more heavy lifting on xtensible perms

Zotlabs/Access/PermissionLimits.php

@@ -11,7 +11,7 @@ class PermissionLimits {
 		if($r) {
 			if($r[0]['perm_limit'] != $perm_limit) {
 				$x = q("update perm_limits set perm_limit = %d where id = %d",
-					dbesc($perm_limit)
+					dbesc($perm_limit),
 					intval($r[0]['id'])
 				);
 			}
@@ -29,7 +29,7 @@ class PermissionLimits {
 	static public function Get($channel_id,$perm = '') {
 		if($perm) {
 			$r = q("select * from perm_limits where channel_id = %d and perm = '%s' limit 1",
-				intval($channel_id)
+				intval($channel_id),
 				dbesc($perm)
 			);
 			if($r)

Zotlabs/Access/PermissionRoles.php

@@ -7,8 +7,8 @@ use Zotlabs\Lib as Zlib;
 
 class PermissionRoles {
 
-	static private role_limits = array();
-	static private role_perms  = array();
+	static private $role_limits = array();
+	static private $role_perms  = array();
 
 	static public function roles() {
 	    $roles = [

Zotlabs/Module/Connedit.php

@@ -197,8 +197,11 @@ class Connedit extends \Zotlabs\Web\Controller {
 			$role = get_pconfig(local_channel(),'system','permissions_role');
 			if($role) {
 				$x = get_role_perms($role);
-				if($x['perms_accept'])
-					$abook_my_perms = $x['perms_accept'];
+				if($x['perms_connect']) {
+					foreach($x['perms_connect'] as $p) {
+						set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'my_perms',$p,1);
+					}
+				}
 			}
 		}
 	
@@ -374,8 +377,8 @@ class Connedit extends \Zotlabs\Web\Controller {
 		$role = get_pconfig(local_channel(),'system','permissions_role');
 		if($role) {
 			$x = get_role_perms($role);
-			if($x['perms_accept'])
-				$my_perms = $x['perms_accept'];
+			if($x['perms_connect'])
+				$my_perms = $x['perms_connect'];
 		}
 	
 		$yes_no = array(t('No'),t('Yes'));

Zotlabs/Module/Settings.php

@@ -371,7 +371,7 @@ class Settings extends \Zotlabs\Web\Controller {
 				}
 	
 				foreach($global_perms as $k => $v) {
-					set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k,((array_key_exists($k,$role_permissions['perms_accept'])) ? intval($role_permissions['perms_accept'][$k])));
+					set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k,((array_key_exists($k,$role_permissions['perms_connect'])) ? 1 : 0));
 				}
 
 				set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0));

include/permissions.php

@@ -85,7 +85,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
 
 		// First find out what the channel owner declared permissions to be.
 
-		$channel_perm = \ZotlabAccess\PermissionLimits::Get($uid,$perm_name);
+		$channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name);
 
 		if(! $channel_checked) {
 			$r = q("select * from channel where channel_id = %d limit 1",
@@ -139,7 +139,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
 			$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
 
 
-			if(($x) && ($internal_use) && (in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
+			if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
 				$ret[$perm_name] = false;
 				continue;
 			}
@@ -287,21 +287,20 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 	if($arr['result'])
 		return true;
 
-	$global_perms = get_perms();
+	$global_perms = \Zotlabs\Access\Permissions::Perms();
 
 	// First find out what the channel owner declared permissions to be.
 
