harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "Merge branch '1.10RC' of https://github.com/redmatrix/hubzilla into 1.10RC_merge"

Browse Source 
This reverts commit 35f17acb38, reversing
changes made to 58cf5f310d.
This commit is contained in:
redmatrix 2016-07-28 16:02:51 -07:00
parent 35f17acb38
commit bc74425872
80 changed files with 43275 additions and 45748 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
Zotlabs/Access/PermissionLimits.php
View File

@ -1,36 +0,0 @@
<?php
namespace Zotlabs\Access;
use \Zotlabs\Lib as ZLib;
class PermissionLimits {
static public function Std_Limits() {
$perms = Permissions::Perms();
$limits = array();
foreach($perms as $k => $v) {
if(strstr($k,'view'))
$limits[$k] = PERMS_PUBLIC;
else
$limits[$k] = PERMS_SPECIFIC;
}
return $limits;
}
static public function Set($channel_id,$perm,$perm_limit) {
ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
}
static public function Get($channel_id,$perm = '') {
if($perm) {
return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
}
else {
Zlib\PConfig::Load($channel_id);
if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
return \App::$config[$channel_id]['perm_limits'];
return false;
}
}
}

215
Zotlabs/Access/PermissionRoles.php
View File

@ -1,215 +0,0 @@
<?php
namespace Zotlabs\Access;
use Zotlabs\Lib as Zlib;
class PermissionRoles {
static function role_perms($role) {
$ret = array();
$ret['role'] = $role;
switch($role) {
case 'social':
$ret['perms_auto'] = false;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like', 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'social_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'social_private':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' ];
$ret['limits'] = PermissionLimits::Std_Limits();
$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
$ret['limits']['view_storage'] = PERMS_SPECIFIC;
break;
case 'forum':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'forum_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'forum_private':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
$ret['limits']['view_profile'] = PERMS_SPECIFIC;
$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
$ret['limits']['view_storage'] = PERMS_SPECIFIC;
$ret['limits']['view_pages'] = PERMS_SPECIFIC;
break;
case 'feed':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'feed_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'soapbox':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
case 'repository':
$ret['perms_auto'] = true;
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
default:
break;
}
$x = get_config('system','role_perms');
// let system settings over-ride any or all
if($x && is_array($x) && array_key_exists($role,$x))
$ret = array_merge($ret,$x[$role]);
call_hooks('get_role_perms',$ret);
return $ret;
}
static public function roles() {
$roles = [
t('Social Networking') => [
'social' => t('Social - Mostly Public'),
'social_restricted' => t('Social - Restricted'),
'social_private' => t('Social - Private')
],
t('Community Forum') => [
'forum' => t('Forum - Mostly Public'),
'forum_restricted' => t('Forum - Restricted'),
'forum_private' => t('Forum - Private')
],
t('Feed Republish') => [
'feed' => t('Feed - Mostly Public'),
'feed_restricted' => t('Feed - Restricted')
],
t('Special Purpose') => [
'soapbox' => t('Special - Celebrity/Soapbox'),
'repository' => t('Special - Group Repository')
],
t('Other') => [
'custom' => t('Custom/Expert Mode')
]
];
return $roles;
}
}

116
Zotlabs/Access/Permissions.php
View File

@ -1,116 +0,0 @@
<?php
namespace Zotlabs\Access;
use Zotlabs\Lib as Zlib;
class Permissions {
/**
* Extensible permissions.
* To add new permissions, add to the list of $perms below, with a simple description.
* Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
* if this permission should be granted to new connections.
*
* Permissions with 'view' in the name are considered read permissions. Anything
* else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
* is given PERMS_SPECIFIC.
*
* PermissionLimits::Std_limits() retrieves the standard limits. A permission role
* MAY alter an individual setting after retrieving the Std_limits if you require
* something different for a specific permission within the given role.
*
*/
static public function Perms($filter = '') {
$perms = [
'view_stream' => t('Can view my channel stream and posts'),
'send_stream' => t('Can send me their channel stream and posts'),
'view_profile' => t('Can view my default channel profile'),
'view_contacts' => t('Can view my connections'),
'view_storage' => t('Can view my file storage and photos'),
'write_storage' => t('Can upload/modify my file storage and photos'),
'view_pages' => t('Can view my channel webpages'),
'write_pages' => t('Can create/edit my channel webpages'),
'post_wall' => t('Can post on my channel (wall) page'),
'post_comments' => t('Can comment on or like my posts'),
'post_mail' => t('Can send me private mail messages'),
'post_like' => t('Can like/dislike profiles and profile things'),
'tag_deliver' => t('Can forward to all my channel connections via @+ mentions in posts'),
'chat' => t('Can chat with me'),
'republish' => t('Can source my public posts in derived channels'),
'delegate' => t('Can administer my channel')
];
$x = array('permissions' => $perms, 'filter' => $filter);
call_hooks('permissions_list',$x);
return($x['permissions']);
}
static public function BlockedAnonPerms() {
// Perms from the above list that are blocked from anonymous observers.
// e.g. you must be authenticated.
$res = array();
$perms = PermissionLimits::Std_limits();
foreach($perms as $perm => $limit) {
if($limit != PERMS_PUBLIC) {
$res[] = $perm;
}
}
$x = array('permissions' => $res);
call_hooks('write_perms',$x);
return($x['permissions']);
}
// converts [ 0 => 'view_stream', ... ]
// to [ 'view_stream' => 1 ]
// for any permissions in $arr;
// Undeclared permissions are set to 0
static public function FilledPerms($arr) {
$everything = self::Perms();
$ret = [];
foreach($everything as $k => $v) {
if(in_array($k,$arr))
$ret[$k] = 1;
else
$ret[$k] = 0;
}
return $ret;
}
static public function FilledAutoperms($channel_id) {
if(! intval(get_pconfig($channel_id,'system','autoperms')))
return false;
$arr = [];
$r = q("select * from pconfig where uid = %d and cat = 'autoperms'",
intval($channel_id)
);
if($r) {
foreach($r as $rr) {
$arr[$rr['k']] = $arr[$rr['v']];
}
}
return $arr;
}
static public function PermsCompare($p1,$p2) {
foreach($p1 as $k => $v) {
if(! array_key_exists($k,$p2))
return false;
if($p1[$k] != $p2[$k])
return false;
}
return true;
}
}

4
Zotlabs/Daemon/Onepoll.php
View File

@ -102,9 +102,7 @@ class Onepoll {
$fetch_feed = true;
$x = null;
$can_view_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'their_perms','view_stream'));
if(! $can_view_stream)
if(! ($contact['abook_their_perms'] & PERMS_R_STREAM ))
$fetch_feed = false;
if($fetch_feed) {

2
Zotlabs/Lib/AbConfig.php
View File

@ -7,7 +7,7 @@ class AbConfig {
static public function Load($chan,$xhash,$family = '') {
if($family)
$where = sprintf(" and cat = '%s' ",dbesc($family));
$where = sprintf(" and family = '%s' ",dbesc($family));
$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
intval($chan),
dbesc($xhash)

5
Zotlabs/Lib/Cache.php
View File

@ -8,9 +8,6 @@ namespace Zotlabs\Lib;
class Cache {
public static function get($key) {
$key = substr($key,0,254);
$r = q("SELECT v FROM cache WHERE k = '%s' limit 1",
dbesc($key)
);
@ -22,8 +19,6 @@ class Cache {
public static function set($key,$value) {
$key = substr($key,0,254);
$r = q("SELECT * FROM cache WHERE k = '%s' limit 1",
dbesc($key)
);

17
Zotlabs/Lib/PConfig.php
View File

@ -17,20 +17,12 @@ class PConfig {
*/
static public function Load($uid) {
if(is_null($uid) || $uid === false)
if($uid === false)
return false;
if(! array_key_exists($uid, \App::$config))
\App::$config[$uid] = array();
if(! is_array(\App::$config)) {
btlogger('App::$config not an array: ' . $uid);
}
if(! is_array(\App::$config[$uid])) {
btlogger('App::$config[$uid] not an array: ' . $uid);
}
$r = q("SELECT * FROM pconfig WHERE uid = %d",
intval($uid)
);
@ -69,7 +61,7 @@ class PConfig {
static public function Get($uid,$family,$key,$instore = false) {
if(is_null($uid) || $uid === false)
if($uid === false)
return false;
if(! array_key_exists($uid, \App::$config))
@ -110,7 +102,7 @@ class PConfig {
// we provide a function backtrace in the logs so that we can find
// and fix the calling function.
if(is_null($uid) || $uid === false) {
if($uid === false) {
btlogger('UID is FALSE!', LOGGER_NORMAL, LOG_ERR);
return;
}
@ -180,9 +172,6 @@ class PConfig {
static public function Delete($uid, $family, $key) {
if(is_null($uid) || $uid === false)
return false;
$ret = false;
if(array_key_exists($key, \App::$config[$uid][$family]))

15
Zotlabs/Lib/PermissionDescription.php
View File

@ -78,13 +78,22 @@ class PermissionDescription {
$result = null;
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
if (array_key_exists($permname, $global_perms)) {
$channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname);
$permDetails = $global_perms[$permname];
$result = new PermissionDescription('', $channelPerm);
// It should be OK to always just read the permissions from App::$channel
//
// App::$profile is a union of channel and profile fields.
// The distinction is basically that App::$profile is pointing to the resource
// being observed. App::$channel is referring to the current logged-in channel
// member (if this is a local channel) e.g. the observer. We only show the ACL
// widget to the page owner (observer and observed are the same) so in that case
// I believe either may be safely used here.
$channelPerm = \App::$channel[$permDetails[0]];
$result = new PermissionDescription($permDetails[1], $channelPerm);
} else {
// The acl dialog can handle null arguments, but it shouldn't happen
logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);

54
Zotlabs/Module/Acl.php
View File

@ -58,23 +58,7 @@ class Acl extends \Zotlabs\Web\Controller {
if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
killme();
$permitted = [];
if(in_array($type, [ 'm', 'a', 'c' ])) {
// These queries require permission checking. We'll create a simple array of xchan_hash for those with
// the requisite permissions which we can check against.
$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1",
intval(local_channel()),
dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
);
$permitted = ids_to_array($x,'xchan');
}
if($search) {
$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
@ -103,13 +87,13 @@ class Acl extends \Zotlabs\Web\Controller {
if($type == '' || $type == 'g') {
$r = q("SELECT groups.id, groups.hash, groups.gname
FROM groups,group_member
WHERE groups.deleted = 0 AND groups.uid = %d
AND group_member.gid=groups.id
$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname`
FROM `groups`,`group_member`
WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d
AND `group_member`.`gid`=`groups`.`id`
$sql_extra
GROUP BY groups.id
ORDER BY groups.gname
GROUP BY `groups`.`id`
ORDER BY `groups`.`gname`
LIMIT %d OFFSET %d",
intval(local_channel()),
intval($count),
@ -172,7 +156,7 @@ class Acl extends \Zotlabs\Web\Controller {
}
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
intval(local_channel())
@ -237,24 +221,16 @@ class Acl extends \Zotlabs\Web\Controller {
}
}
elseif($type == 'm') {
$r = array();
$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
$r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d
WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0)
and xchan_deleted = 0
$sql_extra3
ORDER BY xchan_name ASC ",
intval(local_channel())
ORDER BY `xchan_name` ASC ",
intval(local_channel()),
intval(PERMS_W_MAIL)
);
if($z) {
foreach($z as $zz) {
if(in_array($zz['id'],$permitted)) {
$r[] = $zz;
}
}
}
}
elseif($type == 'a') {
@ -298,7 +274,7 @@ class Acl extends \Zotlabs\Web\Controller {
if(strpos($g['hash'],'/') && $type != 'a')
continue;
if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) {
if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) {
$contacts[] = array(
"type" => "c",
"photo" => "images/twopeople.png",

89
Zotlabs/Module/Connedit.php
View File

@ -126,30 +126,15 @@ class Connedit extends \Zotlabs\Web\Controller {
$rating = 10;
$rating_text = trim(escape_tags($_REQUEST['rating_text']));
$all_perms = \Zotlabs\Access\Permissions::Perms();
if($all_perms) {
foreach($all_perms as $perm => $desc) {
if(array_key_exists('perms_' . $perm, $_POST)) {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,
intval($_POST['perms_' . $perm]));
if($autoperms) {
set_pconfig($channel['channel_id'],'autoperms',$perm,intval($_POST['perms_' . $perm]));
}
}
else {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0);
if($autoperms) {
set_pconfig($channel['channel_id'],'autoperms',$perm,0);
}
}
$abook_my_perms = 0;
foreach($_POST as $k => $v) {
if(strpos($k,'perms_') === 0) {
$abook_my_perms += $v;
}
}
if(! is_null($autoperms))
set_pconfig($channel['channel_id'],'system','autoperms',$autoperms);
$new_friend = false;
if(! $is_self) {
@ -209,25 +194,19 @@ class Connedit extends \Zotlabs\Web\Controller {
$role = get_pconfig(local_channel(),'system','permissions_role');
if($role) {
$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($x['perms_connect']) {
$abook_my_perms = $x['perms_connect'];
}
$x = get_role_perms($role);
if($x['perms_accept'])
$abook_my_perms = $x['perms_accept'];
}
$filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms);
foreach($filled_perms as $k => $v) {
set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
}
}
$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
$r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d,
abook_incl = '%s', abook_excl = '%s'
where abook_id = %d AND abook_channel = %d",
dbesc($profile_id),
intval($abook_my_perms),
intval($closeness),
intval($abook_pending),
dbesc($abook_incl),
@ -248,13 +227,10 @@ class Connedit extends \Zotlabs\Web\Controller {
info( t('Connection updated.') . EOL);
else
notice( t('Failed to update connection record.') . EOL);
if(! intval(\App::$poi['abook_self'])) {
\Zotlabs\Daemon\Master::Summon( [
'Notifier',
(($new_friend) ? 'permission_create' : 'permission_update'),
$contact_id
]);
if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms
&& (! intval(\App::$poi['abook_self']))) {
\Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id));
}
if($new_friend) {
@ -395,9 +371,9 @@ class Connedit extends \Zotlabs\Web\Controller {
$my_perms = get_channel_default_perms(local_channel());
$role = get_pconfig(local_channel(),'system','permissions_role');
if($role) {
$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($x['perms_connect'])
$my_perms = $x['perms_connect'];
$x = get_role_perms($role);
if($x['perms_accept'])
$my_perms = $x['perms_accept'];
}
$yes_no = array(t('No'),t('Yes'));
@ -678,8 +654,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$perms = array();
$channel = \App::get_channel();
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
@ -695,32 +670,16 @@ class Connedit extends \Zotlabs\Web\Controller {
if($slide && $multiprofs)
$affinity = t('Set Affinity & Profile');
$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
intval(local_channel()),
dbesc($contact['abook_xchan'])
);
$their_perms = array();
if($theirs) {
foreach($theirs as $t) {
$their_perms[$t['k']] = $t['v'];
}
}
foreach($global_perms as $k => $v) {
$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
//fixme
$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
$thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : '');
$checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : '');
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if((! $self) && ($existing[$k]))
$thisperm = "1";
$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
$perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited);
}
$locstr = '';

4
Zotlabs/Module/Editpost.php
View File

@ -47,9 +47,9 @@ class Editpost extends \Zotlabs\Web\Controller {
if(intval($itm[0]['item_obscured'])) {
$key = get_config('system','prvkey');
if($itm[0]['title'])
$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
if($itm[0]['body'])
$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
}
$category = '';

4
Zotlabs/Module/Editwebpage.php
View File

@ -108,9 +108,9 @@ class Editwebpage extends \Zotlabs\Web\Controller {
if(intval($itm[0]['item_obscured'])) {
$key = get_config('system','prvkey');
if($itm[0]['title'])
$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
if($itm[0]['body'])
$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
}
$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",

40
Zotlabs/Module/File_upload.php
View File

@ -1,40 +0,0 @@
<?php
namespace Zotlabs\Module;
require_once('include/attach.php');
require_once('include/channel.php');
require_once('include/photos.php');
class File_upload extends \Zotlabs\Web\Controller {
function post() {
// logger('file upload: ' . print_r($_REQUEST,true));
$channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null);
if(! $channel) {
logger('channel not found');
killme();
}
$_REQUEST['source'] = 'file_upload';
if($channel['channel_id'] != local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
if($_REQUEST['directory_name'])
$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
else
$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
goaway(z_root() . '/' . $_REQUEST['return_url']);
}
}

