Merge remote-tracking branch 'upstream/dev' into website-import
This commit is contained in:
Andrew Manning
@@ -58,7 +58,23 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
|
||||
if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
|
||||
killme();
|
||||
|
||||
|
||||
$permitted = [];
|
||||
|
||||
if(in_array($type, [ 'm', 'a', 'c' ])) {
|
||||
|
||||
// These queries require permission checking. We'll create a simple array of xchan_hash for those with
|
||||
// the requisite permissions which we can check against.
|
||||
|
||||
$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1",
|
||||
intval(local_channel()),
|
||||
dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
|
||||
);
|
||||
|
||||
$permitted = ids_to_array($x,'xchan');
|
||||
}
|
||||
|
||||
|
||||
if($search) {
|
||||
$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
|
||||
$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
|
||||
@@ -87,13 +103,13 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
|
||||
if($type == '' || $type == 'g') {
|
||||
|
||||
$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname`
|
||||
FROM `groups`,`group_member`
|
||||
WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d
|
||||
AND `group_member`.`gid`=`groups`.`id`
|
||||
$r = q("SELECT groups.id, groups.hash, groups.gname
|
||||
FROM groups,group_member
|
||||
WHERE groups.deleted = 0 AND groups.uid = %d
|
||||
AND group_member.gid=groups.id
|
||||
$sql_extra
|
||||
GROUP BY `groups`.`id`
|
||||
ORDER BY `groups`.`gname`
|
||||
GROUP BY groups.id
|
||||
ORDER BY groups.gname
|
||||
LIMIT %d OFFSET %d",
|
||||
intval(local_channel()),
|
||||
intval($count),
|
||||
@@ -156,7 +172,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
}
|
||||
|
||||
|
||||
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
|
||||
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self
|
||||
FROM abook left join xchan on abook_xchan = xchan_hash
|
||||
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
|
||||
intval(local_channel())
|
||||
@@ -221,16 +237,24 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
}
|
||||
}
|
||||
elseif($type == 'm') {
|
||||
|
||||
$r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
|
||||
|
||||
$r = array();
|
||||
$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
|
||||
FROM abook left join xchan on abook_xchan = xchan_hash
|
||||
WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0)
|
||||
WHERE abook_channel = %d
|
||||
and xchan_deleted = 0
|
||||
$sql_extra3
|
||||
ORDER BY `xchan_name` ASC ",
|
||||
intval(local_channel()),
|
||||
intval(PERMS_W_MAIL)
|
||||
ORDER BY xchan_name ASC ",
|
||||
intval(local_channel())
|
||||
);
|
||||
if($z) {
|
||||
foreach($z as $zz) {
|
||||
if(in_array($zz['id'],$permitted)) {
|
||||
$r[] = $zz;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
elseif($type == 'a') {
|
||||
|
||||
@@ -274,7 +298,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
if(strpos($g['hash'],'/') && $type != 'a')
|
||||
continue;
|
||||
|
||||
if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) {
|
||||
if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) {
|
||||
$contacts[] = array(
|
||||
"type" => "c",
|
||||
"photo" => "images/twopeople.png",
|
||||
|
||||
@@ -126,15 +126,30 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
$rating = 10;
|
||||
|
||||
$rating_text = trim(escape_tags($_REQUEST['rating_text']));
|
||||
|
||||
$abook_my_perms = 0;
|
||||
|
||||
foreach($_POST as $k => $v) {
|
||||
if(strpos($k,'perms_') === 0) {
|
||||
$abook_my_perms += $v;
|
||||
|
||||
$all_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
|
||||
if($all_perms) {
|
||||
foreach($all_perms as $perm => $desc) {
|
||||
if(array_key_exists('perms_' . $perm, $_POST)) {
|
||||
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,
|
||||
intval($_POST['perms_' . $perm]));
|
||||
if($autoperms) {
|
||||
set_pconfig($channel['channel_id'],'autoperms',$perm,intval($_POST['perms_' . $perm]));
|
||||
}
|
||||
}
|
||||
else {
|
||||
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0);
|
||||
if($autoperms) {
|
||||
set_pconfig($channel['channel_id'],'autoperms',$perm,0);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if(! is_null($autoperms))
|
||||
set_pconfig($channel['channel_id'],'system','autoperms',$autoperms);
|
||||
|
||||
$new_friend = false;
|
||||
|
||||
if(! $is_self) {
