extensible perms: the really, really hard part - figuring out what to do about people with custom permissions so as to set sane defaults.

Zotlabs/Access/PermissionRoles.php

@@ -160,6 +160,7 @@ class PermissionRoles {
 				$ret['limits'] = PermissionLimits::Std_Limits();
 				break;
 
+			case 'custom':
 			default:
 				break;
 		}
@@ -174,7 +175,48 @@ class PermissionRoles {
 		return $ret;
 	}
 
+	static public function new_custom_perms($uid,$perm,$abooks) {
 
+		// set permissionlimits for this permission here, for example:
+
+		// if($perm === 'mynewperm')
+		//     \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1);
+
+
+		// set autoperms here if applicable
+		// choices are to set to 0, 1, or the value of an existing perm
+
+		if(get_pconfig($uid,'system','autoperms')) {
+
+			$c = channelx_by_n($uid);
+			$value = 0;
+
+			// if($perm === 'mynewperm')
+			//	 $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm'));
+
+			if($c) {
+				set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value);
+			}
+
+
+		}
+
+		// now set something for all existing connections.
+
+		if($abooks) {
+			foreach($abooks as $ab) {
+				switch($perm) {
+					// case 'mynewperm':
+					// choices are to set to 1, set to 0, or clone an existing perm
+					// set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+					//		get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm'));
+					
+					default:
+						break;
+				}
+			}
+		}
+	}
 
 
 	static public function roles() {

Zotlabs/Access/Permissions.php

@@ -10,9 +10,18 @@ class Permissions {
 	/**
 	 * Extensible permissions.
 	 * To add new permissions, add to the list of $perms below, with a simple description.
+	 *
 	 * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
 	 * if this permission should be granted to new connections.
 	 *
+	 * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom 
+	 * permission roles. You will want to set a default PermissionLimit for each channel and also
+	 * provide a sane default for any existing connections. You may or may not wish to provide a
+	 * default auto permission. If in doubt, leave this alone as custom permissions by definition
+	 * are the responsbility of the channel owner to manage. You just don't want to create any 
+	 * suprises or break things so you have an opportunity to provide sane settings. 
+	 *
+	 *
 	 * Permissions with 'view' in the name are considered read permissions. Anything
 	 * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
 	 * is given PERMS_SPECIFIC.

boot.php

@@ -2483,6 +2483,12 @@ function check_for_new_perms() {
 						// get the permissions role details
 						$rp = \Zotlabs\Access\PermissionRoles::role_perms($r[0]['v']);
 						if($rp) {
+
+							// for custom permission roles we need to customise how we initiate this new permission
+							if(array_key_exists('role',$rp) && ($rp['role'] === 'custom' || $rp['role'] === '')) {
+								\Zotlabs\Access\PermissionRoles::new_custom_perms($cc['uid'],$p,$x);
+							}
+							else {
 								// set the channel limits if appropriate or 0
 								if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
 									\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
@@ -2491,6 +2497,7 @@ function check_for_new_perms() {
 									\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
 								}
 
+
 								$set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
 								// foreach connection set to the perms_connect value
 								if($x) {
@@ -2504,6 +2511,7 @@ function check_for_new_perms() {
 				}
 			}
 		}
+	}
 
 	// We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency
 	if($found_new_perm)