diff options
| author | redmatrix <git@macgirvin.com> | 2016-07-28 16:02:51 -0700 |
|---|---|---|
| committer | redmatrix <git@macgirvin.com> | 2016-07-28 16:02:51 -0700 |
| commit | bc74425872704ad955b37de18639ec831a245761 (patch) | |
| tree | a72a058190905f6f87488d51a97ce02df00f7422 /Zotlabs/Module | |
| parent | 35f17acb388f68745068d6a60e12c7b777b92282 (diff) | |
| download | volse-hubzilla-bc74425872704ad955b37de18639ec831a245761.tar.gz volse-hubzilla-bc74425872704ad955b37de18639ec831a245761.tar.bz2 volse-hubzilla-bc74425872704ad955b37de18639ec831a245761.zip | |
Revert "Merge branch '1.10RC' of https://github.com/redmatrix/hubzilla into 1.10RC_merge"
This reverts commit 35f17acb388f68745068d6a60e12c7b777b92282, reversing
changes made to 58cf5f310d89026fb526e201c301075725044e48.
Diffstat (limited to 'Zotlabs/Module')
| -rw-r--r-- | Zotlabs/Module/Acl.php | 54 | ||||
| -rw-r--r-- | Zotlabs/Module/Connedit.php | 89 | ||||
| -rw-r--r-- | Zotlabs/Module/Editpost.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Editwebpage.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/File_upload.php | 40 | ||||
| -rw-r--r-- | Zotlabs/Module/Follow.php | 5 | ||||
| -rw-r--r-- | Zotlabs/Module/Id.php | 319 | ||||
| -rw-r--r-- | Zotlabs/Module/Import.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Module/Item.php | 12 | ||||
| -rw-r--r-- | Zotlabs/Module/Like.php | 31 | ||||
| -rw-r--r-- | Zotlabs/Module/Mail.php | 12 | ||||
| -rw-r--r-- | Zotlabs/Module/Manage.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Openid.php | 198 | ||||
| -rw-r--r-- | Zotlabs/Module/Probe.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Profiles.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Ratingsearch.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Rmagic.php | 13 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings.php | 58 |
18 files changed, 644 insertions, 218 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 03dc6c5d3..76a001fdd 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -58,23 +58,7 @@ class Acl extends \Zotlabs\Web\Controller { if( (! local_channel()) && (! ($type == 'x' || $type == 'c'))) killme(); - - $permitted = []; - - if(in_array($type, [ 'm', 'a', 'c' ])) { - - // These queries require permission checking. We'll create a simple array of xchan_hash for those with - // the requisite permissions which we can check against. - - $x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1", - intval(local_channel()), - dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver') - ); - - $permitted = ids_to_array($x,'xchan'); - } - - + if($search) { $sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " "; $sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") "; @@ -103,13 +87,13 @@ class Acl extends \Zotlabs\Web\Controller { if($type == '' || $type == 'g') { - $r = q("SELECT groups.id, groups.hash, groups.gname - FROM groups,group_member - WHERE groups.deleted = 0 AND groups.uid = %d - AND group_member.gid=groups.id + $r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname` + FROM `groups`,`group_member` + WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d + AND `group_member`.`gid`=`groups`.`id` $sql_extra - GROUP BY groups.id - ORDER BY groups.gname + GROUP BY `groups`.`id` + ORDER BY `groups`.`gname` LIMIT %d OFFSET %d", intval(local_channel()), intval($count), @@ -172,7 +156,7 @@ class Acl extends \Zotlabs\Web\Controller { } - $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self + $r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self FROM abook left join xchan on abook_xchan = xchan_hash WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" , intval(local_channel()) @@ -237,24 +221,16 @@ class Acl extends \Zotlabs\Web\Controller { } } elseif($type == 'm') { - - $r = array(); - $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url + + $r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url FROM abook left join xchan on abook_xchan = xchan_hash - WHERE abook_channel = %d + WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0) and xchan_deleted = 0 $sql_extra3 - ORDER BY xchan_name ASC ", - intval(local_channel()) + ORDER BY `xchan_name` ASC ", + intval(local_channel()), + intval(PERMS_W_MAIL) ); - if($z) { - foreach($z as $zz) { - if(in_array($zz['id'],$permitted)) { - $r[] = $zz; - } - } - } - } elseif($type == 'a') { @@ -298,7 +274,7 @@ class Acl extends \Zotlabs\Web\Controller { if(strpos($g['hash'],'/') && $type != 'a') continue; - if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) { + if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) { $contacts[] = array( "type" => "c", "photo" => "images/twopeople.png", diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 