harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more work on AccessList integration

Browse Source
This commit is contained in:
redmatrix 2015-08-27 22:20:30 -07:00
parent 3fbb955cf2
commit ca0bc2bb7b
9 changed files with 113 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
boot.php
View File

@ -43,6 +43,7 @@ require_once('include/taxonomy.php');
require_once('include/identity.php');
require_once('include/Contact.php');
require_once('include/account.php');
require_once('include/AccessList.php');
define ( 'PLATFORM_NAME', 'hubzilla' );

60
include/AccessList.php
View File

@ -8,6 +8,8 @@ class AccessList {
private $deny_cid;
private $deny_gid;
/* indicates if we are using the default constructor values or values that have been set explicitly. */
private $explicit;
function __construct($channel) {
@ -69,3 +71,61 @@ class AccessList {
}
/**
* @brief Used to wrap ACL elements in angle brackets for storage.
*
* @param[in,out] array &$item
*/
function sanitise_acl(&$item) {
if (strlen($item))
$item = '<' . notags(trim($item)) . '>';
else
unset($item);
}
/**
* @brief Convert an ACL array to a storable string.
*
* @param array $p
* @return array
*/
function perms2str($p) {
$ret = '';
if (is_array($p))
$tmp = $p;
else
$tmp = explode(',', $p);
if (is_array($tmp)) {
array_walk($tmp, 'sanitise_acl');
$ret = implode('', $tmp);
}
return $ret;
}
/**
* @brief Turn user/group ACLs stored as angle bracketed text into arrays.
*
* turn string array of angle-bracketed elements into string array
* e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e);
*
* @param string $s
* @return array
*/
function expand_acl($s) {
$ret = array();
if(strlen($s)) {
$t = str_replace('<','',$s);
$a = explode('>',$t);
foreach($a as $aa) {
if($aa)
$ret[] = $aa;
}
}
return $ret;
}

2
include/menu.php
View File

@ -2,7 +2,7 @@
require_once('include/security.php');
require_once('include/bbcode.php');
require_once('include/AccessList.php');
function menu_fetch($name,$uid,$observer_xchan) {

56
include/text.php
View File

@ -458,63 +458,7 @@ function alt_pager(&$a, $i, $more = '', $less = '') {
}
/**
* @brief Turn user/group ACLs stored as angle bracketed text into arrays.
*
* turn string array of angle-bracketed elements into string array
* e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e);
*
* @param string $s
* @return array
*/
function expand_acl($s) {
$ret = array();
if(strlen($s)) {
$t = str_replace('<','',$s);
$a = explode('>',$t);
foreach($a as $aa) {
if($aa)
$ret[] = $aa;
}
}
return $ret;
}
/**
* @brief Used to wrap ACL elements in angle brackets for storage.
*
* @param[in,out] array &$item
*/
function sanitise_acl(&$item) {
if (strlen($item))
$item = '<' . notags(trim($item)) . '>';
else
unset($item);
}
/**
* @brief Convert an ACL array to a storable string.
*
* @param array $p
* @return array
*/
function perms2str($p) {
$ret = '';
if (is_array($p))
$tmp = $p;
else
$tmp = explode(',', $p);
if (is_array($tmp)) {
array_walk($tmp, 'sanitise_acl');
$ret = implode('', $tmp);
}
return $ret;
}
/**
* @brief Generate a guaranteed unique (for this domain) item ID for ATOM.

24
mod/chat.php
View File

@ -54,12 +54,11 @@ function chat_post(&$a) {
goaway(z_root() . '/chat/' . $channel['channel_address']);
}
$acl = new AccessList($channel);
$acl->set_from_array($_REQUEST);
$arr = array('name' => $room);
$arr['allow_gid'] = perms2str($_REQUEST['group_allow']);
$arr['allow_cid'] = perms2str($_REQUEST['contact_allow']);
$arr['deny_gid'] = perms2str($_REQUEST['group_deny']);
$arr['deny_cid'] = perms2str($_REQUEST['contact_deny']);
$arr = $acl->get();
$arr['name'] = $room;
chatroom_create($channel,$arr);
@ -158,7 +157,10 @@ function chat_content(&$a) {
intval($a->profile['profile_uid'])
);
if($x) {
$private = ((($x[0]['allow_cid']) || ($x[0]['allow_gid']) || ($x[0]['deny_cid']) || ($x[0]['deny_gid'])) ? true : false);
$acl = new AccessList(false);
$acl->set($x[0]);
$private = $acl->is_private();
$room_name = $x[0]['cr_name'];
if($bookmark_link)
$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1';
@ -192,14 +194,8 @@ function chat_content(&$a) {
if(local_channel() && argc() > 2 && argv(2) === 'new') {
$channel_acl = array(
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'],
'deny_gid' => $channel['channel_deny_gid']
);
$acl = new AccessList($channel);
$channel_acl = $acl->get();
require_once('include/acl_selectors.php');

