Better handling of restricted /channel and /profile permissions. We will show the name, profile photo and a 'connect' button if appropriate on these pages regardless of permissions. A blank page makes it difficult for folks to figure out how to connect and if it is their real life friend 'x' or not. It also matches our overall policy (adopted from Facebook's lessons learned) that the channel name and default profile photo are always visible and can't really be blocked without messing up the usability of the entire network. This also makes sure that a connect button can be found somewhere besides the directory - where the entry could be blocked; and avoid somebody having to figure out the webbie and find the link to "follow" (another related issue).
This commit is contained in:
friendica
parent
bf8f5d5b2b
commit
506ae56385
@ -583,14 +583,16 @@ function profile_load(&$a, $nickname, $profile = '') {
|
||||
|
||||
}
|
||||
|
||||
$a->profile = $p[0];
|
||||
$a->profile_uid = $p[0]['profile_uid'];
|
||||
$a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname();
|
||||
|
||||
$a->profile['permission_to_view'] = $can_view_profile;
|
||||
|
||||
if($can_view_profile) {
|
||||
$a->profile = $p[0];
|
||||
$online = get_online_status($nickname);
|
||||
$a->profile['online_status'] = $online['result'];
|
||||
|
||||
$a->profile_uid = $p[0]['profile_uid'];
|
||||
|
||||
$a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname();
|
||||
}
|
||||
|
||||
if(local_user()) {
|
||||
@ -604,18 +606,12 @@ function profile_load(&$a, $nickname, $profile = '') {
|
||||
|
||||
$_SESSION['theme'] = $p[0]['channel_theme'];
|
||||
|
||||
$a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
|
||||
// $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
|
||||
|
||||
$theme_info_file = "view/theme/".current_theme()."/php/theme.php";
|
||||
if (file_exists($theme_info_file)){
|
||||
require_once($theme_info_file);
|
||||
}
|
||||
|
||||
if(! $can_view_profile) {
|
||||
// permission denied
|
||||
notice( t(' Sorry, you don\'t have the permission to view this profile. ') . EOL);
|
||||
return;
|
||||
}
|
||||
// $theme_info_file = "view/theme/".current_theme()."/php/theme.php";
|
||||
// if (file_exists($theme_info_file)){
|
||||
// require_once($theme_info_file);
|
||||
// }
|
||||
|
||||
return;
|
||||
}
|
||||
@ -739,7 +735,7 @@ logger('online: ' . $profile['online']);
|
||||
$block = true;
|
||||
}
|
||||
|
||||
if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
|
||||
if(($profile['hidewall'] && (! local_user()) && (! remote_user())) || $block ) {
|
||||
$location = $pdesc = $gender = $marital = $homepage = $online = False;
|
||||
}
|
||||
|
||||
@ -751,7 +747,7 @@ logger('online: ' . $profile['online']);
|
||||
|
||||
$channel_menu = false;
|
||||
$menu = get_pconfig($profile['uid'],'system','channel_menu');
|
||||
if($menu) {
|
||||
if($menu && ! $block) {
|
||||
require_once('include/menu.php');
|
||||
$m = menu_fetch($menu,$profile['uid'],$observer['xchan_hash']);
|
||||
if($m)
|
||||
|
||||
@ -304,6 +304,9 @@ function widget_archive($arr) {
|
||||
if(! feature_enabled($uid,'archives'))
|
||||
return '';
|
||||
|
||||
if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
|
||||
return '';
|
||||
|
||||
|
||||
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
|
||||
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
|
||||
@ -338,6 +341,12 @@ function widget_fullprofile($arr) {
|
||||
|
||||
function widget_categories($arr) {
|
||||
$a = get_app();
|
||||
|
||||
|
||||
if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
|
||||
return '';
|
||||
|
||||
|
||||
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
|
||||
$srchurl = $a->query_string;
|
||||
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
|
||||
@ -350,6 +359,9 @@ function widget_tagcloud_wall($arr) {
|
||||
$a = get_app();
|
||||
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
|
||||
return '';
|
||||
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
|
||||
return '';
|
||||
|
||||
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
|
||||
if(feature_enabled($a->profile['profile_uid'],'tagadelic'))
|
||||
return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
|
||||
|
||||
@ -61,7 +61,7 @@ function profile_content(&$a, $update = 0) {
|
||||
$o = '';
|
||||
|
||||
if(! (perm_is_allowed($a->profile['profile_uid'],get_observer_hash(), 'view_profile'))) {
|
||||
notice( t('Access to this profile has been restricted.') . EOL);
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -69,11 +69,10 @@ function profile_content(&$a, $update = 0) {
|
||||
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
|
||||
|
||||
if($a->profile['hidewall'] && (! $is_owner) && (! remote_user())) {
|
||||
notice( t('Access to this profile has been restricted.') . EOL);
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
$o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user