93ee30999..7db4950b1 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -126,30 +126,15 @@ class Connedit extends \Zotlabs\Web\Controller { $rating = 10; $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - - $all_perms = \Zotlabs\Access\Permissions::Perms(); - - if($all_perms) { - foreach($all_perms as $perm => $desc) { - if(array_key_exists('perms_' . $perm, $_POST)) { - set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm, - intval($_POST['perms_' . $perm])); - if($autoperms) { - set_pconfig($channel['channel_id'],'autoperms',$perm,intval($_POST['perms_' . $perm])); - } - } - else { - set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0); - if($autoperms) { - set_pconfig($channel['channel_id'],'autoperms',$perm,0); - } - } + + $abook_my_perms = 0; + + foreach($_POST as $k => $v) { + if(strpos($k,'perms_') === 0) { + $abook_my_perms += $v; } } - - if(! is_null($autoperms)) - set_pconfig($channel['channel_id'],'system','autoperms',$autoperms); - + $new_friend = false; if(! $is_self) { @@ -209,25 +194,19 @@ class Connedit extends \Zotlabs\Web\Controller { $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { - $x = \Zotlabs\Access\PermissionRoles::role_perms($role); - if($x['perms_connect']) { - $abook_my_perms = $x['perms_connect']; - } - } - - $filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms); - foreach($filled_perms as $k => $v) { - set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v); + $x = get_role_perms($role); + if($x['perms_accept']) + $abook_my_perms = $x['perms_accept']; } - } - + $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); - $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, + $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' where abook_id = %d AND abook_channel = %d", dbesc($profile_id), + intval($abook_my_perms), intval($closeness), intval($abook_pending), dbesc($abook_incl), @@ -248,13 +227,10 @@ class Connedit extends \Zotlabs\Web\Controller { info( t('Connection updated.') . EOL); else notice( t('Failed to update connection record.') . EOL); - - if(! intval(\App::$poi['abook_self'])) { - \Zotlabs\Daemon\Master::Summon( [ - 'Notifier', - (($new_friend) ? 'permission_create' : 'permission_update'), - $contact_id - ]); + + if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms + && (! intval(\App::$poi['abook_self']))) { + \Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id)); } if($new_friend) { @@ -395,9 +371,9 @@ class Connedit extends \Zotlabs\Web\Controller { $my_perms = get_channel_default_perms(local_channel()); $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { - $x = \Zotlabs\Access\PermissionRoles::role_perms($role); - if($x['perms_connect']) - $my_perms = $x['perms_connect']; + $x = get_role_perms($role); + if($x['perms_accept']) + $my_perms = $x['perms_accept']; } $yes_no = array(t('No'),t('Yes')); @@ -678,8 +654,7 @@ class Connedit extends \Zotlabs\Web\Controller { $perms = array(); $channel = \App::get_channel(); - $global_perms = \Zotlabs\Access\Permissions::Perms(); - + $global_perms = get_perms(); $existing = get_all_perms(local_channel(),$contact['abook_xchan']); $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); @@ -695,32 +670,16 @@ class Connedit extends \Zotlabs\Web\Controller { if($slide && $multiprofs) $affinity = t('Set Affinity & Profile'); - $theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'", - intval(local_channel()), - dbesc($contact['abook_xchan']) - ); - $their_perms = array(); - if($theirs) { - foreach($theirs as $t) { - $their_perms[$t['k']] = $t['v']; - } - } - foreach($global_perms as $k => $v) { - $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); -//fixme - - $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); + $thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : ''); + $checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : ''); // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner if((! $self) && ($existing[$k])) $thisperm = "1"; - - - - $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); + $perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited); } $locstr = ''; diff --git a/Zotlabs/Module/Editpost.php b/Zotlabs/Module/Editpost.php index 838fe9e4f..da859de3e 100644 --- a/Zotlabs/Module/Editpost.php +++ b/Zotlabs/Module/Editpost.php @@ -47,9 +47,9 @@ class Editpost extends \Zotlabs\Web\Controller { if(intval($itm[0]['item_obscured'])) { $key = get_config('system','prvkey'); if($itm[0]['title']) - $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key); + $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); if($itm[0]['body']) - $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key); + $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); } $category = ''; diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php index a55f81101..be4803a07 100644 --- a/Zotlabs/Module/Editwebpage.php +++ b/Zotlabs/Module/Editwebpage.php @@ -108,9 +108,9 @@ class Editwebpage extends \Zotlabs\Web\Controller { if(intval($itm[0]['item_obscured'])) { $key = get_config('system','prvkey'); if($itm[0]['title']) - $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key); + $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); if($itm[0]['body']) - $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key); + $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); } $item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1", diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php deleted file mode 100644 index 999b241f1..000000000 --- a/Zotlabs/Module/File_upload.php +++ /dev/null @@ -1,40 +0,0 @@ -<?php -namespace Zotlabs\Module; - -require_once('include/attach.php'); -require_once('include/channel.php'); -require_once('include/photos.php'); - - -class File_upload extends \Zotlabs\Web\Controller { - - function post() { - - // logger('file upload: ' . print_r($_REQUEST,true)); - - $channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null); - - if(! $channel) { - logger('channel not found'); - killme(); - } - - $_REQUEST['source'] = 'file_upload'; - - if($channel['channel_id'] != local_channel()) { - $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); - $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']); - $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']); - $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); - } - - if($_REQUEST['directory_name']) - $r = attach_mkdir($channel,get_observer_hash(),$_REQUEST); - else - $r = attach_store($channel,get_observer_hash(), '', $_REQUEST); - - goaway(z_root() . '/' . $_REQUEST['return_url']); - - } - -} diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index da9ab3670..3641330c9 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -47,13 +47,12 @@ class Follow extends \Zotlabs\Web\Controller { if($abconfig) $clone['abconfig'] = $abconfig; - build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true); + build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); - $can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream')); // If we can view their stream, pull in some posts - if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) + if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss')) \Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id'])); goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); diff --git a/Zotlabs/Module/Id.php b/Zotlabs/Module/Id.php new file mode 100644 index 000000000..e053bf99c --- /dev/null +++ b/Zotlabs/Module/Id.php @@ -0,0 +1,319 @@ +<?php +namespace Zotlabs\Module; + +/** + * @file mod/id.php + * @brief OpenID implementation + */ + +require 'library/openid/provider/provider.php'; + + +$attrMap = array( + 'namePerson/first' => t('First Name'), + 'namePerson/last' => t('Last Name'), + 'namePerson/friendly' => t('Nickname'), + 'namePerson' => t('Full Name'), + 'contact/internet/email' => t('Email'), + 'contact/email' => t('Email'), + 'media/image/aspect11' => t('Profile Photo'), + 'media/image' => t('Profile Photo'), + 'media/image/default' => t('Profile Photo'), + 'media/image/16x16' => t('Profile Photo 16px'), + 'media/image/32x32' => t('Profile Photo 32px'), + 'media/image/48x48' => t('Profile Photo 48px'), + 'media/image/64x64' => t('Profile Photo 64px'), + 'media/image/80x80' => t('Profile Photo 80px'), + 'media/image/128x128' => t('Profile Photo 128px'), + 'timezone' => t('Timezone'), + 'contact/web/default' => t('Homepage URL'), + 'language/pref' => t('Language'), + 'birthDate/birthYear' => t('Birth Year'), + 'birthDate/birthMonth' => t('Birth Month'), + 'birthDate/birthday' => t('Birth Day'), + 'birthDate' => t('Birthdate'), + 'gender' => t('Gender'), +); + + +/** + * @brief Entrypoint for the OpenID implementation. + * + * @param App &$a + */ + +class Id extends \Zotlabs\Web\Controller { + + function init() { + + logger('id: ' . print_r($_REQUEST, true)); + + if(argc() > 1) { + $which = argv(1); + } else { + \App::$error = 404; + return; + } + + $profile = ''; + $channel = \App::get_channel(); + profile_load($which,$profile); + + $op = new MysqlProvider; + $op->server(); + } + + /** + * @brief Returns user data needed for OpenID. + * + * If no $handle is provided we will use local_channel() by default. + * + * @param string $handle (default null) + * @return boolean|array + */ + static public function getUserData($handle = null) { + if (! local_channel()) { + notice( t('Permission denied.') . EOL); + \App::$page['content'] = login(); + + return