aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-08-27 22:20:30 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-08-27 22:20:30 -0700
commitca0bc2bb7bc2b9e7d81a356a394d47bcb688004c (patch)
treec3a985dd76566bdcb34fbde227fb7fe78209bc5e
parent3fbb955cf23c5f92ba96086841ac6a2c510d4870 (diff)
downloadvolse-hubzilla-ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c.tar.gz
volse-hubzilla-ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c.tar.bz2
volse-hubzilla-ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c.zip
more work on AccessList integration
-rwxr-xr-xboot.php1
-rw-r--r--include/AccessList.php62
-rw-r--r--include/menu.php2
-rw-r--r--include/text.php56
-rw-r--r--mod/chat.php24
-rwxr-xr-xmod/events.php52
-rw-r--r--mod/item.php1
-rw-r--r--mod/mitem.php1
-rw-r--r--mod/photos.php53
9 files changed, 113 insertions, 139 deletions
diff --git a/boot.php b/boot.php
index c4b600c43..94cb707bc 100755
--- a/boot.php
+++ b/boot.php
@@ -43,6 +43,7 @@ require_once('include/taxonomy.php');
require_once('include/identity.php');
require_once('include/Contact.php');
require_once('include/account.php');
+require_once('include/AccessList.php');
define ( 'PLATFORM_NAME', 'hubzilla' );
diff --git a/include/AccessList.php b/include/AccessList.php
index d4653de6a..46e66d33d 100644
--- a/include/AccessList.php
+++ b/include/AccessList.php
@@ -8,7 +8,9 @@ class AccessList {
private $deny_cid;
private $deny_gid;
- private $explicit;
+ /* indicates if we are using the default constructor values or values that have been set explicitly. */
+
+ private $explicit;
function __construct($channel) {
@@ -69,3 +71,61 @@ class AccessList {
}
+/**
+ * @brief Used to wrap ACL elements in angle brackets for storage.
+ *
+ * @param[in,out] array &$item
+ */
+function sanitise_acl(&$item) {
+ if (strlen($item))
+ $item = '<' . notags(trim($item)) . '>';
+ else
+ unset($item);
+}
+
+/**
+ * @brief Convert an ACL array to a storable string.
+ *
+ * @param array $p
+ * @return array
+ */
+function perms2str($p) {
+ $ret = '';
+
+ if (is_array($p))
+ $tmp = $p;
+ else
+ $tmp = explode(',', $p);
+
+ if (is_array($tmp)) {
+ array_walk($tmp, 'sanitise_acl');
+ $ret = implode('', $tmp);
+ }
+
+ return $ret;
+}
+
+
+/**
+ * @brief Turn user/group ACLs stored as angle bracketed text into arrays.
+ *
+ * turn string array of angle-bracketed elements into string array
+ * e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e);
+ *
+ * @param string $s
+ * @return array
+ */
+function expand_acl($s) {
+ $ret = array();
+
+ if(strlen($s)) {
+ $t = str_replace('<','',$s);
+ $a = explode('>',$t);
+ foreach($a as $aa) {
+ if($aa)
+ $ret[] = $aa;
+ }
+ }
+
+ return $ret;
+}
diff --git a/include/menu.php b/include/menu.php
index f853ea793..7ed931a59 100644
--- a/include/menu.php
+++ b/include/menu.php
@@ -2,7 +2,7 @@
require_once('include/security.php');
require_once('include/bbcode.php');
-require_once('include/AccessList.php');
+
function menu_fetch($name,$uid,$observer_xchan) {
diff --git a/include/text.php b/include/text.php
index f27a9ce68..e4735ac48 100644
--- a/include/text.php
+++ b/include/text.php
@@ -458,63 +458,7 @@ function alt_pager(&$a, $i, $more = '', $less = '') {
}
-/**
- * @brief Turn user/group ACLs stored as angle bracketed text into arrays.
- *
- * turn string array of angle-bracketed elements into string array
- * e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e);
- *
- * @param string $s
- * @return array
- */
-function expand_acl($s) {
- $ret = array();
- if(strlen($s)) {
- $t = str_replace('<','',$s);
- $a = explode('>',$t);
- foreach($a as $aa) {
- if($aa)
- $ret[] = $aa;
- }
- }
-
- return $ret;
-}
-
-/**
- * @brief Used to wrap ACL elements in angle brackets for storage.
