALL), * We used to try and find public forums with custom permissions by checking to see if
intval(PERMS_W_STREAM), * send_stream was false and tag_deliver was true. However with the newer extensible
* permissions infrastructure this makes for a very complicated query. Now we're only
* checking channels that report themselves specifically as pubforums
*/
$r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_pubforum = 1 and xchan_deleted = 0 and abook_channel = %d order by xchan_name $limit ",
intval(local_channel()) intval(local_channel())
); );
if(! $r1) if(! $r1)

194
include/zot.php
View File

@ -12,6 +12,7 @@ require_once('include/crypto.php');
require_once('include/items.php'); require_once('include/items.php');
require_once('include/hubloc.php'); require_once('include/hubloc.php');
require_once('include/queue_fn.php'); require_once('include/queue_fn.php');
require_once('include/perm_upgrade.php');
/** /**
@ -388,10 +389,7 @@ function zot_refresh($them, $channel = null, $force = false) {
if(! $x['success']) if(! $x['success'])
return false; return false;
$their_perms = 0;
if($channel) { if($channel) {
$global_perms = get_perms();
if($j['permissions']['data']) { if($j['permissions']['data']) {
$permissions = crypto_unencapsulate(array( $permissions = crypto_unencapsulate(array(
'data' => $j['permissions']['data'], 'data' => $j['permissions']['data'],
@ -408,15 +406,10 @@ function zot_refresh($them, $channel = null, $force = false) {
$connected_set = false; $connected_set = false;
if($permissions && is_array($permissions)) { if($permissions && is_array($permissions)) {
$old_read_stream_perm = get_abconfig($channel['channel_id'],$x['hash'],'their_perms','view_stream');
foreach($permissions as $k => $v) { foreach($permissions as $k => $v) {
// The connected permission means you are in their address book set_abconfig($channel['channel_id'],$x['hash'],'their_perms',$k,$v);
if($k === 'connected') {
$connected_set = intval($v);
continue;
}
if(($v) && (array_key_exists($k,$global_perms))) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
} }
} }
@ -443,36 +436,19 @@ function zot_refresh($them, $channel = null, $force = false) {
if(substr($r[0]['abook_dob'],5) == substr($next_birthday,5)) if(substr($r[0]['abook_dob'],5) == substr($next_birthday,5))
$next_birthday = $r[0]['abook_dob']; $next_birthday = $r[0]['abook_dob'];
$current_abook_connected = (intval($r[0]['abook_unconnected']) ? 0 : 1); $y = q("update abook set abook_dob = '%s'
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'
where abook_xchan = '%s' and abook_channel = %d where abook_xchan = '%s' and abook_channel = %d
and abook_self = 0 ", and abook_self = 0 ",
intval($their_perms),
dbescdate($next_birthday), dbescdate($next_birthday),
dbesc($x['hash']), dbesc($x['hash']),
intval($channel['channel_id']) intval($channel['channel_id'])
); );
// if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) {
// if they are in your address book but you aren't in theirs, and/or this does not
// match your current connected state setting, toggle it.
/** @FIXME uncoverted to postgres */
/** @FIXME when this was enabled, all contacts became unconnected. Currently disabled intentionally */
// $y1 = q("update abook set abook_unconnected = 1
// where abook_xchan = '%s' and abook_channel = %d
// and abook_self = 0 limit 1",
// dbesc($x['hash']),
// intval($channel['channel_id'])
// );
// }
if(! $y) if(! $y)
logger('abook update failed'); logger('abook update failed');
else { else {
// if we were just granted read stream permission and didn't have it before, try to pull in some posts // if we were just granted read stream permission and didn't have it before, try to pull in some posts
if((! ($r[0]['abook_their_perms'] & PERMS_R_STREAM)) && ($their_perms & PERMS_R_STREAM)) if((! $old_read_stream_perm) && (intval($permissions['view_stream'])))
Zotlabs\Daemon\Master::Summon(array('Onepoll',$r[0]['abook_id'])); Zotlabs\Daemon\Master::Summon(array('Onepoll',$r[0]['abook_id']));
} }
} }
@ -480,15 +456,29 @@ function zot_refresh($them, $channel = null, $force = false) {
// new connection // new connection
$my_perms = null;
$role = get_pconfig($channel['channel_id'],'system','permissions_role'); $role = get_pconfig($channel['channel_id'],'system','permissions_role');
if($role) { if($role) {
$xx = get_role_perms($role); $xx = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($xx['perms_auto']) if($xx['perms_auto']) {
$default_perms = $xx['perms_accept']; $default_perms = $xx['perms_connect'];
$my_perms = \Zotlabs\Access\Permissions::FilledPerms($default_perms);
}
} }
if(! $default_perms)
$default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
if(! $my_perms) {
$m = \Zotlabs\Access\Permissions::FilledAutoperms($channel['channel_id']);
if($m) {
$my_perms = $m;
}
}
if($my_perms) {
foreach($my_perms as $k => $v) {
