diff options
| author | Mario <mario@mariovavti.com> | 2025-04-29 09:52:30 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2025-04-29 09:52:30 +0000 |
| commit | b6f0fe758303e1446f45d6367075b99ec77d8af3 (patch) | |
| tree | bdc86032ffd0d999f0591e63a1f2ad7726606ad9 /Zotlabs/Module | |
| parent | 377fe32795ab9d1bbf099312468a42f2c038e692 (diff) | |
| download | volse-hubzilla-b6f0fe758303e1446f45d6367075b99ec77d8af3.tar.gz volse-hubzilla-b6f0fe758303e1446f45d6367075b99ec77d8af3.tar.bz2 volse-hubzilla-b6f0fe758303e1446f45d6367075b99ec77d8af3.zip | |
refactor with permissions
Diffstat (limited to 'Zotlabs/Module')
| -rw-r--r-- | Zotlabs/Module/Request.php | 72 |
1 files changed, 54 insertions, 18 deletions
diff --git a/Zotlabs/Module/Request.php b/Zotlabs/Module/Request.php index 660537812..811350205 100644 --- a/Zotlabs/Module/Request.php +++ b/Zotlabs/Module/Request.php @@ -28,13 +28,17 @@ class Request extends Controller private function processSubthreadRequest() : string { $mid = $_GET['mid']; - $items = items_by_thr_parent($mid); + $parent = intval($_GET['parent']); + $module = strip_tags($_GET['module']); + + $items = items_by_thr_parent($mid, $parent); xchan_query($items,true,(($sys_item) ? local_channel() : 0)); + $items = fetch_post_tags($items,true); // $items = conv_sort($items,'created'); - $ret['html'] = conversation($items, 'network', true, 'r_preview'); + $ret['html'] = conversation($items, $module, true, 'r_preview'); json_return_and_die($ret); } @@ -43,7 +47,7 @@ class Request extends Controller { if (!local_channel()) { - killme(); + // killme(); } if ($_GET['verb'] === 'comment') { @@ -56,28 +60,60 @@ class Request extends Controller killme(); } + $parent = intval($_GET['parent']); $mid = strip_tags($_GET['mid']); - $hash = get_observer_hash(); + + $observer_hash = get_observer_hash(); $item_normal = item_normal(); - $r = q("SELECT xchan_hash, xchan_name as name, xchan_url as url, xchan_photo_s as photo FROM item - LEFT JOIN xchan ON author_xchan = xchan_hash - WHERE uid = %d - AND thr_parent = '%s' - AND verb = '%s' - AND item_thread_top = 0 - $item_normal", - intval(local_channel()), - dbesc($mid), - dbesc($verb) - ); + if (local_channel()) { + $r = q("SELECT xchan_hash, xchan_name as name, xchan_url as url, xchan_photo_s as photo FROM item + LEFT JOIN xchan ON author_xchan = xchan_hash + WHERE uid = %d + AND thr_parent = '%s' + AND verb = '%s' + AND item_thread_top = 0 + $item_normal + ORDER BY item.created", + intval(local_channel()), + dbesc($mid), + dbesc($verb) + ); + } + + if (!$r) { + $sys = get_sys_channel(); + $sql_extra = item_permissions_sql(0, $observer_hash); + + $r = q("SELECT xchan_hash, xchan_name as name, xchan_url as url, xchan_photo_s as photo FROM item + LEFT JOIN xchan ON author_xchan = xchan_hash + WHERE + -- This covers /channel/name -- This covers /pubstream + ((item.thr_parent = '%s' $sql_extra) OR (item.thr_parent = '%s' AND item.uid = %d)) + AND parent = %d + AND verb = '%s' + AND item_thread_top = 0 + $item_normal + ORDER BY item.created", + dbesc($mid), + dbesc($mid), + intval($sys['channel_id']), + intval($parent), + dbesc($verb) + ); + } $ret = [ - 'result' => $r, - 'action' => (($verb === 'Announce') ? 'jotShare' : 'dolike'), - 'action_label' => ((find_xchan_in_array($hash, $r)) ? t('- Remove yours') : t('+ Add yours')) + 'result' => $r ]; + + // TODO: check permission to like + if ($observer_hash) { + $ret['action'] = (($verb === 'Announce') ? 'jotShare' : 'dolike'); + $ret['action_label'] = ((find_xchan_in_array($observer_hash, $r)) ? t('- Remove yours') : t('+ Add yours')); + } + json_return_and_die($ret); } |