5
Zotlabs/Module/Follow.php
View File

@ -47,13 +47,12 @@ class Follow extends \Zotlabs\Web\Controller {
if($abconfig)
$clone['abconfig'] = $abconfig;
build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true);
build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
$can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream'));
// If we can view their stream, pull in some posts
if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss'))
if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss'))
\Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id']));
goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');

319
Zotlabs/Module/Id.php Normal file
View File

@ -0,0 +1,319 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/id.php
* @brief OpenID implementation
*/
require 'library/openid/provider/provider.php';
$attrMap = array(
'namePerson/first' => t('First Name'),
'namePerson/last' => t('Last Name'),
'namePerson/friendly' => t('Nickname'),
'namePerson' => t('Full Name'),
'contact/internet/email' => t('Email'),
'contact/email' => t('Email'),
'media/image/aspect11' => t('Profile Photo'),
'media/image' => t('Profile Photo'),
'media/image/default' => t('Profile Photo'),
'media/image/16x16' => t('Profile Photo 16px'),
'media/image/32x32' => t('Profile Photo 32px'),
'media/image/48x48' => t('Profile Photo 48px'),
'media/image/64x64' => t('Profile Photo 64px'),
'media/image/80x80' => t('Profile Photo 80px'),
'media/image/128x128' => t('Profile Photo 128px'),
'timezone' => t('Timezone'),
'contact/web/default' => t('Homepage URL'),
'language/pref' => t('Language'),
'birthDate/birthYear' => t('Birth Year'),
'birthDate/birthMonth' => t('Birth Month'),
'birthDate/birthday' => t('Birth Day'),
'birthDate' => t('Birthdate'),
'gender' => t('Gender'),
);
/**
* @brief Entrypoint for the OpenID implementation.
*
* @param App &$a
*/
class Id extends \Zotlabs\Web\Controller {
function init() {
logger('id: ' . print_r($_REQUEST, true));
if(argc() > 1) {
$which = argv(1);
} else {
\App::$error = 404;
return;
}
$profile = '';
$channel = \App::get_channel();
profile_load($which,$profile);
$op = new MysqlProvider;
$op->server();
}
/**
* @brief Returns user data needed for OpenID.
*
* If no $handle is provided we will use local_channel() by default.
*
* @param string $handle (default null)
* @return boolean|array
*/
static public function getUserData($handle = null) {
if (! local_channel()) {
notice( t('Permission denied.') . EOL);
\App::$page['content'] = login();
return false;
}
// logger('handle: ' . $handle);
if ($handle) {
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1",
dbesc($handle)
);
} else {
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d",
intval(local_channel())
);
}
if (! r)
return false;
$x = q("select * from account where account_id = %d limit 1",
intval($r[0]['channel_account_id'])
);
if ($x)
$r[0]['email'] = $x[0]['account_email'];
$p = q("select * from profile where is_default = 1 and uid = %d limit 1",
intval($r[0]['channel_account_id'])
);
$gender = '';
if ($p[0]['gender'] == t('Male'))
$gender = 'M';
if ($p[0]['gender'] == t('Female'))
$gender = 'F';
$r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']);
$r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : '');
$r[0]['namePerson'] = $r[0]['channel_name'];
$r[0]['pphoto'] = $r[0]['xchan_photo_l'];
$r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg';
$r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg';
$r[0]['timezone'] = $r[0]['channel_timezone'];
$r[0]['url'] = $r[0]['xchan_url'];
$r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en');
$r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : '');
$r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : '');
$r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : '');
$r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : '');
$r[0]['gender'] = $gender;
return $r[0];
/*
* if(isset($_POST['login'],$_POST['password'])) {
* $login = mysql_real_escape_string($_POST['login']);
* $password = sha1($_POST['password']);
* $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'");
* if($data = mysql_fetch_assoc($q)) {
* return $data;
* }
* if($handle) {
* echo 'Wrong login/password.';
* }
* }
* if($handle) {
* ?>
* <form action="" method="post">
* <input type="hidden" name="openid.assoc_handle" value="<?php
namespace Zotlabs\Module; echo $handle?>">
* Login: <input type="text" name="login"><br>
* Password: <input type="password" name="password"><br>
* <button>Submit</button>
* </form>
* <?php
namespace Zotlabs\Module;
* die();
* }
*/
}
}
/**
* @brief MySQL provider for OpenID implementation.
*
*/
class MysqlProvider extends \LightOpenIDProvider {
// See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html
// This list contains a few variations of these attributes to maintain
// compatibility with legacy clients
private $attrFieldMap = array(
'namePerson/first' => 'firstName',
'namePerson/last' => 'lastName',
'namePerson/friendly' => 'channel_address',
'namePerson' => 'namePerson',
'contact/internet/email' => 'email',
'contact/email' => 'email',
'media/image/aspect11' => 'pphoto',
'media/image' => 'pphoto',
'media/image/default' => 'pphoto',
'media/image/16x16' => 'pphoto16',
'media/image/32x32' => 'pphoto32',
'media/image/48x48' => 'pphoto48',
'media/image/64x64' => 'pphoto64',
'media/image/80x80' => 'pphoto80',
'media/image/128x128' => 'pphoto128',
'timezone' => 'timezone',
'contact/web/default' => 'url',
'language/pref' => 'language',
'birthDate/birthYear' => 'birthyear',
'birthDate/birthMonth' => 'birthmonth',
'birthDate/birthday' => 'birthday',
'birthDate' => 'birthdate',
'gender' => 'gender',
);
function setup($identity, $realm, $assoc_handle, $attributes) {
global $attrMap;
// logger('identity: ' . $identity);
// logger('realm: ' . $realm);
// logger('assoc_handle: ' . $assoc_handle);
// logger('attributes: ' . print_r($attributes,true));
$data = \Zotlabs\Module\Id::getUserData($assoc_handle);
/** @FIXME this needs to be a template with localised strings */
$o .= '<form action="" method="post">'
. '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">'
. '<input type="hidden" name="login" value="' . $_POST['login'] .'">'
. '<input type="hidden" name="password" value="' . $_POST['password'] .'">'
. "<b>$realm</b> wishes to authenticate you.";
if($attributes['required'] || $attributes['optional']) {
$o .= " It also requests following information (required fields marked with *):"
. '<ul>';
foreach($attributes['required'] as $attr) {
if(isset($this->attrMap[$attr])) {
$o .= '<li>'
. '<input type="checkbox" name="attributes[' . $attr . ']"> '
. $this->attrMap[$attr] . ' <span class="required">*</span></li>';
}
}
foreach($attributes['optional'] as $attr) {
if(isset($this->attrMap[$attr])) {
$o .= '<li>'
. '<input type="checkbox" name="attributes[' . $attr . ']"> '
. $this->attrMap[$attr] . '</li>';
}
}
$o .= '</ul>';
}
$o .= '<br>'
. '<button name="once">Allow once</button> '
. '<button name="always">Always allow</button> '
. '<button name="cancel">cancel</button> '
. '</form>';
\App::$page['content'] .= $o;
}
function checkid($realm, &$attributes) {
logger('checkid: ' . $realm);
logger('checkid attrs: ' . print_r($attributes,true));
if(isset($_POST['cancel'])) {
$this->cancel();
}
$data = \Zotlabs\Module\Id::getUserData();
if(! $data) {
return false;
}
$q = get_pconfig(local_channel(), 'openid', $realm);
$attrs = array();
if($q) {
$attrs = $q;
} elseif(isset($_POST['attributes'])) {
$attrs = array_keys($_POST['attributes']);
} elseif(!isset($_POST['once']) && !isset($_POST['always'])) {
return false;
}
$attributes = array();
foreach($attrs as $attr) {
if(isset($this->attrFieldMap[$attr])) {
$attributes[$attr] = $data[$this->attrFieldMap[$attr]];
}
}
if(isset($_POST['always'])) {
set_pconfig(local_channel(),'openid',$realm,array_keys($attributes));
}
return z_root() . '/id/' . $data['channel_address'];
}
function assoc_handle() {
logger('assoc_handle');
$channel = \App::get_channel();
return z_root() . '/channel/' . $channel['channel_address'];
}
function setAssoc($handle, $data) {
logger('setAssoc');
$channel = channelx_by_nick(basename($handle));
if($channel)
set_pconfig($channel['channel_id'],'openid','associate',$data);
}
function getAssoc($handle) {
logger('getAssoc: ' . $handle);
$channel = channelx_by_nick(basename($handle));
if($channel)
return get_pconfig($channel['channel_id'], 'openid', 'associate');
return false;
}
function delAssoc($handle) {
logger('delAssoc');
$channel = channelx_by_nick(basename($handle));
if($channel)
return del_pconfig($channel['channel_id'], 'openid', 'associate');
}
}

9
Zotlabs/Module/Import.php
View File

@ -8,7 +8,6 @@ namespace Zotlabs\Module;
require_once('include/zot.php');
require_once('include/channel.php');
require_once('include/import.php');
require_once('include/perm_upgrade.php');
@ -340,8 +339,6 @@ class Import extends \Zotlabs\Web\Controller {
$abooks = $data['abook'];
if($abooks) {
foreach($abooks as $abook) {
$abook_copy = $abook;
$abconfig = null;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
@ -350,10 +347,6 @@ class Import extends \Zotlabs\Web\Controller {
unset($abook['abook_id']);
unset($abook['abook_rating']);
unset($abook['abook_rating_text']);
unset($abook['abconfig']);
unset($abook['abook_their_perms']);
unset($abook['abook_my_perms']);
$abook['abook_account'] = $account_id;
$abook['abook_channel'] = $channel['channel_id'];
if(! array_key_exists('abook_blocked',$abook)) {
@ -392,8 +385,6 @@ class Import extends \Zotlabs\Web\Controller {
$friends ++;
if(intval($abook['abook_feed']))
$feeds ++;
translate_abook_perms_inbound($channel,$abook_copy);
if($abconfig) {
// @fixme does not handle sync of del_abconfig

12
Zotlabs/Module/Item.php
View File

@ -318,11 +318,9 @@ class Item extends \Zotlabs\Web\Controller {
}
$acl = new \Zotlabs\Access\AccessList($channel);
$view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
$comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
if($webpage)
$public_policy = '';
if($public_policy)
@ -530,11 +528,11 @@ class Item extends \Zotlabs\Web\Controller {
if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) {
$x = q("select abook_id, abconfig.v from abook left join abconfig on abook_xchan = abconfig.xchan and abook_channel = abconfig.chan and cat= 'their_perms' and abconfig.k = 'tag_deliver' and abconfig.v = 1 and abook_xchan = '%s' and abook_channel = %d limit 1",
$x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)),
intval($profile_uid)
);
if($x)
if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL))
$body .= "\n\n@group+" . $x[0]['abook_id'] . "\n";
}
@ -814,7 +812,7 @@ class Item extends \Zotlabs\Web\Controller {
$datarray['layout_mid'] = $layout_mid;
$datarray['public_policy'] = $public_policy;
$datarray['comment_policy'] = map_scope($comment_policy);
$datarray['comment_policy'] = map_scope($channel['channel_w_comment']);
$datarray['term'] = $post_tags;
$datarray['plink'] = $plink;
$datarray['route'] = $route;

31
Zotlabs/Module/Like.php
View File

@ -264,22 +264,23 @@ class Like extends \Zotlabs\Web\Controller {
logger('like: no item ' . $item_id);
killme();
}
xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel()));
$item = $r[0];
$owner_uid = $r[0]['uid'];
$owner_aid = $r[0]['aid'];
$can_comment = false;
if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self']))
$can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments');
else
$can_comment = can_comment_on_post($observer['xchan_hash'],$item);
if(! $can_comment) {
$owner_uid = $item['uid'];
$owner_aid = $item['aid'];
$sys = get_sys_channel();
// if this is a "discover" item, (item['uid'] is the sys channel),
// fallback to the item comment policy, which should've been
// respected when generating the conversation thread.
// Even if the activity is rejected by the item owner, it should still get attached
// to the local discover conversation on this site.
if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) {
notice( t('Permission denied') . EOL);
killme();
}

12
Zotlabs/Module/Mail.php
View File

@ -57,6 +57,8 @@ class Mail extends \Zotlabs\Web\Controller {
$their_perms = 0;
$global_perms = get_perms();
if($j['permissions']['data']) {
$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
if($permissions)
@ -66,7 +68,13 @@ class Mail extends \Zotlabs\Web\Controller {
else
$permissions = $j['permissions'];
if(! ($permissions['post_mail'])) {
foreach($permissions as $k => $v) {
if($v) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
if(! ($their_perms & PERMS_W_MAIL)) {
notice( t('Selected channel has private message restrictions. Send failed.'));
// reported issue: let's still save the message and continue. We'll just tell them
// that nothing useful is likely to happen. They might have spent hours on it.
@ -112,7 +120,7 @@ class Mail extends \Zotlabs\Web\Controller {
}
function get() {
function get() {
$o = '';
nav_set_selected('messages');

4
Zotlabs/Module/Manage.php
View File

@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller {
$create = array( 'new_channel', t('Create a new channel'), t('Create New'));
$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where
abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )",
abook_channel = %d and (abook_their_perms & %d) > 0",
intval(local_channel()),
intval(local_channel())
intval(PERMS_A_DELEGATE)
);
if($delegates) {

198
Zotlabs/Module/Openid.php Normal file
View File

@ -0,0 +1,198 @@
<?php
namespace Zotlabs\Module;
require_once('library/openid/openid.php');
require_once('include/auth.php');
class Openid extends \Zotlabs\Web\Controller {
function get() {
$noid = get_config('system','disable_openid');
if($noid)
goaway(z_root());
logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
if(x($_REQUEST,'openid_mode')) {
$openid = new LightOpenID(z_root());
if($openid->validate()) {
logger('openid: validate');
$authid = normalise_openid($_REQUEST['openid_identity']);
if(! strlen($authid)) {
logger( t('OpenID protocol error. No ID returned.') . EOL);
goaway(z_root());
}
$x = match_openid($authid);
if($x) {
$r = q("select * from channel where channel_id = %d limit 1",
intval($x)
);
if($r) {
$y = q("select * from account where account_id = %d limit 1",
intval($r[0]['channel_account_id'])
);
if($y) {
foreach($y as $record) {
if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) {
logger('mod_openid: openid success for ' . $x[0]['channel_name']);
$_SESSION['uid'] = $r[0]['channel_id'];
$_SESSION['account_id'] = $r[0]['channel_account_id'];
$_SESSION['authenticated'] = true;
authenticate_success($record,$r[0],true,true,true,true);
goaway(z_root());
}
}
}
}
}
// Successful OpenID login - but we can't match it to an existing account.
// See if they've got an xchan
$r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1",
dbesc($authid)
);
if($r) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
$_SESSION['my_url'] = $r[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['xchan_addr'];
$arr = array('xchan' => $r[0], 'session' => $_SESSION);
call_hooks('magic_auth_openid_success',$arr);
\App::set_observer($r[0]);
require_once('include/security.php');
\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
if($_SESSION['return_url'])
goaway($_SESSION['return_url']);
goaway(z_root());
}
// no xchan...
// create one.
// We should probably probe the openid url and figure out if they have any kind of social presence we might be able to
// scrape some identifying info from.
$name = $authid;
$url = trim($_REQUEST['openid_identity'],'/');
if(strpos($url,'http') === false)
$url = 'https://' . $url;
$pphoto = z_root() . '/' . get_default_profile_photo();
$parsed = @parse_url($url);
if($parsed) {
$host = $parsed['host'];
}
$attr = $openid->getAttributes();
if(is_array($attr) && count($attr)) {
foreach($attr as $k => $v) {
if($k === 'namePerson/friendly')
$nick = notags(trim($v));
if($k === 'namePerson/first')
$first = notags(trim($v));
if($k === 'namePerson')
$name = notags(trim($v));
if($k === 'contact/email')
$addr = notags(trim($v));
if($k === 'media/image/aspect11')
$photosq = trim($v);
if($k === 'media/image/default')
$photo_other = trim($v);
}
}
if(! $nick) {
if($first)
$nick = $first;
else
$nick = $name;
}
require_once('library/urlify/URLify.php');
$x = strtolower(\URLify::transliterate($nick));
if($nick & $host)
$addr = $nick . '@' . $host;
$network = 'unknown';
if($photosq)
$pphoto = $photosq;
elseif($photo_other)
$pphoto = $photo_other;
$mimetype = guess_image_type($pphoto);
$x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date,
xchan_name_date, xchan_hidden)
values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 1) ",
dbesc($url),
dbesc(''),
dbesc(''),
dbesc(''),
dbesc($mimetype),
dbesc($pphoto),
dbesc($addr),
dbesc($url),
dbesc(''),
dbesc(''),
dbesc(''),
dbesc($name),
dbesc($network),
dbesc(datetime_convert()),
dbesc(datetime_convert())
);
if($x) {
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($url)
);
if($r) {
$photos = import_xchan_photo($pphoto,$url);
if($photos) {
$z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s',
xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
dbesc(datetime_convert()),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
dbesc($photos[3]),
dbesc($url)
);
}
set_xconfig($url,'system','openid',$authid);
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
$_SESSION['my_url'] = $r[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['xchan_addr'];
$arr = array('xchan' => $r[0], 'session' => $_SESSION);
call_hooks('magic_auth_openid_success',$arr);
\App::set_observer($r[0]);
info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
if($_SESSION['return_url'])
goaway($_SESSION['return_url']);
goaway(z_root());
}
}
}
}
notice( t('Login failed.') . EOL);
goaway(z_root());
// NOTREACHED
}
}

