expose manual public item import from searchbar, set commen_policy in Activity::store() to what we get if we get something otherwise default to authenticated, comments by the owner have the relay flag set and therefor $perm will be not be set to post_comments - always check if we own the parent in lib/libzot (not only if $perm = send_stream) if otherwise not allowed

2 files changed, 23 insertions, 16 deletions

diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index 46ce075fd..3afc70b28 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -2488,7 +2488,6 @@ class Activity {
 	}
 
 	static function store($channel, $observer_hash, $act, $item, $fetch_parents = true, $force = false) {
-
 		$is_sys_channel = is_sys_channel($channel['channel_id']);
 		$is_child_node  = false;
 
@@ -2523,6 +2522,7 @@ class Activity {
 		// $permit_mentions = intval(PConfig::Get($channel['channel_id'], 'system','permit_all_mentions') && i_am_mentioned($channel,$item));
 
 		if ($is_child_node) {
+
 			$p = q("select * from item where mid = '%s' and uid = %d and item_wall = 1",
 				dbesc($item['parent_mid']),
 				intval($channel['channel_id'])
@@ -2560,6 +2560,7 @@ class Activity {
 				}*/
 			}
 			else {
+
 				$allowed = true;
 				// reject public stream comments that weren't sent by the conversation owner
 				if ($is_sys_channel && $pubstream && $item['owner_xchan'] !== $observer_hash) {
@@ -2575,6 +2576,7 @@ class Activity {
 			}
 		}
 		else {
+
 			// The $item['item_fetched'] flag is set in fetch_and_store_parents().
 			// In this case we should check against author permissions because sender is not owner.
 			if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || ($is_sys_channel && $pubstream)) {
@@ -2694,7 +2696,7 @@ class Activity {
 		}
 
 		// This isn't perfect but the best we can do for now.
-		$item['comment_policy'] = 'authenticated';
+		$item['comment_policy'] = ((isset($act->data['commentPolicy'])) ? $act->data['commentPolicy'] : 'authenticated');
 
 		set_iconfig($item, 'activitypub', 'recips', $act->raw_recips);
 
@@ -2777,9 +2779,9 @@ class Activity {
 				else {
 					$fetch = false;
 					// TODO: debug
-					// if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true)*/ || $act->type === 'Announce')) {
+					// if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true) || $act->type === 'Announce')) {
 					if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || ($is_sys_channel && $pubstream)) {
-						$fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item) : false);
+						$fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item, $force) : false);
 					}
 					if ($fetch) {
 						$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
@@ -2901,7 +2903,7 @@ class Activity {
 
 	}
 
-	static public function fetch_and_store_parents($channel, $observer_hash, $item) {
+	static public function fetch_and_store_parents($channel, $observer_hash, $item, $force = false) {
 		logger('fetching parents');
 
 		$p = [];
@@ -2909,18 +2911,19 @@ class Activity {
 		$current_item = $item;
 
 		while ($current_item['parent_mid'] !== $current_item['mid']) {
-			$n = self::fetch($current_item['parent_mid']);
+			$n = self::fetch($current_item['parent_mid'], $channel);
+
 			if (!$n) {
 				break;
 			}
-			// set client flag to convert objects to implied activities
-			$a = new ActivityStreams($n, null, true);
+
+			$a = new ActivityStreams($n);
 			if ($a->type === 'Announce' && is_array($a->obj)
 				&& array_key_exists('object', $a->obj) && array_key_exists('actor', $a->obj)) {
 				// This is a relayed/forwarded Activity (as opposed to a shared/boosted object)
 				// Reparse the encapsulated Activity and use that instead
 				logger('relayed activity', LOGGER_DEBUG);
-				$a = new ActivityStreams($a->obj, null, true);
+				$a = new ActivityStreams($a->obj);
 			}
 
 			logger($a->debug(), LOGGER_DATA);
@@ -2933,7 +2936,6 @@ class Activity {
 				Activity::actor_store($a->actor['id'], $a->actor);
 			}
 
-			// ActivityPub sourced items are cacheable
 			$item = Activity::decode_note($a);
 
 			if (!$item) {
@@ -2975,7 +2977,7 @@ class Activity {
 		if ($p) {
 			foreach ($p as $pv) {
 				if ($pv[0]->is_valid()) {
-					Activity::store($channel, $observer_hash, $pv[0], $pv[1], false);
+					Activity::store($channel, $observer_hash, $pv[0], $pv[1], false, $force);
 				}
 			}
 			return true;
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index ee1f54ec8..13a75bb6c 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -1235,8 +1235,14 @@ class Libzot {
 					if (is_array($AS->obj) && array_key_exists('commentPolicy', $AS->obj)) {
 						$p = strstr($AS->obj['commentPolicy'], 'until=');
 						if ($p !== false) {
-							$arr['comments_closed'] = datetime_convert('UTC', 'UTC', substr($p, 6));
-							$arr['comment_policy']  = trim(str_replace($p, '', $AS->obj['commentPolicy']));
+							$comments_closed_at = datetime_convert('UTC', 'UTC', substr($p, 6));
+							if ($comments_closed_at === $arr['created']) {
+								$arr['item_nocomment'] = 1;
+							}
+							else {
+								$arr['comments_closed'] = $comments_closed_at;
+								$arr['comment_policy']  = trim(str_replace($p, '', $AS->obj['commentPolicy']));
+							}
 						}
 						else {
 							$arr['comment_policy'] = $AS->obj['commentPolicy'];
@@ -1545,8 +1551,7 @@ class Libzot {
 			}
 
 			$tag_delivery = tgroup_check($channel['channel_id'], $arr);
-
-			$perm = 'send_stream';
+			$perm         = 'send_stream';
 			if (($arr['mid'] !== $arr['parent_mid']) && ($relay))
 				$perm = 'post_comments';
 
@@ -1563,7 +1568,7 @@ class Libzot {
 
 			if ((!$tag_delivery) && (!$local_public)) {
 				$allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm));
-				if ((!$allowed) && $perm === 'post_comments') {
+				if (!$allowed) {
 					$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
 						dbesc($arr['parent_mid']),
 						intval($channel['channel_id'])