aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2016-08-10 16:17:09 +0200
committerMario Vavti <mario@mariovavti.com>2016-08-10 16:17:09 +0200
commit82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2 (patch)
treeb492301bfecb46f6be20618f4e801387928ef0eb
parent7a557d31e026705fc3bd2d4f39c4c679449cef56 (diff)
downloadvolse-hubzilla-82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2.tar.gz
volse-hubzilla-82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2.tar.bz2
volse-hubzilla-82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2.zip
implement acl for folder creation
-rw-r--r--Zotlabs/Module/File_upload.php23
-rw-r--r--Zotlabs/Storage/Browser.php5
-rw-r--r--include/attach.php16
-rw-r--r--view/tpl/cloud_actionspanel.tpl26
4 files changed, 53 insertions, 17 deletions
diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php
index 999b241f1..d5c0c7e05 100644
--- a/Zotlabs/Module/File_upload.php
+++ b/Zotlabs/Module/File_upload.php
@@ -21,18 +21,23 @@ class File_upload extends \Zotlabs\Web\Controller {
$_REQUEST['source'] = 'file_upload';
- if($channel['channel_id'] != local_channel()) {
- $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
- $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
- $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
- $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
- }
+ if($channel['channel_id'] != local_channel()) {
+ $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
+ $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
+ $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
+ $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+ }
- if($_REQUEST['directory_name'])
+ if($_REQUEST['filename']) {
+ $_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
+ $_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
+ $_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
+ $_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
- else
+ }
+ else {
$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
-
+ }
goaway(z_root() . '/' . $_REQUEST['return_url']);
}
diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php
index e72c4fb62..948f7c733 100644
--- a/Zotlabs/Storage/Browser.php
+++ b/Zotlabs/Storage/Browser.php
@@ -316,6 +316,8 @@ class Browser extends DAV\Browser\Plugin {
$quota['desc'] = $quotaDesc;
$quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB
+ $path = trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/');
+
$output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
'$folder_header' => t('Create new folder'),
'$folder_submit' => t('Create'),
@@ -330,7 +332,8 @@ class Browser extends DAV\Browser\Plugin {
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
'$return_url' => \App::$cmd,
- '$path' => trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/'),
+ '$path' => $path,
+ '$folder' => find_folder_hash_by_path($this->auth->owner_id, $path),
'$dragdroptext' => t('Drop files here to immediately upload')
));
}
diff --git a/include/attach.php b/include/attach.php
index e15f08bd4..172840b96 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -1438,6 +1438,22 @@ logger('attach_hash: ' . $attachHash);
return $hash;
}
+function find_folder_hash_by_path($channel_id, $path) {
+
+ $filename = end(explode('/', $path));
+
+ $r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1",
+ intval($channel_id),
+ dbesc($filename)
+ );
+
+ $hash = '';
+ if($r && $r[0]['hash']) {
+ $hash = $r[0]['hash'];
+ }
+ return $hash;
+}
+
/**
* @brief Returns the filename of an attachment in a given channel.
*
diff --git a/view/tpl/cloud_actionspanel.tpl b/view/tpl/cloud_actionspanel.tpl
index d27b3f42d..b851e391e 100644
--- a/view/tpl/cloud_actionspanel.tpl
+++ b/view/tpl/cloud_actionspanel.tpl
@@ -1,15 +1,27 @@
<div id="files-mkdir-tools" class="section-content-tools-wrapper">
<label for="files-mkdir">{{$folder_header}}</label>
- <form method="post" action="">
- <input type="hidden" name="sabreAction" value="mkcol">
- <input id="files-mkdir" type="text" name="name" class="form-control form-group">
- <button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
+ <form id="mkdir-form" method="post" action="file_upload" class="acl-form" data-form_id="mkdir-form" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
+ <!--input type="hidden" name="sabreAction" value="mkcol"-->
+ <input type="hidden" name="folder" value="{{$folder}}" />
+ <input type="hidden" name="channick" value="{{$channick}}" />
+ <input type="hidden" name="return_url" value="{{$return_url}}" />
+ <input id="files-mkdir" type="text" name="filename" class="form-control form-group">
+ <div class="pull-right btn-group">
+ <div class="btn-group">
+ {{if $lockstate}}
+ <button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
+ <i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
+ </button>
+ {{/if}}
+ <button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
+ </div>
+ </div>
</form>
<div class="clear"></div>
</div>
<div id="files-upload-tools" class="section-content-tools-wrapper">
{{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}}
- <form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
+ <form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
<input type="hidden" name="directory" value="{{$path}}" />
<input type="hidden" name="channick" value="{{$channick}}" />
<input type="hidden" name="return_url" value="{{$return_url}}" />
@@ -18,8 +30,8 @@
<div class="pull-right btn-group">
<div class="btn-group">
{{if $lockstate}}
- <button id="dbtn-acl" class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" onclick="return false;">
- <i id="jot-perms-icon" class="fa fa-{{$lockstate}}"></i>
+ <button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
+ <i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
</button>
{{/if}}
<button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" name="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>