2
Zotlabs/Module/Probe.php
View File

@ -23,6 +23,8 @@ class Probe extends \Zotlabs\Web\Controller {
$j = \Zotlabs\Zot\Finger::run($addr,$channel,false);
// $res = zot_finger($addr,$channel,false);
$o .= '<pre>';
if(! $j['success']) {
$o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n");

4
Zotlabs/Module/Profiles.php
View File

@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$profile_id' => $r[0]['id'],
'$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'),
'$is_default' => $is_default,
'$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))),
'$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])),
'$advanced' => $advanced,
'$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'),
'$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']),
@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$alt' => t('Profile Image'),
'$profile_name' => $rr['profile_name'],
'$visible' => (($rr['is_default'])
? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>'
? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>'
: '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
));
}

4
Zotlabs/Module/Ratingsearch.php
View File

@ -58,9 +58,7 @@ class Ratingsearch extends \Zotlabs\Web\Controller {
$ret['success'] = true;
$r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash
where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1
and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
order by xchan_name asc",
where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 order by xchan_name asc",
dbesc($target)
);

13
Zotlabs/Module/Rmagic.php
View File

@ -2,6 +2,7 @@
namespace Zotlabs\Module;
class Rmagic extends \Zotlabs\Web\Controller {
function init() {
@ -31,6 +32,18 @@ class Rmagic extends \Zotlabs\Web\Controller {
$arr = array('address' => $address);
call_hooks('reverse_magic_auth', $arr);
try {
require_once('library/openid/openid.php');
$openid = new \LightOpenID(z_root());
$openid->identity = $address;
$openid->returnUrl = z_root() . '/openid';
$openid->required = array('namePerson/friendly', 'namePerson');
$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
goaway($openid->authUrl());
} catch (\Exception $e) {
notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
}
// if they're still here...
notice( t('Authentication failed.') . EOL);
return;

58
Zotlabs/Module/Settings.php
View File

@ -21,7 +21,10 @@ class Settings extends \Zotlabs\Web\Controller {
// We are setting these values - don't use the argc(), argv() functions here
\App::$argc = 2;
\App::$argv[] = 'channel';
}
}
}
@ -35,7 +38,7 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
// logger('mod_settings: ' . print_r($_REQUEST,true));
logger('mod_settings: ' . print_r($_REQUEST,true));
if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){
@ -360,10 +363,10 @@ class Settings extends \Zotlabs\Web\Controller {
intval(local_channel())
);
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
foreach($global_perms as $k => $v) {
\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
$set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
}
$acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_POST);
@ -379,7 +382,7 @@ class Settings extends \Zotlabs\Web\Controller {
);
}
else {
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
$role_permissions = get_role_perms($_POST['permissions_role']);
if(! $role_permissions) {
notice('Permissions category could not be found.');
return;
@ -419,24 +422,19 @@ class Settings extends \Zotlabs\Web\Controller {
);
}
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
foreach($x as $k => $v) {
set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
if($role_permissions['perms_auto']) {
set_pconfig(local_channel(),'autoperms',$k,$v);
$r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1",
intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0),
intval(local_channel())
);
set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0));
foreach($role_permissions as $p => $v) {
if(strpos($p,'channel_') !== false) {
$set_perms .= ', ' . $p . ' = ' . intval($v) . ' ';
}
else {
del_pconfig(local_channel(),'autoperms',$k);
if($p === 'directory_publish') {
$publish = intval($v);
}
}
if($role_permissions['limits']) {
foreach($role_permissions['limits'] as $k => $v) {
\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v);
}
}
if(array_key_exists('directory_publish',$role_permissions)) {
$publish = intval($role_permissions['directory_publish']);
}
}
@ -965,7 +963,11 @@ class Settings extends \Zotlabs\Web\Controller {
return $o;
}
if(argv(1) === 'channel') {
require_once('include/acl_selectors.php');
@ -982,8 +984,9 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
$permiss = array();
$perm_opts = array(
@ -997,18 +1000,19 @@ class Settings extends \Zotlabs\Web\Controller {
array( t('Anybody on the internet'), PERMS_PUBLIC)
);
$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
foreach($global_perms as $k => $perm) {
$options = array();
foreach($perm_opts as $opt) {
if((! $perm[2]) && $opt[1] == PERMS_PUBLIC)
continue;
$options[$opt[1]] = $opt[0];
}
$permiss[] = array($k,$perm,$limits[$k],'',$options);
$permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options);
}
//logger('permiss: ' . print_r($permiss,true));
// logger('permiss: ' . print_r($permiss,true));

2
Zotlabs/Storage/BasicAuth.php
View File

@ -219,7 +219,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
}
/**
* @brief Sets the timezone from the channel in BasicAuth.
* @brief Sets the timezone from the channel in RedBasicAuth.
*
* Set in mod/cloud.php if the channel has a timezone set.
*

24
Zotlabs/Storage/Browser.php
View File

@ -274,22 +274,6 @@ class Browser extends DAV\Browser\Plugin {
// SimpleCollection, we won't need to show the panel either.
if (get_class($node) === 'Sabre\\DAV\\SimpleCollection')
return;
require_once('include/acl_selectors.php');
$aclselect = null;
$lockstate = '';
if($this->auth-owner_id) {
$channel = channelx_by_n($this->auth->owner_id);
if($channel) {
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
$aclselect = ((local_channel() == $this->auth->owner_id) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
}
}
// Storage and quota for the account (all channels of the owner of this directory)!
$limit = engr_units_to_bytes(service_class_fetch($owner, 'attach_upload_limit'));
@ -309,6 +293,7 @@ class Browser extends DAV\Browser\Plugin {
userReadableSize($limit),
round($used / $limit, 1) * 100);
}
// prepare quota for template
$quota = array();
$quota['used'] = $used;
@ -321,12 +306,7 @@ class Browser extends DAV\Browser\Plugin {
'$folder_submit' => t('Create'),
'$upload_header' => t('Upload file'),
'$upload_submit' => t('Upload'),
'$quota' => $quota,
'$channick' => $this->auth->owner_nick,
'$aclselect' => $aclselect,
'$lockstate' => $lockstate,
'$return_url' => \App::$cmd,
'$dragdroptext' => t('Drop files here to immediately upload')
'$quota' => $quota
));
}

1
Zotlabs/Web/Router.php
View File

@ -152,7 +152,6 @@ class Router {
// pretend this is a module so it will initialise the theme
\App::$module = '404';
\App::$module_loaded = true;
\App::$error = true;
}
}
}

2
Zotlabs/Web/WebServer.php
View File

@ -124,7 +124,7 @@ class WebServer {
// now that we've been through the module content, see if the page reported
// a permission problem and if so, a 403 response would seem to be in order.
if(is_array($_SESSION['sysmsg']) && stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) {
if(stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) {
header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.'));
}

71
boot.php
View File

@ -44,10 +44,10 @@ require_once('include/account.php');
define ( 'PLATFORM_NAME', 'hubzilla' );
define ( 'STD_VERSION', '1.11' );
define ( 'STD_VERSION', '1.10RC' );
define ( 'ZOT_REVISION', '1.1' );
define ( 'DB_UPDATE_VERSION', 1181 );
define ( 'DB_UPDATE_VERSION', 1180 );
/**
@ -765,7 +765,6 @@ class App {
public static $pdl = null; // Comanche page description
private static $perms = null; // observer permissions
private static $widgets = array(); // widgets for this page
public static $config = array(); // config cache
public static $session = null;
public static $groups;
@ -775,6 +774,7 @@ class App {
public static $plugins_admin;
public static $module_loaded = false;
public static $query_string;
public static $config; // config cache
public static $page;
public static $profile;
public static $user;
@ -1551,9 +1551,6 @@ function check_config(&$a) {
load_hooks();
check_for_new_perms();
check_cron_broken();
}
@ -2443,67 +2440,6 @@ function cert_bad_email() {
}
function check_for_new_perms() {
$pregistered = get_config('system','perms');
$pcurrent = array_keys(\Zotlabs\Access\Permissions::Perms());
if(! $pregistered) {
set_config('system','perms',$pcurrent);
return;
}
$found_new_perm = false;
foreach($pcurrent as $p) {
if(! in_array($p,$pregistered)) {
$found_new_perm = true;
// for all channels
$c = q("select channel_id from channel where true");
if($c) {
foreach($c as $cc) {
// get the permission role
$r = q("select v from pconfig where uid = %d and cat = 'system' and k = 'permissions_role'",
intval($cc['uid'])
);
if($r) {
// get a list of connections
$x = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
intval($cc['uid'])
);
// get the permissions role details
$rp = \Zotlabs\Access\PermissionRoles::role_perms($r[0]['v']);
if($rp) {
// set the channel limits if appropriate or 0
if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
}
else {
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
}
$set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
// foreach connection set to the perms_connect value
if($x) {
foreach($x as $xx) {
set_abconfig($cc['uid'],$xx['abook_xchan'],'my_perms',$p,intval($set));
}
}
}
}
}
}
}
}
// We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency
if($found_new_perm)
set_config('system','perms',$pcurrent);
}
/**
* @brief Send warnings every 3-5 days if cron is not running.
*/
@ -2513,7 +2449,6 @@ function check_cron_broken() {
if((! $d) || ($d < datetime_convert('UTC','UTC','now - 4 hours'))) {
Zotlabs\Daemon\Master::Summon(array('Cron'));
set_config('system','lastcron',datetime_convert());
}
$t = get_config('system','lastcroncheck');

