now we get to the heavy lifting with AccessList stuff

3 files changed, 48 insertions, 83 deletions

diff --git a/include/photos.php b/include/photos.php
index 04018ac0d..ac502ed51 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -34,16 +34,6 @@ function photo_upload($channel, $observer, $args) {
 	 */
 
 	$album    = $args['album'];
-//	$newalbum = $args['newalbum'];
-
-//	logger('photo_upload: album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG);
-
-//	if(! $album) {
-//		if($newalbum)
-//			$album = $newalbum;
-//		else
-//			$album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y-m');
-//	}
 
 	if(intval($args['visible']) || $args['visible'] === 'true')
 		$visible = 1;
@@ -55,38 +45,20 @@ function photo_upload($channel, $observer, $args) {
 	// all other settings. 'allow_cid' being passed from an external source takes priority over channel settings.
 	// ...messy... needs re-factoring once the photos/files integration stabilises
 
-	if(array_key_exists('allow_cid',$args)) {
-		$str_group_allow = $args['allow_gid'];
-		$str_contact_allow = $args['allow_cid'];
-		$str_group_deny = $args['deny_gid'];
-		$str_contact_deny = $args['deny_cid'];
-	}
-	else {
-		$str_group_allow = $channel['channel_allow_gid'];
-		$str_contact_allow = $channel['channel_allow_cid'];
-		$str_group_deny = $channel['channel_deny_gid'];
-		$str_contact_deny = $channel['channel_deny_cid'];
-	}
-
-	if($args['directory']) {
-		$str_group_allow = $args['directory']['allow_gid'];
-		$str_contact_allow = $args['directory']['allow_cid'];
-		$str_group_deny = $args['directory']['deny_gid'];
-		$str_contact_deny = $args['directory']['deny_cid'];
-	}
-
+	$acl = new AccessList($channel);
+	if(array_key_exists('directory',$args) && $args['directory'])
+		$acl->set($args['directory']);
+	if(array_key_exists('allow_cid',$args))
+		$acl->set($args);
 	if( (array_key_exists('group_allow',$args)) 
 		|| (array_key_exists('contact_allow',$args)) 
 		|| (array_key_exists('group_deny',$args)) 
 		|| (array_key_exists('contact_deny',$args))) {
-
-			$str_group_allow   = perms2str(((is_array($args['group_allow']))   ? $args['group_allow']   : explode(',',$args['group_allow'])));
-			$str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow'])));
-			$str_group_deny    = perms2str(((is_array($args['group_deny']))    ? $args['group_deny']    : explode(',',$args['group_deny'])));
-			$str_contact_deny  = perms2str(((is_array($args['contact_deny']))  ? $args['contact_deny']  : explode(',',$args['contact_deny'])));
-
+		$acl->set_from_array($args);
 	}
 
+	$ac = $acl->get();
+
 	$os_storage = 0;
 
 	if($args['os_path'] && $args['getimagesize']) {
@@ -200,8 +172,8 @@ function photo_upload($channel, $observer, $args) {
 
 	$p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash,
 		'filename' => $filename, 'album' => $album, 'scale' => 0, 'photo_usage' => PHOTO_NORMAL, 
-		'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
-		'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny,
+		'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'],
+		'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'],
 		'os_storage' => $os_storage, 'os_path' => $args['os_path']
 	);
 	if($args['created'])
@@ -320,26 +292,26 @@ function photo_upload($channel, $observer, $args) {
 		if($lat && $lon)
 			$arr['coord'] = $lat . ' ' . $lon;
 
