Merge branch 'dev' into perms

7 files changed, 180 insertions, 4 deletions

diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index 0e02a2f66..4e746e218 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -146,13 +146,40 @@ class Acl extends \Zotlabs\Web\Controller {
 			if(local_channel()) {
 				if($extra_channels_sql != '')
 					$extra_channels_sql = " OR (abook_channel IN ($extra_channels_sql)) and abook_hidden = 0 ";
+
+				$r2 = null;
+
+				$r1 = q("select * from atoken where atoken_uid = %d",
+					intval(local_channel())
+				);
+				if($r1) {
+					require_once('include/security.php');
+					$r2 = array();
+					foreach($r1 as $rr) {
+						$x = atoken_xchan($rr);
+						$r2[] = [ 
+							'id' => 'a' . $rr['atoken_id'] ,
+							'hash' => $x['xchan_hash'],
+							'name' => $x['xchan_name'],
+							'micro' => $x['xchan_photo_m'],
+							'url' => z_root(),
+							'nick' => $x['xchan_addr'],
+							'abook_their_perms' => 0,
+							'abook_flags' => 0,
+							'abook_self' => 0
+						];
+					}
+				} 
+
 	
 				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self 
 					FROM abook left join xchan on abook_xchan = xchan_hash 
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
 				);
-	
+				if($r2)
+					$r = array_merge($r2,$r);
+
 			}
 			else { // Visitors
 				$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php
index 9845c5658..68d84e070 100644
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -13,6 +13,9 @@ use \Zotlabs\Storage;
 // composer autoloader for SabreDAV
 require_once('vendor/autoload.php');
 
+require_once('include/attach.php');
+
+
 /**
  * @brief Fires up the SabreDAV server.
  *
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php
index 9b4b576c8..ba2394388 100644
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -14,6 +14,7 @@ use \Zotlabs\Storage;
 // composer autoloader for SabreDAV
 require_once('vendor/autoload.php');
 
+require_once('include/attach.php');
 
 /**
  * @brief Fires up the SabreDAV server.
diff --git a/Zotlabs/Module/Embedphotos.php b/Zotlabs/Module/Embedphotos.php
index 2cd420664..0dac873c5 100644
--- a/Zotlabs/Module/Embedphotos.php
+++ b/Zotlabs/Module/Embedphotos.php
@@ -159,7 +159,7 @@ function embedphotos_widget_album($args) {
 			'$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)),
 			'$order' => false,
 			'$upload_form' => $upload_form,
-			'$usage' => $usage_message
+			'$no_fullscreen_btn' => true
 		));
 
 		return $o;
diff --git a/Zotlabs/Module/Home.php b/Zotlabs/Module/Home.php
index f3ba96fdd..79449c3b2 100644
--- a/Zotlabs/Module/Home.php
+++ b/Zotlabs/Module/Home.php
@@ -28,6 +28,19 @@ class Home extends \Zotlabs\Web\Controller {
 	
 			goaway($dest);
 		}
+
+		if(remote_channel() && (! $splash) && $_SESSION['atoken']) {
+			$r = q("select * from atoken where atoken_id = %d",
+				intval($_SESSION['atoken'])
+			);
+			if($r) {
+				$x = channelx_by_n($r[0]['atoken_uid']);
+				if($x) {
+					goaway(z_root() . '/channel/' . $x['channel_address']);
+				}
+			}
+		} 
+
 	
 		if(get_account_id() && ! $splash) {
 			goaway(z_root() . '/new_channel');
diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php
index 4776e1c56..d86a3c1d8 100644
--- a/Zotlabs/Module/Lockview.php
+++ b/Zotlabs/Module/Lockview.php
@@ -1,17 +1,31 @@
 <?php
 namespace Zotlabs\Module;
 
-
+require_once('include/security.php');
 
 class Lockview extends \Zotlabs\Web\Controller {
 
 	function get() {
+
+		$atokens = array();
+
+		if(local_channel()) {
+			$at = q("select * from atoken where atoken_uid = %d",
+				intval(local_channel())
+			);
+			if($at) {
+				foreach($at as $t) {
+					$atokens[] = atoken_xchan($t);
+				}
+			}
+		}
 	  