false; + } + + // logger('handle: ' . $handle); + + if ($handle) { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1", + dbesc($handle) + ); + } else { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d", + intval(local_channel()) + ); + } + + if (! r) + return false; + + $x = q("select * from account where account_id = %d limit 1", + intval($r[0]['channel_account_id']) + ); + if ($x) + $r[0]['email'] = $x[0]['account_email']; + + $p = q("select * from profile where is_default = 1 and uid = %d limit 1", + intval($r[0]['channel_account_id']) + ); + + $gender = ''; + if ($p[0]['gender'] == t('Male')) + $gender = 'M'; + if ($p[0]['gender'] == t('Female')) + $gender = 'F'; + + $r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']); + $r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : ''); + $r[0]['namePerson'] = $r[0]['channel_name']; + $r[0]['pphoto'] = $r[0]['xchan_photo_l']; + $r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg'; + $r[0]['timezone'] = $r[0]['channel_timezone']; + $r[0]['url'] = $r[0]['xchan_url']; + $r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en'); + $r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : ''); + $r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : ''); + $r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : ''); + $r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : ''); + $r[0]['gender'] = $gender; + + return $r[0]; + + /* + * if(isset($_POST['login'],$_POST['password'])) { + * $login = mysql_real_escape_string($_POST['login']); + * $password = sha1($_POST['password']); + * $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'"); + * if($data = mysql_fetch_assoc($q)) { + * return $data; + * } + * if($handle) { + * echo 'Wrong login/password.'; + * } + * } + * if($handle) { + * ?> + * <form action="" method="post"> + * <input type="hidden" name="openid.assoc_handle" value="<?php +namespace Zotlabs\Module; echo $handle?>"> + * Login: <input type="text" name="login"><br> + * Password: <input type="password" name="password"><br> + * <button>Submit</button> + * </form> + * <?php +namespace Zotlabs\Module; + * die(); + * } + */ + + } +} + + + /** + * @brief MySQL provider for OpenID implementation. + * + */ + class MysqlProvider extends \LightOpenIDProvider { + + // See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html + // This list contains a few variations of these attributes to maintain + // compatibility with legacy clients + + private $attrFieldMap = array( + 'namePerson/first' => 'firstName', + 'namePerson/last' => 'lastName', + 'namePerson/friendly' => 'channel_address', + 'namePerson' => 'namePerson', + 'contact/internet/email' => 'email', + 'contact/email' => 'email', + 'media/image/aspect11' => 'pphoto', + 'media/image' => 'pphoto', + 'media/image/default' => 'pphoto', + 'media/image/16x16' => 'pphoto16', + 'media/image/32x32' => 'pphoto32', + 'media/image/48x48' => 'pphoto48', + 'media/image/64x64' => 'pphoto64', + 'media/image/80x80' => 'pphoto80', + 'media/image/128x128' => 'pphoto128', + 'timezone' => 'timezone', + 'contact/web/default' => 'url', + 'language/pref' => 'language', + 'birthDate/birthYear' => 'birthyear', + 'birthDate/birthMonth' => 'birthmonth', + 'birthDate/birthday' => 'birthday', + 'birthDate' => 'birthdate', + 'gender' => 'gender', + ); + + function setup($identity, $realm, $assoc_handle, $attributes) { + global $attrMap; + + // logger('identity: ' . $identity); + // logger('realm: ' . $realm); + // logger('assoc_handle: ' . $assoc_handle); + // logger('attributes: ' . print_r($attributes,true)); + + $data = \Zotlabs\Module\Id::getUserData($assoc_handle); + + + /** @FIXME this needs to be a template with localised strings */ + + $o .= '<form action="" method="post">' + . '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">' + . '<input type="hidden" name="login" value="' . $_POST['login'] .'">' + . '<input type="hidden" name="password" value="' . $_POST['password'] .'">' + . "<b>$realm</b> wishes to authenticate you."; + if($attributes['required'] || $attributes['optional']) { + $o .= " It also requests following information (required fields marked with *):" + . '<ul>'; + + foreach($attributes['required'] as $attr) { + if(isset($this->attrMap[$attr])) { + $o .= '<li>' + . '<input type="checkbox" name="attributes[' . $attr . ']"> ' + . $this->attrMap[$attr] . ' <span class="required">*</span></li>'; + } + } + + foreach($attributes['optional'] as $attr) { + if(isset($this->attrMap[$attr])) { + $o .= '<li>' + . '<input type="checkbox" name="attributes[' . $attr . ']"> ' + . $this->attrMap[$attr] . '</li>'; + } + } + $o .= '</ul>'; + } + $o .