- *
- * @param[in,out] array &$item
- */
-function sanitise_acl(&$item) {
- if (strlen($item))
- $item = '<' . notags(trim($item)) . '>';
- else
- unset($item);
-}
-
-/**
- * @brief Convert an ACL array to a storable string.
- *
- * @param array $p
- * @return array
- */
-function perms2str($p) {
- $ret = '';
-
- if (is_array($p))
- $tmp = $p;
- else
- $tmp = explode(',', $p);
-
- if (is_array($tmp)) {
- array_walk($tmp, 'sanitise_acl');
- $ret = implode('', $tmp);
- }
-
- return $ret;
-}
/**
* @brief Generate a guaranteed unique (for this domain) item ID for ATOM.
diff --git a/mod/chat.php b/mod/chat.php
index c54d29313..c2c11d0ab 100644
--- a/mod/chat.php
+++ b/mod/chat.php
@@ -54,12 +54,11 @@ function chat_post(&$a) {
goaway(z_root() . '/chat/' . $channel['channel_address']);
}
+ $acl = new AccessList($channel);
+ $acl->set_from_array($_REQUEST);
- $arr = array('name' => $room);
- $arr['allow_gid'] = perms2str($_REQUEST['group_allow']);
- $arr['allow_cid'] = perms2str($_REQUEST['contact_allow']);
- $arr['deny_gid'] = perms2str($_REQUEST['group_deny']);
- $arr['deny_cid'] = perms2str($_REQUEST['contact_deny']);
+ $arr = $acl->get();
+ $arr['name'] = $room;
chatroom_create($channel,$arr);
@@ -158,7 +157,10 @@ function chat_content(&$a) {
intval($a->profile['profile_uid'])
);
if($x) {
- $private = ((($x[0]['allow_cid']) || ($x[0]['allow_gid']) || ($x[0]['deny_cid']) || ($x[0]['deny_gid'])) ? true : false);
+ $acl = new AccessList(false);
+ $acl->set($x[0]);
+
+ $private = $acl->is_private();
$room_name = $x[0]['cr_name'];
if($bookmark_link)
$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1';
@@ -192,14 +194,8 @@ function chat_content(&$a) {
if(local_channel() && argc() > 2 && argv(2) === 'new') {
-
-
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $channel_acl = $acl->get();
require_once('include/acl_selectors.php');
diff --git a/mod/events.php b/mod/events.php
index edb61a6cd..9120f8713 100755
--- a/mod/events.php
+++ b/mod/events.php
@@ -41,16 +41,11 @@ function events_post(&$a) {
$categories = escape_tags(trim($_POST['category']));
-
-
// only allow editing your own events.
if(($xchan) && ($xchan !== get_observer_hash()))
return;
- // The default setting for the `private` field in event_store() is false, so mirror that
- $private_event = false;
-
if($start_text) {
$start = $start_text;
}
@@ -119,6 +114,8 @@ function events_post(&$a) {
$channel = $a->get_channel();
+ $acl = new AccessList(false);
+
if($event_id) {
$x = q("select * from event where id = %d and uid = %d limit 1",
intval($event_id),
@@ -133,6 +130,8 @@ function events_post(&$a) {
return;
}
+ $acl->set($x[0]);
+
$created = $x[0]['created'];
$edited = datetime_convert();
@@ -142,39 +141,21 @@ function events_post(&$a) {
}
else {
$share = true;
- $str_group_allow = $x[0]['allow_gid'];
- $str_contact_allow = $x[0]['allow_cid'];
- $str_group_deny = $x[0]['deny_gid'];
- $str_contact_deny = $x[0]['deny_cid'];
-
- if(strlen($str_group_allow) || strlen($str_contact_allow)
- || strlen($str_group_deny) || strlen($str_contact_deny)) {
- $private_event = true;
- }
}
}
else {
$created = $edited = datetime_convert();
if($share) {
- $str_group_allow = perms2str($_POST['group_allow']);
- $str_contact_allow = perms2str($_POST['contact_allow']);
- $str_group_deny = perms2str($_POST['group_deny']);
- $str_contact_deny = perms2str($_POST['contact_deny']);
-
- if(strlen($str_group_allow) || strlen($str_contact_allow)
- || strlen($str_group_deny) || strlen($str_contact_deny)) {
- $private_event = true;
- }
+ $acl->set_from_array($_POST);
}
else {
- $str_contact_allow = '<' . $channel['channel_hash'] . '>';
- $str_group_allow = $str_contact_deny = $str_group_deny = '';
- $private_event = true;
+ $acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
}
}
$post_tags = array();
$channel = $a->get_channel();
+ $ac = $acl->get();
if(strlen($categories)) {
$cats = explode(',',$categories);
