aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-02-09 19:52:13 -0800
committerzotlabs <mike@macgirvin.com>2017-02-09 19:52:13 -0800
commit1fb37f93ccf4739a6f92f3f36c1ee4ec8ef66a07 (patch)
tree2fdf66b9da436e25510384a1670ae2e341f961fc
parentfce33402e74f7ff6066ef859e7801a9201db28e1 (diff)
downloadvolse-hubzilla-1fb37f93ccf4739a6f92f3f36c1ee4ec8ef66a07.tar.gz
volse-hubzilla-1fb37f93ccf4739a6f92f3f36c1ee4ec8ef66a07.tar.bz2
volse-hubzilla-1fb37f93ccf4739a6f92f3f36c1ee4ec8ef66a07.zip
more permissions optimisations
-rw-r--r--README.md2
-rw-r--r--Zotlabs/Access/Permissions.php4
-rw-r--r--Zotlabs/Lib/Permcat.php52
-rw-r--r--Zotlabs/Module/Connedit.php19
-rw-r--r--Zotlabs/Module/Settings/Channel.php20
-rw-r--r--doc/README.md2
6 files changed, 63 insertions, 36 deletions
diff --git a/README.md b/README.md
index 61a8e5532..54f80bebe 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ Hubzilla - Community Server
Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online.
-Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework.
+Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework - and it is all decentralised.
Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services.
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php
index 52526d020..d51e4d0ea 100644
--- a/Zotlabs/Access/Permissions.php
+++ b/Zotlabs/Access/Permissions.php
@@ -94,6 +94,10 @@ class Permissions {
// Undeclared permissions are set to 0
static public function FilledPerms($arr) {
+ if(is_null($arr)) {
+ btlogger('FilledPerms: null');
+ }
+
$everything = self::Perms();
$ret = [];
foreach($everything as $k => $v) {
diff --git a/Zotlabs/Lib/Permcat.php b/Zotlabs/Lib/Permcat.php
index 7988aff97..505ee2cfc 100644
--- a/Zotlabs/Lib/Permcat.php
+++ b/Zotlabs/Lib/Permcat.php
@@ -10,24 +10,52 @@ class Permcat {
public function __construct($channel_id) {
- $name = 'default';
- $localname = t('default','permcat');
-
- $perms = Zaccess\Permissions::FilledAutoPerms($channel_id);
- if(! $perms) {
- $role = get_pconfig($channel_id,'system','permissions_role');
- if($role) {
- $x = Zaccess\PermissionRoles::role_perms($role);
+ $perms = [];
+
+ // first check role perms for a perms_connect setting
+
+ $role = get_pconfig($channel_id,'system','permissions_role');
+ if($role) {
+ $x = Zaccess\PermissionRoles::role_perms($role);
+ if($x['perms_connect']) {
$perms = Zaccess\Permissions::FilledPerms($x['perms_connect']);
}
- if(! $perms) {
- $perms = Zaccess\Permissions::FilledPerms([]);
+ }
+
+ // if no role perms it may be a custom role, see if there any autoperms
+
+ if(! $perms) {
+ $perms = Zaccess\Permissions::FilledAutoPerms($channel_id);
+ }
+
+ // if no autoperms it may be a custom role with manual perms
+
+ if(! $perms) {
+ $r = q("select channel_hash from channel where channel_id = %d",
+ intval($channel_id)
+ );
+ if($r) {
+ $x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
+ intval($channel_id),
+ dbesc($r[0]['channel_hash'])
+ );
+ if($x) {
+ foreach($x as $xv) {
+ $perms[$xv['k']] = intval($xv['v']);
+ }
+ }
}
}
+ // nothing was found - create a filled permission array where all permissions are 0
+
+ if(! $perms) {
+ $perms = Zaccess\Permissions::FilledPerms([]);
+ }
+
$this->permcats[] = [
- 'name' => $name,
- 'localname' => $localname,
+ 'name' => 'default',
+ 'localname' => t('default','permcat'),
'perms' => Zaccess\Permissions::Operms($perms),
'system' => 1
];
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index ccaf5cd5b..d8422266c 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -212,6 +212,7 @@ class Connedit extends \Zotlabs\Web\Controller {
}
if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) {
+
$new_friend = true;
// @fixme it won't be common, but when you accept a new connection request
@@ -221,21 +222,13 @@ class Connedit extends \Zotlabs\Web\Controller {
// request. The workaround is to approve the connection, then go back and
// adjust permissions as desired.
- $abook_my_perms = get_channel_default_perms(local_channel());
-
- $role = get_pconfig(local_channel(),'system','permissions_role');
- if($role) {
- $x = \Zotlabs\Access\PermissionRoles::role_perms($role);
- if($x['perms_connect']) {
- $abook_my_perms = $x['perms_connect'];
+ $p = \Zotlabs\Access\Permissions::connect_perms(local_channel());
+ $my_perms = $p['perms'];
+ if($my_perms) {
+ foreach($my_perms as $k => $v) {
+ set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
}
}
-
- $filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms);
- foreach($filled_perms as $k => $v) {
- set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
- }
-
}
$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php
index a89d83544..9ea459dab 100644
--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -88,15 +88,17 @@ class Channel {
intval(local_channel())
);
}
-
- $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
- foreach($x as $k => $v) {
- set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
- if($role_permissions['perms_auto']) {
- set_pconfig(local_channel(),'autoperms',$k,$v);
- }
- else {
- del_pconfig(local_channel(),'autoperms',$k);
+
+ if($role_permissions['perms_connect']) {
+ $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
+ foreach($x as $k => $v) {
+ set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
+ if($role_permissions['perms_auto']) {
+ set_pconfig(local_channel(),'autoperms',$k,$v);
+ }
+ else {
+ del_pconfig(local_channel(),'autoperms',$k);
+ }
}
}
diff --git a/doc/README.md b/doc/README.md
index 61a8e5532..54f80bebe 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -12,7 +12,7 @@ Hubzilla - Community Server
Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online.
-Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework.
+Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework - and it is all decentralised.
Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services.