set_abconfig($channel['channel_id'],$x['hash'],'my_perms',$k,$v);
}
}
// Keep original perms to check if we need to notify them // Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'],$x['hash']); $previous_perms = get_all_perms($channel['channel_id'],$x['hash']);
@ -498,13 +488,11 @@ function zot_refresh($them, $channel = null, $force = false) {
if($closeness === false) if($closeness === false)
$closeness = 80; $closeness = 80;
$y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )", $y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', '%s', '%s', '%s', %d )",
intval($channel['channel_account_id']), intval($channel['channel_account_id']),
intval($channel['channel_id']), intval($channel['channel_id']),
intval($closeness), intval($closeness),
dbesc($x['hash']), dbesc($x['hash']),
intval($their_perms),
intval($default_perms),
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc($next_birthday), dbesc($next_birthday),
@ -523,7 +511,7 @@ function zot_refresh($them, $channel = null, $force = false) {
); );
if($new_connection) { if($new_connection) {
if($new_perms != $previous_perms) if(! \Zotlabs\Access\Permissions::PermsCompare($new_perms,$previous_perms))
Zotlabs\Daemon\Master::Summon(array('Notifier','permission_create',$new_connection[0]['abook_id'])); Zotlabs\Daemon\Master::Summon(array('Notifier','permission_create',$new_connection[0]['abook_id']));
Zotlabs\Lib\Enotify::submit(array( Zotlabs\Lib\Enotify::submit(array(
'type' => NOTIFY_INTRO, 'type' => NOTIFY_INTRO,
@ -532,9 +520,9 @@ function zot_refresh($them, $channel = null, $force = false) {
'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
)); ));
if($their_perms & PERMS_R_STREAM) { if(intval($permissions['view_stream'])) {
if(($channel['channel_w_stream'] & PERMS_PENDING) if(intval(get_pconfig($channel['channel_id'],'perm_limits','send_stream') & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending'])) ) || (! intval($new_connection[0]['abook_pending'])))
Zotlabs\Daemon\Master::Summon(array('Onepoll',$new_connection[0]['abook_id'])); Zotlabs\Daemon\Master::Summon(array('Onepoll',$new_connection[0]['abook_id']));
} }
@ -1371,8 +1359,8 @@ function public_recips($msg) {
if($msg['message']['type'] === 'activity') { if($msg['message']['type'] === 'activity') {
if(! get_config('system','disable_discover_tab')) if(! get_config('system','disable_discover_tab'))
$include_sys = true; $include_sys = true;
$col = 'channel_w_stream'; $perm = 'send_stream';
$field = PERMS_W_STREAM;
if(array_key_exists('flags',$msg['message']) && in_array('thread_parent', $msg['message']['flags'])) { if(array_key_exists('flags',$msg['message']) && in_array('thread_parent', $msg['message']['flags'])) {
// check mention recipient permissions on top level posts only // check mention recipient permissions on top level posts only
$check_mentions = true; $check_mentions = true;
@ -1404,65 +1392,30 @@ function public_recips($msg) {
// contains the tag. we'll solve that further below. // contains the tag. we'll solve that further below.
if($msg['notify']['sender']['guid_sig'] != $msg['message']['owner']['guid_sig']) { if($msg['notify']['sender']['guid_sig'] != $msg['message']['owner']['guid_sig']) {
$col = 'channel_w_comment'; $perm = 'post_comments';
$field = PERMS_W_COMMENT;
} }
} }
} }
elseif($msg['message']['type'] === 'mail') { elseif($msg['message']['type'] === 'mail')
$col = 'channel_w_mail'; $perm = 'post_mail';
$field = PERMS_W_MAIL;
$r = array();
$c = q("select channel_id, channel_hash from channel where channel_removed = 0");
if($c) {
foreach($c as $cc) {
if(perm_is_allowed($cc['channel_id'],$msg['notify']['sender']['hash'],$perm)) {
$r[] = [ 'hash' => $cc['channel_hash'] ];
}
}
} }
if(! $col) // logger('message: ' . print_r($msg['message'],true));
return NULL;
$col = dbesc($col);
// First find those channels who are accepting posts from anybody, or at least
// something greater than just their connections.
if($msg['notify']['sender']['url'] === z_root()) {
$sql = " where (( " . $col . " & " . intval(PERMS_NETWORK) . " ) > 0
or ( " . $col . " & " . intval(PERMS_SITE) . " ) > 0
or ( " . $col . " & " . intval(PERMS_PUBLIC) . ") > 0
or ( " . $col . " & " . intval(PERMS_AUTHED) . ") > 0 ) ";
} else {
$sql = " where ( " . $col . " = " . intval(PERMS_NETWORK) . "
or " . $col . " = " . intval(PERMS_PUBLIC) . "
or " . $col . " = " . intval(PERMS_AUTHED) . " ) ";
}
$r = q("select channel_hash as hash from channel $sql or channel_hash = '%s'
and channel_removed = 0 ",
dbesc($msg['notify']['sender']['hash'])
);
if(! $r)
$r = array();
// Now we have to get a bit dirty. Find every channel that has the sender in their connections (abook)
// and is allowing this sender at least at a high level.
$x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id
where abook_xchan = '%s' and channel_removed = 0
