aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-09-02 21:11:09 -0700
committerfriendica <info@friendica.com>2014-09-02 21:11:09 -0700
commit7001f41d3d021f1e7fb87cc3c628739bc5362d2a (patch)
treeadbf388ff45ea8702174f9ae14b6e046e50a22ac
parentc7decf70a2d11dc2e208a508a0e7503139ab18c9 (diff)
downloadvolse-hubzilla-7001f41d3d021f1e7fb87cc3c628739bc5362d2a.tar.gz
volse-hubzilla-7001f41d3d021f1e7fb87cc3c628739bc5362d2a.tar.bz2
volse-hubzilla-7001f41d3d021f1e7fb87cc3c628739bc5362d2a.zip
provide a config option to prevent wall uploads (photos and files) from being set to the same ACL as the containing post, and instead are uploaded with public visibility (no ACL). This is to prevent folks on other networks from seeing prohibited signs for things uploaded into a private conversation. It is primarily useful when posting to collections that have mixed folks from red and other networks and an otherwise public (typical) profile. Consequently, these uploads will match your chosen default visibility for photos and storage and not that of the containing conversation item (and is only useful if the default visibility is public). This choice must be explained adequately because it represents a complex series of tradeoffs and side effects. It will reduce complaints from other networks about blocked content, but essentially forces you to use another method (dav or the photos page) if you wish to upload protected files/media.
-rw-r--r--include/apps.php30
-rw-r--r--mod/item.php9
2 files changed, 9 insertions, 30 deletions
diff --git a/include/apps.php b/include/apps.php
index 7ac4c7e4b..91012b0ef 100644
--- a/include/apps.php
+++ b/include/apps.php
@@ -470,33 +470,3 @@ function papp_encode($papp) {
}
-/**
- * install a shared design element (layout, webpage, block, menu, whatever)
- *
- */
-
-function element_install($channel,$s) {
-
- $ret = array('success' => false);
-
- $s = str_replace(array('[element]','[/element]'),array('',''),$s);
- $s = base64url_decode($s);
- if(! $s)
- return $ret;
- $x = json_decode($s,true);
- if(! $x)
- return $ret;
-
- $d = array();
-
-
-
-
-
-
-
-
- $result = item_store($d);
-
-}
-
diff --git a/mod/item.php b/mod/item.php
index c1dd15eb1..9338cf401 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -1190,6 +1190,10 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
function fix_attached_photo_permissions($uid,$xchan_hash,$body,
$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
+ if(get_pconfig($uid,'system','force_public_uploads')) {
+ $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+ }
+
$match = null;
// match img and zmg image links
if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) {
@@ -1259,6 +1263,10 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
function fix_attached_file_permissions($channel,$observer_hash,$body,
$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
+ if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) {
+ $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+ }
+
$match = false;
if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) {
@@ -1279,6 +1287,7 @@ function fix_attached_file_permissions($channel,$observer_hash,$body,
}
}
}
+
function item_check_service_class($channel_id,$iswebpage) {
$ret = array('success' => false, $message => '');
if ($iswebpage) {