110
include/api.php
View File

@ -72,7 +72,7 @@ require_once('include/api_auth.php');
* MAIN API ENTRY POINT *
**************************/
function api_call($a){
function api_call(&$a){
GLOBAL $API, $called_api;
// preset
@ -166,7 +166,7 @@ require_once('include/api_auth.php');
/**
* RSS extra info
*/
function api_rss_extra($a, $arr, $user_info){
function api_rss_extra(&$a, $arr, $user_info){
if (is_null($user_info)) $user_info = api_get_user($a);
$arr['$user'] = $user_info;
$arr['$rss'] = array(
@ -186,7 +186,7 @@ require_once('include/api_auth.php');
* Returns user info array.
*/
function api_get_user($a, $contact_id = null, $contact_xchan = null){
function api_get_user(&$a, $contact_id = null, $contact_xchan = null){
global $called_api;
$user = null;
$extra_query = "";
@ -282,8 +282,7 @@ require_once('include/api_auth.php');
intval($uinfo[0]['xchan_hash'])
);
$countitms = $r[0]['count'];
$following = ((get_abconfig($uinfo[0]['abook_channel'],$uinfo[0]['abook_xchan'],'my_perms','view_stream')) ? true : false );
$following = (($uinfo[0]['abook_myperms'] & PERMS_R_STREAM) ? true : false );
}
@ -356,7 +355,7 @@ require_once('include/api_auth.php');
}
function api_client_register($a,$type) {
function api_client_register(&$a,$type) {
$ret = array();
$key = random_string(16);
@ -389,7 +388,7 @@ require_once('include/api_auth.php');
function api_item_get_user($a, $item) {
function api_item_get_user(&$a, $item) {
// The author is our direct contact, in a conversation with us.
@ -473,7 +472,7 @@ require_once('include/api_auth.php');
* returns a 401 status code and an error message if not.
* http://developer.twitter.com/doc/get/account/verify_credentials
*/
function api_account_verify_credentials($a, $type){
function api_account_verify_credentials(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -483,7 +482,7 @@ require_once('include/api_auth.php');
api_register_func('api/account/verify_credentials','api_account_verify_credentials', true);
function api_account_logout($a, $type){
function api_account_logout(&$a, $type){
require_once('include/auth.php');
App::$session->nuke();
return api_apply_template("user", $type, array('$user' => null));
@ -507,7 +506,7 @@ require_once('include/api_auth.php');
* Red basic channel export
*/
function api_export_basic($a, $type) {
function api_export_basic(&$a, $type) {
if(api_user() === false) {
logger('api_export_basic: no user');
return false;
@ -521,7 +520,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/channel/export/basic','api_export_basic', true);
function api_channel_stream($a, $type) {
function api_channel_stream(&$a, $type) {
if(api_user() === false) {
logger('api_channel_stream: no user');
return false;
@ -537,7 +536,7 @@ require_once('include/api_auth.php');
}
api_register_func('api/red/channel/stream','api_channel_stream', true);
function api_attach_list($a,$type) {
function api_attach_list(&$a,$type) {
logger('api_user: ' . api_user());
json_return_and_die(attach_list_files(api_user(),get_observer_hash(),'','','','created asc'));
}
@ -547,7 +546,7 @@ require_once('include/api_auth.php');
function api_file_meta($a,$type) {
function api_file_meta(&$a,$type) {
if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false;
$r = q("select * from attach where uid = %d and hash = '%s' limit 1",
@ -565,7 +564,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/filemeta', 'api_file_meta', true);
function api_file_data($a,$type) {
function api_file_data(&$a,$type) {
if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false;
$start = (($_REQUEST['start']) ? intval($_REQUEST['start']) : 0);
@ -609,7 +608,7 @@ require_once('include/api_auth.php');
function api_file_detail($a,$type) {
function api_file_detail(&$a,$type) {
if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false;
$r = q("select * from attach where uid = %d and hash = '%s' limit 1",
@ -633,18 +632,18 @@ require_once('include/api_auth.php');
api_register_func('api/red/file', 'api_file_detail', true);
function api_albums($a,$type) {
function api_albums(&$a,$type) {
json_return_and_die(photos_albums_list(App::get_channel(),App::get_observer()));
}
api_register_func('api/red/albums','api_albums', true);
function api_photos($a,$type) {
function api_photos(&$a,$type) {
$album = $_REQUEST['album'];
json_return_and_die(photos_list_photos(App::get_channel(),App::get_observer(),$album));
}
api_register_func('api/red/photos','api_photos', true);
function api_photo_detail($a,$type) {
function api_photo_detail(&$a,$type) {
if (api_user()===false) return false;
if(! $_REQUEST['photo_id']) return false;
$scale = ((array_key_exists('scale',$_REQUEST)) ? intval($_REQUEST['scale']) : 0);
@ -686,7 +685,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/photo', 'api_photo_detail', true);
function api_group_members($a,$type) {
function api_group_members(&$a,$type) {
if(api_user() === false)
return false;
@ -710,7 +709,7 @@ require_once('include/api_auth.php');
function api_group($a,$type) {
function api_group(&$a,$type) {
if(api_user() === false)
return false;
@ -722,7 +721,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/group','api_group', true);
function api_red_xchan($a,$type) {
function api_red_xchan(&$a,$type) {
logger('api_xchan');
if(api_user() === false)
@ -740,7 +739,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/xchan','api_red_xchan',true);
function api_statuses_mediap($a, $type) {
function api_statuses_mediap(&$a, $type) {
if (api_user() === false) {
logger('api_statuses_update: no user');
return false;
@ -786,7 +785,7 @@ require_once('include/api_auth.php');
}
api_register_func('api/statuses/mediap','api_statuses_mediap', true);
function api_statuses_update($a, $type) {
function api_statuses_update(&$a, $type) {
if (api_user() === false) {
logger('api_statuses_update: no user');
return false;
@ -907,7 +906,7 @@ require_once('include/api_auth.php');
api_register_func('api/statuses/update','api_statuses_update', true);
function red_item_new($a, $type) {
function red_item_new(&$a, $type) {
if (api_user() === false) {
logger('api_red_item_new: no user');
@ -941,7 +940,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/item/new','red_item_new', true);
function red_item($a, $type) {
function red_item(&$a, $type) {
if (api_user() === false) {
logger('api_red_item_full: no user');
@ -1042,7 +1041,7 @@ require_once('include/api_auth.php');
return $status_info;
}
function api_status_show($a, $type){
function api_status_show(&$a, $type){
$user_info = api_get_user($a);
// get last public message
@ -1120,7 +1119,7 @@ require_once('include/api_auth.php');
// FIXME - this is essentially the same as api_status_show except for the template formatting at the end. Consolidate.
function api_users_show($a, $type){
function api_users_show(&$a, $type){
$user_info = api_get_user($a);
require_once('include/security.php');
@ -1192,7 +1191,7 @@ require_once('include/api_auth.php');
* TODO: Add reply info
*/
function api_statuses_home_timeline($a, $type){
function api_statuses_home_timeline(&$a, $type){
if (api_user() === false)
return false;
@ -1274,7 +1273,7 @@ require_once('include/api_auth.php');
api_register_func('api/statuses/home_timeline','api_statuses_home_timeline', true);
api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true);
function api_statuses_public_timeline($a, $type){
function api_statuses_public_timeline(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -1338,7 +1337,7 @@ require_once('include/api_auth.php');
*
*/
function api_statuses_show($a, $type){
function api_statuses_show(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -1388,7 +1387,7 @@ require_once('include/api_auth.php');
/**
*
*/
function api_statuses_repeat($a, $type){
function api_statuses_repeat(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -1434,7 +1433,7 @@ require_once('include/api_auth.php');
*
*/
function api_statuses_destroy($a, $type){
function api_statuses_destroy(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -1498,7 +1497,7 @@ require_once('include/api_auth.php');
*/
function api_statuses_mentions($a, $type){
function api_statuses_mentions(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -1565,7 +1564,7 @@ require_once('include/api_auth.php');
api_register_func('api/statuses/replies','api_statuses_mentions', true);
function api_statuses_user_timeline($a, $type){
function api_statuses_user_timeline(&$a, $type){
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -1649,7 +1648,7 @@ require_once('include/api_auth.php');
*
* api v1 : https://web.archive.org/web/20131019055350/https://dev.twitter.com/docs/api/1/post/favorites/create/%3Aid
*/
function api_favorites_create_destroy($a, $type){
function api_favorites_create_destroy(&$a, $type){
logger('favorites_create_destroy');
@ -1717,7 +1716,7 @@ require_once('include/api_auth.php');
function api_favorites($a, $type){
function api_favorites(&$a, $type){
if (api_user()===false)
return false;
@ -1986,7 +1985,7 @@ require_once('include/api_auth.php');
}
function api_account_rate_limit_status($a,$type) {
function api_account_rate_limit_status(&$a,$type) {
$hash = array(
'reset_time_in_seconds' => strtotime('now + 1 hour'),
@ -2002,7 +2001,7 @@ require_once('include/api_auth.php');
}
api_register_func('api/account/rate_limit_status','api_account_rate_limit_status',true);
function api_help_test($a,$type) {
function api_help_test(&$a,$type) {
if ($type == 'xml')
$ok = "true";
@ -2019,7 +2018,7 @@ require_once('include/api_auth.php');
* This function is deprecated by Twitter
* returns: json, xml
**/
function api_statuses_f($a, $type, $qtype) {
function api_statuses_f(&$a, $type, $qtype) {
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -2040,7 +2039,6 @@ require_once('include/api_auth.php');
return false;
}
// @fixme - update for hubzilla extensible perms using abconfig or find a better way to do it
// For Red, the closest thing we can do to figure out if you're friends is if both of you are sending each other your streams.
// This won't work if either of you send your stream to everybody on the network
if($qtype == 'friends')
@ -2061,12 +2059,12 @@ require_once('include/api_auth.php');
return array('$users' => $ret);
}
function api_statuses_friends($a, $type){
function api_statuses_friends(&$a, $type){
$data = api_statuses_f($a,$type,"friends");
if ($data===false) return false;
return api_apply_template("friends", $type, $data);
}
function api_statuses_followers($a, $type){
function api_statuses_followers(&$a, $type){
$data = api_statuses_f($a,$type,"followers");
if ($data===false) return false;
return api_apply_template("friends", $type, $data);
@ -2079,7 +2077,7 @@ require_once('include/api_auth.php');
function api_statusnet_config($a,$type) {
function api_statusnet_config(&$a,$type) {
load_config('system');
@ -2116,7 +2114,7 @@ require_once('include/api_auth.php');
api_register_func('api/friendica/config','api_statusnet_config',false);
api_register_func('api/red/config','api_statusnet_config',false);
function api_statusnet_version($a,$type) {
function api_statusnet_version(&$a,$type) {
// liar
@ -2134,7 +2132,7 @@ require_once('include/api_auth.php');
api_register_func('api/statusnet/version','api_statusnet_version',false);
function api_friendica_version($a,$type) {
function api_friendica_version(&$a,$type) {
if($type === 'xml') {
header("Content-type: application/xml");
@ -2151,7 +2149,7 @@ require_once('include/api_auth.php');
api_register_func('api/red/version','api_friendica_version',false);
function api_ff_ids($a,$type,$qtype) {
function api_ff_ids(&$a,$type,$qtype) {
if(! api_user())
return false;
@ -2187,17 +2185,17 @@ require_once('include/api_auth.php');
}
}
function api_friends_ids($a,$type) {
function api_friends_ids(&$a,$type) {
api_ff_ids($a,$type,'friends');
}
function api_followers_ids($a,$type) {
function api_followers_ids(&$a,$type) {
api_ff_ids($a,$type,'followers');
}
api_register_func('api/friends/ids','api_friends_ids',true);
api_register_func('api/followers/ids','api_followers_ids',true);
function api_direct_messages_new($a, $type) {
function api_direct_messages_new(&$a, $type) {
if (api_user()===false) return false;
if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
@ -2255,7 +2253,7 @@ require_once('include/api_auth.php');
}
api_register_func('api/direct_messages/new','api_direct_messages_new',true);
function api_direct_messages_box($a, $type, $box) {
function api_direct_messages_box(&$a, $type, $box) {
if (api_user()===false) return false;
$user_info = api_get_user($a);
@ -2315,16 +2313,16 @@ require_once('include/api_auth.php');
}
function api_direct_messages_sentbox($a, $type){
function api_direct_messages_sentbox(&$a, $type){
return api_direct_messages_box($a, $type, "sentbox");
}
function api_direct_messages_inbox($a, $type){
function api_direct_messages_inbox(&$a, $type){
return api_direct_messages_box($a, $type, "inbox");
}
function api_direct_messages_all($a, $type){
function api_direct_messages_all(&$a, $type){
return api_direct_messages_box($a, $type, "all");
}
function api_direct_messages_conversation($a, $type){
function api_direct_messages_conversation(&$a, $type){
return api_direct_messages_box($a, $type, "conversation");
}
api_register_func('api/direct_messages/conversation','api_direct_messages_conversation',true);
@ -2333,7 +2331,7 @@ require_once('include/api_auth.php');
api_register_func('api/direct_messages','api_direct_messages_inbox',true);
function api_oauth_request_token($a, $type){
function api_oauth_request_token(&$a, $type){
try{
$oauth = new ZotOAuth1();
$req = OAuth1Request::from_request();
@ -2348,7 +2346,7 @@ require_once('include/api_auth.php');
killme();
}
function api_oauth_access_token($a, $type){
function api_oauth_access_token(&$a, $type){
try{
$oauth = new ZotOAuth1();
$req = OAuth1Request::from_request();

2
include/api_auth.php
View File

@ -64,8 +64,6 @@ function api_login(&$a){
}
}
if($record['account']) {
authenticate_success($record['account']);

1
include/attach.php
View File

@ -74,7 +74,6 @@ function z_mime_content_type($filename) {
// 'webm' => 'audio/webm',
'mp4' => 'video/mp4',
// 'mp4' => 'audio/mp4',
'mkv' => 'video/x-matroska',
// adobe
'pdf' => 'application/pdf',

107
include/channel.php
View File

@ -6,7 +6,6 @@
require_once('include/zot.php');
require_once('include/crypto.php');
require_once('include/menu.php');
require_once('include/perm_upgrade.php');
/**
* @brief Called when creating a new channel.
@ -226,26 +225,42 @@ function create_identity($arr) {
if(array_key_exists('publish', $arr))
$publish = intval($arr['publish']);
$role_permissions = null;
if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) {
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($arr['permissions_role']);
}
if($role_permissions && array_key_exists('directory_publish',$role_permissions))
$publish = intval($role_permissions['directory_publish']);
$primary = true;
if(array_key_exists('primary', $arr))
$primary = intval($arr['primary']);
$role_permissions = null;
$global_perms = get_perms();
if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) {
$role_permissions = get_role_perms($arr['permissions_role']);
if($role_permissions) {
foreach($role_permissions as $p => $v) {
if(strpos($p,'channel_') !== false) {
$perms_keys .= ', ' . $p;
$perms_vals .= ', ' . intval($v);
}
if($p === 'directory_publish')
$publish = intval($v);
}
}
}
else {
$defperms = site_default_perms();
foreach($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
}
$expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary,
channel_name, channel_address, channel_guid, channel_guid_sig,
channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone )
values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ",
channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone $perms_keys )
values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' $perms_vals ) ",
intval($arr['account_id']),
intval($primary),
@ -273,17 +288,6 @@ function create_identity($arr) {
return $ret;
}
if($role_permissions && array_key_exists('limits',$role_permissions))
$perm_limits = $role_permissions['limits'];
else
$perm_limits = site_default_perms();
foreach($perm_limits as $p => $v)
\Zotlabs\Access\PermissionLimits::Set($r[0]['channel_id'],$p,$v);
if($role_permissions && array_key_exists('perms_auto',$role_permissions))
set_pconfig($r[0]['channel_id'],'system','autoperms',intval($role_permissions['perms_auto']));
$ret['channel'] = $r[0];
if(intval($arr['account_id']))
@ -347,29 +351,25 @@ function create_identity($arr) {
);
if($role_permissions) {
$myperms = ((array_key_exists('perms_connect',$role_permissions)) ? $role_permissions['perms_connect'] : array());
}
else {
$x = \Zotlabs\Access\PermissionRoles::role_perms('social');
$myperms = $x['perms_connect'];
$myperms = ((array_key_exists('perms_accept',$role_permissions)) ? intval($role_permissions['perms_accept']) : 0);
}
else
$myperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self )
values ( %d, %d, '%s', %d, '%s', '%s', %d ) ",
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self, abook_my_perms )
values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ",
intval($ret['channel']['channel_account_id']),
intval($newuid),
dbesc($hash),
intval(0),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval(1)
intval(1),
intval($myperms)
);
$x = \Zotlabs\Access\Permissions::FilledPerms($myperms);
foreach($x as $k => $v) {
set_abconfig($newuid,$hash,'my_perms',$k,$v);
}
if(intval($ret['channel']['channel_account_id'])) {
// Save our permissions role so we can perhaps call it up and modify it later.
@ -378,21 +378,8 @@ function create_identity($arr) {
set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']);
if(array_key_exists('online',$role_permissions))
set_pconfig($newuid,'system','hide_presence',1-intval($role_permissions['online']));
if(array_key_exists('perms_auto',$role_permissions)) {
$autoperms = intval($role_permissions['perms_auto']);
set_pconfig($newuid,'system','autoperms',$autoperms);
if($autoperms) {
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
foreach($x as $k => $v) {
set_pconfig($newuid,'autoperms',$k,$v);
}
}
else {
$r = q("delete from pconfig where uid = %d and cat = 'autoperms'",
intval($newuid)
);
}
}
if(array_key_exists('perms_auto',$role_permissions))
set_pconfig($newuid,'system','autoperms',(($role_permissions['perms_auto']) ? $role_permissions['perms_accept'] : 0));
}
// Create a group with yourself as a member. This allows somebody to use it
@ -510,8 +497,7 @@ function identity_basic_export($channel_id, $items = false) {
intval($channel_id)
);
if($r) {
translate_channel_perms_outbound($r[0]);
$ret['channel'] = $r[0];
$ret['channel'] = $r[0];
$ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()];
}
@ -533,7 +519,6 @@ function identity_basic_export($channel_id, $items = false) {
$abconfig = load_abconfig($channel_id,$ret['abook'][$x]['abook_xchan']);
if($abconfig)
$ret['abook'][$x]['abconfig'] = $abconfig;
translate_abook_perms_outbound($ret['abook'][$x]);
}
stringify_array_elms($xchans);
}
@ -1567,11 +1552,9 @@ function is_public_profile() {
if(intval(get_config('system','block_public')))
return false;
$channel = App::get_channel();
if($channel) {
$perm = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile');
if($perm == PERMS_PUBLIC)
return true;
}
if($channel && $channel['channel_r_profile'] == PERMS_PUBLIC)
return true;
return false;
}
@ -1643,13 +1626,13 @@ function notifications_on($channel_id,$value) {
function get_channel_default_perms($uid) {
$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1",
$r = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1",
intval($uid)
);
if($r)
return load_abconfig($uid,$r[0]['abook_xchan'],'my_perms');
return $r[0]['abook_my_perms'];
return array();
return 0;
}

1
include/config.php
View File

@ -97,6 +97,7 @@ function del_aconfig($account_id, $family, $key) {
return Zlib\AConfig::Delete($account_id, $family, $key);
}
function load_abconfig($chan, $xhash, $family = '') {
return Zlib\AbConfig::Load($chan,$xhash,$family);
}

10
include/connections.php
View File

@ -260,15 +260,15 @@ function channel_remove($channel_id, $local = true, $unset_session=false) {
if(! $local) {
$r = q("update channel set channel_deleted = '%s', channel_removed = 1 where channel_id = %d",
$r = q("update channel set channel_deleted = '%s', channel_removed = 1, channel_r_stream = 0, channel_r_profile = 0,
channel_r_photos = 0, channel_r_abook = 0, channel_w_stream = 0, channel_w_wall = 0, channel_w_tagwall = 0,
channel_w_comment = 0, channel_w_mail = 0, channel_w_photos = 0, channel_w_chat = 0, channel_a_delegate = 0,
channel_r_storage = 0, channel_w_storage = 0, channel_r_pages = 0, channel_w_pages = 0, channel_a_republish = 0
where channel_id = %d",
dbesc(datetime_convert()),
intval($channel_id)
);
q("delete from pconfig where uid = %d",
intval($channel_id)
);
logger('deleting hublocs',LOGGER_DEBUG);
$r = q("update hubloc set hubloc_deleted = 1 where hubloc_hash = '%s'",

6
include/conversation.php
View File

@ -99,7 +99,7 @@ function localize_item(&$item){
if(intval($item['item_thread_top']))
return;
$obj = json_decode($item['obj'],true);
$obj = json_decode_plus($item['obj']);
if((! $obj) && ($item['obj'])) {
logger('localize_item: failed to decode object: ' . print_r($item['obj'],true));
}
@ -186,7 +186,7 @@ function localize_item(&$item){
$Alink = $item['author']['xchan_url'];
$obj= json_decode($item['obj'],true);
$obj= json_decode_plus($item['obj']);
$Blink = $Bphoto = '';
@ -219,7 +219,7 @@ function localize_item(&$item){
$Aname = $item['author']['xchan_name'];
$Alink = $item['author']['xchan_url'];
$obj= json_decode($item['obj'],true);
$obj= json_decode_plus($item['obj']);
$Blink = $Bphoto = '';