|
||||
@@ -194,19 +209,25 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
|
||||
$role = get_pconfig(local_channel(),'system','permissions_role');
|
||||
if($role) {
|
||||
$x = get_role_perms($role);
|
||||
if($x['perms_accept'])
|
||||
$abook_my_perms = $x['perms_accept'];
|
||||
$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
|
||||
if($x['perms_connect']) {
|
||||
$abook_my_perms = $x['perms_connect'];
|
||||
}
|
||||
}
|
||||
|
||||
$filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms);
|
||||
foreach($filled_perms as $k => $v) {
|
||||
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
|
||||
|
||||
$r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d,
|
||||
$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
|
||||
abook_incl = '%s', abook_excl = '%s'
|
||||
where abook_id = %d AND abook_channel = %d",
|
||||
dbesc($profile_id),
|
||||
intval($abook_my_perms),
|
||||
intval($closeness),
|
||||
intval($abook_pending),
|
||||
dbesc($abook_incl),
|
||||
@@ -227,10 +248,13 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
info( t('Connection updated.') . EOL);
|
||||
else
|
||||
notice( t('Failed to update connection record.') . EOL);
|
||||
|
||||
if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms
|
||||
&& (! intval(\App::$poi['abook_self']))) {
|
||||
\Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id));
|
||||
|
||||
if(! intval(\App::$poi['abook_self'])) {
|
||||
\Zotlabs\Daemon\Master::Summon( [
|
||||
'Notifier',
|
||||
(($new_friend) ? 'permission_create' : 'permission_update'),
|
||||
$contact_id
|
||||
]);
|
||||
}
|
||||
|
||||
if($new_friend) {
|
||||
@@ -371,9 +395,9 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
$my_perms = get_channel_default_perms(local_channel());
|
||||
$role = get_pconfig(local_channel(),'system','permissions_role');
|
||||
if($role) {
|
||||
$x = get_role_perms($role);
|
||||
if($x['perms_accept'])
|
||||
$my_perms = $x['perms_accept'];
|
||||
$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
|
||||
if($x['perms_connect'])
|
||||
$my_perms = $x['perms_connect'];
|
||||
}
|
||||
|
||||
$yes_no = array(t('No'),t('Yes'));
|
||||
@@ -654,7 +678,8 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
$perms = array();
|
||||
$channel = \App::get_channel();
|
||||
|
||||
$global_perms = get_perms();
|
||||
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
|
||||
$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
|
||||
|
||||
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
|
||||
@@ -670,16 +695,32 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
if($slide && $multiprofs)
|
||||
$affinity = t('Set Affinity & Profile');
|
||||
|
||||
$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
|
||||
intval(local_channel()),
|
||||
dbesc($contact['abook_xchan'])
|
||||
);
|
||||
$their_perms = array();
|
||||
if($theirs) {
|
||||
foreach($theirs as $t) {
|
||||
$their_perms[$t['k']] = $t['v'];
|
||||
}
|
||||
}
|
||||
|
||||
foreach($global_perms as $k => $v) {
|
||||
$thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : '');
|
||||
$checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : '');
|
||||
$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
|
||||
//fixme
|
||||
|
||||
$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
|
||||
|
||||
// For auto permissions (when $self is true) we don't want to look at existing
|
||||
// permissions because they are enabled for the channel owner
|
||||
if((! $self) && ($existing[$k]))
|
||||
$thisperm = "1";
|
||||
|
||||
|
||||
|
||||
|
||||
$perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited);
|
||||
$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
|
||||
}
|
||||
|
||||
$locstr = '';
|
||||
|
||||
@@ -48,55 +48,13 @@ class Dav extends \Zotlabs\Web\Controller {
|
||||
if (! is_dir('store'))
|
||||
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
|
||||
|
||||
$which = null;
|
||||
if (argc() > 1)
|
||||
$which = argv(1);
|
||||
profile_load(argv(1),0);
|
||||
|
||||
$profile = 0;
|
||||
|
||||
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
|
||||
|
||||
if ($which)
|
||||
profile_load( $which, $profile);
|
||||
|
||||
|
||||
|
||||
|
||||
$auth = new \Zotlabs\Storage\BasicAuth();
|
||||
$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'WebDAV');
|
||||
$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
|
||||
|
||||
