harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

permission fixes

Browse Source
This commit is contained in:
redmatrix 2016-07-19 20:49:54 -07:00
parent 237cca7a0d
commit a961d5e6c8
6 changed files with 18 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Zotlabs/Lib/PermissionDescription.php
View File

@ -78,22 +78,13 @@ class PermissionDescription {
$result = null; $result = null;
$global_perms = get_perms(); $global_perms = \Zotlabs\Access\Permissions::Perms();
if (array_key_exists($permname, $global_perms)) { if (array_key_exists($permname, $global_perms)) {
$permDetails = $global_perms[$permname]; $channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname);
// It should be OK to always just read the permissions from App::$channel $result = new PermissionDescription('', $channelPerm);
//
// App::$profile is a union of channel and profile fields.
// The distinction is basically that App::$profile is pointing to the resource
// being observed. App::$channel is referring to the current logged-in channel
// member (if this is a local channel) e.g. the observer. We only show the ACL
// widget to the page owner (observer and observed are the same) so in that case
// I believe either may be safely used here.
$channelPerm = \App::$channel[$permDetails[0]];
$result = new PermissionDescription($permDetails[1], $channelPerm);
} else { } else {
// The acl dialog can handle null arguments, but it shouldn't happen // The acl dialog can handle null arguments, but it shouldn't happen
logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR); logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);

8
Zotlabs/Module/Item.php
View File

@ -316,9 +316,11 @@ class Item extends \Zotlabs\Web\Controller {
} }
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
$view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
$comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
if($webpage) if($webpage)
$public_policy = ''; $public_policy = '';
if($public_policy) if($public_policy)
@ -810,7 +812,7 @@ class Item extends \Zotlabs\Web\Controller {
$datarray['layout_mid'] = $layout_mid; $datarray['layout_mid'] = $layout_mid;
$datarray['public_policy'] = $public_policy; $datarray['public_policy'] = $public_policy;
$datarray['comment_policy'] = map_scope($channel['channel_w_comment']); $datarray['comment_policy'] = map_scope($comment_policy);
$datarray['term'] = $post_tags; $datarray['term'] = $post_tags;
$datarray['plink'] = $plink; $datarray['plink'] = $plink;
$datarray['route'] = $route; $datarray['route'] = $route;

4
Zotlabs/Module/Profiles.php
View File

@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$profile_id' => $r[0]['id'], '$profile_id' => $r[0]['id'],
'$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'), '$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'),
'$is_default' => $is_default, '$is_default' => $is_default,
'$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])), '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))),
'$advanced' => $advanced, '$advanced' => $advanced,
'$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'),
'$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']), '$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']),
@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$alt' => t('Profile Image'), '$alt' => t('Profile Image'),
'$profile_name' => $rr['profile_name'], '$profile_name' => $rr['profile_name'],
'$visible' => (($rr['is_default']) '$visible' => (($rr['is_default'])
? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>' ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>'
: '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') : '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
)); ));
} }

1
boot.php
View File

@ -2449,6 +2449,7 @@ function check_cron_broken() {
if((! $d) || ($d < datetime_convert('UTC','UTC','now - 4 hours'))) { if((! $d) || ($d < datetime_convert('UTC','UTC','now - 4 hours'))) {
Zotlabs\Daemon\Master::Summon(array('Cron')); Zotlabs\Daemon\Master::Summon(array('Cron'));
set_config('system','lastcron',datetime_convert());
} }
$t = get_config('system','lastcroncheck'); $t = get_config('system','lastcroncheck');

12
include/items.php
View File

@ -385,7 +385,7 @@ function post_activity_item($arr) {
return $ret; return $ret;
} }
$arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); $arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true));
if($arr['public_policy']) if($arr['public_policy'])
$arr['item_private'] = 1; $arr['item_private'] = 1;
@ -421,7 +421,7 @@ function post_activity_item($arr) {
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']); $arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']);
$arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']); $arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']);
$arr['comment_policy'] = map_scope($channel['channel_w_comment']); $arr['comment_policy'] = map_scope(\Zotlabs\Access/PermissionLimits::Get($channel['channel_id'],'post_comments'));
if ((! $arr['plink']) && (intval($arr['item_thread_top']))) { if ((! $arr['plink']) && (intval($arr['item_thread_top']))) {
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
@ -970,12 +970,12 @@ function encode_item($item,$mirror = false) {
// logger('encode_item: ' . print_r($item,true)); // logger('encode_item: ' . print_r($item,true));
$r = q("select channel_r_stream, channel_w_comment from channel where channel_id = %d limit 1", $r = q("select channel_id from channel where channel_id = %d limit 1",
intval($item['uid']) intval($item['uid'])
); );
if($r) if($r)
$comment_scope = $r[0]['channel_w_comment']; $comment_scope = \Zotlabs\Access\PermissionLimits::Get($item['uid'],'post_comments');
else else
$comment_scope = 0; $comment_scope = 0;
@ -2761,7 +2761,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
$private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] $private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0); || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0);
$new_public_policy = map_scope($channel['channel_r_stream'],true); $new_public_policy = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if((! $private) && $new_public_policy) if((! $private) && $new_public_policy)
$private = 1; $private = 1;
@ -2806,7 +2806,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
dbesc($channel['channel_deny_gid']), dbesc($channel['channel_deny_gid']),
intval($private), intval($private),
dbesc($new_public_policy), dbesc($new_public_policy),
dbesc(map_scope($channel['channel_w_comment'])), dbesc(map_scope(\Zotlabs\Access\PermissionLimits($channel['channel_id'],'post_comments'))),
dbesc($title), dbesc($title),
dbesc($body), dbesc($body),
intval($item_wall), intval($item_wall),

2
include/photos.php
View File

@ -412,7 +412,7 @@ function photo_upload($channel, $observer, $args) {
// in the photos pages - using the photos permissions instead. We need the public policy to keep the photo // in the photos pages - using the photos permissions instead. We need the public policy to keep the photo
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions. // linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
$arr['public_policy'] = map_scope($channel['channel_r_stream'],true); $arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if($arr['public_policy']) if($arr['public_policy'])
$arr['item_private'] = 1; $arr['item_private'] = 1;