48
include/follow.php
View File

@ -66,11 +66,12 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$role = get_pconfig($uid,'system','permissions_role');
if($role) {
$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($x['perms_connect'])
$my_perms = $x['perms_connect'];
$x = get_role_perms($role);
if($x['perms_follow'])
$my_perms = $x['perms_follow'];
}
if($is_red && $j) {
logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG);
@ -103,6 +104,10 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$xchan_hash = $x['hash'];
$their_perms = 0;
$global_perms = get_perms();
if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) {
$permissions = crypto_unencapsulate(array(
'data' => $j['permissions']['data'],
@ -116,14 +121,16 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
else
$permissions = $j['permissions'];
if(is_array($permissions) && $permissions) {
foreach($permissions as $k => $v) {
set_abconfig($channel['channel_uid'],$xchan_hash,'their_perms',$k,intval($v));
foreach($permissions as $k => $v) {
if($v) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
}
else {
$their_perms = 0;
$xchan_hash = '';
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
@ -183,7 +190,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$result['message'] = t('Protocol disabled.');
return $result;
}
$singleton = intval($x['singleton']);
$aid = $channel['channel_account_id'];
@ -216,15 +222,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
intval($uid)
);
if($is_http) {
// Always set these "remote" permissions for feeds since we cannot interact with them
// to negotiate a suitable permission response
set_abconfig($uid,$xchan_hash,'their_perms','view_stream',1);
set_abconfig($uid,$xchan_hash,'their_perms','republish',1);
}
if($r) {
$abook_instance = $r[0]['abook_instance'];
@ -234,7 +231,8 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$abook_instance .= z_root();
}
$x = q("update abook set abook_instance = '%s' where abook_id = %d",
$x = q("update abook set abook_their_perms = %d, abook_instance = '%s' where abook_id = %d",
intval($their_perms),
dbesc($abook_instance),
intval($r[0]['abook_id'])
);
@ -244,13 +242,15 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
if($closeness === false)
$closeness = 80;
$r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_created, abook_updated, abook_instance )
values( %d, %d, %d, '%s', %d, '%s', '%s', '%s' ) ",
$r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_instance )
values( %d, %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s' ) ",
intval($aid),
intval($uid),
intval($closeness),
dbesc($xchan_hash),
intval(($is_http) ? 1 : 0),
intval(($is_http) ? $their_perms|PERMS_R_STREAM|PERMS_A_REPUBLISH : $their_perms),
intval($my_perms),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(($singleton) ? z_root() : '')
@ -260,16 +260,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
if(! $r)
logger('mod_follow: abook creation failed');
$all_perms = \Zotlabs\Access\Permissions::Perms();
if($all_perms) {
foreach($all_perms as $k => $v) {
if(in_array($k,$my_perms))
set_abconfig($uid,$xchan_hash,'my_perms',$k,1);
else
set_abconfig($uid,$xchan_hash,'my_perms',$k,0);
}
}
$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash
where abook_xchan = '%s' and abook_channel = %d limit 1",
dbesc($xchan_hash),

45
include/import.php
View File

@ -1,7 +1,6 @@
<?php
require_once('include/menu.php');
require_once('include/perm_upgrade.php');
function import_channel($channel, $account_id, $seize) {
@ -62,35 +61,15 @@ function import_channel($channel, $account_id, $seize) {
if(! is_site_admin())
$channel['channel_pageflags'] = $channel['channel_pageflags'] ^ PAGE_ALLOWCODE;
}
dbesc_array($channel);
// remove all the permissions related settings, we will import/upgrade them after the channel
// is created.
$disallowed = [
'channel_id', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate', 'perm_limits'
];
$clean = array();
foreach($channel as $k => $v) {
if(in_array($k,$disallowed))
continue;
$clean[$k] = $v;
}
if($clean) {
dbesc_array($clean);
$r = dbq("INSERT INTO channel (`"
. implode("`, `", array_keys($clean))
. "`) VALUES ('"
. implode("', '", array_values($clean))
. "')"
);
}
$r = dbq("INSERT INTO channel (`"
. implode("`, `", array_keys($channel))
. "`) VALUES ('"
. implode("', '", array_values($channel))
. "')"
);
if(! $r) {
logger('mod_import: channel clone failed. ', print_r($channel,true));
@ -107,14 +86,6 @@ function import_channel($channel, $account_id, $seize) {
notice( t('Cloned channel not found. Import failed.') . EOL);
return false;
}
// extract the permissions from the original imported array and use our new channel_id to set them
// These could be in the old channel permission stule or the new pconfig. We have a function to
// translate and store them no matter which they throw at us.
$channel['channel_id'] = $r[0]['channel_id'];
translate_channel_perms_inbound($channel);
// reset
$channel = $r[0];

39
include/items.php
View File

@ -183,7 +183,7 @@ function is_item_normal($item) {
* This function examines the comment_policy attached to an item and decides if the current observer has
* sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed()
* will not be suitable because the post owner does not have a local channel_id.
* Generally we should look at the item - in particular the author['abook_flags'] and see if ABOOK_FLAG_SELF is set.
* Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set.
* If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call
* can_comment_on_post()
* We also check the comments_closed date/time on the item if this is set.
@ -224,7 +224,8 @@ function can_comment_on_post($observer_xchan, $item) {
case 'contacts':
case 'authenticated':
case '':
if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
if(array_key_exists('owner',$item)) {
if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT))
return true;
}
break;
@ -385,7 +386,7 @@ function post_activity_item($arr) {
return $ret;
}
$arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true));
$arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
if($arr['public_policy'])
$arr['item_private'] = 1;
@ -421,7 +422,7 @@ function post_activity_item($arr) {
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']);
$arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']);
$arr['comment_policy'] = map_scope(\Zotlabs\Access/PermissionLimits::Get($channel['channel_id'],'post_comments'));
$arr['comment_policy'] = map_scope($channel['channel_w_comment']);
if ((! $arr['plink']) && (intval($arr['item_thread_top']))) {
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
@ -970,12 +971,12 @@ function encode_item($item,$mirror = false) {
// logger('encode_item: ' . print_r($item,true));
$r = q("select channel_id from channel where channel_id = %d limit 1",
$r = q("select channel_r_stream, channel_w_comment from channel where channel_id = %d limit 1",
intval($item['uid'])
);
if($r)
$comment_scope = \Zotlabs\Access\PermissionLimits::Get($item['uid'],'post_comments');
$comment_scope = $r[0]['channel_w_comment'];
else
$comment_scope = 0;
@ -989,9 +990,9 @@ function encode_item($item,$mirror = false) {
if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) {
if($item['title'])
$item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key);
$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key);
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
}
// If we're trying to backup an item so that it's recoverable or for export/imprt,
@ -1061,11 +1062,11 @@ function encode_item($item,$mirror = false) {
$x['owner'] = encode_item_xchan($item['owner']);
$x['author'] = encode_item_xchan($item['author']);
if($item['obj'])
$x['object'] = json_decode($item['obj'],true);
$x['object'] = json_decode_plus($item['obj']);
if($item['target'])
$x['target'] = json_decode($item['target'],true);
$x['target'] = json_decode_plus($item['target']);
if($item['attach'])
$x['attach'] = json_decode($item['attach'],true);
$x['attach'] = json_decode_plus($item['attach']);
if($y = encode_item_flags($item))
$x['flags'] = $y;
@ -1381,7 +1382,7 @@ function encode_mail($item,$extended = false) {
$x['to'] = encode_item_xchan($item['to']);
if($item['attach'])
$x['attach'] = json_decode($item['attach'],true);
$x['attach'] = json_decode_plus($item['attach']);
$x['flags'] = array();
@ -2389,7 +2390,7 @@ function tag_deliver($uid, $item_id) {
if(($item['obj_type'] == "") || ($item['obj_type'] !== ACTIVITY_OBJ_PERSON) || (! $item['obj']))
$poke_notify = false;
$obj = json_decode($item['obj'],true);
$obj = json_decode_plus($item['obj']);
if($obj) {
if($obj['id'] !== $u[0]['channel_hash'])
$poke_notify = false;
@ -2426,14 +2427,14 @@ function tag_deliver($uid, $item_id) {
if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) {
logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']);
$j_tgt = json_decode($item['target'],true);
$j_tgt = json_decode_plus($item['target']);
if($j_tgt && $j_tgt['id']) {
$p = q("select * from item where mid = '%s' and uid = %d limit 1",
dbesc($j_tgt['id']),
intval($u[0]['channel_id'])
);
if($p) {
$j_obj = json_decode($item['obj'],true);
$j_obj = json_decode_plus($item['obj']);
logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA);
if($j_obj && $j_obj['id'] && $j_obj['title']) {
if(is_array($j_obj['link']))
@ -2518,7 +2519,7 @@ function tag_deliver($uid, $item_id) {
if(intval($item['item_obscured'])) {
$key = get_config('system','prvkey');
if($item['body'])
$body = crypto_unencapsulate(json_decode($item['body'],true),$key);
$body = crypto_unencapsulate(json_decode_plus($item['body']),$key);
}
else
$body = $item['body'];
@ -2761,7 +2762,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
$private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0);
$new_public_policy = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
$new_public_policy = map_scope($channel['channel_r_stream'],true);
if((! $private) && $new_public_policy)
$private = 1;
@ -2806,7 +2807,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
dbesc($channel['channel_deny_gid']),
intval($private),
dbesc($new_public_policy),
dbesc(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'))),
dbesc(map_scope($channel['channel_w_comment'])),
dbesc($title),
dbesc($body),
intval($item_wall),
@ -2855,7 +2856,7 @@ function check_item_source($uid, $item) {
if(! $x)
return false;
if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish'))
if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH))
return false;
if($item['item_private'] && (! intval($x[0]['abook_feed'])))

11
include/oembed.php
View File

@ -215,17 +215,6 @@ function oembed_fetch_url($embedurl){
if($j->html != $orig) {
logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j->html, LOGGER_DEBUG, LOG_INFO);
}
$orig_len = trim(mb_strlen($orig));
$new_len = trim(mb_strlen($j->html));
if(! $new_len)
$j->type = 'error';
elseif($orig_len) {
$ratio = $new_len / $orig_len;
if($ratio < 0.8)
$j->type = 'error';
}
}
}

236
include/perm_upgrade.php
View File

@ -1,236 +0,0 @@
<?php
function perm_limits_upgrade($channel) {
set_pconfig($channel['channel_id'],'perm_limits','view_stream',$channel['channel_r_stream']);
set_pconfig($channel['channel_id'],'perm_limits','view_profile',$channel['channel_r_profile']);
set_pconfig($channel['channel_id'],'perm_limits','view_contacts',$channel['channel_r_abook']);
set_pconfig($channel['channel_id'],'perm_limits','view_storage',$channel['channel_r_storage']);
set_pconfig($channel['channel_id'],'perm_limits','view_pages',$channel['channel_r_pages']);
set_pconfig($channel['channel_id'],'perm_limits','send_stream',$channel['channel_w_stream']);
set_pconfig($channel['channel_id'],'perm_limits','post_wall',$channel['channel_w_wall']);
set_pconfig($channel['channel_id'],'perm_limits','post_comments',$channel['channel_w_comment']);
set_pconfig($channel['channel_id'],'perm_limits','post_mail',$channel['channel_w_mail']);
set_pconfig($channel['channel_id'],'perm_limits','post_like',$channel['channel_w_like']);
set_pconfig($channel['channel_id'],'perm_limits','tag_deliver',$channel['channel_w_tagwall']);
set_pconfig($channel['channel_id'],'perm_limits','chat',$channel['channel_w_chat']);
set_pconfig($channel['channel_id'],'perm_limits','write_storage',$channel['channel_w_storage']);
set_pconfig($channel['channel_id'],'perm_limits','write_pages',$channel['channel_w_pages']);
set_pconfig($channel['channel_id'],'perm_limits','republish',$channel['channel_a_republish']);
set_pconfig($channel['channel_id'],'perm_limits','delegate',$channel['channel_a_delegate']);
}
function perms_int_to_array($p) {
$ret = [];
$ret['view_stream'] = (($p & PERMS_R_STREAM) ? 1 : 0);
$ret['view_profile'] = (($p & PERMS_R_PROFILE) ? 1 : 0);
$ret['view_contacts'] = (($p & PERMS_R_ABOOK) ? 1 : 0);
$ret['view_storage'] = (($p & PERMS_R_STORAGE) ? 1 : 0);
$ret['view_pages'] = (($p & PERMS_R_PAGES) ? 1 : 0);
$ret['send_stream'] = (($p & PERMS_W_STREAM) ? 1 : 0);
$ret['post_wall'] = (($p & PERMS_W_WALL) ? 1 : 0);
$ret['post_comments'] = (($p & PERMS_W_COMMENT) ? 1 : 0);
$ret['post_mail'] = (($p & PERMS_W_MAIL) ? 1 : 0);
$ret['post_like'] = (($p & PERMS_W_LIKE) ? 1 : 0);
$ret['tag_deliver'] = (($p & PERMS_W_TAGWALL) ? 1 : 0);
$ret['chat'] = (($p & PERMS_W_CHAT) ? 1 : 0);
$ret['write_storage'] = (($p & PERMS_W_STORAGE) ? 1 : 0);
$ret['write_pages'] = (($p & PERMS_W_PAGES) ? 1 : 0);
$ret['republish'] = (($p & PERMS_A_REPUBLISH) ? 1 : 0);
$ret['delegate'] = (($p & PERMS_A_DELEGATE) ? 1 : 0);
return $ret;
}
function autoperms_upgrade($channel) {
$x = get_pconfig($channel['channel_id'],'system','autoperms');
if(intval($x)) {
$y = perms_int_to_array($x);
if($y) {
foreach($y as $k => $v) {
set_pconfig($channel['channel_id'],'autoperms',$k,$v);
}
}
}
}
function perm_abook_upgrade($abook) {
$x = perms_int_to_array($abook['abook_their_perms']);
if($x) {
foreach($x as $k => $v) {
set_abconfig($abook['abook_channel'],$abook['abook_xchan'],'their_perms',$k, $v);
}
}
$x = perms_int_to_array($abook['abook_my_perms']);
if($x) {
foreach($x as $k => $v) {
set_abconfig($abook['abook_channel'],$abook['abook_xchan'],'my_perms',$k, $v);
}
}
}
function translate_channel_perms_outbound(&$channel) {
$r = q("select * from pconfig where uid = %d and cat = 'perm_limits' ",
intval($channel['channel_id'])
);
if($r) {
foreach($r as $rr) {
if($rr['k'] === 'view_stream')
$channel['channel_r_stream'] = $rr['v'];
if($rr['k'] === 'view_profile')
$channel['channel_r_profile'] = $rr['v'];
if($rr['k'] === 'view_contacts')
$channel['channel_r_abook'] = $rr['v'];
if($rr['k'] === 'view_storage')
$channel['channel_r_storage'] = $rr['v'];
if($rr['k'] === 'view_pages')
$channel['channel_r_pages'] = $rr['v'];
if($rr['k'] === 'send_stream')
$channel['channel_w_stream'] = $rr['v'];
if($rr['k'] === 'post_wall')
$channel['channel_w_wall'] = $rr['v'];
if($rr['k'] === 'post_comments')
$channel['channel_w_comment'] = $rr['v'];
if($rr['k'] === 'post_mail')
$channel['channel_w_mail'] = $rr['v'];
if($rr['k'] === 'post_like')
$channel['channel_w_like'] = $rr['v'];
if($rr['k'] === 'tag_deliver')
$channel['channel_w_tagwall'] = $rr['v'];
if($rr['k'] === 'chat')
$channel['channel_w_chat'] = $rr['v'];
if($rr['k'] === 'write_storage')
$channel['channel_w_storage'] = $rr['v'];
if($rr['k'] === 'write_pages')
$channel['channel_w_pages'] = $rr['v'];
if($rr['k'] === 'republish')
$channel['channel_a_republish'] = $rr['v'];
if($rr['k'] === 'delegate')
$channel['channel_a_delegate'] = $rr['v'];
}
$channel['perm_limits'] = $r;
}
}
function translate_channel_perms_inbound($channel) {
if($channel['perm_limits']) {
foreach($channel['perm_limits'] as $p) {
set_pconfig($channel['channel_id'],'perm_limits',$p['k'],$p['v']);
}
}
else {
perm_limits_upgrade($channel);
}
}
function translate_abook_perms_outbound(&$abook) {
$my_perms = 0;
$their_perms = 0;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && $abook['abconfig']) {
foreach($abook['abconfig'] as $p) {
if($p['cat'] === 'their_perms') {
if($p['k'] === 'view_stream' && intval($p['v']))
$their_perms += PERMS_R_STREAM;
if($p['k'] === 'view_profile' && intval($p['v']))
$their_perms += PERMS_R_PROFILE;
if($p['k'] === 'view_contacts' && intval($p['v']))
$their_perms += PERMS_R_ABOOK;
if($p['k'] === 'view_storage' && intval($p['v']))
$their_perms += PERMS_R_STORAGE;
if($p['k'] === 'view_pages' && intval($p['v']))
$their_perms += PERMS_R_PAGES;
if($p['k'] === 'send_stream' && intval($p['v']))
$their_perms += PERMS_W_STREAM;
if($p['k'] === 'post_wall' && intval($p['v']))
$their_perms += PERMS_W_WALL;
if($p['k'] === 'post_comments' && intval($p['v']))
$their_perms += PERMS_W_COMMENT;
if($p['k'] === 'post_mail' && intval($p['v']))
$their_perms += PERMS_W_MAIL;
if($p['k'] === 'post_like' && intval($p['v']))
$their_perms += PERMS_W_LIKE;
if($p['k'] === 'tag_deliver' && intval($p['v']))
$their_perms += PERMS_W_TAGWALL;
if($p['k'] === 'chat' && intval($p['v']))
$their_perms += PERMS_W_CHAT;
if($p['k'] === 'write_storage' && intval($p['v']))
$their_perms += PERMS_W_STORAGE;
if($p['k'] === 'write_pages' && intval($p['v']))
$their_perms += PERMS_W_PAGES;
if($p['k'] === 'republish' && intval($p['v']))
$their_perms += PERMS_A_REPUBLISH;
if($p['k'] === 'delegate' && intval($p['v']))
$their_perms += PERMS_A_DELEGATE;
}
if($p['cat'] === 'my_perms') {
if($p['k'] === 'view_stream' && intval($p['v']))
$my_perms += PERMS_R_STREAM;
if($p['k'] === 'view_profile' && intval($p['v']))
$my_perms += PERMS_R_PROFILE;
if($p['k'] === 'view_contacts' && intval($p['v']))
$my_perms += PERMS_R_ABOOK;
if($p['k'] === 'view_storage' && intval($p['v']))
$my_perms += PERMS_R_STORAGE;
if($p['k'] === 'view_pages' && intval($p['v']))
$my_perms += PERMS_R_PAGES;
if($p['k'] === 'send_stream' && intval($p['v']))
$my_perms += PERMS_W_STREAM;
if($p['k'] === 'post_wall' && intval($p['v']))
$my_perms += PERMS_W_WALL;
if($p['k'] === 'post_comments' && intval($p['v']))
$my_perms += PERMS_W_COMMENT;
if($p['k'] === 'post_mail' && intval($p['v']))
$my_perms += PERMS_W_MAIL;
if($p['k'] === 'post_like' && intval($p['v']))
$my_perms += PERMS_W_LIKE;
if($p['k'] === 'tag_deliver' && intval($p['v']))
$my_perms += PERMS_W_TAGWALL;
if($p['k'] === 'chat' && intval($p['v']))
$my_perms += PERMS_W_CHAT;
if($p['k'] === 'write_storage' && intval($p['v']))
$my_perms += PERMS_W_STORAGE;
if($p['k'] === 'write_pages' && intval($p['v']))
$my_perms += PERMS_W_PAGES;
if($p['k'] === 'republish' && intval($p['v']))
$my_perms += PERMS_A_REPUBLISH;
if($p['k'] === 'delegate' && intval($p['v']))
$my_perms += PERMS_A_DELEGATE;
}
}
$abook['abook_their_perms'] = $their_perms;
$abook['abook_my_perms'] = $my_perms;
}
}
function translate_abook_perms_inbound($channel,$abook) {
$new_perms = false;
$abook['abook_channel'] = $channel['channel_id'];
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && $abook['abconfig']) {
foreach($abook['abconfig'] as $p) {
if($p['cat'] == 'their_perms' || $p['cat'] == 'my_perms') {
$new_perms = true;
break;
}
}
}
if($new_perms == false) {
perm_abook_upgrade($abook);
}
}