// $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function($userName,$password) {
|
||||
// if(account_verify_password($userName,$password))
|
||||
// return true;
|
||||
// return false;
|
||||
// });
|
||||
|
||||
// $ob_hash = get_observer_hash();
|
||||
|
||||
// if ($ob_hash) {
|
||||
// if (local_channel()) {
|
||||
// $channel = \App::get_channel();
|
||||
// $auth->setCurrentUser($channel['channel_address']);
|
||||
// $auth->channel_id = $channel['channel_id'];
|
||||
// $auth->channel_hash = $channel['channel_hash'];
|
||||
// $auth->channel_account_id = $channel['channel_account_id'];
|
||||
// if($channel['channel_timezone'])
|
||||
// $auth->setTimezone($channel['channel_timezone']);
|
||||
// }
|
||||
// $auth->observer = $ob_hash;
|
||||
// }
|
||||
|
||||
// if ($_GET['davguest'])
|
||||
// $_SESSION['davguest'] = true;
|
||||
|
||||
// $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
|
||||
// $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
|
||||
// $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
|
||||
//
|
||||
// $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
|
||||
// $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
|
||||
// $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
|
||||
|
||||
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
|
||||
|
||||
// A SabreDAV server-object
|
||||
@@ -113,48 +71,13 @@ class Dav extends \Zotlabs\Web\Controller {
|
||||
|
||||
$server->addPlugin($lockPlugin);
|
||||
|
||||
// The next section of code allows us to bypass prompting for http-auth if a
|
||||
// FILE is being accessed anonymously and permissions allow this. This way
|
||||
// one can create hotlinks to public media files in their cloud and anonymous
|
||||
// viewers won't get asked to login.
|
||||
// If a DIRECTORY is accessed or there are permission issues accessing the
|
||||
// file and we aren't previously authenticated via zot, prompt for HTTP-auth.
|
||||
// This will be the default case for mounting a DAV directory.
|
||||
// In order to avoid prompting for passwords for viewing a DIRECTORY, add
|
||||
// the URL query parameter 'davguest=1'.
|
||||
|
||||
// $isapublic_file = false;
|
||||
// $davguest = ((x($_SESSION, 'davguest')) ? true : false);
|
||||
|
||||
// if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
|
||||
// try {
|
||||
// $x = RedFileData('/' . \App::$cmd, $auth);
|
||||
// if($x instanceof \Zotlabs\Storage\File)
|
||||
// $isapublic_file = true;
|
||||
// }
|
||||
// catch (Exception $e) {
|
||||
// $isapublic_file = false;
|
||||
// }
|
||||
// }
|
||||
|
||||
// if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
|
||||
// try {
|
||||
// $auth->Authenticate($server, t('$Projectname channel'));
|
||||
// }
|
||||
// catch (Exception $e) {
|
||||
// logger('mod_cloud: auth exception' . $e->getMessage());
|
||||
// http_status_exit($e->getHTTPCode(), $e->getMessage());
|
||||
// }
|
||||
// }
|
||||
|
||||
// require_once('Zotlabs/Storage/Browser.php');
|
||||
// provide a directory view for the cloud in Hubzilla
|
||||
$browser = new \Zotlabs\Storage\Browser($auth);
|
||||
$auth->setBrowserPlugin($browser);
|
||||
|
||||
// Experimental QuotaPlugin
|
||||
// require_once('Zotlabs/Storage/QuotaPlugin.php');
|
||||
// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
|
||||
// require_once('Zotlabs/Storage/QuotaPlugin.php');
|
||||
// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
|
||||
|
||||
// All we need to do now, is to fire up the server
|
||||
$server->exec();
|
||||
|
||||
@@ -47,9 +47,9 @@ class Editpost extends \Zotlabs\Web\Controller {
|
||||
if(intval($itm[0]['item_obscured'])) {
|
||||
$key = get_config('system','prvkey');
|
||||
if($itm[0]['title'])
|
||||
$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
|
||||
$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
|
||||
if($itm[0]['body'])
|
||||
$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
|
||||
$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
|
||||
}
|
||||
|
||||
$category = '';
|
||||
|
||||
@@ -108,9 +108,9 @@ class Editwebpage extends \Zotlabs\Web\Controller {
|
||||
if(intval($itm[0]['item_obscured'])) {
|
||||
$key = get_config('system','prvkey');
|
||||
if($itm[0]['title'])
|
||||
$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
|
||||
$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
|
||||
if($itm[0]['body'])
