harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

start to whip the permissions into shape, also got rid of the mce drop shadow until we can figure out how to do it without the ugly black bars. I tend to prefer "outy" shadows over "inny" shadows anyway, but maybe that's just me.

Browse Source
This commit is contained in:
friendica 2012-12-09 18:07:36 -08:00
parent 7f77670649
commit f8c33243bf
8 changed files with 45 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/ConversationObject.php
View File

@ -33,6 +33,9 @@ class Conversation extends BaseObject {
$a = $this->get_app(); $a = $this->get_app();
$observer = $a->get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
switch($mode) { switch($mode) {
case 'network': case 'network':
$this->profile_owner = local_user(); $this->profile_owner = local_user();
@ -40,11 +43,11 @@ class Conversation extends BaseObject {
break; break;
case 'channel': case 'channel':
$this->profile_owner = $a->profile['profile_uid']; $this->profile_owner = $a->profile['profile_uid'];
$this->writable = can_write_wall($a,$this->profile_owner); $this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
break; break;
case 'display': case 'display':
$this->profile_owner = $a->profile['uid']; $this->profile_owner = $a->profile['uid'];
$this->writable = can_write_wall($a,$this->profile_owner); $this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
break; break;
default: default:
logger('[ERROR] Conversation::set_mode : Unhandled mode ('. $mode .').', LOGGER_DEBUG); logger('[ERROR] Conversation::set_mode : Unhandled mode ('. $mode .').', LOGGER_DEBUG);

14
include/conversation.php
View File

@ -406,7 +406,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional') {
elseif($mode === 'channel') { elseif($mode === 'channel') {
$profile_owner = $a->profile['profile_uid']; $profile_owner = $a->profile['profile_uid'];
$page_writeable = can_write_wall($a,$profile_owner); $page_writeable = ($profile_owner == local_user());
if(!$update) { if(!$update) {
$tab = notags(trim($_GET['tab'])); $tab = notags(trim($_GET['tab']));
@ -427,22 +427,12 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional') {
elseif($mode === 'display') { elseif($mode === 'display') {
$profile_owner = $a->profile['uid']; $profile_owner = $a->profile['uid'];
$page_writeable = can_write_wall($a,$profile_owner); $page_writeable = ($profile_owner == local_user());
$live_update_div = '<div id="live-display"></div>' . "\r\n"; $live_update_div = '<div id="live-display"></div>' . "\r\n";
} }
elseif($mode === 'community') {
$profile_owner = 0;
$page_writeable = false;
if(!$update) {
$live_update_div = '<div id="live-community"></div>' . "\r\n"
. "<script> var profile_uid = -1; var netargs = '/?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
}
}
else if($mode === 'search') { else if($mode === 'search') {
$live_update_div = '<div id="live-search"></div>' . "\r\n"; $live_update_div = '<div id="live-search"></div>' . "\r\n";
} }

66
include/security.php
View File

@ -135,72 +135,6 @@ function authenticate_success($user_record, $login_initial = false, $interactive
} }
function can_write_wall(&$a,$owner) {
static $verified = 0;
if((! (local_user())) && (! (remote_user())))
return false;
$uid = local_user();
if(($uid) && ($uid == $owner)) {
return true;
}
if(remote_user()) {
// use remembered decision and avoid a DB lookup for each and every display item
// DO NOT use this function if there are going to be multiple owners
// We have a contact-id for an authenticated remote user, this block determines if the contact
// belongs to this page owner, and has the necessary permissions to post content
if($verified === 2)
return true;
elseif($verified === 1)
return false;
else {
$cid = 0;
if(is_array($_SESSION['remote'])) {
foreach($_SESSION['remote'] as $visitor) {
if($visitor['uid'] == $owner) {
$cid = $visitor['cid'];
break;
}
}
}
if(! $cid)
return false;
$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid`
WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
intval($owner),
intval($cid),
intval(CONTACT_IS_SHARING),
intval(CONTACT_IS_FRIEND),
intval(PAGE_COMMUNITY)
);
if(count($r)) {
$verified = 2;
return true;
}
else {
$verified = 1;
}
}
}
return false;
}
function change_channel($change_channel) { function change_channel($change_channel) {
$ret = false; $ret = false;