519
include/permissions.php
View File

@ -67,7 +67,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
if($api)
return get_all_api_perms($uid,$api);
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
// Save lots of individual lookups
@ -81,13 +81,11 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$ret = array();
$abperms = (($uid && $observer_xchan) ? load_abconfig($uid,$observer_xchan,'my_perms') : array());
foreach($global_perms as $perm_name => $permission) {
// First find out what the channel owner declared permissions to be.
$channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name);
$channel_perm = $permission[0];
if(! $channel_checked) {
$r = q("select * from channel where channel_id = %d limit 1",
@ -107,7 +105,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// These take priority over all other settings.
if($observer_xchan) {
if($channel_perm & PERMS_AUTHED) {
if($r[0][$channel_perm] & PERMS_AUTHED) {
$ret[$perm_name] = true;
continue;
}
@ -138,10 +136,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// Check if this is a write permission and they are being ignored
// This flag is only visible internally.
$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
if(($x) && ($internal_use) && (! $global_perms[$perm_name][2]) && intval($x[0]['abook_ignored'])) {
$ret[$perm_name] = false;
continue;
}
@ -159,7 +154,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// if you've moved elsewhere, you will only have read only access
if(($observer_xchan) && ($r[0]['channel_hash'] === $observer_xchan)) {
if($r[0]['channel_moved'] && (in_array($perm_name,$blocked_anon_perms)))
if($r[0]['channel_moved'] && (! $permission[2]))
$ret[$perm_name] = false;
else
$ret[$perm_name] = true;
@ -168,7 +163,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// Anybody at all (that wasn't blocked or ignored). They have permission.
if($channel_perm & PERMS_PUBLIC) {
if($r[0][$channel_perm] & PERMS_PUBLIC) {
$ret[$perm_name] = true;
continue;
}
@ -183,7 +178,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// If we're still here, we have an observer, check the network.
if($channel_perm & PERMS_NETWORK) {
if($r[0][$channel_perm] & PERMS_NETWORK) {
if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) {
$ret[$perm_name] = true;
continue;
@ -192,7 +187,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// If PERMS_SITE is specified, find out if they've got an account on this hub
if($channel_perm & PERMS_SITE) {
if($r[0][$channel_perm] & PERMS_SITE) {
if(! $onsite_checked) {
$c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
dbesc($observer_xchan)
@ -219,7 +214,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// They are in your address book, but haven't been approved
if($channel_perm & PERMS_PENDING) {
if($r[0][$channel_perm] & PERMS_PENDING) {
$ret[$perm_name] = true;
continue;
}
@ -231,21 +226,16 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// They're a contact, so they have permission
if($channel_perm & PERMS_CONTACTS) {
if($r[0][$channel_perm] & PERMS_CONTACTS) {
$ret[$perm_name] = true;
continue;
}
// Permission granted to certain channels. Let's see if the observer is one of them
if($channel_perm & PERMS_SPECIFIC) {
if($abperms) {
foreach($abperms as $ab) {
if(($ab['cat'] == 'my_perms') && ($ab['k'] == $perm_name)) {
$ret[$perm_name] = (intval($ab['v']) ? true : false);
break;
}
}
if($r[0][$channel_perm] & PERMS_SPECIFIC) {
if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) {
$ret[$perm_name] = true;
continue;
}
}
@ -294,23 +284,21 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
if($arr['result'])
return true;
$global_perms = \Zotlabs\Access\Permissions::Perms();
$global_perms = get_perms();
// First find out what the channel owner declared permissions to be.
$channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$permission);
$channel_perm = $global_perms[$permission][0];
$r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
$r = q("select %s, channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
dbesc($channel_perm),
intval($uid)
);
if(! $r)
return false;
$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
if($observer_xchan) {
if($channel_perm & PERMS_AUTHED)
if($r[0][$channel_perm] & PERMS_AUTHED)
return true;
$x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash
@ -324,7 +312,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
if(($x) && intval($x[0]['abook_blocked']))
return false;
if(($x) && in_array($permission,$blocked_anon_perms) && intval($x[0]['abook_ignored']))
if(($x) && (! $global_perms[$permission][2]) && intval($x[0]['abook_ignored']))
return false;
if(! $x) {
@ -333,9 +321,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
dbesc($observer_xchan)
);
}
$abperms = load_abconfig($uid,$observer_xchan,'my_perms');
}
// system is blocked to anybody who is not authenticated
@ -347,13 +333,13 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// in which case you will have read_only access
if($r[0]['channel_hash'] === $observer_xchan) {
if($r[0]['channel_moved'] && (in_array($permission,$blocked_anon_perms)))
if($r[0]['channel_moved'] && (! $global_perms[$permission][2]))
return false;
else
return true;
}
if($channel_perm & PERMS_PUBLIC)
if($r[0][$channel_perm] & PERMS_PUBLIC)
return true;
// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
@ -364,14 +350,14 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// If we're still here, we have an observer, check the network.
if($channel_perm & PERMS_NETWORK) {
if($r[0][$channel_perm] & PERMS_NETWORK) {
if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot'))
return true;
}
// If PERMS_SITE is specified, find out if they've got an account on this hub
if($channel_perm & PERMS_SITE) {
if($r[0][$channel_perm] & PERMS_SITE) {
$c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
dbesc($observer_xchan)
);
@ -390,7 +376,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// They are in your address book, but haven't been approved
if($channel_perm & PERMS_PENDING) {
if($r[0][$channel_perm] & PERMS_PENDING) {
return true;
}
@ -400,20 +386,15 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// They're a contact, so they have permission
if($channel_perm & PERMS_CONTACTS) {
if($r[0][$channel_perm] & PERMS_CONTACTS) {
return true;
}
// Permission granted to certain channels. Let's see if the observer is one of them
if(($r) && ($channel_perm & PERMS_SPECIFIC)) {
if($abperms) {
foreach($abperms as $ab) {
if($ab['cat'] == 'my_perms' && $ab['k'] == $permission) {
return ((intval($ab['v'])) ? true : false);
}
}
}
if(($r) && $r[0][$channel_perm] & PERMS_SPECIFIC) {
if($x[0]['abook_my_perms'] & $global_perms[$permission][1])
return true;
}
// No permissions allowed.
@ -579,28 +560,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like', 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
@ -609,29 +590,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
break;
@ -640,28 +620,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_SPECIFIC,
'view_storage' => PERMS_SPECIFIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_SPECIFIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_SPECIFIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
break;
@ -670,28 +650,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
@ -700,28 +680,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
break;
@ -730,29 +710,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_SPECIFIC,
'view_contacts' => PERMS_SPECIFIC,
'view_storage' => PERMS_SPECIFIC,
'view_pages' => PERMS_SPECIFIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILEPERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_SPECIFIC;
$ret['channel_r_abook'] = PERMS_SPECIFIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_SPECIFIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_SPECIFIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
break;
@ -761,29 +740,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_NETWORK;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
@ -792,28 +770,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
@ -822,29 +800,26 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_like' , 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
@ -853,30 +828,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;

2
include/photos.php
View File

@ -412,7 +412,7 @@ function photo_upload($channel, $observer, $args) {
// in the photos pages - using the photos permissions instead. We need the public policy to keep the photo
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
$arr['public_policy'] = map_scope($channel['channel_r_stream'],true);
if($arr['public_policy'])
$arr['item_private'] = 1;

41
include/security.php
View File

@ -128,7 +128,6 @@ function atoken_xchan($atoken) {
*
* @return bool|array false or channel record of the new channel
*/
function change_channel($change_channel) {
$ret = false;
@ -478,19 +477,14 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {
$random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : '');
if(local_channel())
$ret[] = local_channel();
$x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ",
intval($perms)
$r = q("select channel_id from channel where channel_r_stream > 0 and ( channel_r_stream & %d )>0 and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ",
intval($perms),
intval(PAGE_ADULT|PAGE_CENSORED)
);
if($x) {
$ids = ids_to_querystr($x,'uid');
$r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ",
intval(PAGE_ADULT|PAGE_CENSORED)
);
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
}
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
}
$str = '';
@ -516,21 +510,16 @@ function stream_perms_xchans($perms = NULL ) {
if(local_channel())
$ret[] = get_observer_hash();
$x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ",
intval($perms)
$r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0 and channel_system = 0 and channel_removed = 0 ",
intval($perms),
intval(PAGE_ADULT|PAGE_CENSORED)
);
if($x) {
$ids = ids_to_querystr($x,'uid');
$r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ",
intval(PAGE_ADULT|PAGE_CENSORED)
);
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
}
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
}
$str = '';
if($ret) {
foreach($ret as $rr) {

49
include/text.php
View File

@ -1284,9 +1284,9 @@ function unobscure(&$item) {
if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) {
$key = get_config('system','prvkey');
if($item['title'])
$item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key);
$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key);
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
if(get_config('system','item_cache')) {
q("update item set title = '%s', body = '%s', item_obscured = 0 where id = %d",
dbesc($item['title']),
@ -1309,7 +1309,7 @@ function unobscure_mail(&$item) {
function theme_attachments(&$item) {
$arr = json_decode($item['attach'],true);
$arr = json_decode_plus($item['attach']);
if(is_array($arr) && count($arr)) {
$attaches = array();
foreach($arr as $r) {
@ -2212,12 +2212,20 @@ function jindent($json) {
return $result;
}
function json_decode_plus($s) {
$x = json_decode($s,true);
if(! $x)
$x = json_decode(str_replace(array('\\"','\\\\'),array('"','\\'),$s),true);
return $x;
}
/**
* @brief Creates navigation menu for webpage, layout, blocks, menu sites.
*
* @return string
*/
function design_tools() {
$channel = App::get_channel();
@ -2608,33 +2616,32 @@ function getIconFromType($type) {
'application/octet-stream' => 'fa-file-o',
//Text
'text/plain' => 'fa-file-text-o',
'application/msword' => 'fa-file-word-o',
'application/pdf' => 'fa-file-pdf-o',
'application/vnd.oasis.opendocument.text' => 'fa-file-word-o',
'application/msword' => 'fa-file-text-o',
'application/pdf' => 'fa-file-text-o',
'application/vnd.oasis.opendocument.text' => 'fa-file-text-o',
'application/epub+zip' => 'fa-book',
//Spreadsheet
'application/vnd.oasis.opendocument.spreadsheet' => 'fa-file-excel-o',
'application/vnd.ms-excel' => 'fa-file-excel-o',
'application/vnd.oasis.opendocument.spreadsheet' => 'fa-table',
'application/vnd.ms-excel' => 'fa-table',
//Image
'image/jpeg' => 'fa-picture-o',
'image/png' => 'fa-picture-o',
'image/gif' => 'fa-picture-o',
'image/svg+xml' => 'fa-picture-o',
//Archive
'application/zip' => 'fa-file-archive-o',
'application/x-rar-compressed' => 'fa-file-archive-o',
'application/zip' => 'fa-archive',
'application/x-rar-compressed' => 'fa-archive',
//Audio
'audio/mpeg' => 'fa-file-audio-o',
'audio/wav' => 'fa-file-audio-o',
'application/ogg' => 'fa-file-audio-o',
'audio/ogg' => 'fa-file-audio-o',
'audio/webm' => 'fa-file-audio-o',
'audio/mp4' => 'fa-file-audio-o',
'audio/mpeg' => 'fa-music',
'audio/wav' => 'fa-music',
'application/ogg' => 'fa-music',
'audio/ogg' => 'fa-music',
'audio/webm' => 'fa-music',
'audio/mp4' => 'fa-music',
//Video
'video/quicktime' => 'fa-file-video-o',
'video/webm' => 'fa-file-video-o',
'video/mp4' => 'fa-file-video-o',
'video/x-matroska' => 'fa-file-video-o'
'video/quicktime' => 'fa-film',
'video/webm' => 'fa-film',
'video/mp4' => 'fa-film'
);
$iconFromType = 'fa-file-o';

