allow individual permissions on atokens
This commit is contained in:
redmatrix
parent
9b9621e10d
commit
3d0c90cbc5
@ -164,7 +164,23 @@ class Settings extends \Zotlabs\Web\Controller {
|
|||||||
dbesc($expires)
|
dbesc($expires)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $name;
|
||||||
|
|
||||||
|
$all_perms = \Zotlabs\Access\Permissions::Perms();
|
||||||
|
|
||||||
|
if($all_perms) {
|
||||||
|
foreach($all_perms as $perm => $desc) {
|
||||||
|
if(array_key_exists('perms_' . $perm, $_POST)) {
|
||||||
|
set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,intval($_POST['perms_' . $perm]));
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
info( t('Token saved.') . EOL);
|
info( t('Token saved.') . EOL);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -270,7 +286,7 @@ class Settings extends \Zotlabs\Web\Controller {
|
|||||||
$email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
|
$email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
|
||||||
$account = \App::get_account();
|
$account = \App::get_account();
|
||||||
if($email != $account['account_email']) {
|
if($email != $account['account_email']) {
|
||||||
if(! valid_email($email))
|
if(! valid_email($email))
|
||||||
$errs[] = t('Not valid email.');
|
$errs[] = t('Not valid email.');
|
||||||
$adm = trim(get_config('system','admin_email'));
|
$adm = trim(get_config('system','admin_email'));
|
||||||
if(($adm) && (strcasecmp($email,$adm) == 0)) {
|
if(($adm) && (strcasecmp($email,$adm) == 0)) {
|
||||||
@ -378,7 +394,7 @@ class Settings extends \Zotlabs\Web\Controller {
|
|||||||
intval(local_channel())
|
intval(local_channel())
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
|
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
|
||||||
if(! $role_permissions) {
|
if(! $role_permissions) {
|
||||||
notice('Permissions category could not be found.');
|
notice('Permissions category could not be found.');
|
||||||
@ -773,9 +789,10 @@ class Settings extends \Zotlabs\Web\Controller {
|
|||||||
intval(local_channel())
|
intval(local_channel())
|
||||||
);
|
);
|
||||||
|
|
||||||
if($atoken)
|
if($atoken) {
|
||||||
$atoken = $atoken[0];
|
$atoken = $atoken[0];
|
||||||
|
$atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $atoken['atoken_name'];
|
||||||
|
}
|
||||||
if($atoken && argc() > 3 && argv(3) === 'drop') {
|
if($atoken && argc() > 3 && argv(3) === 'drop') {
|
||||||
$r = q("delete from atoken where atoken_id = %d",
|
$r = q("delete from atoken where atoken_id = %d",
|
||||||
intval($id)
|
intval($id)
|
||||||
@ -786,10 +803,40 @@ class Settings extends \Zotlabs\Web\Controller {
|
|||||||
intval(local_channel())
|
intval(local_channel())
|
||||||
);
|
);
|
||||||
|
|
||||||
$desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access the private content.');
|
$desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.');
|
||||||
|
|
||||||
$desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
|
$desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
|
||||||
|
|
||||||
|
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||||
|
|
||||||
|
$existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''));
|
||||||
|
|
||||||
|
if($atoken_xchan) {
|
||||||
|
$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
|
||||||
|
intval(local_channel()),
|
||||||
|
dbesc($atoken_xchan)
|
||||||
|
);
|
||||||
|
$their_perms = array();
|
||||||
|
if($theirs) {
|
||||||
|
foreach($theirs as $t) {
|
||||||
|
$their_perms[$t['k']] = $t['v'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
foreach($global_perms as $k => $v) {
|
||||||
|
$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
|
||||||
|
//fixme
|
||||||
|
|
||||||
|
$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
|
||||||
|
|
||||||
|
if($existing[$k])
|
||||||
|
$thisperm = "1";
|
||||||
|
|
||||||
|
$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$tpl = get_markup_template("settings_tokens.tpl");