|
||||
$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
|
||||
$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
|
||||
}
|
||||
|
||||
$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
|
||||
|
||||
@@ -47,12 +47,13 @@ class Follow extends \Zotlabs\Web\Controller {
|
||||
if($abconfig)
|
||||
$clone['abconfig'] = $abconfig;
|
||||
|
||||
build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
|
||||
build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true);
|
||||
|
||||
$can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream'));
|
||||
|
||||
// If we can view their stream, pull in some posts
|
||||
|
||||
if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss'))
|
||||
if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss'))
|
||||
\Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id']));
|
||||
|
||||
goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');
|
||||
|
||||
@@ -8,6 +8,7 @@ namespace Zotlabs\Module;
|
||||
require_once('include/zot.php');
|
||||
require_once('include/channel.php');
|
||||
require_once('include/import.php');
|
||||
require_once('include/perm_upgrade.php');
|
||||
|
||||
|
||||
|
||||
@@ -339,6 +340,8 @@ class Import extends \Zotlabs\Web\Controller {
|
||||
$abooks = $data['abook'];
|
||||
if($abooks) {
|
||||
foreach($abooks as $abook) {
|
||||
|
||||
$abook_copy = $abook;
|
||||
|
||||
$abconfig = null;
|
||||
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
|
||||
@@ -347,6 +350,10 @@ class Import extends \Zotlabs\Web\Controller {
|
||||
unset($abook['abook_id']);
|
||||
unset($abook['abook_rating']);
|
||||
unset($abook['abook_rating_text']);
|
||||
unset($abook['abconfig']);
|
||||
unset($abook['abook_their_perms']);
|
||||
unset($abook['abook_my_perms']);
|
||||
|
||||
$abook['abook_account'] = $account_id;
|
||||
$abook['abook_channel'] = $channel['channel_id'];
|
||||
if(! array_key_exists('abook_blocked',$abook)) {
|
||||
@@ -385,6 +392,8 @@ class Import extends \Zotlabs\Web\Controller {
|
||||
$friends ++;
|
||||
if(intval($abook['abook_feed']))
|
||||
$feeds ++;
|
||||
|
||||
translate_abook_perms_inbound($channel,$abook_copy);
|
||||
|
||||
if($abconfig) {
|
||||
// @fixme does not handle sync of del_abconfig
|
||||
|
||||
@@ -183,7 +183,9 @@ class Item extends \Zotlabs\Web\Controller {
|
||||
}
|
||||
|
||||
// can_comment_on_post() needs info from the following xchan_query
|
||||
xchan_query($r);
|
||||
// This may be from the discover tab which means we need to correct the effective uid
|
||||
|
||||
xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel()));
|
||||
|
||||
$parent_item = $r[0];
|
||||
$parent = $r[0]['id'];
|
||||
@@ -316,9 +318,11 @@ class Item extends \Zotlabs\Web\Controller {
|
||||
}
|
||||
|
||||
$acl = new \Zotlabs\Access\AccessList($channel);
|
||||
|
||||
$view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
|
||||
$comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
|
||||
|
||||
|
||||
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
|
||||
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
|
||||
if($webpage)
|
||||
$public_policy = '';
|
||||
if($public_policy)
|
||||
@@ -526,11 +530,11 @@ class Item extends \Zotlabs\Web\Controller {
|
||||
|
||||
|
||||
if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) {
|
||||
$x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
|
||||
$x = q("select abook_id, abconfig.v from abook left join abconfig on abook_xchan = abconfig.xchan and abook_channel = abconfig.chan and cat= 'their_perms' and abconfig.k = 'tag_deliver' and abconfig.v = 1 and abook_xchan = '%s' and abook_channel = %d limit 1",
|
||||
dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)),
|
||||
intval($profile_uid)
|
||||
);
|
||||
if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL))
|
||||
if($x)
|
||||
$body .= "\n\n@group+" . $x[0]['abook_id'] . "\n";
|
||||
}
|
||||
|
||||
@@ -810,7 +814,7 @@ class Item extends \Zotlabs\Web\Controller {
|
||||
|
||||
$datarray['layout_mid'] = $layout_mid;
|
||||
$datarray['public_policy'] = $public_policy;
|
||||
$datarray['comment_policy'] = map_scope($channel['channel_w_comment']);
|
||||
$datarray['comment_policy'] = map_scope($comment_policy);
|
||||
$datarray['term'] = $post_tags;
|
||||
$datarray['plink'] = $plink;
|
||||
$datarray['route'] = $route;
|
||||
|
||||
@@ -7,6 +7,9 @@ class Login extends \Zotlabs\Web\Controller {