11
include/widgets.php
View File

@ -1356,14 +1356,9 @@ function widget_forums($arr) {
$perms_sql = item_permissions_sql(local_channel()) . item_normal();
/**
* We used to try and find public forums with custom permissions by checking to see if
* send_stream was false and tag_deliver was true. However with the newer extensible
* permissions infrastructure this makes for a very complicated query. Now we're only
* checking channels that report themselves specifically as pubforums
*/
$r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_pubforum = 1 and xchan_deleted = 0 and abook_channel = %d order by xchan_name $limit ",
$r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where ( xchan_pubforum = 1 or ((abook_their_perms & %d ) != 0 and (abook_their_perms & %d ) = 0) ) and xchan_deleted = 0 and abook_channel = %d order by xchan_name $limit ",
intval(PERMS_W_TAGWALL),
intval(PERMS_W_STREAM),
intval(local_channel())
);
if(! $r1)

194
include/zot.php
View File

@ -12,7 +12,6 @@ require_once('include/crypto.php');
require_once('include/items.php');
require_once('include/hubloc.php');
require_once('include/queue_fn.php');
require_once('include/perm_upgrade.php');
/**
@ -389,7 +388,10 @@ function zot_refresh($them, $channel = null, $force = false) {
if(! $x['success'])
return false;
$their_perms = 0;
if($channel) {
$global_perms = get_perms();
if($j['permissions']['data']) {
$permissions = crypto_unencapsulate(array(
'data' => $j['permissions']['data'],
@ -406,10 +408,15 @@ function zot_refresh($them, $channel = null, $force = false) {
$connected_set = false;
if($permissions && is_array($permissions)) {
$old_read_stream_perm = get_abconfig($channel['channel_id'],$x['hash'],'their_perms','view_stream');
foreach($permissions as $k => $v) {
set_abconfig($channel['channel_id'],$x['hash'],'their_perms',$k,$v);
// The connected permission means you are in their address book
if($k === 'connected') {
$connected_set = intval($v);
continue;
}
if(($v) && (array_key_exists($k,$global_perms))) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
}
}
@ -436,19 +443,36 @@ function zot_refresh($them, $channel = null, $force = false) {
if(substr($r[0]['abook_dob'],5) == substr($next_birthday,5))
$next_birthday = $r[0]['abook_dob'];
$y = q("update abook set abook_dob = '%s'
$current_abook_connected = (intval($r[0]['abook_unconnected']) ? 0 : 1);
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'
where abook_xchan = '%s' and abook_channel = %d
and abook_self = 0 ",
intval($their_perms),
dbescdate($next_birthday),
dbesc($x['hash']),
intval($channel['channel_id'])
);
// if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) {
// if they are in your address book but you aren't in theirs, and/or this does not
// match your current connected state setting, toggle it.
/** @FIXME uncoverted to postgres */
/** @FIXME when this was enabled, all contacts became unconnected. Currently disabled intentionally */
// $y1 = q("update abook set abook_unconnected = 1
// where abook_xchan = '%s' and abook_channel = %d
// and abook_self = 0 limit 1",
// dbesc($x['hash']),
// intval($channel['channel_id'])
// );
// }
if(! $y)
logger('abook update failed');
else {
// if we were just granted read stream permission and didn't have it before, try to pull in some posts
if((! $old_read_stream_perm) && (intval($permissions['view_stream'])))
if((! ($r[0]['abook_their_perms'] & PERMS_R_STREAM)) && ($their_perms & PERMS_R_STREAM))
Zotlabs\Daemon\Master::Summon(array('Onepoll',$r[0]['abook_id']));
}
}
@ -456,29 +480,15 @@ function zot_refresh($them, $channel = null, $force = false) {
// new connection
$my_perms = null;
$role = get_pconfig($channel['channel_id'],'system','permissions_role');
if($role) {
$xx = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($xx['perms_auto']) {
$default_perms = $xx['perms_connect'];
$my_perms = \Zotlabs\Access\Permissions::FilledPerms($default_perms);
}
$xx = get_role_perms($role);
if($xx['perms_auto'])
$default_perms = $xx['perms_accept'];
}
if(! $default_perms)
$default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
if(! $my_perms) {
$m = \Zotlabs\Access\Permissions::FilledAutoperms($channel['channel_id']);
if($m) {
$my_perms = $m;
}
}
if($my_perms) {
foreach($my_perms as $k => $v) {
set_abconfig($channel['channel_id'],$x['hash'],'my_perms',$k,$v);
}
}
// Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'],$x['hash']);
@ -488,11 +498,13 @@ function zot_refresh($them, $channel = null, $force = false) {
if($closeness === false)
$closeness = 80;
$y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', '%s', '%s', '%s', %d )",
$y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )",
intval($channel['channel_account_id']),
intval($channel['channel_id']),
intval($closeness),
dbesc($x['hash']),
intval($their_perms),
intval($default_perms),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($next_birthday),
@ -511,7 +523,7 @@ function zot_refresh($them, $channel = null, $force = false) {
);
if($new_connection) {
if(! \Zotlabs\Access\Permissions::PermsCompare($new_perms,$previous_perms))
if($new_perms != $previous_perms)
Zotlabs\Daemon\Master::Summon(array('Notifier','permission_create',$new_connection[0]['abook_id']));
Zotlabs\Lib\Enotify::submit(array(
'type' => NOTIFY_INTRO,
@ -520,9 +532,9 @@ function zot_refresh($them, $channel = null, $force = false) {
'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
));
if(intval($permissions['view_stream'])) {
if(intval(get_pconfig($channel['channel_id'],'perm_limits','send_stream') & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending'])))
if($their_perms & PERMS_R_STREAM) {
if(($channel['channel_w_stream'] & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending'])) )
Zotlabs\Daemon\Master::Summon(array('Onepoll',$new_connection[0]['abook_id']));
}
@ -1359,8 +1371,8 @@ function public_recips($msg) {
if($msg['message']['type'] === 'activity') {
if(! get_config('system','disable_discover_tab'))
$include_sys = true;
$perm = 'send_stream';
$col = 'channel_w_stream';
$field = PERMS_W_STREAM;
if(array_key_exists('flags',$msg['message']) && in_array('thread_parent', $msg['message']['flags'])) {
// check mention recipient permissions on top level posts only
$check_mentions = true;
@ -1392,30 +1404,65 @@ function public_recips($msg) {
// contains the tag. we'll solve that further below.
if($msg['notify']['sender']['guid_sig'] != $msg['message']['owner']['guid_sig']) {
$perm = 'post_comments';
$col = 'channel_w_comment';
$field = PERMS_W_COMMENT;
}
}
}
elseif($msg['message']['type'] === 'mail')
$perm = 'post_mail';
$r = array();
$c = q("select channel_id, channel_hash from channel where channel_removed = 0");
if($c) {
foreach($c as $cc) {
if(perm_is_allowed($cc['channel_id'],$msg['notify']['sender']['hash'],$perm)) {
$r[] = [ 'hash' => $cc['channel_hash'] ];
}
}
elseif($msg['message']['type'] === 'mail') {
$col = 'channel_w_mail';
$field = PERMS_W_MAIL;
}
// logger('message: ' . print_r($msg['message'],true));
if(! $col)
return NULL;
$col = dbesc($col);
// First find those channels who are accepting posts from anybody, or at least
// something greater than just their connections.
if($msg['notify']['sender']['url'] === z_root()) {
$sql = " where (( " . $col . " & " . intval(PERMS_NETWORK) . " ) > 0
or ( " . $col . " & " . intval(PERMS_SITE) . " ) > 0
or ( " . $col . " & " . intval(PERMS_PUBLIC) . ") > 0
or ( " . $col . " & " . intval(PERMS_AUTHED) . ") > 0 ) ";
} else {
$sql = " where ( " . $col . " = " . intval(PERMS_NETWORK) . "
or " . $col . " = " . intval(PERMS_PUBLIC) . "
or " . $col . " = " . intval(PERMS_AUTHED) . " ) ";
}
$r = q("select channel_hash as hash from channel $sql or channel_hash = '%s'
and channel_removed = 0 ",
dbesc($msg['notify']['sender']['hash'])
);
if(! $r)
$r = array();
// Now we have to get a bit dirty. Find every channel that has the sender in their connections (abook)
// and is allowing this sender at least at a high level.
$x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id
where abook_xchan = '%s' and channel_removed = 0
and (( " . $col . " = " . intval(PERMS_SPECIFIC) . " and ( abook_my_perms & " . intval($field) . " ) > 0 )
OR " . $col . " = " . intval(PERMS_PENDING) . "
OR ( " . $col . " = " . intval(PERMS_CONTACTS) . " and abook_pending = 0 )) ",
dbesc($msg['notify']['sender']['hash'])
);
if(! $x)
$x = array();
$r = array_merge($r,$x);
//logger('message: ' . print_r($msg['message'],true));
if($include_sys && array_key_exists('public_scope',$msg['message']) && $msg['message']['public_scope'] === 'public') {
$sys = get_sys_channel();
if($sys)
$r[] = [ 'hash' => $sys['channel_hash'] ];
$r[] = array('hash' => $sys['channel_hash']);
}
// look for any public mentions on this site
@ -1896,9 +1943,9 @@ function remove_community_tag($sender, $arr, $uid) {
$i = $r[0];
if($i['target'])
$i['target'] = json_decode($i['target'],true);
$i['target'] = json_decode_plus($i['target']);
if($i['object'])
$i['object'] = json_decode($i['object'],true);
$i['object'] = json_decode_plus($i['object']);
if(! ($i['target'] && $i['object'])) {
logger('remove_community_tag: no target/object');
@ -2951,14 +2998,6 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
$channel = $r[0];
translate_channel_perms_outbound($channel);
if($packet && array_key_exists('abook',$packet) && $packet['abook']) {
for($x = 0; $x < count($packet['abook']); $x ++) {
translate_abook_perms_outbound($packet['abook'][$x]);
}
}
if(intval($channel['channel_removed']))
return;
@ -3082,8 +3121,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
require_once('include/import.php');
/** @FIXME this will sync red structures (channel, pconfig and abook).
Eventually we need to make this application agnostic. */
/** @FIXME this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic. */
$result = array();
@ -3156,8 +3194,6 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
if(array_key_exists('channel',$arr) && is_array($arr['channel']) && count($arr['channel'])) {
translate_channel_perms_inbound($arr['channel']);
if(array_key_exists('channel_pageflags',$arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
// These flags cannot be sync'd.
// remove the bits from the incoming flags.
@ -3171,15 +3207,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
}
$disallowed = [
'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate'
];
$disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey', 'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted', 'channel_system');
$clean = array();
foreach($arr['channel'] as $k => $v) {
@ -3215,8 +3243,6 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($arr['abook'] as $abook) {
$abconfig = null;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
@ -3311,12 +3337,6 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
}
}
// This will set abconfig vars if the sender is using old-style fixed permissions
// using the raw abook record as passed to us. New-style permissions will fall through
// and be set using abconfig
translate_abook_perms_inbound($channel,$abook);
if($abconfig) {
// @fixme does not handle sync of del_abconfig
foreach($abconfig as $abc) {
@ -3782,21 +3802,11 @@ function zotinfo($arr) {
}
else {
// check if it has characteristics of a public forum based on custom permissions.
$t = q("select * from abconfig where abconfig.cat = 'my_perms' and abconfig.chan = %d and abconfig.xchan = '%s' and abconfig.k in ('tag_deliver', 'send_stream') ",
intval($e['channel_id']),
intval($e['channel_hash'])
$t = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1",
intval($e['channel_id'])
);
$ch = 0;
if($t) {
foreach($t as $tt) {
if($tt['k'] == 'tag_deliver' && $tt['v'] == 1)
$ch ++;
if($tt['k'] == 'send_stream' && $tt['v'] == 0)
$ch ++;
}
if($ch == 2)
$public_forum = true;
}
if(($t) && (($t[0]['abook_my_perms'] & PERMS_W_TAGWALL) && (! ($t[0]['abook_my_perms'] & PERMS_W_STREAM))))
$public_forum = true;
}

1
install/schema_mysql.sql
View File

@ -920,7 +920,6 @@ CREATE TABLE IF NOT EXISTS `pconfig` (
UNIQUE KEY `access` (`uid`,`cat`,`k`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `photo` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`aid` int(10) unsigned NOT NULL DEFAULT '0',

1
install/schema_postgres.sql
View File

@ -903,7 +903,6 @@ CREATE TABLE "pconfig" (
PRIMARY KEY ("id"),
UNIQUE ("uid","cat","k")
);
CREATE TABLE "photo" (
"id" serial NOT NULL,
"aid" bigint NOT NULL DEFAULT '0',

29
install/update.php
View File

@ -1,6 +1,6 @@
<?php
define( 'UPDATE_VERSION' , 1181 );
define( 'UPDATE_VERSION' , 1180 );
/**
*
@ -2402,30 +2402,5 @@ function update_r1179() {
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}
function update_r1180() {
require_once('include/perm_upgrade.php');
$r1 = q("select * from channel where true");
if($r1) {
foreach($r1 as $rr) {
perm_limits_upgrade($rr);
autoperms_upgrade($rr);
}
}
$r2 = q("select * from abook where true");
if($r2) {
foreach($r2 as $rr) {
perm_abook_upgrade($rr);
}
}
$r = $r1 && $r2;
if($r)
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}
}

22
library/readmore.js/README.md
View File

@ -9,22 +9,16 @@ Readmore.js is tested with—and supported on—all versions of jQuery greater t
## Install
Install Readmore.js with npm:
Install Readmore.js with Bower:
```
$ npm install readmore-js
$ bower install readmore
```
Then include it in your HTML:
```html
<script src="/node_modules/readmore-js/readmore.min.js"></script>
```
Or, using Webpack or Browserify:
```javascript
require('readmore-js');
<script src="/bower_components/readmore/readmore.min.js"></script>
```
@ -55,23 +49,17 @@ $('article').readmore({
* `startOpen: false` do not immediately truncate, start in the fully opened position
* `beforeToggle: function() {}` called after a more or less link is clicked, but *before* the block is collapsed or expanded
* `afterToggle: function() {}` called *after* the block is collapsed or expanded
* `blockProcessed: function() {}` called once per block during initilization after Readmore.js has processed the block.
If the element has a `max-height` CSS property, Readmore.js will use that value rather than the value of the `collapsedHeight` option.
### The callbacks:
The `beforeToggle` and `afterToggle` callbacks both receive the same arguments: `trigger`, `element`, and `expanded`.
The callback functions, `beforeToggle` and `afterToggle`, both receive the same arguments: `trigger`, `element`, and `expanded`.
* `trigger`: the "Read more" or "Close" element that was clicked
* `element`: the block that is being collapsed or expanded
* `expanded`: Boolean; `true` means the block is expanded
The `blockProcessed` callback receives `element` and `collapsable`.
* `element`: the block that has just been processed
* `collapsable`: Boolean; `false` means the block was shorter than the specified minimum `collapsedHeight`--the block will not have a "Read more" link
#### Callback example:
Here's an example of how you could use the `afterToggle` callback to scroll back to the top of a block when the "Close" link is clicked.
@ -178,6 +166,6 @@ $ npm install
Which will install the necessary development dependencies. Then, to build the minified script:
```
$ npm run build
$ gulp compress
```

13
library/readmore.js/hubzilla-custom-fix-webkit-browsers.patch
View File

@ -1,13 +0,0 @@
diff --git a/library/readmore.js/readmore.js b/library/readmore.js/readmore.js
index 34a624e..51222ce 100644
--- a/library/readmore.js/readmore.js
+++ b/library/readmore.js/readmore.js
@@ -246,7 +246,7 @@
collapsedHeight = $element.data('collapsedHeight');
if ($element.height() <= collapsedHeight) {
- newHeight = $element.data('expandedHeight') + 'px';
+ newHeight = 100 + '%';
newLink = 'lessLink';
expanded = true;
}