-	$channel_perm = $global_perms[$permission][0];
+	$channel_perm = \Zotlabs\Access\PermissionLimits($uid,$permission);
 
-	$r = q("select %s, channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
-		dbesc($channel_perm),
+	$r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
 		intval($uid)
 	);
 	if(! $r)
 		return false;
 
 	if($observer_xchan) {
-		if($r[0][$channel_perm] & PERMS_AUTHED)
+		if($channel_perm & PERMS_AUTHED)
 			return true;
 
 		$x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash 
@@ -324,8 +323,11 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 				dbesc($observer_xchan)
 			);
 		}
+		$abperms = load_abconfig($uid,$observer_xchan);
 	}
 	
+	$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
+
 	// system is blocked to anybody who is not authenticated
 
 	if((! $observer_xchan) && intval(get_config('system', 'block_public')))
@@ -336,13 +338,13 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 	// in which case you will have read_only access
 
 	if($r[0]['channel_hash'] === $observer_xchan) {
-		if($r[0]['channel_moved'] && (! $global_perms[$permission][2]))
+		if($r[0]['channel_moved'] && (in_array($permission,$blocked_anon_perms)))
 			return false;
 		else
 			return true;
 	}
 
-	if($r[0][$channel_perm] & PERMS_PUBLIC)
+	if($channel_perm & PERMS_PUBLIC)
 		return true;
 
 	// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
@@ -353,14 +355,14 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 
 	// If we're still here, we have an observer, check the network.
 
-	if($r[0][$channel_perm] & PERMS_NETWORK) {
+	if($channel_perm & PERMS_NETWORK) {
 		if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot'))
 			return true;
 	}
 
 	// If PERMS_SITE is specified, find out if they've got an account on this hub
 
-	if($r[0][$channel_perm] & PERMS_SITE) {
+	if($channel_perm & PERMS_SITE) {
 		$c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
 			dbesc($observer_xchan)
 		);
@@ -379,7 +381,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 
 	// They are in your address book, but haven't been approved
 
-	if($r[0][$channel_perm] & PERMS_PENDING) {
+	if($channel_perm & PERMS_PENDING) {
 		return true;
 	}
 
@@ -389,15 +391,16 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 
 	// They're a contact, so they have permission
 
-	if($r[0][$channel_perm] & PERMS_CONTACTS) {
+	if($channel_perm & PERMS_CONTACTS) {
 		return true;
 	}
 
 	// Permission granted to certain channels. Let's see if the observer is one of them
 
-	if(($r) && $r[0][$channel_perm] & PERMS_SPECIFIC) {
-		if($x[0]['abook_my_perms'] & $global_perms[$permission][1])
+	if(($r) && ($channel_perm & PERMS_SPECIFIC)) {
+		if(array_key_exists('my_perms',$abperms) && array_key_exists($permission,$abperms['my_perms']) && $abperms['my_perms'][$permission]) {
 			return true;
+		}
 	}
 
 	// No permissions allowed.
@@ -563,28 +566,28 @@ function get_role_perms($role) {
 			$ret['default_collection'] = false;
 			$ret['directory_publish'] = true;
 			$ret['online'] = true;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_NETWORK;
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+				'post_mail', 'chat', 'post_like', 'republish' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -593,28 +596,29 @@ function get_role_perms($role) {
 			$ret['default_collection'] = true;
 			$ret['directory_publish'] = true;
 			$ret['online'] = true;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_SPECIFIC;
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+				'post_mail', 'chat', 'post_like' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
+
 
 			break;
 