|
$tpl = get_markup_template("settings_tokens.tpl");
|
||||||
$o .= replace_macros($tpl, array(
|
$o .= replace_macros($tpl, array(
|
||||||
'$form_security_token' => get_form_security_token("settings_tokens"),
|
'$form_security_token' => get_form_security_token("settings_tokens"),
|
||||||
@ -803,6 +850,13 @@ class Settings extends \Zotlabs\Web\Controller {
|
|||||||
'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
|
'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
|
||||||
'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''),
|
'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''),
|
||||||
'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
|
'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
|
||||||
|
'$them' => t('Their Settings'),
|
||||||
|
'$me' => t('My Settings'),
|
||||||
|
'$perms' => $perms,
|
||||||
|
'$inherited' => t('inherited'),
|
||||||
|
'$notself' => '1',
|
||||||
|
'$permlbl' => t('Individual Permissions'),
|
||||||
|
'$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'),
|
||||||
'$submit' => t('Submit')
|
'$submit' => t('Submit')
|
||||||
));
|
));
|
||||||
return $o;
|
return $o;
|
||||||
|
|||||||
@ -9,7 +9,7 @@
|
|||||||
</td>
|
</td>
|
||||||
{{/if}}
|
{{/if}}
|
||||||
<td class="abook-me">
|
<td class="abook-me">
|
||||||
{{if $self || !$field.5}}
|
{{if $self || !$field.5 || $twocol }}
|
||||||
<input type="checkbox" name='{{$field.0}}' class='abook-edit-me' id='me_id_{{$field.0}}' value="{{$field.4}}" {{if $field.3}}checked="checked"{{/if}} />
|
<input type="checkbox" name='{{$field.0}}' class='abook-edit-me' id='me_id_{{$field.0}}' value="{{$field.4}}" {{if $field.3}}checked="checked"{{/if}} />
|
||||||
{{/if}}
|
{{/if}}
|
||||||
{{if $notself && $field.5}}
|
{{if $notself && $field.5}}
|
||||||
|
|||||||
@ -17,13 +17,45 @@
|
|||||||
<div class="settings-submit-wrapper form-group">
|
<div class="settings-submit-wrapper form-group">
|
||||||
<button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button>
|
<button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
|
||||||
<div class="descriptive-text">{{$desc2}}</div>
|
|
||||||
<ul>
|
|
||||||
<li>{{$url1}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li>
|
|
||||||
<li>{{$url2}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li>
|
|
||||||
</ul>
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="panel">
|
||||||
|
<div class="section-subtitle-wrapper" role="tab" id="perms-tool">
|
||||||
|
<h3>
|
||||||
|
<a data-toggle="collapse" data-parent="#contact-edit-tools" href="#perms-tool-collapse" aria-expanded="true" aria-controls="perms-tool-collapse">
|
||||||
|
{{$permlbl}}
|
||||||
|
</a>
|
||||||
|
</h3>
|
||||||
|
</div>
|
||||||
|
<div id="perms-tool-collapse" class="panel-collapse collapse" role="tabpanel" aria-labelledby="perms-tool">
|
||||||
|
<div class="section-content-tools-wrapper">
|
||||||
|
<div class="section-content-warning-wrapper">
|
||||||
|
{{$permnote}}
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<table id="perms-tool-table" class=form-group>
|
||||||
|
<tr>
|
||||||
|
<td></td><td class="abook-them">{{$them}}</td><td colspan="2" class="abook-me">{{$me}}</td>
|
||||||
|
</tr>
|
||||||
|
{{foreach $perms as $prm}}
|
||||||
|
{{include file="field_acheckbox.tpl" field=$prm}}
|
||||||
|
{{/foreach}}
|
||||||
|
</table>
|
||||||
|
|
||||||
|
<div class="settings-submit-wrapper" >
|
||||||
|
<button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<div class="descriptive-text">{{$desc2}}</div>
|
||||||
|
<ul>
|
||||||
|
<li>{{$url1}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li>
|
||||||
|
<li>{{$url2}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
{{if $tokens}}
|
{{if $tokens}}
|
||||||
<div class="section-content-wrapper-np">
|
<div class="section-content-wrapper-np">
|
||||||
<table id="atoken-index">
|
<table id="atoken-index">
|
||||||
|
|||||||
Reference in New Issue
Block a user