aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2016-12-01 15:52:54 -0800
committerzotlabs <mike@macgirvin.com>2016-12-01 15:52:54 -0800
commit97e70d62bf52de9e8879f832cc2d53c74f9c27f3 (patch)
tree19a3c2849834bc2aa520711a967e90c3e522ca50
parent47a356ff52900fd8cd8d4980b44c69c13b2e612f (diff)
downloadvolse-hubzilla-97e70d62bf52de9e8879f832cc2d53c74f9c27f3.tar.gz
volse-hubzilla-97e70d62bf52de9e8879f832cc2d53c74f9c27f3.tar.bz2
volse-hubzilla-97e70d62bf52de9e8879f832cc2d53c74f9c27f3.zip
extensible perms: the really, really hard part - figuring out what to do about people with custom permissions so as to set sane defaults.
-rw-r--r--Zotlabs/Access/PermissionRoles.php42
-rw-r--r--Zotlabs/Access/Permissions.php9
-rwxr-xr-xboot.php28
3 files changed, 69 insertions, 10 deletions
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php
index 8b116adc5..3878777cf 100644
--- a/Zotlabs/Access/PermissionRoles.php
+++ b/Zotlabs/Access/PermissionRoles.php
@@ -160,6 +160,7 @@ class PermissionRoles {
$ret['limits'] = PermissionLimits::Std_Limits();
break;
+ case 'custom':
default:
break;
}
@@ -174,7 +175,48 @@ class PermissionRoles {
return $ret;
}
+ static public function new_custom_perms($uid,$perm,$abooks) {
+ // set permissionlimits for this permission here, for example:
+
+ // if($perm === 'mynewperm')
+ // \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1);
+
+
+ // set autoperms here if applicable
+ // choices are to set to 0, 1, or the value of an existing perm
+
+ if(get_pconfig($uid,'system','autoperms')) {
+
+ $c = channelx_by_n($uid);
+ $value = 0;
+
+ // if($perm === 'mynewperm')
+ // $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm'));
+
+ if($c) {
+ set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value);
+ }
+
+
+ }
+
+ // now set something for all existing connections.
+
+ if($abooks) {
+ foreach($abooks as $ab) {
+ switch($perm) {
+ // case 'mynewperm':
+ // choices are to set to 1, set to 0, or clone an existing perm
+ // set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+ // get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm'));
+
+ default:
+ break;
+ }
+ }
+ }
+ }
static public function roles() {
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php
index 61ea51a48..1951f2f0f 100644
--- a/Zotlabs/Access/Permissions.php
+++ b/Zotlabs/Access/Permissions.php
@@ -10,9 +10,18 @@ class Permissions {
/**
* Extensible permissions.
* To add new permissions, add to the list of $perms below, with a simple description.
+ *
* Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
* if this permission should be granted to new connections.
*
+ * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom
+ * permission roles. You will want to set a default PermissionLimit for each channel and also
+ * provide a sane default for any existing connections. You may or may not wish to provide a
+ * default auto permission. If in doubt, leave this alone as custom permissions by definition
+ * are the responsbility of the channel owner to manage. You just don't want to create any
+ * suprises or break things so you have an opportunity to provide sane settings.
+ *
+ *
* Permissions with 'view' in the name are considered read permissions. Anything
* else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
* is given PERMS_SPECIFIC.
diff --git a/boot.php b/boot.php
index fdbe1325e..13ba73dbc 100755
--- a/boot.php
+++ b/boot.php
@@ -2483,19 +2483,27 @@ function check_for_new_perms() {
// get the permissions role details
$rp = \Zotlabs\Access\PermissionRoles::role_perms($r[0]['v']);
if($rp) {
- // set the channel limits if appropriate or 0
- if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
- \Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
+
+ // for custom permission roles we need to customise how we initiate this new permission
+ if(array_key_exists('role',$rp) && ($rp['role'] === 'custom' || $rp['role'] === '')) {
+ \Zotlabs\Access\PermissionRoles::new_custom_perms($cc['uid'],$p,$x);
}
else {
- \Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
- }
+ // set the channel limits if appropriate or 0
+ if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
+ \Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
+ }
+ else {
+ \Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
+ }
+
- $set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
- // foreach connection set to the perms_connect value
- if($x) {
- foreach($x as $xx) {
- set_abconfig($cc['uid'],$xx['abook_xchan'],'my_perms',$p,intval($set));
+ $set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
+ // foreach connection set to the perms_connect value
+ if($x) {
+ foreach($x as $xx) {
+ set_abconfig($cc['uid'],$xx['abook_xchan'],'my_perms',$p,intval($set));
+ }
}
}
}