When checking permissions ignore checking site "Block Public" settings in cases where site permissions aren't applicable
This commit is contained in:
zotlabs
parent
32614e4074
commit
e8aeecc4c9
@ -774,7 +774,7 @@ class Connedit extends \Zotlabs\Web\Controller {
|
||||
|
||||
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
|
||||
$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
|
||||
$existing = get_all_perms(local_channel(),$contact['abook_xchan'],false);
|
||||
|
||||
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
|
||||
|
||||
|
||||
@ -209,7 +209,6 @@ class Defperms extends \Zotlabs\Web\Controller {
|
||||
|
||||
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
|
||||
$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
|
||||
$hidden_perms = [];
|
||||
|
||||
foreach($global_perms as $k => $v) {
|
||||
|
||||
@ -117,7 +117,7 @@ class Tokens {
|
||||
$global_perms = \Zotlabs\Access\Permissions::Perms();
|
||||
$their_perms = [];
|
||||
|
||||
$existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''));
|
||||
$existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''),false);
|
||||
|
||||
if($atoken_xchan) {
|
||||
$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
|
||||
|
||||
@ -16,11 +16,14 @@ require_once('include/security.php');
|
||||
*
|
||||
* @param int $uid The channel_id associated with the resource owner
|
||||
* @param string $observer_xchan The xchan_hash representing the observer
|
||||
* @param bool $internal_use (default true)
|
||||
* @param bool $check_siteblock (default true)
|
||||
* if false, bypass check for "Block Public" on the site
|
||||
* @param bool $default_ignored (default true)
|
||||
* if false, lie and pretend the ignored person has permissions you are ignoring (used in channel discovery)
|
||||
*
|
||||
* @returns array of all permissions, key is permission name, value is true or false
|
||||
*/
|
||||
function get_all_perms($uid, $observer_xchan, $internal_use = true) {
|
||||
function get_all_perms($uid, $observer_xchan, $check_siteblock = true, $default_ignored = true) {
|
||||
|
||||
$api = App::get_oauth_key();
|
||||
if($api)
|
||||
@ -111,7 +114,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
|
||||
$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
|
||||
|
||||
|
||||
if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
|
||||
if(($x) && ($default_ignored) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
|
||||
$ret[$perm_name] = false;
|
||||
continue;
|
||||
}
|
||||
@ -119,7 +122,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
|
||||
|
||||
// system is blocked to anybody who is not authenticated
|
||||
|
||||
if((! $observer_xchan) && intval(get_config('system', 'block_public'))) {
|
||||
if(($check_siteblock) && (! $observer_xchan) && intval(get_config('system', 'block_public'))) {
|
||||
$ret[$perm_name] = false;
|
||||
continue;
|
||||
}
|
||||
@ -251,9 +254,11 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
|
||||
* @param int $uid The channel_id associated with the resource owner
|
||||
* @param string $observer_xchan The xchan_hash representing the observer
|
||||
* @param string $permission
|
||||
* @param boolean $check_siteblock (default true)
|
||||
* if false bypass check for "Block Public" at the site level
|
||||
* @return bool true if permission is allowed for observer on channel
|
||||
*/
|
||||
function perm_is_allowed($uid, $observer_xchan, $permission) {
|
||||
function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock = true) {
|
||||
|
||||
$api = App::get_oauth_key();
|
||||
if($api)
|
||||
@ -326,7 +331,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
|
||||
|
||||
// system is blocked to anybody who is not authenticated
|
||||
|
||||
if((! $observer_xchan) && intval(get_config('system', 'block_public')))
|
||||
if(($check_siteblock) && (! $observer_xchan) && intval(get_config('system', 'block_public')))
|
||||
return false;
|
||||
|
||||
// Check if this $uid is actually the $observer_xchan
|
||||
|
||||
@ -491,7 +491,7 @@ function zot_refresh($them, $channel = null, $force = false) {
|
||||
$profile_assign = get_pconfig($channel['channel_id'],'system','profile_assign','');
|
||||
|
||||
// Keep original perms to check if we need to notify them
|
||||
$previous_perms = get_all_perms($channel['channel_id'],$x['hash']);
|
||||
$previous_perms = get_all_perms($channel['channel_id'],$x['hash'],false);
|
||||
|
||||
$r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1",
|
||||
dbesc($x['hash']),
|
||||
@ -560,7 +560,7 @@ function zot_refresh($them, $channel = null, $force = false) {
|
||||
|
||||
if($y) {
|
||||
logger("New introduction received for {$channel['channel_name']}");
|
||||
$new_perms = get_all_perms($channel['channel_id'],$x['hash']);
|
||||
$new_perms = get_all_perms($channel['channel_id'],$x['hash'],false);
|
||||
|
||||
// Send a clone sync packet and a permissions update if permissions have changed
|
||||
|
||||
@ -4419,7 +4419,7 @@ function zotinfo($arr) {
|
||||
if(! $ret['follow_url'])
|
||||
$ret['follow_url'] = z_root() . '/follow?f=&url=%s';
|
||||
|
||||
$permissions = get_all_perms($e['channel_id'],$ztarget_hash,false);
|
||||
$permissions = get_all_perms($e['channel_id'],$ztarget_hash,false,false);
|
||||
|
||||
if($ztarget_hash) {
|
||||
$permissions['connected'] = false;
|
||||
|
||||
Reference in New Issue
Block a user