and (( " . $col . " = " . intval(PERMS_SPECIFIC) . " and ( abook_my_perms & " . intval($field) . " ) > 0 )
OR " . $col . " = " . intval(PERMS_PENDING) . "
OR ( " . $col . " = " . intval(PERMS_CONTACTS) . " and abook_pending = 0 )) ",
dbesc($msg['notify']['sender']['hash'])
);
if(! $x)
$x = array();
$r = array_merge($r,$x);
//logger('message: ' . print_r($msg['message'],true));
if($include_sys && array_key_exists('public_scope',$msg['message']) && $msg['message']['public_scope'] === 'public') { if($include_sys && array_key_exists('public_scope',$msg['message']) && $msg['message']['public_scope'] === 'public') {
$sys = get_sys_channel(); $sys = get_sys_channel();
if($sys) if($sys)
$r[] = array('hash' => $sys['channel_hash']); $r[] = [ 'hash' => $sys['channel_hash'] ];
} }
// look for any public mentions on this site // look for any public mentions on this site
@ -1943,9 +1896,9 @@ function remove_community_tag($sender, $arr, $uid) {
$i = $r[0]; $i = $r[0];
if($i['target']) if($i['target'])
$i['target'] = json_decode_plus($i['target']); $i['target'] = json_decode($i['target'],true);
if($i['object']) if($i['object'])
$i['object'] = json_decode_plus($i['object']); $i['object'] = json_decode($i['object'],true);
if(! ($i['target'] && $i['object'])) { if(! ($i['target'] && $i['object'])) {
logger('remove_community_tag: no target/object'); logger('remove_community_tag: no target/object');
@ -2998,6 +2951,14 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
$channel = $r[0]; $channel = $r[0];
translate_channel_perms_outbound($channel);
if($packet && array_key_exists('abook',$packet) && $packet['abook']) {
for($x = 0; $x < count($packet['abook']); $x ++) {
translate_abook_perms_outbound($packet['abook'][$x]);
}
}
if(intval($channel['channel_removed'])) if(intval($channel['channel_removed']))
return; return;
@ -3121,7 +3082,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
require_once('include/import.php'); require_once('include/import.php');
/** @FIXME this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic. */ /** @FIXME this will sync red structures (channel, pconfig and abook).
Eventually we need to make this application agnostic. */
$result = array(); $result = array();
@ -3194,6 +3156,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
if(array_key_exists('channel',$arr) && is_array($arr['channel']) && count($arr['channel'])) { if(array_key_exists('channel',$arr) && is_array($arr['channel']) && count($arr['channel'])) {
translate_channel_perms_inbound($arr['channel']);
if(array_key_exists('channel_pageflags',$arr['channel']) && intval($arr['channel']['channel_pageflags'])) { if(array_key_exists('channel_pageflags',$arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
// These flags cannot be sync'd. // These flags cannot be sync'd.
// remove the bits from the incoming flags. // remove the bits from the incoming flags.
@ -3207,7 +3171,15 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
} }
$disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey', 'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted', 'channel_system'); $disallowed = [
'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate'
];
$clean = array(); $clean = array();
foreach($arr['channel'] as $k => $v) { foreach($arr['channel'] as $k => $v) {
@ -3243,6 +3215,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($arr['abook'] as $abook) { foreach($arr['abook'] as $abook) {
$abconfig = null; $abconfig = null;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
@ -3337,6 +3311,12 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
} }
} }
// This will set abconfig vars if the sender is using old-style fixed permissions
// using the raw abook record as passed to us. New-style permissions will fall through
// and be set using abconfig
translate_abook_perms_inbound($channel,$abook);
if($abconfig) { if($abconfig) {
// @fixme does not handle sync of del_abconfig // @fixme does not handle sync of del_abconfig
foreach($abconfig as $abc) { foreach($abconfig as $abc) {
@ -3802,11 +3782,21 @@ function zotinfo($arr) {
} }
else { else {
// check if it has characteristics of a public forum based on custom permissions. // check if it has characteristics of a public forum based on custom permissions.
$t = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1", $t = q("select * from abconfig where abconfig.cat = 'my_perms' and abconfig.chan = %d and abconfig.xchan = '%s' and abconfig.k in ('tag_deliver', 'send_stream') ",
intval($e['channel_id']) intval($e['channel_id']),
intval($e['channel_hash'])
); );
if(($t) && (($t[0]['abook_my_perms'] & PERMS_W_TAGWALL) && (! ($t[0]['abook_my_perms'] & PERMS_W_STREAM)))) $ch = 0;
$public_forum = true; if($t) {
foreach($t as $tt) {
if($tt['k'] == 'tag_deliver' && $tt['v'] == 1)
$ch ++;
if($tt['k'] == 'send_stream' && $tt['v'] == 0)
$ch ++;
}
if($ch == 2)
$public_forum = true;
}
} }

