diff options
author | zotlabs <mike@macgirvin.com> | 2018-07-30 17:41:37 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2018-07-30 17:41:37 -0700 |
commit | e8aeecc4c9842d4c6b25f7b488ede9644afc5d78 (patch) | |
tree | 5917ab02693599f5a069667c404f32a1dd649c86 | |
parent | 32614e4074758d6112993d71169664a3c29e90b2 (diff) | |
download | volse-hubzilla-e8aeecc4c9842d4c6b25f7b488ede9644afc5d78.tar.gz volse-hubzilla-e8aeecc4c9842d4c6b25f7b488ede9644afc5d78.tar.bz2 volse-hubzilla-e8aeecc4c9842d4c6b25f7b488ede9644afc5d78.zip |
When checking permissions ignore checking site "Block Public" settings in cases where site permissions aren't applicable
-rw-r--r-- | Zotlabs/Module/Connedit.php | 2 | ||||
-rw-r--r-- | Zotlabs/Module/Defperms.php | 1 | ||||
-rw-r--r-- | Zotlabs/Module/Settings/Tokens.php | 2 | ||||
-rw-r--r-- | include/permissions.php | 17 | ||||
-rw-r--r-- | include/zot.php | 6 |
5 files changed, 16 insertions, 12 deletions
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index cb9c19cf0..712215bc3 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -774,7 +774,7 @@ class Connedit extends \Zotlabs\Web\Controller { $global_perms = \Zotlabs\Access\Permissions::Perms(); - $existing = get_all_perms(local_channel(),$contact['abook_xchan']); + $existing = get_all_perms(local_channel(),$contact['abook_xchan'],false); $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); diff --git a/Zotlabs/Module/Defperms.php b/Zotlabs/Module/Defperms.php index 97d9cfd1d..63acc9795 100644 --- a/Zotlabs/Module/Defperms.php +++ b/Zotlabs/Module/Defperms.php @@ -209,7 +209,6 @@ class Defperms extends \Zotlabs\Web\Controller { $global_perms = \Zotlabs\Access\Permissions::Perms(); - $existing = get_all_perms(local_channel(),$contact['abook_xchan']); $hidden_perms = []; foreach($global_perms as $k => $v) { diff --git a/Zotlabs/Module/Settings/Tokens.php b/Zotlabs/Module/Settings/Tokens.php index 619c8b5ba..e59cf8d1c 100644 --- a/Zotlabs/Module/Settings/Tokens.php +++ b/Zotlabs/Module/Settings/Tokens.php @@ -117,7 +117,7 @@ class Tokens { $global_perms = \Zotlabs\Access\Permissions::Perms(); $their_perms = []; - $existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : '')); + $existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''),false); if($atoken_xchan) { $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", diff --git a/include/permissions.php b/include/permissions.php index 185d37b6a..115d96eca 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -16,11 +16,14 @@ require_once('include/security.php'); * * @param int $uid The channel_id associated with the resource owner * @param string $observer_xchan The xchan_hash representing the observer - * @param bool $internal_use (default true) + * @param bool $check_siteblock (default true) + * if false, bypass check for "Block Public" on the site + * @param bool $default_ignored (default true) + * if false, lie and pretend the ignored person has permissions you are ignoring (used in channel discovery) * * @returns array of all permissions, key is permission name, value is true or false */ -function get_all_perms($uid, $observer_xchan, $internal_use = true) { +function get_all_perms($uid, $observer_xchan, $check_siteblock = true, $default_ignored = true) { $api = App::get_oauth_key(); if($api) @@ -111,7 +114,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { $blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms(); - if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) { + if(($x) && ($default_ignored) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) { $ret[$perm_name] = false; continue; } @@ -119,7 +122,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // system is blocked to anybody who is not authenticated - if((! $observer_xchan) && intval(get_config('system', 'block_public'))) { + if(($check_siteblock) && (! $observer_xchan) && intval(get_config('system', 'block_public'))) { $ret[$perm_name] = false; continue; } @@ -251,9 +254,11 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { * @param int $uid The channel_id associated with the resource owner * @param string $observer_xchan The xchan_hash representing the observer * @param string $permission + * @param boolean $check_siteblock (default true) + * if false bypass check for "Block Public" at the site level * @return bool true if permission is allowed for observer on channel */ -function perm_is_allowed($uid, $observer_xchan, $permission) { +function perm_is_allowed($uid, $observer_xchan, $permission, $check_siteblock = true) { $api = App::get_oauth_key(); if($api) @@ -326,7 +331,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { // system is blocked to anybody who is not authenticated - if((! $observer_xchan) && intval(get_config('system', 'block_public'))) + if(($check_siteblock) && (! $observer_xchan) && intval(get_config('system', 'block_public'))) return false; // Check if this $uid is actually the $observer_xchan diff --git a/include/zot.php b/include/zot.php index 5c74947d6..5c79dd4fa 100644 --- a/include/zot.php +++ b/include/zot.php @@ -491,7 +491,7 @@ function zot_refresh($them, $channel = null, $force = false) { $profile_assign = get_pconfig($channel['channel_id'],'system','profile_assign',''); // Keep original perms to check if we need to notify them - $previous_perms = get_all_perms($channel['channel_id'],$x['hash']); + $previous_perms = get_all_perms($channel['channel_id'],$x['hash'],false); $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1", dbesc($x['hash']), @@ -560,7 +560,7 @@ function zot_refresh($them, $channel = null, $force = false) { if($y) { logger("New introduction received for {$channel['channel_name']}"); - $new_perms = get_all_perms($channel['channel_id'],$x['hash']); + $new_perms = get_all_perms($channel['channel_id'],$x['hash'],false); // Send a clone sync packet and a permissions update if permissions have changed @@ -4419,7 +4419,7 @@ function zotinfo($arr) { if(! $ret['follow_url']) $ret['follow_url'] = z_root() . '/follow?f=&url=%s'; - $permissions = get_all_perms($e['channel_id'],$ztarget_hash,false); + $permissions = get_all_perms($e['channel_id'],$ztarget_hash,false,false); if($ztarget_hash) { $permissions['connected'] = false; |