|
||||
function get() {
|
||||
if(local_channel())
|
||||
goaway(z_root());
|
||||
if(remote_channel() && $_SESSION['atoken'])
|
||||
goaway(z_root());
|
||||
|
||||
return login((\App::$config['system']['register_policy'] == REGISTER_CLOSED) ? false : true);
|
||||
}
|
||||
|
||||
|
||||
@@ -57,8 +57,6 @@ class Mail extends \Zotlabs\Web\Controller {
|
||||
|
||||
$their_perms = 0;
|
||||
|
||||
$global_perms = get_perms();
|
||||
|
||||
if($j['permissions']['data']) {
|
||||
$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
|
||||
if($permissions)
|
||||
@@ -68,13 +66,7 @@ class Mail extends \Zotlabs\Web\Controller {
|
||||
else
|
||||
$permissions = $j['permissions'];
|
||||
|
||||
foreach($permissions as $k => $v) {
|
||||
if($v) {
|
||||
$their_perms = $their_perms | intval($global_perms[$k][1]);
|
||||
}
|
||||
}
|
||||
|
||||
if(! ($their_perms & PERMS_W_MAIL)) {
|
||||
if(! ($permissions['post_mail'])) {
|
||||
notice( t('Selected channel has private message restrictions. Send failed.'));
|
||||
// reported issue: let's still save the message and continue. We'll just tell them
|
||||
// that nothing useful is likely to happen. They might have spent hours on it.
|
||||
@@ -120,7 +112,7 @@ class Mail extends \Zotlabs\Web\Controller {
|
||||
|
||||
}
|
||||
|
||||
function get() {
|
||||
function get() {
|
||||
|
||||
$o = '';
|
||||
nav_set_selected('messages');
|
||||
|
||||
@@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller {
|
||||
$create = array( 'new_channel', t('Create a new channel'), t('Create New'));
|
||||
|
||||
$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where
|
||||
abook_channel = %d and (abook_their_perms & %d) > 0",
|
||||
abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )",
|
||||
intval(local_channel()),
|
||||
intval(PERMS_A_DELEGATE)
|
||||
intval(local_channel())
|
||||
);
|
||||
|
||||
if($delegates) {
|
||||
|
||||
@@ -48,7 +48,7 @@ class Openid extends \Zotlabs\Web\Controller {
|
||||
$_SESSION['uid'] = $r[0]['channel_id'];
|
||||
$_SESSION['account_id'] = $r[0]['channel_account_id'];
|
||||
$_SESSION['authenticated'] = true;
|
||||
authenticate_success($record,true,true,true,true);
|
||||
authenticate_success($record,$r[0],true,true,true,true);
|
||||
goaway(z_root());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -23,8 +23,6 @@ class Probe extends \Zotlabs\Web\Controller {
|
||||
|
||||
$j = \Zotlabs\Zot\Finger::run($addr,$channel,false);
|
||||
|
||||
// $res = zot_finger($addr,$channel,false);
|
||||
|
||||
$o .= '<pre>';
|
||||
if(! $j['success']) {
|
||||
$o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n");
|
||||
|
||||
@@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller {
|
||||
'$profile_id' => $r[0]['id'],
|
||||
'$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'),
|
||||
'$is_default' => $is_default,
|
||||
'$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])),
|
||||
'$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))),
|
||||
'$advanced' => $advanced,
|
||||
'$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'),
|
||||
'$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']),
|
||||
@@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller {
|
||||
'$alt' => t('Profile Image'),
|
||||
'$profile_name' => $rr['profile_name'],
|
||||
'$visible' => (($rr['is_default'])
|
||||
? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>'
|
||||
? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>'
|
||||
: '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
|
||||
));
|
||||
}
|
||||
|
||||
@@ -146,7 +146,7 @@ class Register extends \Zotlabs\Web\Controller {
|
||||
goaway(z_root());
|
||||
}
|
||||
|
||||
authenticate_success($result['account'],true,false,true);
|
||||
authenticate_success($result['account'],null,true,false,true);
|
||||
|
||||
$new_channel = false;
|
||||
$next_page = 'new_channel';
|
||||
|
||||
@@ -25,7 +25,8 @@ class Removeaccount extends \Zotlabs\Web\Controller {
|
||||
$account = \App::get_account();
|
||||
$account_id = get_account_id();
|
||||
|
||||
if(! account_verify_password($account['account_email'],$_POST['qxz_password']))
|
||||
$x = account_verify_password($account['account_email'],$_POST['qxz_password']);
|
||||
if(! ($x && $x['account']))
|
||||
return;
|
||||
|
||||
if($account['account_password_changed'] != NULL_DATE) {
|
||||
|
||||