1
install/schema_mysql.sql
View File

@ -920,6 +920,7 @@ CREATE TABLE IF NOT EXISTS `pconfig` (
UNIQUE KEY `access` (`uid`,`cat`,`k`) UNIQUE KEY `access` (`uid`,`cat`,`k`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8; ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `photo` ( CREATE TABLE IF NOT EXISTS `photo` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`aid` int(10) unsigned NOT NULL DEFAULT '0', `aid` int(10) unsigned NOT NULL DEFAULT '0',

1
install/schema_postgres.sql
View File

@ -903,6 +903,7 @@ CREATE TABLE "pconfig" (
PRIMARY KEY ("id"), PRIMARY KEY ("id"),
UNIQUE ("uid","cat","k") UNIQUE ("uid","cat","k")
); );
CREATE TABLE "photo" ( CREATE TABLE "photo" (
"id" serial NOT NULL, "id" serial NOT NULL,
"aid" bigint NOT NULL DEFAULT '0', "aid" bigint NOT NULL DEFAULT '0',

29
install/update.php
View File

@ -1,6 +1,6 @@
<?php <?php
define( 'UPDATE_VERSION' , 1180 ); define( 'UPDATE_VERSION' , 1181 );
/** /**
* *
@ -2402,5 +2402,30 @@ function update_r1179() {
return UPDATE_SUCCESS; return UPDATE_SUCCESS;
return UPDATE_FAILED; return UPDATE_FAILED;
} }
function update_r1180() {
require_once('include/perm_upgrade.php');
$r1 = q("select * from channel where true");
if($r1) {
foreach($r1 as $rr) {
perm_limits_upgrade($rr);
autoperms_upgrade($rr);
}
}
$r2 = q("select * from abook where true");
if($r2) {
foreach($r2 as $rr) {
perm_abook_upgrade($rr);
}
}
$r = $r1 && $r2;
if($r)
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}

22
library/readmore.js/README.md
View File

@ -9,16 +9,22 @@ Readmore.js is tested with—and supported on—all versions of jQuery greater t
## Install ## Install
Install Readmore.js with Bower: Install Readmore.js with npm:
``` ```
$ bower install readmore $ npm install readmore-js
``` ```
Then include it in your HTML: Then include it in your HTML:
```html ```html
<script src="/bower_components/readmore/readmore.min.js"></script> <script src="/node_modules/readmore-js/readmore.min.js"></script>
```
Or, using Webpack or Browserify:
```javascript
require('readmore-js');
``` ```
@ -49,17 +55,23 @@ $('article').readmore({
* `startOpen: false` do not immediately truncate, start in the fully opened position * `startOpen: false` do not immediately truncate, start in the fully opened position
* `beforeToggle: function() {}` called after a more or less link is clicked, but *before* the block is collapsed or expanded * `beforeToggle: function() {}` called after a more or less link is clicked, but *before* the block is collapsed or expanded
* `afterToggle: function() {}` called *after* the block is collapsed or expanded * `afterToggle: function() {}` called *after* the block is collapsed or expanded
* `blockProcessed: function() {}` called once per block during initilization after Readmore.js has processed the block.
If the element has a `max-height` CSS property, Readmore.js will use that value rather than the value of the `collapsedHeight` option. If the element has a `max-height` CSS property, Readmore.js will use that value rather than the value of the `collapsedHeight` option.
### The callbacks: ### The callbacks:
The callback functions, `beforeToggle` and `afterToggle`, both receive the same arguments: `trigger`, `element`, and `expanded`. The `beforeToggle` and `afterToggle` callbacks both receive the same arguments: `trigger`, `element`, and `expanded`.
* `trigger`: the "Read more" or "Close" element that was clicked * `trigger`: the "Read more" or "Close" element that was clicked
* `element`: the block that is being collapsed or expanded * `element`: the block that is being collapsed or expanded
* `expanded`: Boolean; `true` means the block is expanded * `expanded`: Boolean; `true` means the block is expanded
The `blockProcessed` callback receives `element` and `collapsable`.
* `element`: the block that has just been processed
* `collapsable`: Boolean; `false` means the block was shorter than the specified minimum `collapsedHeight`--the block will not have a "Read more" link
#### Callback example: #### Callback example:
Here's an example of how you could use the `afterToggle` callback to scroll back to the top of a block when the "Close" link is clicked. Here's an example of how you could use the `afterToggle` callback to scroll back to the top of a block when the "Close" link is clicked.
@ -166,6 +178,6 @@ $ npm install
Which will install the necessary development dependencies. Then, to build the minified script: Which will install the necessary development dependencies. Then, to build the minified script:
``` ```
$ gulp compress $ npm run build
``` ```

