aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-04-14 16:45:16 -0700
committerfriendica <info@friendica.com>2014-04-14 16:45:16 -0700
commit506ae56385f5f731b7f3a8f5ee7feda2a66ae985 (patch)
treec41dd3f148b80a51accece6fad946ea80fd784b7
parentbf8f5d5b2b1753333d2ea9a14f728183c40c2dcb (diff)
downloadvolse-hubzilla-506ae56385f5f731b7f3a8f5ee7feda2a66ae985.tar.gz
volse-hubzilla-506ae56385f5f731b7f3a8f5ee7feda2a66ae985.tar.bz2
volse-hubzilla-506ae56385f5f731b7f3a8f5ee7feda2a66ae985.zip
Better handling of restricted /channel and /profile permissions. We will show the name, profile photo and a 'connect' button if appropriate on these pages regardless of permissions. A blank page makes it difficult for folks to figure out how to connect and if it is their real life friend 'x' or not. It also matches our overall policy (adopted from Facebook's lessons learned) that the channel name and default profile photo are always visible and can't really be blocked without messing up the usability of the entire network. This also makes sure that a connect button can be found somewhere besides the directory - where the entry could be blocked; and avoid somebody having to figure out the webbie and find the link to "follow" (another related issue).
-rw-r--r--include/identity.php30
-rw-r--r--include/widgets.php12
-rw-r--r--mod/profile.php5
3 files changed, 27 insertions, 20 deletions
diff --git a/include/identity.php b/include/identity.php
index 66e572866..b66eaad51 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -583,14 +583,16 @@ function profile_load(&$a, $nickname, $profile = '') {
}
+ $a->profile = $p[0];
+ $a->profile_uid = $p[0]['profile_uid'];
+ $a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname();
+
+ $a->profile['permission_to_view'] = $can_view_profile;
+
if($can_view_profile) {
- $a->profile = $p[0];
$online = get_online_status($nickname);
$a->profile['online_status'] = $online['result'];
- $a->profile_uid = $p[0]['profile_uid'];
-
- $a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname();
}
if(local_user()) {
@@ -604,18 +606,12 @@ function profile_load(&$a, $nickname, $profile = '') {
$_SESSION['theme'] = $p[0]['channel_theme'];
- $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
+// $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
- $theme_info_file = "view/theme/".current_theme()."/php/theme.php";
- if (file_exists($theme_info_file)){
- require_once($theme_info_file);
- }
-
- if(! $can_view_profile) {
- // permission denied
- notice( t(' Sorry, you don\'t have the permission to view this profile. ') . EOL);
- return;
- }
+// $theme_info_file = "view/theme/".current_theme()."/php/theme.php";
+// if (file_exists($theme_info_file)){
+// require_once($theme_info_file);
+// }
return;
}
@@ -739,7 +735,7 @@ logger('online: ' . $profile['online']);
$block = true;
}
- if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
+ if(($profile['hidewall'] && (! local_user()) && (! remote_user())) || $block ) {
$location = $pdesc = $gender = $marital = $homepage = $online = False;
}
@@ -751,7 +747,7 @@ logger('online: ' . $profile['online']);
$channel_menu = false;
$menu = get_pconfig($profile['uid'],'system','channel_menu');
- if($menu) {
+ if($menu && ! $block) {
require_once('include/menu.php');
$m = menu_fetch($menu,$profile['uid'],$observer['xchan_hash']);
if($m)
diff --git a/include/widgets.php b/include/widgets.php
index 82769d925..678fed833 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -304,6 +304,9 @@ function widget_archive($arr) {
if(! feature_enabled($uid,'archives'))
return '';
+ if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
+ return '';
+
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
@@ -338,6 +341,12 @@ function widget_fullprofile($arr) {
function widget_categories($arr) {
$a = get_app();
+
+
+ if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
+ return '';
+
+
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@@ -350,6 +359,9 @@ function widget_tagcloud_wall($arr) {
$a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
+ if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
+ return '';
+
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
if(feature_enabled($a->profile['profile_uid'],'tagadelic'))
return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
diff --git a/mod/profile.php b/mod/profile.php
index fca7c8f9f..792bf34c5 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -61,7 +61,7 @@ function profile_content(&$a, $update = 0) {
$o = '';
if(! (perm_is_allowed($a->profile['profile_uid'],get_observer_hash(), 'view_profile'))) {
- notice( t('Access to this profile has been restricted.') . EOL);
+ notice( t('Permission denied.') . EOL);
return;
}
@@ -69,11 +69,10 @@ function profile_content(&$a, $update = 0) {
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
if($a->profile['hidewall'] && (! $is_owner) && (! remote_user())) {
- notice( t('Access to this profile has been restricted.') . EOL);
+ notice( t('Permission denied.') . EOL);
return;
}
-
$o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);