implement permission roles - the backend should be done except for maybe a couple of small tweaks. Now we just need to define the rest of the roles and create a chooser for them. Adam started on this some time back but I don't know where that has gone.
This commit is contained in:
friendica
parent
cd79044778
commit
4014093572
@ -4,6 +4,8 @@ We need much more than this, but here are areas where developers can help. Pleas
|
||||
|
||||
[li]Documentation - see Red Documentation Project To-Do List[/li]
|
||||
|
||||
[li]Include TOS link in registration/verification email[/li]
|
||||
|
||||
[li]Finish the anti-spam bayesian engine[/li]
|
||||
|
||||
[li]If DAV folders exist, add an option to the Settings page to set a default folder for attachment uploads.[/li]
|
||||
@ -38,8 +40,22 @@ We need much more than this, but here are areas where developers can help. Pleas
|
||||
|
||||
[li]Uploads - integrate #^[url=https://github.com/blueimp/jQuery-File-Upload]https://github.com/blueimp/jQuery-File-Upload[/url][/li]
|
||||
|
||||
[li]Import/export - include items, events, things, etc.[/li]
|
||||
|
||||
[li]Import channel from Diaspora/Friendica[/li]
|
||||
|
||||
[li]MediaGoblin photo "crosspost" connector[/li]
|
||||
|
||||
[li]Create management page/UI for extensible profile fields[/li]
|
||||
|
||||
[li]Create interface to include/exclude and re-order standard profile fields[/li]
|
||||
|
||||
[li]Provide a mechanism to share page design elements in posts (just like apps)[/li]
|
||||
|
||||
[li]App taxonomy[/li]
|
||||
|
||||
[li]Customisable App collection pages[/li]
|
||||
|
||||
[li]replace the tinymce visual editor and/or make the visual editor pluggable and responsive to different output formats. We probably want library/bbedit for bbcode. This needs a fair bit of work to catch up with our "enhanced bbcode", but start with images, links, bold and highlight and work from there.[/li]
|
||||
|
||||
[li]Photos module - turn photos into normal conversations and fix tagging[/li]
|
||||
|
||||
@ -63,6 +63,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
|
||||
|
||||
$my_perms = PERMS_W_STREAM|PERMS_W_MAIL;
|
||||
|
||||
$role = get_pconfig($uid,'system','permissions_role');
|
||||
if($role) {
|
||||
$x = get_role_perms($role);
|
||||
if($x['perms_follow'])
|
||||
$my_perms = $x['perms_follow'];
|
||||
}
|
||||
|
||||
logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG);
|
||||
|
||||
|
||||
@ -153,6 +160,12 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
|
||||
$xchan_hash = $r[0]['xchan_hash'];
|
||||
$their_perms = 0;
|
||||
$my_perms = PERMS_W_STREAM|PERMS_W_MAIL;
|
||||
$role = get_pconfig($uid,'system','permissions_role');
|
||||
if($role) {
|
||||
$x = get_role_perms($role);
|
||||
if($x['perms_follow'])
|
||||
$my_perms = $x['perms_follow'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -215,13 +215,31 @@ function create_identity($arr) {
|
||||
if(array_key_exists('primary', $arr))
|
||||
$primary = intval($arr['primary']);
|
||||
|
||||
|
||||
$perms_sql = '';
|
||||
|
||||
$defperms = site_default_perms();
|
||||
$global_perms = get_perms();
|
||||
foreach($defperms as $p => $v) {
|
||||
$perms_keys .= ', ' . $global_perms[$p][0];
|
||||
$perms_vals .= ', ' . intval($v);
|
||||
$role_permissions = null;
|
||||
|
||||
if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) {
|
||||
$role_permissions = get_role_perms($arr['permissions_role']);
|
||||
if($role_permissions) {
|
||||
foreach($role_permissions as $p => $v) {
|
||||
if(strpos($p,'channel_') !== false) {
|
||||
$perms_keys .= ', ' . $global_perms[$p][0];
|
||||
$perms_vals .= ', ' . intval($v);
|
||||
}
|
||||
if($p === 'directory_publish')
|
||||
$publish = intval($v);
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
$defperms = site_default_perms();
|
||||
$global_perms = get_perms();
|
||||
foreach($defperms as $p => $v) {
|
||||
$perms_keys .= ', ' . $global_perms[$p][0];
|
||||
$perms_vals .= ', ' . intval($v);
|
||||
}
|
||||
}
|
||||
|
||||
$expire = get_config('system', 'default_expire_days');
|
||||
@ -322,25 +340,52 @@ function create_identity($arr) {
|
||||
dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}")
|
||||
);
|
||||
|
||||
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags )
|
||||
values ( %d, %d, '%s', %d, '%s', '%s', %d ) ",
|
||||
$myperms = 0;
|
||||
if($role_permissions) {
|
||||
$myperms = ((array_key_exists('perms_auto',$role_permissions) && $role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0);
|
||||
}
|
||||
|
||||
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags, abook_my_perms )
|
||||
values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ",
|
||||
intval($ret['channel']['channel_account_id']),
|
||||
intval($newuid),
|
||||
dbesc($hash),
|
||||
intval(0),
|
||||
dbesc(datetime_convert()),
|
||||
dbesc(datetime_convert()),
|
||||
intval(ABOOK_FLAG_SELF)
|
||||
intval(ABOOK_FLAG_SELF),
|
||||
intval($myperms)
|
||||
);
|
||||
|
||||
if(intval($ret['channel']['channel_account_id'])) {
|
||||
|
||||
// Save our permissions role so we can perhaps call it up and modify it later.