13
library/readmore.js/hubzilla-custom-fix-webkit-browsers.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/library/readmore.js/readmore.js b/library/readmore.js/readmore.js
index 34a624e..51222ce 100644
--- a/library/readmore.js/readmore.js
+++ b/library/readmore.js/readmore.js
@@ -246,7 +246,7 @@
collapsedHeight = $element.data('collapsedHeight');
if ($element.height() <= collapsedHeight) {
- newHeight = $element.data('expandedHeight') + 'px';
+ newHeight = 100 + '%';
newLink = 'lessLink';
expanded = true;
}

28
library/readmore.js/readmore.js
View File

@ -37,8 +37,9 @@
startOpen: false, startOpen: false,
// callbacks // callbacks
beforeToggle: function(){}, blockProcessed: function() {},
afterToggle: function(){} beforeToggle: function() {},
afterToggle: function() {}
}, },
cssEmbedded = {}, cssEmbedded = {},
uniqueIdCounter = 0; uniqueIdCounter = 0;
@ -187,6 +188,9 @@
if (current.outerHeight(true) <= collapsedHeight + heightMargin) { if (current.outerHeight(true) <= collapsedHeight + heightMargin) {
// The block is shorter than the limit, so there's no need to truncate it. // The block is shorter than the limit, so there's no need to truncate it.
if (this.options.blockProcessed && typeof this.options.blockProcessed === 'function') {
this.options.blockProcessed(current, false);
}
return true; return true;
} }
else { else {
@ -206,7 +210,7 @@
}; };
})(this)) })(this))
.attr({ .attr({
'data-readmore-toggle': '', 'data-readmore-toggle': id,
'aria-controls': id 'aria-controls': id
})); }));
@ -215,6 +219,10 @@
height: collapsedHeight height: collapsedHeight
}); });
} }
if (this.options.blockProcessed && typeof this.options.blockProcessed === 'function') {
this.options.blockProcessed(current, true);
}
} }
}, },
@ -224,11 +232,11 @@
} }
if (! trigger) { if (! trigger) {
trigger = $('[aria-controls="' + _this.element.id + '"]')[0]; trigger = $('[aria-controls="' + this.element.id + '"]')[0];
} }
if (! element) { if (! element) {
element = _this.element; element = this.element;
} }
var $element = $(element), var $element = $(element),
@ -250,14 +258,18 @@
// Fire beforeToggle callback // Fire beforeToggle callback
// Since we determined the new "expanded" state above we're now out of sync // Since we determined the new "expanded" state above we're now out of sync
// with our true current state, so we need to flip the value of `expanded` // with our true current state, so we need to flip the value of `expanded`
this.options.beforeToggle(trigger, $element, ! expanded); if (this.options.beforeToggle && typeof this.options.beforeToggle === 'function') {
this.options.beforeToggle(trigger, $element, ! expanded);
}
$element.css({'height': newHeight}); $element.css({'height': newHeight});
// Fire afterToggle callback // Fire afterToggle callback
$element.on('transitionend', (function(_this) { $element.on('transitionend', (function(_this) {
return function() { return function() {
_this.options.afterToggle(trigger, $element, expanded); if (_this.options.afterToggle && typeof _this.options.afterToggle === 'function') {
_this.options.afterToggle(trigger, $element, expanded);
}
$(this).attr({ $(this).attr({
'aria-expanded': expanded 'aria-expanded': expanded
@ -272,7 +284,7 @@
}; };
})(this)) })(this))
.attr({ .attr({
'data-readmore-toggle': '', 'data-readmore-toggle': $element.attr('id'),
'aria-controls': $element.attr('id') 'aria-controls': $element.attr('id')
})); }));
}, },