64
mod/channel.php
View File

@ -53,6 +53,7 @@ function channel_content(&$a, $update = 0) {
} }
} }
if(get_config('system','block_public') && (! get_account_id()) && (! remote_user())) { if(get_config('system','block_public') && (! get_account_id()) && (! remote_user())) {
return login(); return login();
} }
@ -64,9 +65,12 @@ function channel_content(&$a, $update = 0) {
require_once('include/conversation.php'); require_once('include/conversation.php');
require_once('include/acl_selectors.php'); require_once('include/acl_selectors.php');
require_once('include/items.php'); require_once('include/items.php');
require_once('include/permissions.php');
$groups = array(); $groups = array();
$tab = 'posts'; $tab = 'posts';
$o = ''; $o = '';
@ -80,47 +84,17 @@ function channel_content(&$a, $update = 0) {
} }
} }
$observer = $a->get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$contact = null; $perms = get_all_perms($a->profile['profile_uid'],$ob_hash);
$remote_contact = false;
$contact_id = 0; if(! $perms['view_stream']) {
notice( t('Permission denied.') . EOL);
if(is_array($_SESSION['remote'])) {
foreach($_SESSION['remote'] as $v) {
if($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid'];
break;
}
}
}
if($contact_id) {
$groups = init_groups_visitor($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id),
intval($a->profile['profile_uid'])
);
if(count($r)) {
$contact = $r[0];
$remote_contact = true;
}
}
if(! $remote_contact) {
if(local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
}
}
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
notice( t('Access to this profile has been restricted.') . EOL);
return; return;
} }
if(! $update) { if(! $update) {
@ -129,22 +103,17 @@ function channel_content(&$a, $update = 0) {
$o .= common_friends_visitor_widget($a->profile['profile_uid']); $o .= common_friends_visitor_widget($a->profile['profile_uid']);
$commpage = (($a->profile['page-flags'] == PAGE_COMMUNITY) ? true : false); if($perms['post_wall']) {
$commvisitor = (($commpage && $remote_contact == true) ? true : false);
$celeb = ((($a->profile['page-flags'] == PAGE_SOAPBOX) || ($a->profile['page-flags'] == PAGE_COMMUNITY)) ? true : false);
if(can_write_wall($a,$a->profile['profile_uid'])) {
$x = array( $x = array(
'is_owner' => $is_owner, 'is_owner' => $is_owner,
'allow_location' => ((($is_owner || $commvisitor) && $a->profile['allow_location']) ? true : false), 'allow_location' => ((($is_owner || $observer) && $a->profile['allow_location']) ? true : false),
'default_location' => (($is_owner) ? $a->user['default-location'] : ''), 'default_location' => (($is_owner) ? $a->user['default-location'] : ''),
'nickname' => $a->profile['channel_address'], 'nickname' => $a->profile['channel_address'],
'lockstate' => (((strlen($a->profile['channel_allow_cid'])) || (strlen($a->profile['channel_allow_gid'])) || (strlen($a->profile['channel_deny_cid'])) || (strlen($a->profile['channel_deny_gid']))) ? 'lock' : 'unlock'), 'lockstate' => (((strlen($a->profile['channel_allow_cid'])) || (strlen($a->profile['channel_allow_gid'])) || (strlen($a->profile['channel_deny_cid'])) || (strlen($a->profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
'acl' => (($is_owner) ? populate_acl($channel, $celeb) : ''), 'acl' => (($is_owner) ? populate_acl($channel, false) : ''),
'bang' => '', 'bang' => '',
'visitor' => (($is_owner || $commvisitor) ? 'block' : 'none'), 'visitor' => (($is_owner || $observer) ? 'block' : 'none'),
'profile_uid' => $a->profile['profile_uid'] 'profile_uid' => $a->profile['profile_uid']
); );
@ -158,6 +127,7 @@ function channel_content(&$a, $update = 0) {
* Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
*/ */
// fixme
$sql_extra = item_permissions_sql($a->profile['profile_uid'],$remote_contact,$groups); $sql_extra = item_permissions_sql($a->profile['profile_uid'],$remote_contact,$groups);
@ -211,7 +181,7 @@ function channel_content(&$a, $update = 0) {
} }
if($r && count($r)) { if($r) {
$parents_str = ids_to_querystr($r,'item_id'); $parents_str = ids_to_querystr($r,'item_id');
@ -233,7 +203,7 @@ function channel_content(&$a, $update = 0) {
} }
if((! $update) && ($tab === 'posts')) { if(! $update) {
// This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
// because browser prefetching might change it on us. We have to deliver it with the page. // because browser prefetching might change it on us. We have to deliver it with the page.