@@ -24,7 +24,9 @@ class Removeme extends \Zotlabs\Web\Controller {
|
||||
|
||||
$account = \App::get_account();
|
||||
|
||||
if(! account_verify_password($account['account_email'],$_POST['qxz_password']))
|
||||
|
||||
$x = account_verify_password($account['account_email'],$_POST['qxz_password']);
|
||||
if(! ($x && $x['account']))
|
||||
return;
|
||||
|
||||
if($account['account_password_changed'] != NULL_DATE) {
|
||||
|
||||
@@ -21,10 +21,7 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
// We are setting these values - don't use the argc(), argv() functions here
|
||||
\App::$argc = 2;
|
||||
\App::$argv[] = 'channel';
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -38,7 +35,7 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
|
||||
$channel = \App::get_channel();
|
||||
|
||||
logger('mod_settings: ' . print_r($_REQUEST,true));
|
||||
// logger('mod_settings: ' . print_r($_REQUEST,true));
|
||||
|
||||
|
||||
if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){
|
||||
@@ -363,10 +360,10 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
intval(local_channel())
|
||||
);
|
||||
|
||||
$global_perms = get_perms();
|
||||
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
|
||||
foreach($global_perms as $k => $v) {
|
||||
$set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
|
||||
\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
|
||||
}
|
||||
$acl = new \Zotlabs\Access\AccessList($channel);
|
||||
$acl->set_from_array($_POST);
|
||||
@@ -382,7 +379,7 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
);
|
||||
}
|
||||
else {
|
||||
$role_permissions = get_role_perms($_POST['permissions_role']);
|
||||
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
|
||||
if(! $role_permissions) {
|
||||
notice('Permissions category could not be found.');
|
||||
return;
|
||||
@@ -422,19 +419,24 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
);
|
||||
}
|
||||
|
||||
$r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1",
|
||||
intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0),
|
||||
intval(local_channel())
|
||||
);
|
||||
set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0));
|
||||
|
||||
foreach($role_permissions as $p => $v) {
|
||||
if(strpos($p,'channel_') !== false) {
|
||||
$set_perms .= ', ' . $p . ' = ' . intval($v) . ' ';
|
||||
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
|
||||
foreach($x as $k => $v) {
|
||||
set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
|
||||
if($role_permissions['perms_auto']) {
|
||||
set_pconfig(local_channel(),'autoperms',$k,$v);
|
||||
}
|
||||
if($p === 'directory_publish') {
|
||||
$publish = intval($v);
|
||||
else {
|
||||
del_pconfig(local_channel(),'autoperms',$k);
|
||||
}
|
||||
}
|
||||
|
||||
if($role_permissions['limits']) {
|
||||
foreach($role_permissions['limits'] as $k => $v) {
|
||||
\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v);
|
||||
}
|
||||
}
|
||||
if(array_key_exists('directory_publish',$role_permissions)) {
|
||||
$publish = intval($role_permissions['directory_publish']);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -963,11 +965,7 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
|
||||
return $o;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
if(argv(1) === 'channel') {
|
||||
|
||||
require_once('include/acl_selectors.php');
|
||||
@@ -984,9 +982,8 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
|
||||
$channel = \App::get_channel();
|
||||
|
||||
|
||||
$global_perms = get_perms();
|
||||
|
||||
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
|
||||
$permiss = array();
|
||||
|
||||
$perm_opts = array(
|
||||
@@ -1000,19 +997,18 @@ class Settings extends \Zotlabs\Web\Controller {
|
||||
array( t('Anybody on the internet'), PERMS_PUBLIC)
|
||||
);
|
||||
|
||||
$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
|
||||
|
||||
foreach($global_perms as $k => $perm) {
|
||||
$options = array();
|
||||
foreach($perm_opts as $opt) {
|
||||
if((! $perm[2]) && $opt[1] == PERMS_PUBLIC)
|
||||
continue;
|
||||
$options[$opt[1]] = $opt[0];
|
||||
}
|
||||
$permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options);
|
||||
$permiss[] = array($k,$perm,$limits[$k],'',$options);
|
||||
}
|
||||
|
||||
|
||||
// logger('permiss: ' . print_r($permiss,true));
|
||||
//logger('permiss: ' . print_r($permiss,true));
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user