= '<br>' + . '<button name="once">Allow once</button> ' + . '<button name="always">Always allow</button> ' + . '<button name="cancel">cancel</button> ' + . '</form>'; + + \App::$page['content'] .= $o; + } + + function checkid($realm, &$attributes) { + + logger('checkid: ' . $realm); + logger('checkid attrs: ' . print_r($attributes,true)); + + if(isset($_POST['cancel'])) { + $this->cancel(); + } + + $data = \Zotlabs\Module\Id::getUserData(); + if(! $data) { + return false; + } + + $q = get_pconfig(local_channel(), 'openid', $realm); + + $attrs = array(); + if($q) { + $attrs = $q; + } elseif(isset($_POST['attributes'])) { + $attrs = array_keys($_POST['attributes']); + } elseif(!isset($_POST['once']) && !isset($_POST['always'])) { + return false; + } + + $attributes = array(); + foreach($attrs as $attr) { + if(isset($this->attrFieldMap[$attr])) { + $attributes[$attr] = $data[$this->attrFieldMap[$attr]]; + } + } + + if(isset($_POST['always'])) { + set_pconfig(local_channel(),'openid',$realm,array_keys($attributes)); + } + + return z_root() . '/id/' . $data['channel_address']; + } + + function assoc_handle() { + logger('assoc_handle'); + $channel = \App::get_channel(); + + return z_root() . '/channel/' . $channel['channel_address']; + } + + function setAssoc($handle, $data) { + logger('setAssoc'); + $channel = channelx_by_nick(basename($handle)); + if($channel) + set_pconfig($channel['channel_id'],'openid','associate',$data); + } + + function getAssoc($handle) { + logger('getAssoc: ' . $handle); + + $channel = channelx_by_nick(basename($handle)); + if($channel) + return get_pconfig($channel['channel_id'], 'openid', 'associate'); + + return false; + } + + function delAssoc($handle) { + logger('delAssoc'); + $channel = channelx_by_nick(basename($handle)); + if($channel) + return del_pconfig($channel['channel_id'], 'openid', 'associate'); + } + } + diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index d27f013b9..e34f5e49e 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -8,7 +8,6 @@ namespace Zotlabs\Module; require_once('include/zot.php'); require_once('include/channel.php'); require_once('include/import.php'); -require_once('include/perm_upgrade.php'); @@ -340,8 +339,6 @@ class Import extends \Zotlabs\Web\Controller { $abooks = $data['abook']; if($abooks) { foreach($abooks as $abook) { - - $abook_copy = $abook; $abconfig = null; if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) @@ -350,10 +347,6 @@ class Import extends \Zotlabs\Web\Controller { unset($abook['abook_id']); unset($abook['abook_rating']); unset($abook['abook_rating_text']); - unset($abook['abconfig']); - unset($abook['abook_their_perms']); - unset($abook['abook_my_perms']); - $abook['abook_account'] = $account_id; $abook['abook_channel'] = $channel['channel_id']; if(! array_key_exists('abook_blocked',$abook)) { @@ -392,8 +385,6 @@ class Import extends \Zotlabs\Web\Controller { $friends ++; if(intval($abook['abook_feed'])) $feeds ++; - - translate_abook_perms_inbound($channel,$abook_copy); if($abconfig) { // @fixme does not handle sync of del_abconfig diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 2d0c1ba02..b54099d74 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -318,11 +318,9 @@ class Item extends \Zotlabs\Web\Controller { } $acl = new \Zotlabs\Access\AccessList($channel); - - $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'); - $comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'); - $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true)); + + $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); if($webpage) $public_policy = ''; if($public_policy) @@ -530,11 +528,11 @@ class Item extends \Zotlabs\Web\Controller { if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) { - $x = q("select abook_id, abconfig.v from abook left join abconfig on abook_xchan = abconfig.xchan and abook_channel = abconfig.chan and cat= 'their_perms' and abconfig.k = 'tag_deliver' and abconfig.v = 1 and abook_xchan = '%s' and abook_channel = %d limit 1", + $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)), intval($profile_uid) ); - if($x) + if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL)) $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; } @@ -814,7 +812,7 @@ class Item extends \Zotlabs\Web\Controller { $datarray['layout_mid'] = $layout_mid; $datarray['public_policy'] = $public_policy; - $datarray['comment_policy'] = map_scope($comment_policy); + $datarray['comment_policy'] = map_scope($channel['channel_w_comment']); $datarray['term'] = $post_tags; $datarray['plink'] = $plink; $datarray['route'] = $route; diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php index 170349509..1ca37d646 100644 --- a/Zotlabs/Module/Like.php +++ b/Zotlabs/Module/Like.php @@ -264,22 +264,23 @@ class Like extends \Zotlabs\Web\Controller { logger('like: no item ' . $item_id); killme(); } - - - xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel())); - + + $item = $r[0]; - - $owner_uid = $r[0]['uid']; - $owner_aid = $r[0]['aid']; - - $can_comment = false; - if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self'])) - $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments'); - else - $can_comment = can_comment_on_post($observer['xchan_hash'],$item); - - if(! $can_comment) { + $owner_uid = $item['uid']; + $owner_aid = $item['aid']; + + + $sys = get_sys_channel(); + + + // if this is a "discover" item, (item['uid'] is the sys channel), + // fallback to the item comment policy, which should've been + // respected when generating the conversation thread. + // Even if the activity is rejected by the item owner, it should still get attached + // to the local discover conversation on this site. + + if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) { notice( t('Permission denied') . EOL); killme(); } diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php index 043c28078..aae7585c4 100644 --- a/Zotlabs/Module/Mail.php +++ b/Zotlabs/Module/Mail.php @@ -57,6 +57,8 @@ class Mail extends \Zotlabs\Web\Controller { $their_perms = 0; + $global_perms = get_perms(); + if($j['permissions']['data']) { $permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']); if($permissions) @@ -66,7 +68,13 @@ class Mail extends \Zotlabs\Web\Controller { else $permissions = $j['permissions']; - if(! ($permissions['post_mail'])) { + foreach($permissions as $k => $v) { + if($v) { + $their_perms = $their_perms | intval($global_perms[$k][1]); + } + } + + if(! ($their_perms & PERMS_W_MAIL)) { notice( t('Selected channel has private message restrictions. Send failed.')); // reported issue: let's still save the message and continue. We'll just tell them // that nothing useful is likely to happen. They might have spent hours on it. @@ -112,7 +120,7 @@ class Mail extends \Zotlabs\Web\Controller { } - function get() { + function get() { $o = ''; nav_set_selected('messages'); diff --git a/Zotlabs/Module/Manage.php b/Zotlabs/Module/Manage.php index 8f815d6d4..4ca044c4a 100644 --- a/Zotlabs/Module/Manage.php +++ b/Zotlabs/Module/Manage.php @@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller { $create = array( 'new_channel', t('Create a new channel'), t('Create New')); $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where - abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = 1 )", + abook_channel = %d and (abook_their_perms & %d) > 0", intval(local_channel()), - intval(local_channel()) + intval(PERMS_A_DELEGATE) ); if($delegates) { diff --git a/Zotlabs/Module/Openid.php b/Zotlabs/Module/Openid.php new file mode 100644 index 000000000..8cbc6d2fd --- /dev/null +++ b/Zotlabs/Module/Openid.php @@ -0,0 +1,198 @@ +<?php +namespace Zotlabs\Module; + + +require_once('library/openid/openid.php'); +require_once('include/auth.php'); + + +class Openid extends \Zotlabs\Web\Controller { + + function get() { + + $noid = get_config('system','disable_openid'); + if($noid) + goaway(z_root()); + + logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA); + + if(x($_REQUEST,'openid_mode')) { + + $openid = new LightOpenID(z_root()); + + if($openid->validate()) { + + logger('openid: validate'); + + $authid = normalise_openid($_REQUEST['openid_identity']); + + if(! strlen($authid)) { + logger( t('OpenID protocol error. No ID returned.') . EOL); + goaway(z_root()); + } + + $x = match_openid($authid); + if($x) { + + $r = q("select * from channel where channel_id = %d limit 1", + intval($x) + ); + if($r) { + $y = q("select * from account where account_id = %d limit 1", + intval($r[0]['channel_account_id']) + ); + if($y) { + foreach($y as $record) { + if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) { + logger('mod_openid: openid success for ' . $x[0]['channel_name']); + $_SESSION['uid'] = $r[0]['channel_id']; + $_SESSION['account_id'] = $r[0]['channel_account_id']; + $_SESSION['authenticated'] = true; + authenticate_success($record,$r[0],true,true,true,true); + goaway(z_root()); + } + } + } + } + } + + // Successful OpenID login - but we can't match it to an existing account. + // See if they've got an xchan + + $r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1", + dbesc($authid) + ); + + if($r) { + $_SESSION['authenticated'] = 1; + $_SESSION['visitor_id'] = $r[0]['xchan_hash']; + $_SESSION['my_url'] = $r[0]['xchan_url']; + $_SESSION['my_address'] = $r[0]['xchan_addr']; + $arr = array('xchan' => $r[0], 