11
mod/photos.php
View File

@ -25,6 +25,9 @@ function photos_init(&$a) {
$a->data['channel'] = $r[0]; $a->data['channel'] = $r[0];
$observer = $a->get_observer();
$a->data['perms'] = get_all_perms($r[0]['channel_id'],(($observer) ? $observer['xchan_hash'] : ''));
$o .= '<div class="vcard">'; $o .= '<div class="vcard">';
$o .= '<div class="fn">' . $a->data['channel']['channel_name'] . '</div>'; $o .= '<div class="fn">' . $a->data['channel']['channel_name'] . '</div>';
$o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_cached_avatar_image($a->get_baseurl() . '/photo/profile/l/' . $a->data['channel']['channel_id']) . '" alt="' . $a->data['channel']['channel_name'] . '" /></div>'; $o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_cached_avatar_image($a->get_baseurl() . '/photo/profile/l/' . $a->data['channel']['channel_id']) . '" alt="' . $a->data['channel']['channel_name'] . '" /></div>';
@ -1394,7 +1397,7 @@ function photos_content(&$a) {
$likebuttons = ''; $likebuttons = '';
if($can_post || can_write_wall($a,$owner_uid)) { if($can_post || $a->data['perms']['post_comments']) {
$likebuttons = replace_macros($like_tpl,array( $likebuttons = replace_macros($like_tpl,array(
'$id' => $link_item['id'], '$id' => $link_item['id'],
'$likethis' => t("I like this \x28toggle\x29"), '$likethis' => t("I like this \x28toggle\x29"),
@ -1406,7 +1409,7 @@ function photos_content(&$a) {
$comments = ''; $comments = '';
if(! count($r)) { if(! count($r)) {
if($can_post || can_write_wall($a,$owner_uid)) { if($can_post || $a->data['perms']['post_comments']) {
$comments .= replace_macros($cmnt_tpl,array( $comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '', '$return_path' => '',
'$jsreload' => $return_url, '$jsreload' => $return_url,
@ -1444,7 +1447,7 @@ function photos_content(&$a) {
if($can_post || can_write_wall($a,$owner_uid)) { if($can_post || $a->data['perms']['post_comments']) {
$comments .= replace_macros($cmnt_tpl,array( $comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '', '$return_path' => '',
'$jsreload' => $return_url, '$jsreload' => $return_url,
@ -1471,7 +1474,7 @@ function photos_content(&$a) {
$redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ; $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ;
if($can_post || can_write_wall($a,$owner_uid)) { if($can_post || $a->data['perms']['post_comments']) {
$comments .= replace_macros($cmnt_tpl,array( $comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '', '$return_path' => '',
'$jsreload' => $return_url, '$jsreload' => $return_url,

6
mod/subthread.php
View File

@ -28,10 +28,12 @@ function subthread_content(&$a) {
$item = $r[0]; $item = $r[0];
$owner_uid = $item['uid']; $owner_uid = $item['uid'];
$observer = $a->get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
if(! can_write_wall($a,$owner_uid)) { if(! perm_is_allowed($owner_uid,$ob_hash,'post_comments'))
return; return;
}
$remote_owner = null; $remote_owner = null;

12
view/theme/redbasic/css/style.css
View File

@ -1719,21 +1719,27 @@ width: 90%;
/* TinyMCE */ /* TinyMCE */
DIV#profile-jot-text_toolbargroup{ DIV#profile-jot-text_toolbargroup{
background: #333; background: #FFF;
border: 1px #111; border: 1px #111;
box-shadow: 5px 5px 5px #000 inset; /*box-shadow: 5px 5px 5px #000 inset;*/
} }
/*
#profile-jot-text_parent, .mceLayout { #profile-jot-text_parent, .mceLayout {
border-radius: 5px; border-radius: 5px;
-moz-border-radius: 5px; -moz-border-radius: 5px;
box-shadow: 4px 4px 3px 0 #444444; box-shadow: 4px 4px 3px 0 #444444;
} }
*/
iframe#profile-jot-text_ifr { iframe#profile-jot-text_ifr {
width: 100% !important; width: 100% !important;
height: 100% !important; height: 100% !important;
box-shadow: 5px 5px 5px #000 inset !important;}
tr.mceLast {
} }
/* Not MCE */ /* Not MCE */

2
view/tpl/head.tpl
View File

@ -12,7 +12,7 @@ $js_strings
$head_js $head_js
<link rel="shortcut icon" href="$baseurl/images/friendica-32.png" /> <link rel="shortcut icon" href="$baseurl/images/fred-32.png" />
<link rel="search" <link rel="search"
href="$baseurl/opensearch" href="$baseurl/opensearch"
type="application/opensearchdescription+xml" type="application/opensearchdescription+xml"