harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implements a new permission level PERMS_PENDING

Browse Source 
With this a user can allow some action to any user which connects
to them, even before they've connected back.

Ref.
https://mobiliza.org.br/display/478d9e71eaf55748dc646d3990651d6d34cfb7db5c38360538ec730ca3ccf908@zothub.com

Also some code cleanup and an alternative logic for handling
notifications of permission changes in zot.php.

This assumes that private posts are still restricted to people in
your addressbook. Regardless of your global permissions, a
pending channel won't get private posts, even if the post
only has a deny clause not matching the pending channel.
This commit is contained in:
Alexandre Hannud Abdo
2014-06-17 04:26:18 -03:00
parent c012c648e0
commit b20887995a
7 changed files with 132 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
include/permissions.php
View File

@@ -177,32 +177,36 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue;
}
// If PERMS_CONTACTS or PERMS_SPECIFIC, they need to be in your address book
// $x is a valid address book entry
// From here on we require that the observer be a connection and
// handle whether we're allowing any, approved or specific ones
if(! $x) {
$ret[$perm_name] = false;
continue;
}
// They are in your address book, but haven't been approved
if($r[0][$channel_perm] & PERMS_PENDING) {
$ret[$perm_name] = true;
continue;
}
if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
$ret[$perm_name] = false;
continue;
}
if(($r) && ($r[0][$channel_perm] & PERMS_CONTACTS)) {
// They're a contact, so they have permission
// They're a contact, so they have permission
if($r[0][$channel_perm] & PERMS_CONTACTS) {
$ret[$perm_name] = true;
continue;
}
// Permission granted to certain channels. Let's see if the observer is one of them
if(($r) && ($r[0][$channel_perm] & PERMS_SPECIFIC)) {
if($r[0][$channel_perm] & PERMS_SPECIFIC) {
if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) {
$ret[$perm_name] = true;
continue;
@@ -216,7 +220,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
}
$arr = array(
'channel_id' => $uid,
'observer_hash' => $observer_xchan,
@@ -229,7 +232,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
function perm_is_allowed($uid,$observer_xchan,$permission) {
$arr = array(
'channel_id' => $uid,
'observer_hash' => $observer_xchan,
@@ -280,7 +282,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
}
}
// Check if this $uid is actually the $observer_xchan
if($r[0]['channel_hash'] === $observer_xchan)
@@ -312,16 +313,27 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($c)
return true;
return false;
}
}
// From here on we require that the observer be a connection and
// handle whether we're allowing any, approved or specific ones
if(! $x) {
return false;
}
// They are in your address book, but haven't been approved
if($r[0][$channel_perm] & PERMS_PENDING) {
return true;
}
if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
return false;
}
// They're a contact, so they have permission
if($r[0][$channel_perm] & PERMS_CONTACTS) {
return true;
}
@@ -333,13 +345,9 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
return true;
}
// No permissions allowed.
return false;
}
@@ -356,7 +364,6 @@ function check_list_permissions($uid,$arr,$perm) {
}
function site_default_perms() {
$typical = array(
@@ -378,7 +385,6 @@ function site_default_perms() {
'delegate' => 0,
);
$global_perms = get_perms();
$ret = array();