more work on perms
This commit is contained in:
redmatrix
parent
6424bac47c
commit
f4e4e734de
@ -97,7 +97,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
if($extra_channels_sql != '')
|
||||
$extra_channels_sql = " OR (abook_channel IN ($extra_channels_sql)) and abook_hidden = 0 ";
|
||||
|
||||
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
|
||||
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self
|
||||
FROM abook left join xchan on abook_xchan = xchan_hash
|
||||
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
|
||||
intval(local_channel())
|
||||
@ -105,7 +105,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
|
||||
}
|
||||
else { // Visitors
|
||||
$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
|
||||
$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, xchan_pubforum, 0 as abook_flags, 0 as abook_self
|
||||
FROM xchan left join xlink on xlink_link = xchan_hash
|
||||
WHERE xlink_xchan = '%s' AND xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
|
||||
dbesc(get_observer_hash())
|
||||
@ -121,7 +121,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
$known_hashes[] = "'".$rr['hash']."'";
|
||||
$known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')';
|
||||
|
||||
$r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
|
||||
$r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self
|
||||
FROM abook left join xchan on abook_xchan = xchan_hash
|
||||
WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc");
|
||||
if($r2)
|
||||
@ -150,7 +150,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
}
|
||||
if(intval(get_config('system','taganyone')) || intval(get_pconfig(local_channel(),'system','taganyone'))) {
|
||||
if((count($r) < 100) && $type == 'c') {
|
||||
$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
|
||||
$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self, xchan_pubforum
|
||||
FROM xchan
|
||||
WHERE xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc"
|
||||
);
|
||||
@ -173,7 +173,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
}
|
||||
elseif(($type == 'a') || ($type == 'p')) {
|
||||
|
||||
$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
|
||||
$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , xchan_pubforum, abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
|
||||
WHERE abook_channel = %d
|
||||
and xchan_deleted = 0
|
||||
$sql_extra3
|
||||
@ -213,7 +213,7 @@ class Acl extends \Zotlabs\Web\Controller {
|
||||
if(strpos($g['hash'],'/') && $type != 'a')
|
||||
continue;
|
||||
|
||||
if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) {
|
||||
if(($g['xchan_pubforum']) && $type == 'c' && (! $noforums)) {
|
||||
$contacts[] = array(
|
||||
"type" => "c",
|
||||
"photo" => "images/twopeople.png",
|
||||
|
||||
@ -57,8 +57,6 @@ class Mail extends \Zotlabs\Web\Controller {
|
||||
|
||||
$their_perms = 0;
|
||||
|
||||
$global_perms = get_perms();
|
||||
|
||||
if($j['permissions']['data']) {
|
||||
$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
|
||||
if($permissions)
|
||||
@ -68,13 +66,7 @@ class Mail extends \Zotlabs\Web\Controller {
|
||||
else
|
||||
$permissions = $j['permissions'];
|
||||
|
||||
foreach($permissions as $k => $v) {
|
||||
if($v) {
|
||||
$their_perms = $their_perms | intval($global_perms[$k][1]);
|
||||
}
|
||||
}
|
||||
|
||||
if(! ($their_perms & PERMS_W_MAIL)) {
|
||||
if(! ($permissions['post_mail'])) {
|
||||
notice( t('Selected channel has private message restrictions. Send failed.'));
|
||||
// reported issue: let's still save the message and continue. We'll just tell them
|
||||
// that nothing useful is likely to happen. They might have spent hours on it.