3290
util/hmessages.po
View File

File diff suppressed because it is too large Load Diff

4
util/po2php.php
View File

@ -1,6 +1,5 @@
<?php <?php
function po2php_run($argc,$argv) { function po2php_run($argc,$argv) {
if ($argc < 2) { if ($argc < 2) {
@ -59,8 +58,9 @@ function po2php_run($argc,$argv) {
$out .= 'function string_plural_select_' . $lang . '($n){'."\n"; $out .= 'function string_plural_select_' . $lang . '($n){'."\n";
$out .= ' return '.$cond.';'."\n"; $out .= ' return '.$cond.';'."\n";
$out .= '}}'."\n"; $out .= '}}'."\n";
$out .= 'App::$rtl = ' . intval($rtl) ;
} }
$out .= 'App::$rtl = ' . intval($rtl) . ';';
if ($k!="" && substr($l,0,7)=="msgstr "){ if ($k!="" && substr($l,0,7)=="msgstr "){
if ($ink) { $ink = False; $out .= 'App::$strings["'.$k.'"] = '; } if ($ink) { $ink = False; $out .= 'App::$strings["'.$k.'"] = '; }

2
vendor/sabre/dav/lib/DAV/Browser/Plugin.php vendored
View File

@ -179,7 +179,7 @@ class Plugin extends DAV\ServerPlugin {
if ($this->server->emit('onBrowserPostAction', [$uri, $postVars['sabreAction'], $postVars])) { if ($this->server->emit('onBrowserPostAction', [$uri, $postVars['sabreAction'], $postVars])) {
switch ($postVars['sabreAction']) { switch ($postVars['sabreAction']) {
case 'mkcol' : case 'mkcol' :
if (isset($postVars['name']) && trim($postVars['name'])) { if (isset($postVars['name']) && trim($postVars['name'])) {

9714
view/ca/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2202
view/ca/hstrings.php
View File

File diff suppressed because it is too large Load Diff

6
view/css/conversation.css
View File

@ -40,6 +40,12 @@
resize: vertical; resize: vertical;
} }
#profile-jot-text.hover {
background-color: aliceblue;
opacity: 0.5;
box-shadow: inset 0 3px 4px #888;
}
.jot-attachment { .jot-attachment {
border: 0px; border: 0px;
padding: 10px; padding: 10px;

6
view/css/mod_cloud.css
View File

@ -41,3 +41,9 @@
padding: 7px 10px; padding: 7px 10px;
width: 100%; width: 100%;
} }
#cloud-drag-area.hover {
background-color: aliceblue;
opacity: 0.5;
box-shadow: inset 0 0px 7px #5cb85c;
}

9670
view/de/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2160
view/de/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9670
view/es-es/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2158
view/es-es/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9644
view/fr/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2158
view/fr/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9856
view/it/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2206
view/it/hstrings.php
View File

File diff suppressed because it is too large Load Diff

4
view/js/main.js
View File

@ -659,7 +659,7 @@ function collapseHeight() {
var position = $(window).scrollTop(); var position = $(window).scrollTop();
$(".wall-item-content, .directory-collapse").each(function() { $(".wall-item-content, .directory-collapse").each(function() {
var orgHeight = parseInt($(this).css('height')); var orgHeight = $(this).outerHeight(true);
if(orgHeight > divmore_height) { if(orgHeight > divmore_height) {
if(! $(this).hasClass('divmore')) { if(! $(this).hasClass('divmore')) {
@ -679,7 +679,7 @@ function collapseHeight() {
beforeToggle: function(trigger, element, expanded) { beforeToggle: function(trigger, element, expanded) {
if(expanded) { if(expanded) {
if((($(element).offset().top + divmore_height) - $(window).scrollTop()) < 65 ) { if((($(element).offset().top + divmore_height) - $(window).scrollTop()) < 65 ) {
$(window).scrollTop($(window).scrollTop() - (orgHeight - divmore_height)); $(window).scrollTop($(window).scrollTop() - ($(element).outerHeight(true) - divmore_height));
} }
} }
} }

