aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Access
diff options
context:
space:
mode:
authorKlaus Weidenbach <Klaus.Weidenbach@gmx.net>2017-12-23 14:42:23 +0100
committerKlaus Weidenbach <Klaus.Weidenbach@gmx.net>2018-01-05 01:38:20 +0100
commitaa63c23839990045e8e4a1a283b91a1cd21e1e9c (patch)
tree6b67b47ff865e407fcf5c0cc240cb0ae1f2c1260 /Zotlabs/Access
parent0bb5f38ba50dbeca5217a637cdc4b6abbe725b35 (diff)
downloadvolse-hubzilla-aa63c23839990045e8e4a1a283b91a1cd21e1e9c.tar.gz
volse-hubzilla-aa63c23839990045e8e4a1a283b91a1cd21e1e9c.tar.bz2
volse-hubzilla-aa63c23839990045e8e4a1a283b91a1cd21e1e9c.zip
:bulb: Add source documentation from recent conversations.
There have been some conversations in the last weeks which explained several parts of the code, so add it to the source code documentation. Also some other small source code documentation improvements.
Diffstat (limited to 'Zotlabs/Access')
-rw-r--r--Zotlabs/Access/AccessList.php8
-rw-r--r--Zotlabs/Access/PermissionLimits.php83
2 files changed, 75 insertions, 16 deletions
diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php
index 6471b0b1d..7cf7b5587 100644
--- a/Zotlabs/Access/AccessList.php
+++ b/Zotlabs/Access/AccessList.php
@@ -3,10 +3,14 @@
namespace Zotlabs\Access;
/**
- * @brief AccessList class.
+ * @brief AccessList class which represents individual content ACLs.
*
* A class to hold an AccessList object with allowed and denied contacts and
* groups.
+ *
+ * After evaluating @ref ::Zotlabs::Access::PermissionLimits "PermissionLimits"
+ * and @ref ::Zotlabs::Lib::Permcat "Permcat"s individual content ACLs are evaluated.
+ * These answer the question "Can Joe view *this* album/photo?".
*/
class AccessList {
/**
@@ -103,7 +107,7 @@ class AccessList {
* @brief Return an array consisting of the current access list components
* where the elements are directly storable.
*
- * @return Associative array with:
+ * @return array An associative array with:
* * \e string \b allow_cid => string of allowed cids
* * \e string \b allow_gid => string of allowed gids
* * \e string \b deny_cid => string of denied cids
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php
index 8caeedb91..9ee0656b1 100644
--- a/Zotlabs/Access/PermissionLimits.php
+++ b/Zotlabs/Access/PermissionLimits.php
@@ -2,35 +2,90 @@
namespace Zotlabs\Access;
-use \Zotlabs\Lib as ZLib;
+use Zotlabs\Lib\PConfig;
+/**
+ * @brief Permission limits.
+ *
+ * Permission limits are a very high level permission setting. They are hard
+ * limits by design.
+ * "Who can view my photos (at all)?"
+ * "Who can post photos in my albums (at all)?"
+ *
+ * For viewing permissions we generally set these to 'anybody' and for write
+ * permissions we generally set them to 'those I allow', though many people
+ * restrict the viewing permissions further for things like 'Can view my connections'.
+ *
+ * People get confused enough by permissions that we wanted a place to set their
+ * privacy expectations once and be done with it.
+ *
+ * Connection related permissions like "Can Joe view my photos?" are handled by
+ * @ref ::Zotlabs::Lib::Permcat "Permcat" and inherit from the channel's Permission
+ * limits.
+ *
+ * @see Permissions
+ */
class PermissionLimits {
+ /**
+ * @brief Get standard permission limits.
+ *
+ * Viewing permissions and post_comments permission are set to 'anybody',
+ * other permissions are set to 'those I allow'.
+ *
+ * The list of permissions comes from Permissions::Perms().
+ *
+ * @return array
+ */
static public function Std_Limits() {
+ $limits = [];
$perms = Permissions::Perms();
- $limits = array();
+
foreach($perms as $k => $v) {
- if(strstr($k,'view') || $k === 'post_comments')
+ if(strstr($k, 'view') || $k === 'post_comments')
$limits[$k] = PERMS_PUBLIC;
else
$limits[$k] = PERMS_SPECIFIC;
}
+
return $limits;
}
- static public function Set($channel_id,$perm,$perm_limit) {
- ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
+ /**
+ * @brief Sets a permission limit for a channel.
+ *
+ * @param int $channel_id
+ * @param string $perm
+ * @param int $perm_limit one of PERMS_* constants
+ */
+ static public function Set($channel_id, $perm, $perm_limit) {
+ PConfig::Set($channel_id, 'perm_limits', $perm, $perm_limit);
}
- static public function Get($channel_id,$perm = '') {
+ /**
+ * @brief Get a channel's permission limits.
+ *
+ * Return a channel's permission limits from PConfig. If $perm is set just
+ * return this permission limit, if not set, return an array with all
+ * permission limits.
+ *
+ * @param int $channel_id
+ * @param string $perm (optional)
+ * @return
+ * * \b boolean false if no perm_limits set for this channel
+ * * \b int if $perm is set, return one of PERMS_* constants for this permission
+ * * \b array with all permission limits, if $perm is not set
+ */
+ static public function Get($channel_id, $perm = '') {
if($perm) {
- return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
- }
- else {
- Zlib\PConfig::Load($channel_id);
- if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
- return \App::$config[$channel_id]['perm_limits'];
- return false;
+ return PConfig::Get($channel_id, 'perm_limits', $perm);
}
- }
+
+ PConfig::Load($channel_id);
+ if(array_key_exists($channel_id, \App::$config)
+ && array_key_exists('perm_limits', \App::$config[$channel_id]))
+ return \App::$config[$channel_id]['perm_limits'];
+
+ return false;
+ }
} \ No newline at end of file