diff options
author | redmatrix <git@macgirvin.com> | 2016-07-31 23:17:07 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-07-31 23:17:07 -0700 |
commit | 3d0c90cbc5b756c6d54c4d41a136c0a38e67b013 (patch) | |
tree | 175b6395415767523f1046ee42d654efaf1dac8a | |
parent | 9b9621e10d669e7d1bc18a781c40bfc5687330c3 (diff) | |
download | volse-hubzilla-3d0c90cbc5b756c6d54c4d41a136c0a38e67b013.tar.gz volse-hubzilla-3d0c90cbc5b756c6d54c4d41a136c0a38e67b013.tar.bz2 volse-hubzilla-3d0c90cbc5b756c6d54c4d41a136c0a38e67b013.zip |
allow individual permissions on atokens
-rw-r--r-- | Zotlabs/Module/Settings.php | 64 | ||||
-rwxr-xr-x | view/tpl/field_acheckbox.tpl | 2 | ||||
-rw-r--r-- | view/tpl/settings_tokens.tpl | 44 |
3 files changed, 98 insertions, 12 deletions
diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index af3a25c60..48ab6b8bf 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -164,7 +164,23 @@ class Settings extends \Zotlabs\Web\Controller { dbesc($expires) ); } + + $atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $name; + + $all_perms = \Zotlabs\Access\Permissions::Perms(); + + if($all_perms) { + foreach($all_perms as $perm => $desc) { + if(array_key_exists('perms_' . $perm, $_POST)) { + set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,intval($_POST['perms_' . $perm])); + } + else { + set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,0); + } + } + } + info( t('Token saved.') . EOL); return; } @@ -270,7 +286,7 @@ class Settings extends \Zotlabs\Web\Controller { $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : ''); $account = \App::get_account(); if($email != $account['account_email']) { - if(! valid_email($email)) + if(! valid_email($email)) $errs[] = t('Not valid email.'); $adm = trim(get_config('system','admin_email')); if(($adm) && (strcasecmp($email,$adm) == 0)) { @@ -378,7 +394,7 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); } - else { + else { $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']); if(! $role_permissions) { notice('Permissions category could not be found.'); @@ -773,9 +789,10 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); - if($atoken) + if($atoken) { $atoken = $atoken[0]; - + $atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $atoken['atoken_name']; + } if($atoken && argc() > 3 && argv(3) === 'drop') { $r = q("delete from atoken where atoken_id = %d", intval($id) @@ -786,10 +803,40 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); - $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access the private content.'); + $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.'); $desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:'); + $global_perms = \Zotlabs\Access\Permissions::Perms(); + + $existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : '')); + + if($atoken_xchan) { + $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", + intval(local_channel()), + dbesc($atoken_xchan) + ); + $their_perms = array(); + if($theirs) { + foreach($theirs as $t) { + $their_perms[$t['k']] = $t['v']; + } + } + } + foreach($global_perms as $k => $v) { + $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); +//fixme + + $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); + + if($existing[$k]) + $thisperm = "1"; + + $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); + } + + + $tpl = get_markup_template("settings_tokens.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_tokens"), @@ -803,6 +850,13 @@ class Settings extends \Zotlabs\Web\Controller { '$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''), '$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''), '$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''), + '$them' => t('Their Settings'), + '$me' => t('My Settings'), + '$perms' => $perms, + '$inherited' => t('inherited'), + '$notself' => '1', + '$permlbl' => t('Individual Permissions'), + '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), '$submit' => t('Submit') )); return $o; diff --git a/view/tpl/field_acheckbox.tpl b/view/tpl/field_acheckbox.tpl index b54a4f3c3..c87b9ac79 100755 --- a/view/tpl/field_acheckbox.tpl +++ b/view/tpl/field_acheckbox.tpl @@ -9,7 +9,7 @@ </td> {{/if}} <td class="abook-me"> - {{if $self || !$field.5}} + {{if $self || !$field.5 || $twocol }} <input type="checkbox" name='{{$field.0}}' class='abook-edit-me' id='me_id_{{$field.0}}' value="{{$field.4}}" {{if $field.3}}checked="checked"{{/if}} /> {{/if}} {{if $notself && $field.5}} diff --git a/view/tpl/settings_tokens.tpl b/view/tpl/settings_tokens.tpl index 22af381e9..6f08ce971 100644 --- a/view/tpl/settings_tokens.tpl +++ b/view/tpl/settings_tokens.tpl @@ -17,13 +17,45 @@ <div class="settings-submit-wrapper form-group"> <button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button> </div> - </form> - <div class="descriptive-text">{{$desc2}}</div> - <ul> - <li>{{$url1}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li> - <li>{{$url2}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li> - </ul> </div> + + <div class="panel"> + <div class="section-subtitle-wrapper" role="tab" id="perms-tool"> + <h3> + <a data-toggle="collapse" data-parent="#contact-edit-tools" href="#perms-tool-collapse" aria-expanded="true" aria-controls="perms-tool-collapse"> + {{$permlbl}} + </a> + </h3> + </div> + <div id="perms-tool-collapse" class="panel-collapse collapse" role="tabpanel" aria-labelledby="perms-tool"> + <div class="section-content-tools-wrapper"> + <div class="section-content-warning-wrapper"> + {{$permnote}} + </div> + + <table id="perms-tool-table" class=form-group> + <tr> + <td></td><td class="abook-them">{{$them}}</td><td colspan="2" class="abook-me">{{$me}}</td> + </tr> + {{foreach $perms as $prm}} + {{include file="field_acheckbox.tpl" field=$prm}} + {{/foreach}} + </table> + + <div class="settings-submit-wrapper" > + <button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button> + </div> + </div> + </div> + </div> + </form> + + <div class="descriptive-text">{{$desc2}}</div> + <ul> + <li>{{$url1}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li> + <li>{{$url2}}<span class="zat-example">?f=&zat=<span class="token-mirror"></span></span></li> + </ul> + {{if $tokens}} <div class="section-content-wrapper-np"> <table id="atoken-index"> |