190
view/js/mod_cloud.js Normal file
View File

@ -0,0 +1,190 @@
/**
* JavaScript for mod/cloud
*/
$(document).ready(function () {
// call initialization file
if (window.File && window.FileList && window.FileReader) {
UploadInit();
}
});
//
// initialize
function UploadInit() {
var fileselect = $("#files-upload");
var filedrag = $("#cloud-drag-area");
var submit = $("#upload-submit");
// is XHR2 available?
var xhr = new XMLHttpRequest();
if (xhr.upload) {
// file select
fileselect.on("change", UploadFileSelectHandler);
// file submit
submit.on("click", fileselect, UploadFileSelectHandler);
// file drop
filedrag.on("dragover", DragDropUploadFileHover);
filedrag.on("dragleave", DragDropUploadFileHover);
filedrag.on("drop", DragDropUploadFileSelectHandler);
}
window.filesToUpload = 0;
window.fileUploadsCompleted = 0;
}
// file drag hover
function DragDropUploadFileHover(e) {
e.stopPropagation();
e.preventDefault();
e.currentTarget.className = (e.type == "dragover" ? "hover" : "");
}
// file selection via drag/drop
function DragDropUploadFileSelectHandler(e) {
// cancel event and hover styling
DragDropUploadFileHover(e);
// fetch FileList object
var files = e.target.files || e.originalEvent.dataTransfer.files;
$('.new-upload').remove();
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
prepareHtml(f, i);
UploadFile(f, i);
}
}
// file selection via input
function UploadFileSelectHandler(e) {
// fetch FileList object
if(e.type === 'click') {
e.preventDefault();
var files = e.data[0].files;
}
else {
var files = e.target.files;
}
$('.new-upload').remove();
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
prepareHtml(f, i);
if(e.type === 'click')
UploadFile(f, i);
}
}
function prepareHtml(f, i) {
$("#cloud-index tr:nth-child(2)").after(
'<tr id=\"new-upload-' + i + '\" class=\"new-upload\" style=\"background: url(\'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mOM2RFTDwAE2QHxFMHIIwAAAABJRU5ErkJggg==\') repeat-y; background-size: 3px;\">' +
'<td><i class=\"fa ' + getIconFromType(f.type) + '\" title=\"' + f.type + '\"></i></td>' +
'<td>' + f.name + '</td>' +
'<td id=\"upload-progress-' + i + '\"></td><td></td><td></td><td></td><td></td>' +
'<td class=\"hidden-xs\">' + formatSizeUnits(f.size) + '</td><td class=\"hidden-xs\"></td>' +
'</tr>'
);
}
function formatSizeUnits(bytes){
if (bytes>=1000000000) {bytes=(bytes/1000000000).toFixed(2)+' GB';}
else if (bytes>=1000000) {bytes=(bytes/1000000).toFixed(2)+' MB';}
else if (bytes>=1000) {bytes=(bytes/1000).toFixed(2)+' KB';}
else if (bytes>1) {bytes=bytes+' bytes';}
else if (bytes==1) {bytes=bytes+' byte';}
else {bytes='0 byte';}
return bytes;
}
// this is basically a js port of include/text.php getIconFromType() function
function getIconFromType(type) {
var map = {
//Common file
'application/octet-stream': 'fa-file-o',
//Text
'text/plain': 'fa-file-text-o',
'application/msword': 'fa-file-word-o',
'application/pdf': 'fa-file-pdf-o',
'application/vnd.oasis.opendocument.text': 'fa-file-word-o',
'application/epub+zip': 'fa-book',
//Spreadsheet
'application/vnd.oasis.opendocument.spreadsheet': 'fa-file-excel-o',
'application/vnd.ms-excel': 'fa-file-excel-o',
//Image
'image/jpeg': 'fa-picture-o',
'image/png': 'fa-picture-o',
'image/gif': 'fa-picture-o',
'image/svg+xml': 'fa-picture-o',
//Archive
'application/zip': 'fa-file-archive-o',
'application/x-rar-compressed': 'fa-file-archive-o',
//Audio
'audio/mpeg': 'fa-file-audio-o',
'audio/wav': 'fa-file-audio-o',
'application/ogg': 'fa-file-audio-o',
'audio/ogg': 'fa-file-audio-o',
'audio/webm': 'fa-file-audio-o',
'audio/mp4': 'fa-file-audio-o',
//Video
'video/quicktime': 'fa-file-video-o',
'video/webm': 'fa-file-video-o',
'video/mp4': 'fa-file-video-o',
'video/x-matroska': 'fa-file-video-o'
};
var iconFromType = 'fa-file-o';
if (type in map) {
iconFromType = map[type];
}
return iconFromType;
}
// upload files
function UploadFile(file, idx) {
window.filesToUpload = window.filesToUpload + 1;
var xhr = new XMLHttpRequest();
xhr.withCredentials = true; // Include the SESSION cookie info for authentication
(xhr.upload || xhr).addEventListener('progress', function (e) {
var done = e.position || e.loaded;
var total = e.totalSize || e.total;
// Dynamically update the percentage complete displayed in the file upload list
$('#upload-progress-' + idx).html(Math.round(done / total * 100) + '%');
$('#new-upload-' + idx).css('background-size', Math.round(done / total * 100) + '%');
});
xhr.addEventListener('load', function (e) {
//console.log('xhr upload complete', e);
window.fileUploadsCompleted = window.fileUploadsCompleted + 1;
// When all the uploads have completed, refresh the page
if (window.filesToUpload > 0 && window.fileUploadsCompleted === window.filesToUpload) {
window.fileUploadsCompleted = window.filesToUpload = 0;
// After uploads complete, refresh browser window to display new files
window.location.href = window.location.href;
}
});
// POST to the entire cloud path
xhr.open('post', window.location.pathname, true);
var data = new FormData(document.getElementById("ajax-upload-files"));
data.append('file', file);
xhr.send(data);
}

9470
view/nb-no/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2144
view/nb-no/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9668
view/nl/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2158
view/nl/hstrings.php
View File

