aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-08-06 17:09:09 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-08-06 17:09:09 -0700
commit91bbfcf554d190c1956d16c652ceefb95a18735a (patch)
tree15f7e74bca33b308d7e048629bd036b78d481452
parent1b0cb9388cd5c416af5ba270127b14efdd1c0a6b (diff)
downloadvolse-hubzilla-91bbfcf554d190c1956d16c652ceefb95a18735a.tar.gz
volse-hubzilla-91bbfcf554d190c1956d16c652ceefb95a18735a.tar.bz2
volse-hubzilla-91bbfcf554d190c1956d16c652ceefb95a18735a.zip
photo permission inheritance. We want to use the folder permissions unless specific permissions have been set to over-ride them. If nothing is set, use the channel default. We may have to mess with his further in the case of somebody trying to create a public photo directory when their normal permissions are set to private. Kind of a chicken/egg problem because the folder permissions will be empty.
-rw-r--r--include/RedDAV/RedDirectory.php33
-rw-r--r--include/RedDAV/RedFile.php8
-rw-r--r--include/attach.php14
-rw-r--r--include/conversation.php2
-rw-r--r--include/photos.php40
-rw-r--r--mod/item.php17
6 files changed, 90 insertions, 24 deletions
diff --git a/include/RedDAV/RedDirectory.php b/include/RedDAV/RedDirectory.php
index c7921d96f..507fde46f 100644
--- a/include/RedDAV/RedDirectory.php
+++ b/include/RedDAV/RedDirectory.php
@@ -214,6 +214,29 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
$f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $hash;
+ $direct = null;
+
+ if($this->folder_hash) {
+ $r = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1",
+ dbesc($this->folder_hash),
+ intval($c[0]['channel_id'])
+ );
+ if($r)
+ $direct = $r[0];
+ }
+
+ if(($direct) && (($direct['allow_cid']) || ($direct['allow_gid']) || ($direct['deny_cid']) || ($direct['deny_gid']))) {
+ $allow_cid = $direct['allow_cid'];
+ $allow_gid = $direct['allow_gid'];
+ $deny_cid = $direct['deny_cid'];
+ $deny_gid = $direct['deny_gid'];
+ }
+ else {
+ $allow_cid = $c[0]['channel_allow_cid'];
+ $allow_gid = $c[0]['channel_allow_gid'];
+ $deny_cid = $c[0]['channel_deny_cid'];
+ $deny_gid = $c[0]['channel_deny_gid'];
+ }
$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
@@ -231,10 +254,10 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
dbesc($this->os_path . '/' . $hash),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
- dbesc($c[0]['channel_allow_cid']),
- dbesc($c[0]['channel_allow_gid']),
- dbesc($c[0]['channel_deny_cid']),
- dbesc($c[0]['channel_deny_gid'])
+ dbesc($allow_cid),
+ dbesc($allow_gid),
+ dbesc($deny_cid),
+ dbesc($deny_gid)
);
@@ -308,7 +331,7 @@ class RedDirectory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
}
require_once('include/photos.php');
- $args = array( 'resource_id' => $hash, 'album' => $album, 'os_path' => $f, 'filename' => $name, 'getimagesize' => $x);
+ $args = array( 'resource_id' => $hash, 'album' => $album, 'os_path' => $f, 'filename' => $name, 'getimagesize' => $x, 'directory' => $direct);
$p = photo_upload($c[0],get_app()->get_observer(),$args);
}
diff --git a/include/RedDAV/RedFile.php b/include/RedDAV/RedFile.php
index d4eb6812a..ec6871a69 100644
--- a/include/RedDAV/RedFile.php
+++ b/include/RedDAV/RedFile.php
@@ -116,12 +116,14 @@ class RedFile extends DAV\Node implements DAV\IFile {
);
if($d) {
if($d[0]['folder']) {
- $f1 = q("select filename from attach where is_dir = 1 and hash = '%s' and uid = %d limit 1",
+ $f1 = q("select * from attach where is_dir = 1 and hash = '%s' and uid = %d limit 1",
dbesc($d[0]['folder']),
intval($c[0]['channel_id'])
);
- if($f1)
+ if($f1) {
$album = $f1[0]['filename'];
+ $direct = $f1[0];
+ }
}
$fname = dbunescbin($d[0]['data']);
$f = 'store/' . $this->auth->owner_nick . '/' . (($fname) ? $fname : '');
@@ -166,7 +168,7 @@ class RedFile extends DAV\Node implements DAV\IFile {
if($is_photo) {
require_once('include/photos.php');
- $args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis );
+ $args = array( 'resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis, 'directory' => $direct );
$p = photo_upload($c[0],get_app()->get_observer(),$args);
}
diff --git a/include/attach.php b/include/attach.php
index 417032a4b..1e8091b9d 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -490,6 +490,12 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
if($pathname) {
$x = attach_mkdirp($channel, $observer_hash, $darr);
$folder_hash = (($x['success']) ? $x['data']['hash'] : '');