'session' => $_SESSION); + call_hooks('magic_auth_openid_success',$arr); + \App::set_observer($r[0]); + require_once('include/security.php'); + \App::set_groups(init_groups_visitor($_SESSION['visitor_id'])); + info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name'])); + logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); + if($_SESSION['return_url']) + goaway($_SESSION['return_url']); + goaway(z_root()); + } + + // no xchan... + // create one. + // We should probably probe the openid url and figure out if they have any kind of social presence we might be able to + // scrape some identifying info from. + + $name = $authid; + $url = trim($_REQUEST['openid_identity'],'/'); + if(strpos($url,'http') === false) + $url = 'https://' . $url; + $pphoto = z_root() . '/' . get_default_profile_photo(); + $parsed = @parse_url($url); + if($parsed) { + $host = $parsed['host']; + } + + $attr = $openid->getAttributes(); + + if(is_array($attr) && count($attr)) { + foreach($attr as $k => $v) { + if($k === 'namePerson/friendly') + $nick = notags(trim($v)); + if($k === 'namePerson/first') + $first = notags(trim($v)); + if($k === 'namePerson') + $name = notags(trim($v)); + if($k === 'contact/email') + $addr = notags(trim($v)); + if($k === 'media/image/aspect11') + $photosq = trim($v); + if($k === 'media/image/default') + $photo_other = trim($v); + } + } + if(! $nick) { + if($first) + $nick = $first; + else + $nick = $name; + } + + require_once('library/urlify/URLify.php'); + $x = strtolower(\URLify::transliterate($nick)); + if($nick & $host) + $addr = $nick . '@' . $host; + $network = 'unknown'; + + if($photosq) + $pphoto = $photosq; + elseif($photo_other) + $pphoto = $photo_other; + + $mimetype = guess_image_type($pphoto); + + $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype, + xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date, + xchan_name_date, xchan_hidden) + values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 1) ", + dbesc($url), + dbesc(''), + dbesc(''), + dbesc(''), + dbesc($mimetype), + dbesc($pphoto), + dbesc($addr), + dbesc($url), + dbesc(''), + dbesc(''), + dbesc(''), + dbesc($name), + dbesc($network), + dbesc(datetime_convert()), + dbesc(datetime_convert()) + ); + if($x) { + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($url) + ); + if($r) { + + $photos = import_xchan_photo($pphoto,$url); + if($photos) { + $z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', + xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", + dbesc(datetime_convert()), + dbesc($photos[0]), + dbesc($photos[1]), + dbesc($photos[2]), + dbesc($photos[3]), + dbesc($url) + ); + } + + set_xconfig($url,'system','openid',$authid); + $_SESSION['authenticated'] = 1; + $_SESSION['visitor_id'] = $r[0]['xchan_hash']; + $_SESSION['my_url'] = $r[0]['xchan_url']; + $_SESSION['my_address'] = $r[0]['xchan_addr']; + $arr = array('xchan' => $r[0], 'session' => $_SESSION); + call_hooks('magic_auth_openid_success',$arr); + \App::set_observer($r[0]); + info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name'])); + logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); + if($_SESSION['return_url']) + goaway($_SESSION['return_url']); + goaway(z_root()); + } + } + + } + } + notice( t('Login failed.') . EOL); + goaway(z_root()); + // NOTREACHED + } + +} diff --git a/Zotlabs/Module/Probe.php b/Zotlabs/Module/Probe.php index 7fc0e8ff5..dda792131 100644 --- a/Zotlabs/Module/Probe.php +++ b/Zotlabs/Module/Probe.php @@ -23,6 +23,8 @@ class Probe extends \Zotlabs\Web\Controller { $j = \Zotlabs\Zot\Finger::run($addr,$channel,false); + // $res = zot_finger($addr,$channel,false); + $o .= '<pre>'; if(! $j['success']) { $o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n"); diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 4b05182c2..899c79b15 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$profile_id' => $r[0]['id'], '$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'), '$is_default' => $is_default, - '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))), + '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])), '$advanced' => $advanced, '$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'), '$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']), @@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller { '$alt' => t('Profile Image'), '$profile_name' => $rr['profile_name'], '$visible' => (($rr['is_default']) - ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' + ? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>' : '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') )); } diff --git a/Zotlabs/Module/Ratingsearch.php b/Zotlabs/Module/Ratingsearch.php index dcbfd6a9b..5f463b378 100644 --- a/Zotlabs/Module/Ratingsearch.php +++ b/Zotlabs/Module/Ratingsearch.php @@ -58,9 +58,7 @@ class Ratingsearch extends \Zotlabs\Web\Controller { $ret['success'] = true; $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash - where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 - and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 - order by xchan_name asc", + where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 order by xchan_name asc", dbesc($target) ); diff --git a/Zotlabs/Module/Rmagic.php b/Zotlabs/Module/Rmagic.php index 9252d1f1d..26b0c46a6 100644 --- a/Zotlabs/Module/Rmagic.php +++ b/Zotlabs/Module/Rmagic.php @@ -2,6 +2,7 @@ namespace Zotlabs\Module; + class Rmagic extends \Zotlabs\Web\Controller { function init() { @@ -31,6 +32,18 @@ class Rmagic extends \Zotlabs\Web\Controller { $arr = array('address' => $address); call_hooks('reverse_magic_auth', $arr); + try { + require_once('library/openid/openid.php'); + $openid = new \LightOpenID(z_root()); + $openid->identity = $address; + $openid->returnUrl = z_root() . '/openid'; + $openid->required = array('namePerson/friendly', 'namePerson'); + $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default'); + goaway($openid->authUrl()); + } catch (\Exception $e) { + notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage()); + } + // if they're still here... notice( t('Authentication failed.') . EOL); return; diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index af3a25c60..b1258e049 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -21,7 +21,10 @@ class Settings extends \Zotlabs\Web\Controller { // We are setting these values - don't use the argc(), argv() functions here \App::$argc = 2; \App::$argv[] = 'channel'; - } + } + + + } @@ -35,7 +38,7 @@ class Settings extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - // logger('mod_settings: ' . print_r($_REQUEST,true)); + logger('mod_settings: ' . print_r($_REQUEST,true)); if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ @@ -360,10 +363,10 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); - $global_perms = \Zotlabs\Access\Permissions::Perms(); + $global_perms = get_perms(); foreach($global_perms as $k => $v) { - \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k])); + $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' '; } $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_POST); @@ -379,7 +382,7 @@ class Settings extends \Zotlabs\Web\Controller { ); } else { - $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']); + $role_permissions = get_role_perms($_POST['permissions_role']); if(! $role_permissions) { notice('Permissions category could not be found.'); return; @@ -419,25 +422,20 @@ class Settings extends \Zotlabs\Web\Controller { ); } - $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); - foreach($x as $k => $v) { - set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v); - if($role_permissions['perms_auto']) { - set_pconfig(local_channel(),'autoperms',$k,$v); - } - else { - del_pconfig(local_channel(),'autoperms',$k); + $r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1", + intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0), + intval(local_channel()) + ); + set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0)); + + foreach($role_permissions as $p => $v) { + if(strpos($p,'channel_') !== false) { + $set_perms .= ', ' . $p . ' = ' . intval($v) . ' '; } - } - - if($role_permissions['limits']) { - foreach($role_permissions['limits'] as $k => $v) { - \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v); + if($p === 'directory_publish') { + $publish = intval($v); } } - if(array_key_exists('directory_publish',$role_permissions)) { - $publish = intval($role_permissions['directory_publish']); - } } set_pconfig(local_channel(),'system','hide_online_status',$hide_presence); @@ -965,7 +963,11 @@ class Settings extends \Zotlabs\Web\Controller { return $o; } - + + + + + if(argv(1) === 'channel') { require_once('include/acl_selectors.php'); @@ -982,8 +984,9 @@ class Settings extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - $global_perms = \Zotlabs\Access\Permissions::Perms(); - + + $global_perms = get_perms(); + $permiss = array(); $perm_opts = array( @@ -997,18 +1000,19 @@ class Settings extends \Zotlabs\Web\Controller { array( t('Anybody on the internet'), PERMS_PUBLIC) ); - $limits = \Zotlabs\Access\PermissionLimits::Get(local_channel()); foreach($global_perms as $k => $perm) { $options = array(); foreach($perm_opts as $opt) { + if((! $perm[2]) && $opt[1] == PERMS_PUBLIC) + continue; $options[$opt[1]] = $opt[0]; } - $permiss[] = array($k,$perm,$limits[$k],'',$options); + $permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options); } - //logger('permiss: ' . print_r($permiss,true)); + // logger('permiss: ' . print_r($permiss,true)); |