File diff suppressed because it is too large Load Diff

1
view/theme/redbasic/css/style.css
View File

@ -106,6 +106,7 @@ input[type="submit"] {
input, optgroup, select, textarea { input, optgroup, select, textarea {
color: #333; color: #333;
resize: vertical;
} }
pre code { pre code {

32
view/tpl/cloud_actionspanel.tpl
View File

@ -1,20 +1,20 @@
<div id="files-mkdir-tools" class="section-content-tools-wrapper"> <div id="files-mkdir-tools" class="section-content-tools-wrapper">
<label for="files-mkdir">{{$folder_header}}</label> <label for="files-mkdir">{{$folder_header}}</label>
<form method="post" action=""> <form method="post" action="">
<input type="hidden" name="sabreAction" value="mkcol"> <input type="hidden" name="sabreAction" value="mkcol">
<input id="files-mkdir" type="text" name="name" class="form-control form-group"> <input id="files-mkdir" type="text" name="name" class="form-control form-group">
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button> <button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
</form> </form>
<div class="clear"></div> <div class="clear"></div>
</div> </div>
<div id="files-upload-tools" class="section-content-tools-wrapper"> <div id="files-upload-tools" class="section-content-tools-wrapper">
{{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}} {{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}}
<label for="files-upload">{{$upload_header}}</label> <form id="ajax-upload-files" method="post" action="" enctype="multipart/form-data">
<form method="post" action="" enctype="multipart/form-data"> <input type="hidden" name="sabreAction" value="put">
<input type="hidden" name="sabreAction" value="put"> <label for="files-upload">{{$upload_header}}</label>
<input class="form-group" id="files-upload" type="file" name="file"> <div class="clear"></div>
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$upload_submit}}">{{$upload_submit}}</button> <input class="form-group pull-left" id="files-upload" type="file" name="file" multiple>
<!-- Name (optional): <input type="text" name="name"> we should rather provide a rename action in edit form--> <button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>
</form> </form>
<div class="clear"></div> <div class="clear"></div>
</div> </div>

2
view/tpl/cloud_directory.tpl
View File

@ -1,4 +1,4 @@
<div class="section-content-wrapper-np"> <div id="cloud-drag-area" class="section-content-wrapper-np">
<table id="cloud-index"> <table id="cloud-index">
<tr> <tr>
<th width="1%"></th> <th width="1%"></th>

80
view/tpl/jot-header.tpl
View File

@ -164,6 +164,12 @@ function enableOnUser(){
}); });
} catch(e) { } catch(e) {
} }
// call initialization file
if (window.File && window.FileList && window.FileReader) {
DragDropUploadInit();
}
}); });
function deleteCheckedItems() { function deleteCheckedItems() {
@ -447,6 +453,80 @@ function enableOnUser(){
'json'); 'json');
}; };
//
// initialize
function DragDropUploadInit() {
var filedrag = $("#profile-jot-text");
// is XHR2 available?
var xhr = new XMLHttpRequest();
if (xhr.upload) {
// file drop
filedrag.on("dragover", DragDropUploadFileHover);
filedrag.on("dragleave", DragDropUploadFileHover);
filedrag.on("drop", DragDropUploadFileSelectHandler);
}
window.filesToUpload = 0;
window.fileUploadsCompleted = 0;
}
// file drag hover
function DragDropUploadFileHover(e) {
e.stopPropagation();
e.preventDefault();
e.target.className = (e.type == "dragover" ? "hover" : "");
}
// file selection
function DragDropUploadFileSelectHandler(e) {
// cancel event and hover styling
DragDropUploadFileHover(e);
// fetch FileList object
var files = e.target.files || e.originalEvent.dataTransfer.files;
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
DragDropUploadFile(f, i);
}
}
// upload files
function DragDropUploadFile(file, idx) {
window.filesToUpload = window.filesToUpload + 1;
var xhr = new XMLHttpRequest();
xhr.withCredentials = true; // Include the SESSION cookie info for authentication
(xhr.upload || xhr).addEventListener('progress', function (e) {
$('#profile-rotator').spin('tiny');
});
xhr.addEventListener('load', function (e) {
//console.log('xhr upload complete', e);
window.fileUploadsCompleted = window.fileUploadsCompleted + 1;
// When all the uploads have completed, refresh the page
if (window.filesToUpload > 0 && window.fileUploadsCompleted === window.filesToUpload) {
addeditortext(xhr.responseText);
$('#jot-media').val($('#jot-media').val() + xhr.responseText);
$('#profile-rotator').spin(false);
window.fileUploadsCompleted = window.filesToUpload = 0;
}
});
// POST to the wall_upload endpoint
xhr.open('post', '{{$baseurl}}/wall_attach/{{$nickname}}', true);
var data = new FormData();
data.append('userfile', file);
xhr.send(data);
}
</script> </script>
<script> <script>