Create virtual privacy groups for private profile member lists

4 files changed, 27 insertions, 20 deletions

diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index 2b364d9ac..6f5b0ddf9 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -103,7 +103,24 @@ class Acl extends \Zotlabs\Web\Controller {
 		$contacts = array();
 		
 		if($type == '' || $type == 'g') {
-	
+
+			$r = q("select id, profile_guid, profile_name from profile where is_default = 0 and uid = %d",
+				intval(local_channel())
+			);	
+			if($r) {
+				foreach($r as $rv) {
+					$groups[] = array(
+						"type"  => "g",
+						"photo" => "images/twopeople.png",
+						"name"  => t('Profile','acl') . ' ' . $rv['profile_name'],
+						"id"	=> 'vp' . $rv['id'],
+						"xid"   => 'vp.' . $rv['profile_guid'],
+						"uids"  => group_get_profile_members_xchan(local_channel(), $rv['id']),
+						"link"  => ''
+					);
+				}
+			}
+
 			$r = q("SELECT groups.id, groups.hash, groups.gname
 					FROM groups, group_member 
 					WHERE groups.deleted = 0 AND groups.uid = %d 
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index d8422266c..7a753c286 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -245,14 +245,6 @@ class Connedit extends \Zotlabs\Web\Controller {
 			intval(local_channel())
 		);
 	
-		if($orig_record[0]['abook_profile'] != $profile_id) {
-			//Update profile photo permissions
-	
-			logger('A new profile was assigned - updating profile photos');
-			profile_photo_set_profile_perms(local_channel(),$profile_id);
-	
-		}
-	
 		if($r)
 			info( t('Connection updated.') . EOL);
 		else
diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php
index 5b88f67f5..29a239f4d 100644
--- a/Zotlabs/Module/Profile_photo.php
+++ b/Zotlabs/Module/Profile_photo.php
@@ -180,6 +180,10 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 						dbesc(datetime_convert()),
 						dbesc($channel['xchan_hash'])
 					);
+
+					photo_profile_setperms(local_channel(),$base_image['resource_id'],$_REQUEST['profile']);
+
+
 					// Similarly, tell the nav bar to bypass the cache and update the avater image.
 					$_SESSION['reload_avatar'] = true;
 	
@@ -188,9 +192,6 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 					// Update directory in background
 					\Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id']));
 	
-					// Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures'
-	
-					profile_photo_set_profile_perms(local_channel(),$_REQUEST['profile']);	
 				}
 				else
 					notice( t('Unable to process image') . EOL);
@@ -338,7 +339,8 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 					dbesc($channel['xchan_hash'])
 				);
 	
-				profile_photo_set_profile_perms(local_channel()); // Reset default photo permissions to public
+				photo_profile_setperms(local_channel(),$resource_id,$_REQUEST['profile']);
+
 				\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
 				goaway(z_root() . '/profiles');
 			}
diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php
index 99cd4c58f..900e2f981 100644
--- a/Zotlabs/Module/Profperm.php
+++ b/Zotlabs/Module/Profperm.php
@@ -22,7 +22,7 @@ class Profperm extends \Zotlabs\Web\Controller {
 	}
 	
 	
-		function get() {
+	function get() {
 	
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
@@ -94,12 +94,8 @@ class Profperm extends \Zotlabs\Web\Controller {
 	
 				}
 	
-	
-				//Time to update the permissions on the profile-pictures as well
-
-				profile_photo_set_profile_perms(local_channel(),$profile['id']);
-	
-				$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
+				$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash 
+					WHERE abook_channel = %d AND abook_profile = '%s'",
 					intval(local_channel()),
 					dbesc($profile['profile_guid'])
 				);