diff options
author | redmatrix <redmatrix@redmatrix.me> | 2015-08-27 22:20:30 -0700 |
---|---|---|
committer | redmatrix <redmatrix@redmatrix.me> | 2015-08-27 22:20:30 -0700 |
commit | ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c (patch) | |
tree | c3a985dd76566bdcb34fbde227fb7fe78209bc5e | |
parent | 3fbb955cf23c5f92ba96086841ac6a2c510d4870 (diff) | |
download | volse-hubzilla-ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c.tar.gz volse-hubzilla-ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c.tar.bz2 volse-hubzilla-ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c.zip |
more work on AccessList integration
-rwxr-xr-x | boot.php | 1 | ||||
-rw-r--r-- | include/AccessList.php | 62 | ||||
-rw-r--r-- | include/menu.php | 2 | ||||
-rw-r--r-- | include/text.php | 56 | ||||
-rw-r--r-- | mod/chat.php | 24 | ||||
-rwxr-xr-x | mod/events.php | 52 | ||||
-rw-r--r-- | mod/item.php | 1 | ||||
-rw-r--r-- | mod/mitem.php | 1 | ||||
-rw-r--r-- | mod/photos.php | 53 |
9 files changed, 113 insertions, 139 deletions
@@ -43,6 +43,7 @@ require_once('include/taxonomy.php'); require_once('include/identity.php'); require_once('include/Contact.php'); require_once('include/account.php'); +require_once('include/AccessList.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); diff --git a/include/AccessList.php b/include/AccessList.php index d4653de6a..46e66d33d 100644 --- a/include/AccessList.php +++ b/include/AccessList.php @@ -8,7 +8,9 @@ class AccessList { private $deny_cid; private $deny_gid; - private $explicit; + /* indicates if we are using the default constructor values or values that have been set explicitly. */ + + private $explicit; function __construct($channel) { @@ -69,3 +71,61 @@ class AccessList { } +/** + * @brief Used to wrap ACL elements in angle brackets for storage. + * + * @param[in,out] array &$item + */ +function sanitise_acl(&$item) { + if (strlen($item)) + $item = '<' . notags(trim($item)) . '>'; + else + unset($item); +} + +/** + * @brief Convert an ACL array to a storable string. + * + * @param array $p + * @return array + */ +function perms2str($p) { + $ret = ''; + + if (is_array($p)) + $tmp = $p; + else + $tmp = explode(',', $p); + + if (is_array($tmp)) { + array_walk($tmp, 'sanitise_acl'); + $ret = implode('', $tmp); + } + + return $ret; +} + + +/** + * @brief Turn user/group ACLs stored as angle bracketed text into arrays. + * + * turn string array of angle-bracketed elements into string array + * e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e); + * + * @param string $s + * @return array + */ +function expand_acl($s) { + $ret = array(); + + if(strlen($s)) { + $t = str_replace('<','',$s); + $a = explode('>',$t); + foreach($a as $aa) { + if($aa) + $ret[] = $aa; + } + } + + return $ret; +} diff --git a/include/menu.php b/include/menu.php index f853ea793..7ed931a59 100644 --- a/include/menu.php +++ b/include/menu.php @@ -2,7 +2,7 @@ require_once('include/security.php'); require_once('include/bbcode.php'); -require_once('include/AccessList.php'); + function menu_fetch($name,$uid,$observer_xchan) { diff --git a/include/text.php b/include/text.php index f27a9ce68..e4735ac48 100644 --- a/include/text.php +++ b/include/text.php @@ -458,63 +458,7 @@ function alt_pager(&$a, $i, $more = '', $less = '') { } -/** - * @brief Turn user/group ACLs stored as angle bracketed text into arrays. - * - * turn string array of angle-bracketed elements into string array - * e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e); - * - * @param string $s - * @return array - */ -function expand_acl($s) { - $ret = array(); - if(strlen($s)) { - $t = str_replace('<','',$s); - $a = explode('>',$t); - foreach($a as $aa) { - if($aa) - $ret[] = $aa; - } - } - - return $ret; -} - -/** - * @brief Used to wrap ACL elements in angle brackets for storage. - * - * @param[in,out] array &$item - */ -function sanitise_acl(&$item) { - if (strlen($item)) - $item = '<' . notags(trim($item)) . '>'; - else - unset($item); -} - -/** - * @brief Convert an ACL array to a storable string. - * - * @param array $p - * @return array - */ -function perms2str($p) { - $ret = ''; - - if (is_array($p)) - $tmp = $p; - else - $tmp = explode(',', $p); - - if (is_array($tmp)) { - array_walk($tmp, 'sanitise_acl'); - $ret = implode('', $tmp); - } - - return $ret; -} /** * @brief Generate a guaranteed unique (for this domain) item ID for ATOM. diff --git a/mod/chat.php b/mod/chat.php index c54d29313..c2c11d0ab 100644 --- a/mod/chat.php +++ b/mod/chat.php @@ -54,12 +54,11 @@ function chat_post(&$a) { goaway(z_root() . '/chat/' . $channel['channel_address']); } + $acl = new AccessList($channel); + $acl->set_from_array($_REQUEST); - $arr = array('name' => $room); - $arr['allow_gid'] = perms2str($_REQUEST['group_allow']); - $arr['allow_cid'] = perms2str($_REQUEST['contact_allow']); - $arr['deny_gid'] = perms2str($_REQUEST['group_deny']); - $arr['deny_cid'] = perms2str($_REQUEST['contact_deny']); + $arr = $acl->get(); + $arr['name'] = $room; chatroom_create($channel,$arr); @@ -158,7 +157,10 @@ function chat_content(&$a) { intval($a->profile['profile_uid']) ); if($x) { - $private = ((($x[0]['allow_cid']) || ($x[0]['allow_gid']) || ($x[0]['deny_cid']) || ($x[0]['deny_gid'])) ? true : false); + $acl = new AccessList(false); + $acl->set($x[0]); + + $private = $acl->is_private(); $room_name = $x[0]['cr_name']; if($bookmark_link) $bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; @@ -192,14 +194,8 @@ function chat_content(&$a) { if(local_channel() && argc() > 2 && argv(2) === 'new') { - - - $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); + $acl = new AccessList($channel); + $channel_acl = $acl->get(); require_once('include/acl_selectors.php'); diff --git a/mod/events.php b/mod/events.php index edb61a6cd..9120f8713 100755 --- a/mod/events.php +++ b/mod/events.php @@ -41,16 +41,11 @@ function events_post(&$a) { $categories = escape_tags(trim($_POST['category'])); - - // only allow editing your own events. if(($xchan) && ($xchan !== get_observer_hash())) return; - // The default setting for the `private` field in event_store() is false, so mirror that - $private_event = false; - if($start_text) { $start = $start_text; } @@ -119,6 +114,8 @@ function events_post(&$a) { $channel = $a->get_channel(); + $acl = new AccessList(false); + if($event_id) { $x = q("select * from event where id = %d and uid = %d limit 1", intval($event_id), @@ -133,6 +130,8 @@ function events_post(&$a) { return; } + $acl->set($x[0]); + $created = $x[0]['created']; $edited = datetime_convert(); @@ -142,39 +141,21 @@ function events_post(&$a) { } else { $share = true; - $str_group_allow = $x[0]['allow_gid']; - $str_contact_allow = $x[0]['allow_cid']; - $str_group_deny = $x[0]['deny_gid']; - $str_contact_deny = $x[0]['deny_cid']; - - if(strlen($str_group_allow) || strlen($str_contact_allow) - || strlen($str_group_deny) || strlen($str_contact_deny)) { - $private_event = true; - } } } else { $created = $edited = datetime_convert(); if($share) { - $str_group_allow = perms2str($_POST['group_allow']); - $str_contact_allow = perms2str($_POST['contact_allow']); - $str_group_deny = perms2str($_POST['group_deny']); - $str_contact_deny = perms2str($_POST['contact_deny']); - - if(strlen($str_group_allow) || strlen($str_contact_allow) - || strlen($str_group_deny) || strlen($str_contact_deny)) { - $private_event = true; - } + $acl->set_from_array($_POST); } else { - $str_contact_allow = '<' . $channel['channel_hash'] . '>'; - $str_group_allow = $str_contact_deny = $str_group_deny = ''; - $private_event = true; + $acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '')); } } $post_tags = array(); $channel = $a->get_channel(); + $ac = $acl->get(); if(strlen($categories)) { $cats = explode(',',$categories); @@ -201,11 +182,11 @@ function events_post(&$a) { $datarray['uid'] = local_channel(); $datarray['account'] = get_account_id(); $datarray['event_xchan'] = $channel['channel_hash']; - $datarray['allow_cid'] = $str_contact_allow; - $datarray['allow_gid'] = $str_group_allow; - $datarray['deny_cid'] = $str_contact_deny; - $datarray['deny_gid'] = $str_group_deny; - $datarray['private'] = (($private_event) ? 