@@ -623,28 +627,28 @@ function get_role_perms($role) {
 			$ret['default_collection'] = true;
 			$ret['directory_publish'] = false;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_SPECIFIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_SPECIFIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_SPECIFIC;
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+				'post_mail', 'post_like' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_SPECIFIC,
+				'view_storage'   => PERMS_SPECIFIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -653,28 +657,28 @@ function get_role_perms($role) {
 			$ret['default_collection'] = false;
 			$ret['directory_publish'] = true;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_NETWORK;
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+				'post_mail', 'post_like' , 'republish', 'chat' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -683,28 +687,28 @@ function get_role_perms($role) {
 			$ret['default_collection'] = true;
 			$ret['directory_publish'] = true;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_SPECIFIC;
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+				'post_mail', 'post_like' , 'chat' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -713,28 +717,29 @@ function get_role_perms($role) {
 			$ret['default_collection'] = true;
 			$ret['directory_publish'] = false;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILEPERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_SPECIFIC;
-			$ret['channel_r_abook']     = PERMS_SPECIFIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_SPECIFIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_SPECIFIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_SPECIFIC;
+
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'post_wall', 'post_comments',
+				'post_mail', 'post_like' , 'chat' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_SPECIFIC,
+				'view_contacts'  => PERMS_SPECIFIC,
+				'view_storage'   => PERMS_SPECIFIC,
+				'view_pages'     => PERMS_SPECIFIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -743,28 +748,29 @@ function get_role_perms($role) {
 			$ret['default_collection'] = false;
 			$ret['directory_publish'] = true;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_NETWORK;
-			$ret['channel_w_like']      = PERMS_NETWORK;
+
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+				'post_mail', 'post_like' , 'republish' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -773,28 +779,28 @@ function get_role_perms($role) {
 			$ret['default_collection'] = true;
 			$ret['directory_publish'] = false;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_NETWORK;
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+				'post_mail', 'post_like' , 'republish' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -803,26 +809,29 @@ function get_role_perms($role) {
 			$ret['default_collection'] = false;
 			$ret['directory_publish'] = true;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_NETWORK;
+
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'post_like' , 'republish' ];
+
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
 
 			break;
 
@@ -831,28 +840,30 @@ function get_role_perms($role) {
 			$ret['default_collection'] = false;
 			$ret['directory_publish'] = true;
 			$ret['online'] = false;
-			$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
-			$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
-				|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
-				|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
-			$ret['channel_r_stream']    = PERMS_PUBLIC;
-			$ret['channel_r_profile']   = PERMS_PUBLIC;
-			$ret['channel_r_abook']     = PERMS_PUBLIC;
-			$ret['channel_w_stream']    = PERMS_SPECIFIC;
-			$ret['channel_w_wall']      = PERMS_SPECIFIC;
-			$ret['channel_w_tagwall']   = PERMS_SPECIFIC;
-			$ret['channel_w_comment']   = PERMS_SPECIFIC;
-			$ret['channel_w_mail']      = PERMS_SPECIFIC;
-			$ret['channel_w_chat']      = PERMS_SPECIFIC;
-			$ret['channel_a_delegate']  = PERMS_SPECIFIC;
-			$ret['channel_r_storage']   = PERMS_PUBLIC;
-			$ret['channel_w_storage']   = PERMS_SPECIFIC;
-			$ret['channel_r_pages']     = PERMS_PUBLIC;
-			$ret['channel_w_pages']     = PERMS_SPECIFIC;
-			$ret['channel_a_republish'] = PERMS_SPECIFIC;
-			$ret['channel_w_like']      = PERMS_NETWORK;
+
+			$ret['perms_connect'] = [ 
+				'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+				'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
+				'post_mail', 'post_like' , 'republish', 'chat' ];
+			$ret['limits'] = [
+				'view_stream'    => PERMS_PUBLIC,
+				'view_profile'   => PERMS_PUBLIC,
+				'view_contacts'  => PERMS_PUBLIC,
+				'view_storage'   => PERMS_PUBLIC,
+				'view_pages'     => PERMS_PUBLIC,
+				'send_stream'    => PERMS_SPECIFIC,
+				'post_wall'      => PERMS_SPECIFIC,
+				'post_comments'  => PERMS_SPECIFIC,
+				'post_mail'      => PERMS_SPECIFIC,
+				'post_like'      => PERMS_SPECIFIC,
+				'tag_deliver'    => PERMS_SPECIFIC,
+				'chat'           => PERMS_SPECIFIC,
+				'write_storage'  => PERMS_SPECIFIC,
+				'write_pages'    => PERMS_SPECIFIC,
+				'republish'      => PERMS_SPECIFIC,
+				'delegate'       => PERMS_SPECIFIC
+			];
+
 
 			break;