|
||||
|
||||
if($role_permissions)
|
||||
set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']);
|
||||
|
||||
// Create a group with no members. This allows somebody to use it
|
||||
// right away as a default group for new contacts.
|
||||
|
||||
require_once('include/group.php');
|
||||
group_add($newuid, t('Friends'));
|
||||
|
||||
// if our role_permissions indicate that we're using a default collection ACL, add it.
|
||||
|
||||
if(is_array($role_permissions) && $role_permissions['default_collection']) {
|
||||
$r = q("select hash from groups where uid = %d and name = '%s' limit 1",
|
||||
intval($newuid),
|
||||
dbesc( t('Friends') )
|
||||
);
|
||||
if($r) {
|
||||
q("update channel set channel_allow_gid = '%s' where channel_id = %d limit 1",
|
||||
dbesc('<' . $r[0]['hash'] . '>'),
|
||||
intval($newuid)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
call_hooks('register_account', $newuid);
|
||||
|
||||
proc_run('php','include/directory.php', $ret['channel']['channel_id']);
|
||||
|
||||
@ -419,11 +419,12 @@ function site_default_perms() {
|
||||
*
|
||||
* Given a string for the channel role ('social','forum', etc)
|
||||
* return an array of all permission fields pre-filled for this role.
|
||||
* This includes the channel permission scope indicators as well as
|
||||
* perms_auto: The permissions to apply automatically on receipt of a connection request
|
||||
* This includes the channel permission scope indicators (anything beginning with 'channel_') as well as
|
||||
* perms_auto: true or false to create auto-permissions for this channel
|
||||
* perms_follow: The permissions to apply when initiating a connection request to another channel
|
||||
* perms_accept: The permissions to apply when accepting a connection request from another channel (not automatic)
|
||||
*
|
||||
* default_collection: true or false to make the default ACL include the channel's default collection
|
||||
* directory_publish: true or false to publish this channel in the directory
|
||||
* Any attributes may be extended (new roles defined) and modified (specific permissions altered) by plugins
|
||||
*
|
||||
*/
|
||||
@ -436,7 +437,9 @@ function get_role_perms($role) {
|
||||
|
||||
switch($role) {
|
||||
case 'social':
|
||||
$ret['perms_auto'] = 0;
|
||||
$ret['perms_auto'] = false;
|
||||
$ret['default_collection'] = false;
|
||||
$ret['directory_publish'] = true;
|
||||
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
|
||||
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|
||||
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
|
||||
|
||||
@ -255,6 +255,28 @@ function connedit_content(&$a) {
|
||||
return login();
|
||||
}
|
||||
|
||||
$my_perms = 0;
|
||||
$role = get_pconfig(local_user(),'system','permissions_role');
|
||||
if($role) {
|
||||
$x = get_role_perms($role);
|
||||
if($x['perms_accept'])
|
||||
$my_perms = $x['perms_accept'];
|
||||
}
|
||||
if($my_perms) {
|
||||
$o .= "<script>function connectDefaultShare() {
|
||||
\$('.abook-edit-me').each(function() {
|
||||
if(! $(this).is(':disabled'))
|
||||
$(this).removeAttr('checked');
|
||||
});\n\n";
|
||||
$perms = get_perms();
|
||||
foreach($perms as $p => $v) {
|
||||
if($my_perms & $v[1]) {
|
||||
$o .= "\$('#me_id_perms_" . $p . "').attr('checked','checked'); \n";
|
||||
}
|
||||
}
|
||||
$o .= "abook_perms_msg(); }\n</script>\n";
|
||||
}
|
||||
|
||||
if(argc() == 3) {
|
||||
|
||||
$contact_id = intval(argv(1));
|
||||
|
||||
@ -1 +1 @@
|
||||
2014-09-16.800
|
||||
2014-09-17.801
|
||||
|
||||
@ -6,11 +6,18 @@ function abook_perms_msg() {
|
||||
}
|
||||
|
||||
$(document).ready(function() {
|
||||
if(typeof(after_following) !== 'undefined' && after_following)
|
||||
connectFullShare();
|
||||
if(typeof(after_following) !== 'undefined' && after_following) {
|
||||
if(typeof(connectDefaultShare) !== 'undefined')
|
||||
connectDefaultShare();
|
||||
else
|
||||
connectFullShare();
|
||||
}
|
||||
|
||||
$('#id_pending').click(function() {
|
||||
connectFullShare();
|
||||
if(typeof(connectDefaultShare) !== 'undefined')
|
||||
connectDefaultShare();
|
||||
else
|
||||
connectFullShare();
|
||||
});
|
||||
|
||||
$('.abook-edit-me').click(function() {
|
||||
|
||||
Reference in New Issue
Block a user