52
mod/events.php
View File

@ -41,16 +41,11 @@ function events_post(&$a) {
$categories = escape_tags(trim($_POST['category']));
// only allow editing your own events.
if(($xchan) && ($xchan !== get_observer_hash()))
return;
// The default setting for the `private` field in event_store() is false, so mirror that
$private_event = false;
if($start_text) {
$start = $start_text;
}
@ -119,6 +114,8 @@ function events_post(&$a) {
$channel = $a->get_channel();
$acl = new AccessList(false);
if($event_id) {
$x = q("select * from event where id = %d and uid = %d limit 1",
intval($event_id),
@ -133,6 +130,8 @@ function events_post(&$a) {
return;
}
$acl->set($x[0]);
$created = $x[0]['created'];
$edited = datetime_convert();
@ -142,39 +141,21 @@ function events_post(&$a) {
}
else {
$share = true;
$str_group_allow = $x[0]['allow_gid'];
$str_contact_allow = $x[0]['allow_cid'];
$str_group_deny = $x[0]['deny_gid'];
$str_contact_deny = $x[0]['deny_cid'];
if(strlen($str_group_allow) || strlen($str_contact_allow)
|| strlen($str_group_deny) || strlen($str_contact_deny)) {
$private_event = true;
}
}
}
else {
$created = $edited = datetime_convert();
if($share) {
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
if(strlen($str_group_allow) || strlen($str_contact_allow)
|| strlen($str_group_deny) || strlen($str_contact_deny)) {
$private_event = true;
}
$acl->set_from_array($_POST);
}
else {
$str_contact_allow = '<' . $channel['channel_hash'] . '>';
$str_group_allow = $str_contact_deny = $str_group_deny = '';
$private_event = true;
$acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
}
}
$post_tags = array();
$channel = $a->get_channel();
$ac = $acl->get();
if(strlen($categories)) {
$cats = explode(',',$categories);
@ -201,11 +182,11 @@ function events_post(&$a) {
$datarray['uid'] = local_channel();
$datarray['account'] = get_account_id();
$datarray['event_xchan'] = $channel['channel_hash'];
$datarray['allow_cid'] = $str_contact_allow;
$datarray['allow_gid'] = $str_group_allow;
$datarray['deny_cid'] = $str_contact_deny;
$datarray['deny_gid'] = $str_group_deny;
$datarray['private'] = (($private_event) ? 1 : 0);
$datarray['allow_cid'] = $ac['allow_cid'];
$datarray['allow_gid'] = $ac['allow_gid'];
$datarray['deny_cid'] = $ac['deny_cid'];
$datarray['deny_gid'] = $ac['deny_gid'];
$datarray['private'] = (($acl->is_private()) ? 1 : 0);
$datarray['id'] = $event_id;
$datarray['created'] = $created;
$datarray['edited'] = $edited;
@ -660,12 +641,9 @@ function events_content(&$a) {
require_once('include/acl_selectors.php');
$perm_defaults = array(
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'],
'deny_gid' => $channel['channel_deny_gid']
);
$acl = new AccessList($channel);
$perm_defaults = $acl->get();
$tpl = get_markup_template('event_form.tpl');

1
mod/item.php
View File

@ -19,7 +19,6 @@ require_once('include/crypto.php');
require_once('include/enotify.php');
require_once('include/items.php');
require_once('include/attach.php');
require_once('include/AccessList.php');
function item_post(&$a) {

1
mod/mitem.php
View File

@ -2,7 +2,6 @@
require_once('include/menu.php');
require_once('include/acl_selectors.php');
require_once('include/AccessList.php');
function mitem_init(&$a) {

53
mod/photos.php
View File

@ -85,6 +85,7 @@ function photos_post(&$a) {
$owner_record = $s[0];
$acl = AccessList($a->data['channel']);
if((argc() > 3) && (argv(2) === 'album')) {
@ -200,6 +201,7 @@ function photos_post(&$a) {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
@ -208,10 +210,9 @@ function photos_post(&$a) {
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
$is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
$acl->set_from_array($_POST);
$perm = $acl->get();
$resource_id = $a->argv[2];
@ -284,10 +285,10 @@ function photos_post(&$a) {
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
dbesc($desc),
dbesc($str_contact_allow),
dbesc($str_group_allow),
dbesc($str_contact_deny),
dbesc($str_group_deny),
dbesc($perm['allow_cid']),
dbesc($perm['allow_gid']),
dbesc($perm['deny_cid']),
dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@ -331,20 +332,20 @@ function photos_post(&$a) {
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
where id = %d",
dbesc($str_contact_allow),
dbesc($str_group_allow),
dbesc($str_contact_deny),
dbesc($str_group_deny),
intval($item_private),
dbesc($perm['allow_cid']),
dbesc($perm['allow_gid']),
dbesc($perm['deny_cid']),
dbesc($perm['deny_gid']),
intval($acl->is_private()),
intval($item_id)
);
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
dbesc($str_contact_allow),
dbesc($str_group_allow),
dbesc($str_contact_deny),
dbesc($str_group_deny),
dbesc($perm['allow_cid']),
dbesc($perm['allow_gid']),
dbesc($perm['deny_cid']),
dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@ -418,11 +419,11 @@ function photos_post(&$a) {
$_REQUEST['source'] = 'photos';
require_once('include/attach.php');
if(!local_channel()) {
if(! local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
@ -557,14 +558,10 @@ function photos_content(&$a) {
if($_is_owner) {
$channel = $a->get_channel();
$channel_acl = array(
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'],
'deny_gid' => $channel['channel_deny_gid']
);
$acl = new AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');