+ if((! $str_contact_allow) && (! $str_group_allow) && (! $str_contact_deny) && (! $str_group_deny)) {
+ $str_contact_allow = $x['data']['allow_cid'];
+ $str_group_allow = $x['data']['allow_gid'];
+ $str_contact_deny = $x['data']['deny_cid'];
+ $str_group_deny = $x['data']['deny_gid'];
+ }
}
else {
$folder_hash = '';
@@ -886,7 +892,6 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
if($r) {
if(os_mkdir($path, STORAGE_DEFAULT_PERMISSIONS, true)) {
$ret['success'] = true;
- $ret['data'] = $arr;
// update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
@@ -894,6 +899,13 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
dbesc($arr['folder']),
intval($channel_id)
);
+
+ $z = q("select * from attach where hash = '%s' and uid = %d and is_dir = 1 limit 1",
+ dbesc($arr['hash']),
+ intval($channel_id)
+ );
+ if($z)
+ $ret['data'] = $z[0];
}
else {
logger('attach_mkdir: ' . mkdir . ' ' . $path . ' failed.');
diff --git a/include/conversation.php b/include/conversation.php
index 645994035..e58429255 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -1597,7 +1597,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){
);
$tabs[] = array(
'label' => t('Files'),
- 'url' => $a->get_baseurl() . '/cloud/' . $nickname . ((get_observer_hash()) ? '' : '?f=&davguest=1'),
+ 'url' => $a->get_baseurl() . '/cloud/' . $nickname,
'sel' => ((argv(0) == 'cloud' || argv(0) == 'sharedwithme') ? 'active' : ''),
'title' => t('Files and Storage'),
'id' => 'files-tab',
diff --git a/include/photos.php b/include/photos.php
index 46d4b810c..7437d6aa9 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -50,20 +50,32 @@ function photo_upload($channel, $observer, $args) {
else
$visible = 0;
- $str_group_allow = perms2str(((is_array($args['group_allow'])) ? $args['group_allow'] : explode(',',$args['group_allow'])));
- $str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow'])));
- $str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny'])));
- $str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny'])));
-
-
- if( (! array_key_exists('group_allow',$args))
- && (! array_key_exists('contact_allow',$args))
- && (! array_key_exists('group_deny',$args))
- && (! array_key_exists('contact_deny',$args))) {
- $str_group_allow = $channel['channel_allow_gid'];
- $str_contact_allow = $channel['channel_allow_cid'];
- $str_group_deny = $channel['channel_deny_gid'];
- $str_contact_deny = $channel['channel_deny_cid'];
+ // Set to default channel permissions. If the parent directory (album) has permissions set,
+ // use those instead. If we have specific permissions supplied, they take precedence over
+ // all other settings.
+
+ $str_group_allow = $channel['channel_allow_gid'];
+ $str_contact_allow = $channel['channel_allow_cid'];
+ $str_group_deny = $channel['channel_deny_gid'];
+ $str_contact_deny = $channel['channel_deny_cid'];
+
+ if($args['directory']) {
+ $str_group_allow = $args['directory']['allow_gid'];
+ $str_contact_allow = $args['directory']['allow_cid'];
+ $str_group_deny = $args['directory']['deny_gid'];
+ $str_contact_deny = $args['directory']['deny_cid'];
+ }
+
+ if( (array_key_exists('group_allow',$args))
+ || (array_key_exists('contact_allow',$args))
+ || (array_key_exists('group_deny',$args))
+ || (array_key_exists('contact_deny',$args))) {
+
+ $str_group_allow = perms2str(((is_array($args['group_allow'])) ? $args['group_allow'] : explode(',',$args['group_allow'])));
+ $str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow'])));
+ $str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny'])));
+ $str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny'])));
+
}
$os_storage = 0;
diff --git a/mod/item.php b/mod/item.php
index 57a905395..ff6a834e6 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -1050,6 +1050,23 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
if(! strlen($image_uri))
continue;
$srch = '<' . $xchan_hash . '>';
+
+ $r = q("select folder from attach where hash = '%s' and uid = %d limit 1",
+ dbesc($image_uri),
+ intval($uid)
+ );
+ if($r && $r[0]['folder']) {
+ $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1",
+ dbesc($r[0]['folder']),
+ intval($uid)
+ );
+ if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) {
+ $str_contact_allow = $f[0]['allow_cid'];
+ $str_group_allow = $f[0]['allow_gid'];
+ $str_contact_deny = $f[0]['deny_cid'];
+ $str_group_deny = $f[0]['deny_gid'];
+ }
+ }
$r = q("SELECT id FROM photo
WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''