@@ -201,11 +182,11 @@ function events_post(&$a) {
$datarray['uid'] = local_channel();
$datarray['account'] = get_account_id();
$datarray['event_xchan'] = $channel['channel_hash'];
- $datarray['allow_cid'] = $str_contact_allow;
- $datarray['allow_gid'] = $str_group_allow;
- $datarray['deny_cid'] = $str_contact_deny;
- $datarray['deny_gid'] = $str_group_deny;
- $datarray['private'] = (($private_event) ? 1 : 0);
+ $datarray['allow_cid'] = $ac['allow_cid'];
+ $datarray['allow_gid'] = $ac['allow_gid'];
+ $datarray['deny_cid'] = $ac['deny_cid'];
+ $datarray['deny_gid'] = $ac['deny_gid'];
+ $datarray['private'] = (($acl->is_private()) ? 1 : 0);
$datarray['id'] = $event_id;
$datarray['created'] = $created;
$datarray['edited'] = $edited;
@@ -660,12 +641,9 @@ function events_content(&$a) {
require_once('include/acl_selectors.php');
- $perm_defaults = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $perm_defaults = $acl->get();
+
$tpl = get_markup_template('event_form.tpl');
diff --git a/mod/item.php b/mod/item.php
index 254904c9f..750512bcf 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -19,7 +19,6 @@ require_once('include/crypto.php');
require_once('include/enotify.php');
require_once('include/items.php');
require_once('include/attach.php');
-require_once('include/AccessList.php');
function item_post(&$a) {
diff --git a/mod/mitem.php b/mod/mitem.php
index 3959da032..0fadd1548 100644
--- a/mod/mitem.php
+++ b/mod/mitem.php
@@ -2,7 +2,6 @@
require_once('include/menu.php');
require_once('include/acl_selectors.php');
-require_once('include/AccessList.php');
function mitem_init(&$a) {
diff --git a/mod/photos.php b/mod/photos.php
index dc70e4f90..d06a8e69c 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -85,6 +85,7 @@ function photos_post(&$a) {
$owner_record = $s[0];
+ $acl = AccessList($a->data['channel']);
if((argc() > 3) && (argv(2) === 'album')) {
@@ -200,6 +201,7 @@ function photos_post(&$a) {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
+
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
@@ -208,10 +210,9 @@ function photos_post(&$a) {
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
$is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
- $str_group_allow = perms2str($_POST['group_allow']);
- $str_contact_allow = perms2str($_POST['contact_allow']);
- $str_group_deny = perms2str($_POST['group_deny']);
- $str_contact_deny = perms2str($_POST['contact_deny']);
+
+ $acl->set_from_array($_POST);
+ $perm = $acl->get();
$resource_id = $a->argv[2];
@@ -284,10 +285,10 @@ function photos_post(&$a) {
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
dbesc($desc),
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -331,20 +332,20 @@ function photos_post(&$a) {
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
where id = %d",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
- intval($item_private),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
+ intval($acl->is_private()),
intval($item_id)
);
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -418,11 +419,11 @@ function photos_post(&$a) {
$_REQUEST['source'] = 'photos';
require_once('include/attach.php');
- if(!local_channel()) {
+ if(! local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
- $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
- $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
- $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+ $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
+ $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
+ $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
@@ -557,14 +558,10 @@ function photos_content(&$a) {
if($_is_owner) {
$channel = $a->get_channel();
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $channel_acl = $acl->get();
- $lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
+ $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');