-		$arr['aid']            = $account_id;
-		$arr['uid']            = $channel_id;
-		$arr['mid']            = $mid;
-		$arr['parent_mid']     = $mid; 
-		$arr['item_hidden']    = $item_hidden;
-		$arr['resource_type']  = 'photo';
-		$arr['resource_id']    = $photo_hash;
-		$arr['owner_xchan']    = $channel['channel_hash'];
-		$arr['author_xchan']   = $observer['xchan_hash'];
-		$arr['title']          = $title;
-		$arr['allow_cid']      = $str_contact_allow;
-		$arr['allow_gid']      = $str_group_allow;
-		$arr['deny_cid']       = $str_contact_deny;
-		$arr['deny_gid']       = $str_group_deny;
-		$arr['verb']           = ACTIVITY_POST;
-		$arr['item_wall']      = 1;
-		$arr['item_origin']    = 1;
+		$arr['aid']             = $account_id;
+		$arr['uid']             = $channel_id;
+		$arr['mid']             = $mid;
+		$arr['parent_mid']      = $mid; 
+		$arr['item_hidden']     = $item_hidden;
+		$arr['resource_type']   = 'photo';
+		$arr['resource_id']     = $photo_hash;
+		$arr['owner_xchan']     = $channel['channel_hash'];
+		$arr['author_xchan']    = $observer['xchan_hash'];
+		$arr['title']           = $title;
+		$arr['allow_cid']       = $ac['allow_cid'];
+		$arr['allow_gid']       = $ac['allow_gid']
+		$arr['deny_cid']        = $ac['deny_cid'];
+		$arr['deny_gid']        = $ac['deny_gid'];
+		$arr['verb']            = ACTIVITY_POST;
+		$arr['item_wall']       = 1;
+		$arr['item_origin']     = 1;
 		$arr['item_thread_top'] = 1;
-
-		$arr['plink']         = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
+		$arr['item_private']    = intval($acl->is_private());
+		$arr['plink']           = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
 
 		// We should also put a width_x_height on large photos. Left as an exercise for 
 		// devs looking for simple stuff to fix.
diff --git a/mod/filestorage.php b/mod/filestorage.php
index 9787c0380..7ba8c1801 100644
--- a/mod/filestorage.php
+++ b/mod/filestorage.php
@@ -28,20 +28,20 @@ function filestorage_post(&$a) {
 		return;
 	}
 
-	$str_group_allow   = perms2str($_REQUEST['group_allow']);
-	$str_contact_allow = perms2str($_REQUEST['contact_allow']);
-	$str_group_deny    = perms2str($_REQUEST['group_deny']);
-	$str_contact_deny  = perms2str($_REQUEST['contact_deny']);
-
 	$channel = $a->get_channel();
+
+	$acl = new AccessList($channel);
+	$acl->set_from_array($_REQUEST);
+	$x = $acl->get();
+
 	$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
 
 	//get the object before permissions change so we can catch eventual former allowed members
 	$object = get_file_activity_object($channel_id, $resource, $cloudPath);
 
-	attach_change_permissions($channel_id, $resource, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $recurse);
+	attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse);
 
-	file_activity($channel_id, $object, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, 'post', $notify);
+	file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
 
 	goaway($cloudPath);
 }
diff --git a/mod/settings.php b/mod/settings.php
index cbd6abafc..8bfff3765 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -311,17 +311,16 @@ function settings_post(&$a) {
 			foreach($global_perms as $k => $v) {
 				$set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
 			}
-
-			$str_group_allow   = perms2str($_POST['group_allow']);
-			$str_contact_allow = perms2str($_POST['contact_allow']);
-			$str_group_deny    = perms2str($_POST['group_deny']);
-			$str_contact_deny  = perms2str($_POST['contact_deny']);
-			$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', channel_deny_cid = '%s', channel_deny_gid = '%s'
-				where channel_id = %d",
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
+			$acl = new AccessList($channel);
+			$acl->set_from_array($_POST);
+			$x = $acl->get();
+
+			$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', 
+				channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d",
+				dbesc($x['allow_cid']),
+				dbesc($x['allow_gid']),
+				dbesc($x['deny_cid']),
+				dbesc($x['deny_gid']),
 				intval(local_channel())
 			);
 		}
@@ -983,14 +982,8 @@ function settings_content(&$a) {
 
 		$stpl = get_markup_template('settings.tpl');
 
-		$celeb = false;
-
-		$perm_defaults = array(
-			'allow_cid' => $channel['channel_allow_cid'], 
-			'allow_gid' => $channel['channel_allow_gid'], 
-			'deny_cid' => $channel['channel_deny_cid'], 
-			'deny_gid' => $channel['channel_deny_gid']
-		); 
+		$acl = new AccessList($channel);
+		$perm_defaults = $acl->get();
 
 		require_once('include/group.php');
 		$group_select = mini_group_select(local_channel(),$channel['channel_default_group']);