|
||||
@ -120,7 +112,7 @@ class Mail extends \Zotlabs\Web\Controller {
|
||||
|
||||
}
|
||||
|
||||
function get() {
|
||||
function get() {
|
||||
|
||||
$o = '';
|
||||
nav_set_selected('messages');
|
||||
|
||||
@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller {
|
||||
$create = array( 'new_channel', t('Create a new channel'), t('Create New'));
|
||||
|
||||
$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where
|
||||
abook_channel = %d and (abook_their_perms & %d) > 0",
|
||||
abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )",
|
||||
intval(local_channel()),
|
||||
intval(PERMS_A_DELEGATE)
|
||||
intval(local_channel())
|
||||
);
|
||||
|
||||
if($delegates) {
|
||||
|
||||
@ -89,6 +89,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
|
||||
*
|
||||
* @return bool|array false or channel record of the new channel
|
||||
*/
|
||||
|
||||
function change_channel($change_channel) {
|
||||
|
||||
$ret = false;
|
||||
@ -438,14 +439,19 @@ function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {
|
||||
$random_sql = (($rand) ? " ORDER BY " . db_getfunc('RAND') . " " : '');
|
||||
if(local_channel())
|
||||
$ret[] = local_channel();
|
||||
$r = q("select channel_id from channel where channel_r_stream > 0 and ( channel_r_stream & %d )>0 and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ",
|
||||
intval($perms),
|
||||
intval(PAGE_ADULT|PAGE_CENSORED)
|
||||
$x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ",
|
||||
intval($perms)
|
||||
);
|
||||
if($r) {
|
||||
foreach($r as $rr)
|
||||
if(! in_array($rr['channel_id'], $ret))
|
||||
$ret[] = $rr['channel_id'];
|
||||
if($x) {
|
||||
$ids = ids_to_querystr($x,'uid');
|
||||
$r = q("select channel_id from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 $random_sql $limit_sql ",
|
||||
intval(PAGE_ADULT|PAGE_CENSORED)
|
||||
);
|
||||
if($r) {
|
||||
foreach($r as $rr)
|
||||
if(! in_array($rr['channel_id'], $ret))
|
||||
$ret[] = $rr['channel_id'];
|
||||
}
|
||||
}
|
||||
|
||||
$str = '';
|
||||
@ -471,16 +477,21 @@ function stream_perms_xchans($perms = NULL ) {
|
||||
if(local_channel())
|
||||
$ret[] = get_observer_hash();
|
||||
|
||||
$r = q("select channel_hash from channel where channel_r_stream > 0 and (channel_r_stream & %d)>0 and not (channel_pageflags & %d)>0 and channel_system = 0 and channel_removed = 0 ",
|
||||
intval($perms),
|
||||
intval(PAGE_ADULT|PAGE_CENSORED)
|
||||
$x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ",
|
||||
intval($perms)
|
||||
);
|
||||
if($r) {
|
||||
foreach($r as $rr)
|
||||
if(! in_array($rr['channel_hash'], $ret))
|
||||
$ret[] = $rr['channel_hash'];
|
||||
}
|
||||
if($x) {
|
||||
$ids = ids_to_querystr($x,'uid');
|
||||
$r = q("select channel_hash from channel where channel_id in ( $ids ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ",
|
||||
intval(PAGE_ADULT|PAGE_CENSORED)
|
||||
);
|
||||
|
||||
if($r) {
|
||||
foreach($r as $rr)
|
||||
if(! in_array($rr['channel_hash'], $ret))
|
||||
$ret[] = $rr['channel_hash'];
|
||||
}
|
||||
}
|
||||
$str = '';
|
||||
if($ret) {
|
||||
foreach($ret as $rr) {
|
||||
|
||||
@ -1347,9 +1347,14 @@ function widget_forums($arr) {
|
||||
|
||||
$perms_sql = item_permissions_sql(local_channel()) . item_normal();
|
||||
|
||||
$r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where ( xchan_pubforum = 1 or ((abook_their_perms & %d ) != 0 and (abook_their_perms & %d ) = 0) ) and xchan_deleted = 0 and abook_channel = %d order by xchan_name $limit ",
|
||||
intval(PERMS_W_TAGWALL),
|
||||
intval(PERMS_W_STREAM),
|
||||
/**
|
||||
* We used to try and find public forums with custom permissions by checking to see if
|
||||
* send_stream was false and tag_deliver was true. However with the newer extensible
|
||||
* permissions infrastructure this makes for a very complicated query. Now we're only
|
||||
* checking channels that report themselves specifically as pubforums
|
||||
*/
|
||||
|
||||
$r1 = q("select abook_id, xchan_hash, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash where xchan_pubforum = 1 and xchan_deleted = 0 and abook_channel = %d order by xchan_name $limit ",
|
||||
intval(local_channel())
|
||||
);
|
||||
if(! $r1)
|
||||
|
||||
Reference in New Issue
Block a user