1 : 0); + $datarray['allow_cid'] = $ac['allow_cid']; + $datarray['allow_gid'] = $ac['allow_gid']; + $datarray['deny_cid'] = $ac['deny_cid']; + $datarray['deny_gid'] = $ac['deny_gid']; + $datarray['private'] = (($acl->is_private()) ? 1 : 0); $datarray['id'] = $event_id; $datarray['created'] = $created; $datarray['edited'] = $edited; @@ -660,12 +641,9 @@ function events_content(&$a) { require_once('include/acl_selectors.php'); - $perm_defaults = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); + $acl = new AccessList($channel); + $perm_defaults = $acl->get(); + $tpl = get_markup_template('event_form.tpl'); diff --git a/mod/item.php b/mod/item.php index 254904c9f..750512bcf 100644 --- a/mod/item.php +++ b/mod/item.php @@ -19,7 +19,6 @@ require_once('include/crypto.php'); require_once('include/enotify.php'); require_once('include/items.php'); require_once('include/attach.php'); -require_once('include/AccessList.php'); function item_post(&$a) { diff --git a/mod/mitem.php b/mod/mitem.php index 3959da032..0fadd1548 100644 --- a/mod/mitem.php +++ b/mod/mitem.php @@ -2,7 +2,6 @@ require_once('include/menu.php'); require_once('include/acl_selectors.php'); -require_once('include/AccessList.php'); function mitem_init(&$a) { diff --git a/mod/photos.php b/mod/photos.php index dc70e4f90..d06a8e69c 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -85,6 +85,7 @@ function photos_post(&$a) { $owner_record = $s[0]; + $acl = AccessList($a->data['channel']); if((argc() > 3) && (argv(2) === 'album')) { @@ -200,6 +201,7 @@ function photos_post(&$a) { goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']); } + if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) { @@ -208,10 +210,9 @@ function photos_post(&$a) { $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); $albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : ''); $is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0); - $str_group_allow = perms2str($_POST['group_allow']); - $str_contact_allow = perms2str($_POST['contact_allow']); - $str_group_deny = perms2str($_POST['group_deny']); - $str_contact_deny = perms2str($_POST['contact_deny']); + + $acl->set_from_array($_POST); + $perm = $acl->get(); $resource_id = $a->argv[2]; @@ -284,10 +285,10 @@ function photos_post(&$a) { $r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), + dbesc($perm['allow_cid']), + dbesc($perm['allow_gid']), + dbesc($perm['deny_cid']), + dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid) ); @@ -331,20 +332,20 @@ function photos_post(&$a) { // make sure the linked item has the same permissions as the photo regardless of any other changes $x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($item_private), + dbesc($perm['allow_cid']), + dbesc($perm['allow_gid']), + dbesc($perm['deny_cid']), + dbesc($perm['deny_gid']), + intval($acl->is_private()), intval($item_id) ); // make sure the attach has the same permissions as the photo regardless of any other changes $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), + dbesc($perm['allow_cid']), + dbesc($perm['allow_gid']), + dbesc($perm['deny_cid']), + dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid) ); @@ -418,11 +419,11 @@ function photos_post(&$a) { $_REQUEST['source'] = 'photos'; require_once('include/attach.php'); - if(!local_channel()) { + if(! local_channel()) { $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); - $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); - $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); - $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); + $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); + $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); + $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); } $r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST); @@ -557,14 +558,10 @@ function photos_content(&$a) { if($_is_owner) { $channel = $a->get_channel(); - $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); + $acl = new AccessList($channel); + $channel_acl = $acl->get(); - $lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'); + $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); } $aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : ''); |