28
library/readmore.js/readmore.js
View File

@ -37,9 +37,8 @@
startOpen: false,
// callbacks
blockProcessed: function() {},
beforeToggle: function() {},
afterToggle: function() {}
beforeToggle: function(){},
afterToggle: function(){}
},
cssEmbedded = {},
uniqueIdCounter = 0;
@ -188,9 +187,6 @@
if (current.outerHeight(true) <= collapsedHeight + heightMargin) {
// The block is shorter than the limit, so there's no need to truncate it.
if (this.options.blockProcessed && typeof this.options.blockProcessed === 'function') {
this.options.blockProcessed(current, false);
}
return true;
}
else {
@ -210,7 +206,7 @@
};
})(this))
.attr({
'data-readmore-toggle': id,
'data-readmore-toggle': '',
'aria-controls': id
}));
@ -219,10 +215,6 @@
height: collapsedHeight
});
}
if (this.options.blockProcessed && typeof this.options.blockProcessed === 'function') {
this.options.blockProcessed(current, true);
}
}
},
@ -232,11 +224,11 @@
}
if (! trigger) {
trigger = $('[aria-controls="' + this.element.id + '"]')[0];
trigger = $('[aria-controls="' + _this.element.id + '"]')[0];
}
if (! element) {
element = this.element;
element = _this.element;
}
var $element = $(element),
@ -258,18 +250,14 @@
// Fire beforeToggle callback
// Since we determined the new "expanded" state above we're now out of sync
// with our true current state, so we need to flip the value of `expanded`
if (this.options.beforeToggle && typeof this.options.beforeToggle === 'function') {
this.options.beforeToggle(trigger, $element, ! expanded);
}
this.options.beforeToggle(trigger, $element, ! expanded);
$element.css({'height': newHeight});
// Fire afterToggle callback
$element.on('transitionend', (function(_this) {
return function() {
if (_this.options.afterToggle && typeof _this.options.afterToggle === 'function') {
_this.options.afterToggle(trigger, $element, expanded);
}
_this.options.afterToggle(trigger, $element, expanded);
$(this).attr({
'aria-expanded': expanded
@ -284,7 +272,7 @@
};
})(this))
.attr({
'data-readmore-toggle': $element.attr('id'),
'data-readmore-toggle': '',
'aria-controls': $element.attr('id')
}));
},

3290
util/hmessages.po
View File

File diff suppressed because it is too large Load Diff

4
util/po2php.php
View File

@ -1,5 +1,6 @@
<?php
function po2php_run($argc,$argv) {
if ($argc < 2) {
@ -58,9 +59,8 @@ function po2php_run($argc,$argv) {
$out .= 'function string_plural_select_' . $lang . '($n){'."\n";
$out .= ' return '.$cond.';'."\n";
$out .= '}}'."\n";
$out .= 'App::$rtl = ' . intval($rtl) ;
}
$out .= 'App::$rtl = ' . intval($rtl) . ';';
if ($k!="" && substr($l,0,7)=="msgstr "){
if ($ink) { $ink = False; $out .= 'App::$strings["'.$k.'"] = '; }

6
vendor/sabre/dav/lib/DAV/Browser/Plugin.php vendored
View File

@ -163,7 +163,7 @@ class Plugin extends DAV\ServerPlugin {
* @return bool
*/
function httpPOST(RequestInterface $request, ResponseInterface $response) {
$contentType = $request->getHeader('Content-Type');
list($contentType) = explode(';', $contentType);
if ($contentType !== 'application/x-www-form-urlencoded' &&
@ -179,7 +179,7 @@ class Plugin extends DAV\ServerPlugin {
if ($this->server->emit('onBrowserPostAction', [$uri, $postVars['sabreAction'], $postVars])) {
switch ($postVars['sabreAction']) {
switch ($postVars['sabreAction']) {
case 'mkcol' :
if (isset($postVars['name']) && trim($postVars['name'])) {
@ -221,7 +221,7 @@ class Plugin extends DAV\ServerPlugin {
if ($_FILES) $file = current($_FILES);
else break;
list(, $newName) = URLUtil::splitPath(trim($file['name']));
if (isset($postVars['name']) && trim($postVars['name']))
$newName = trim($postVars['name']);

9660
view/ca/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2196
view/ca/hstrings.php
View File

File diff suppressed because it is too large Load Diff

6
view/css/conversation.css
View File

@ -40,12 +40,6 @@
resize: vertical;
}
#profile-jot-text.hover {
background-color: aliceblue;
opacity: 0.5;
box-shadow: inset 0 3px 4px #888;
}
.jot-attachment {
border: 0px;
padding: 10px;

6
view/css/mod_cloud.css
View File

@ -41,9 +41,3 @@
padding: 7px 10px;
width: 100%;
}
#cloud-drag-area.hover {
background-color: aliceblue;
opacity: 0.5;
box-shadow: inset 0 0px 7px #5cb85c;
}

9616
view/de/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2154
view/de/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9616
view/es-es/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2152
view/es-es/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9594
view/fr/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2152
view/fr/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9800
view/it/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2200
view/it/hstrings.php
View File

File diff suppressed because it is too large Load Diff

4
view/js/main.js
View File

@ -659,7 +659,7 @@ function collapseHeight() {
var position = $(window).scrollTop();
$(".wall-item-content, .directory-collapse").each(function() {
var orgHeight = $(this).outerHeight(true);
var orgHeight = parseInt($(this).css('height'));
if(orgHeight > divmore_height) {
if(! $(this).hasClass('divmore')) {
@ -679,7 +679,7 @@ function collapseHeight() {
beforeToggle: function(trigger, element, expanded) {
if(expanded) {
if((($(element).offset().top + divmore_height) - $(window).scrollTop()) < 65 ) {
$(window).scrollTop($(window).scrollTop() - ($(element).outerHeight(true) - divmore_height));
$(window).scrollTop($(window).scrollTop() - (orgHeight - divmore_height));
}
}
}

190
view/js/mod_cloud.js
View File

@ -1,190 +0,0 @@
/**
* JavaScript for mod/cloud
*/
$(document).ready(function () {
// call initialization file
if (window.File && window.FileList && window.FileReader) {
UploadInit();
}
});
//
// initialize
function UploadInit() {
var fileselect = $("#files-upload");
var filedrag = $("#cloud-drag-area");
var submit = $("#upload-submit");
// is XHR2 available?
var xhr = new XMLHttpRequest();
if (xhr.upload) {
// file select
fileselect.on("change", UploadFileSelectHandler);
// file submit
submit.on("click", fileselect, UploadFileSelectHandler);
// file drop
filedrag.on("dragover", DragDropUploadFileHover);
filedrag.on("dragleave", DragDropUploadFileHover);
filedrag.on("drop", DragDropUploadFileSelectHandler);
}
window.filesToUpload = 0;
window.fileUploadsCompleted = 0;
}
// file drag hover
function DragDropUploadFileHover(e) {
e.stopPropagation();
e.preventDefault();
e.currentTarget.className = (e.type == "dragover" ? "hover" : "");
}
// file selection via drag/drop
function DragDropUploadFileSelectHandler(e) {
// cancel event and hover styling
DragDropUploadFileHover(e);
// fetch FileList object
var files = e.target.files || e.originalEvent.dataTransfer.files;
$('.new-upload').remove();
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
prepareHtml(f, i);
UploadFile(f, i);
}
}
// file selection via input
function UploadFileSelectHandler(e) {
// fetch FileList object
if(e.type === 'click') {
e.preventDefault();
var files = e.data[0].files;
}
else {
var files = e.target.files;
}
$('.new-upload').remove();
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
prepareHtml(f, i);
if(e.type === 'click')
UploadFile(f, i);
}
}
function prepareHtml(f, i) {
$("#cloud-index tr:nth-child(2)").after(
'<tr id=\"new-upload-' + i + '\" class=\"new-upload\" style=\"background: url(\'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mOM2RFTDwAE2QHxFMHIIwAAAABJRU5ErkJggg==\') repeat-y; background-size: 3px;\">' +
'<td><i class=\"fa ' + getIconFromType(f.type) + '\" title=\"' + f.type + '\"></i></td>' +
'<td>' + f.name + '</td>' +
'<td id=\"upload-progress-' + i + '\"></td><td></td><td></td><td></td><td></td>' +
'<td class=\"hidden-xs\">' + formatSizeUnits(f.size) + '</td><td class=\"hidden-xs\"></td>' +
'</tr>'
);
}
function formatSizeUnits(bytes){
if (bytes>=1000000000) {bytes=(bytes/1000000000).toFixed(2)+' GB';}
else if (bytes>=1000000) {bytes=(bytes/1000000).toFixed(2)+' MB';}
else if (bytes>=1000) {bytes=(bytes/1000).toFixed(2)+' KB';}
else if (bytes>1) {bytes=bytes+' bytes';}
else if (bytes==1) {bytes=bytes+' byte';}
else {bytes='0 byte';}
return bytes;
}
// this is basically a js port of include/text.php getIconFromType() function
function getIconFromType(type) {
var map = {
//Common file
'application/octet-stream': 'fa-file-o',
//Text
'text/plain': 'fa-file-text-o',
'application/msword': 'fa-file-word-o',
'application/pdf': 'fa-file-pdf-o',
'application/vnd.oasis.opendocument.text': 'fa-file-word-o',
'application/epub+zip': 'fa-book',
//Spreadsheet
'application/vnd.oasis.opendocument.spreadsheet': 'fa-file-excel-o',
'application/vnd.ms-excel': 'fa-file-excel-o',
//Image
'image/jpeg': 'fa-picture-o',
'image/png': 'fa-picture-o',
'image/gif': 'fa-picture-o',
'image/svg+xml': 'fa-picture-o',
//Archive
'application/zip': 'fa-file-archive-o',
'application/x-rar-compressed': 'fa-file-archive-o',
//Audio
'audio/mpeg': 'fa-file-audio-o',
'audio/wav': 'fa-file-audio-o',
'application/ogg': 'fa-file-audio-o',
'audio/ogg': 'fa-file-audio-o',
'audio/webm': 'fa-file-audio-o',
'audio/mp4': 'fa-file-audio-o',
//Video
'video/quicktime': 'fa-file-video-o',
'video/webm': 'fa-file-video-o',
'video/mp4': 'fa-file-video-o',
'video/x-matroska': 'fa-file-video-o'
};
var iconFromType = 'fa-file-o';
if (type in map) {
iconFromType = map[type];
}
return iconFromType;
}
// upload files
function UploadFile(file, idx) {
window.filesToUpload = window.filesToUpload + 1;
var xhr = new XMLHttpRequest();
xhr.withCredentials = true; // Include the SESSION cookie info for authentication
(xhr.upload || xhr).addEventListener('progress', function (e) {
var done = e.position || e.loaded;
var total = e.totalSize || e.total;
// Dynamically update the percentage complete displayed in the file upload list
$('#upload-progress-' + idx).html(Math.round(done / total * 100) + '%');
$('#new-upload-' + idx).css('background-size', Math.round(done / total * 100) + '%');
});
xhr.addEventListener('load', function (e) {
//console.log('xhr upload complete', e);
window.fileUploadsCompleted = window.fileUploadsCompleted + 1;
// When all the uploads have completed, refresh the page
if (window.filesToUpload > 0 && window.fileUploadsCompleted === window.filesToUpload) {
window.fileUploadsCompleted = window.filesToUpload = 0;
// After uploads complete, refresh browser window to display new files
window.location.href = window.location.href;
}
});
// POST to the entire cloud path
xhr.open('post', window.location.pathname, true);
var data = new FormData(document.getElementById("ajax-upload-files"));
data.append('file', file);
xhr.send(data);
}

9458
view/nb-no/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2136
view/nb-no/hstrings.php
View File

File diff suppressed because it is too large Load Diff

9614
view/nl/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2152
view/nl/hstrings.php
View File

File diff suppressed because it is too large Load Diff

3
view/theme/redbasic/css/style.css
View File

@ -106,7 +106,6 @@ input[type="submit"] {
input, optgroup, select, textarea {
color: #333;
resize: vertical;
}
pre code {
@ -2041,4 +2040,4 @@ dl.bb-dl > dd > li {
#wiki-preview img {
max-width: 100%;
}
}

32
view/tpl/cloud_actionspanel.tpl
View File

@ -1,20 +1,20 @@
<div id="files-mkdir-tools" class="section-content-tools-wrapper">
<label for="files-mkdir">{{$folder_header}}</label>
<form method="post" action="">
<input type="hidden" name="sabreAction" value="mkcol">
<input id="files-mkdir" type="text" name="name" class="form-control form-group">
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
</form>
<div class="clear"></div>
<label for="files-mkdir">{{$folder_header}}</label>
<form method="post" action="">
<input type="hidden" name="sabreAction" value="mkcol">
<input id="files-mkdir" type="text" name="name" class="form-control form-group">
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
</form>
<div class="clear"></div>
</div>
<div id="files-upload-tools" class="section-content-tools-wrapper">
{{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}}
<form id="ajax-upload-files" method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="sabreAction" value="put">
<label for="files-upload">{{$upload_header}}</label>
<div class="clear"></div>
<input class="form-group pull-left" id="files-upload" type="file" name="file" multiple>
<button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>
</form>
<div class="clear"></div>
{{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}}
<label for="files-upload">{{$upload_header}}</label>
<form method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="sabreAction" value="put">
<input class="form-group" id="files-upload" type="file" name="file">
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>
<!-- Name (optional): <input type="text" name="name"> we should rather provide a rename action in edit form-->
</form>
<div class="clear"></div>
</div>

2
view/tpl/cloud_directory.tpl
View File

@ -1,4 +1,4 @@
<div id="cloud-drag-area" class="section-content-wrapper-np">
<div class="section-content-wrapper-np">
<table id="cloud-index">
<tr>
<th width="1%"></th>

82
view/tpl/jot-header.tpl
View File

@ -164,12 +164,6 @@ function enableOnUser(){
});
} catch(e) {
}
// call initialization file
if (window.File && window.FileList && window.FileReader) {
DragDropUploadInit();
}
});
function deleteCheckedItems() {
@ -452,81 +446,7 @@ function enableOnUser(){
},
'json');
};
//
// initialize
function DragDropUploadInit() {
var filedrag = $("#profile-jot-text");
// is XHR2 available?
var xhr = new XMLHttpRequest();
if (xhr.upload) {
// file drop
filedrag.on("dragover", DragDropUploadFileHover);
filedrag.on("dragleave", DragDropUploadFileHover);
filedrag.on("drop", DragDropUploadFileSelectHandler);
}
window.filesToUpload = 0;
window.fileUploadsCompleted = 0;
}
// file drag hover
function DragDropUploadFileHover(e) {
e.stopPropagation();
e.preventDefault();
e.target.className = (e.type == "dragover" ? "hover" : "");
}
// file selection
function DragDropUploadFileSelectHandler(e) {
// cancel event and hover styling
DragDropUploadFileHover(e);
// fetch FileList object
var files = e.target.files || e.originalEvent.dataTransfer.files;
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
DragDropUploadFile(f, i);
}
}
// upload files
function DragDropUploadFile(file, idx) {
window.filesToUpload = window.filesToUpload + 1;
var xhr = new XMLHttpRequest();
xhr.withCredentials = true; // Include the SESSION cookie info for authentication
(xhr.upload || xhr).addEventListener('progress', function (e) {
$('#profile-rotator').spin('tiny');
});
xhr.addEventListener('load', function (e) {
//console.log('xhr upload complete', e);
window.fileUploadsCompleted = window.fileUploadsCompleted + 1;
// When all the uploads have completed, refresh the page
if (window.filesToUpload > 0 && window.fileUploadsCompleted === window.filesToUpload) {
addeditortext(xhr.responseText);
$('#jot-media').val($('#jot-media').val() + xhr.responseText);
$('#profile-rotator').spin(false);
window.fileUploadsCompleted = window.filesToUpload = 0;
}
});
// POST to the wall_upload endpoint
xhr.open('post', '{{$baseurl}}/wall_attach/{{$nickname}}', true);
var data = new FormData();
data.append('userfile', file);
xhr.send(data);
}
</script>
<script>