 		$type = ((argc() > 1) ? argv(1) : 0);
 		if (is_numeric($type)) {
 			$item_id = intval($type);
 			$type='item';
-		} else {
+		} 
+		else {
 			$item_id = ((argc() > 2) ? intval(argv(2)) : 0);
 		}
 	  
@@ -98,6 +112,13 @@ class Lockview extends \Zotlabs\Web\Controller {
 			if($r)
 				foreach($r as $rr) 
 					$l[] = '<li>' . $rr['xchan_name'] . '</li>';
+			if($atokens) {
+				foreach($atokens as $at) {
+					if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) {	
+						$l[] = '<li>' . $at['xchan_name'] . '</li>';
+					}
+				}
+			}
 		}
 		if(count($deny_groups)) {
 			$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
@@ -110,6 +131,16 @@ class Lockview extends \Zotlabs\Web\Controller {
 			if($r)
 				foreach($r as $rr) 
 					$l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
+
+			if($atokens) {
+				foreach($atokens as $at) {
+					if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) {	
+						$l[] = '<li><strike>' . $at['xchan_name'] . '</strike></li>';
+					}
+				}
+			}
+
+
 		}
 	
 		echo $o . implode($l);
diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php
index d5b0cd07a..81d76a2dd 100644
--- a/Zotlabs/Module/Settings.php
+++ b/Zotlabs/Module/Settings.php
@@ -117,6 +117,60 @@ class Settings extends \Zotlabs\Web\Controller {
 			build_sync_packet();
 			return;
 		}
+
+
+		if((argc() > 1) && (argv(1) == 'tokens')) {
+			check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens');
+			$token_errs = 0;
+			if(array_key_exists('token',$_POST)) {
+				$atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0);
+				$name = trim(escape_tags($_POST['name']));
+				$token = trim($_POST['token']);
+				if((! $name) || (! $token))
+						$token_errs ++;
+				if(trim($_POST['expires']))
+					$expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']);
+				else
+					$expires = NULL_DATE;
+				$max_atokens = service_class_fetch(local_channel(),'access_tokens');
+				if($max_atokens) {
+					$r = q("select count(atoken_id) as total where atoken_uid = %d",
+						intval(local_channel())
+					);
+					if($r && intval($r[0]['total']) >= $max_tokens) {
+						notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL);
+						return;
+					}
+				}
+			}
+			if($token_errs) {
+				notice( t('Name and Password are required.') . EOL);
+				return;
+			}
+			if($atoken_id) {
+				$r = q("update atoken set atoken_name = '%s', atoken_token = '%s' atoken_expires = '%s' 
+					where atoken_id = %d and atoken_uid = %d",
+					dbesc($name),
+					dbesc($token),
+					dbesc($expires),
+					intval($atoken_id),
+					intval($channel['channel_id'])
+				);
+			}
+			else {
+				$r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )
+					values ( %d, %d, '%s', '%s', '%s' ) ",
+					intval($channel['channel_account_id']),
+					intval($channel['channel_id']),
+					dbesc($name),
+					dbesc($token),
+					dbesc($expires)
+				);
+			}
+		
+			info( t('Token saved.') . EOL);
+			return;
+		}
 	
 	
 	
@@ -706,6 +760,53 @@ class Settings extends \Zotlabs\Web\Controller {
 			));
 			return $o;
 		}
+
+		if((argc() > 1) && (argv(1) === 'tokens')) {
+			$atoken = null;
+			if(argc() > 2) {
+				$id = argv(2);			
+
+				$atoken = q("select * from atoken where atoken_id = %d and atoken_uid = %d",
+					intval($id),
+					intval(local_channel())
+				);
+
+				if($atoken)
+					$atoken = $atoken[0];
+
+				if($atoken && argc() > 3 && argv(3) === 'drop') {
+					$r = q("delete from atoken where atoken_id = %d",
+						intval($id)
+					);
+				}
+			}
+			$t = q("select * from atoken where atoken_uid = %d",
+				intval(local_channel())
+			);			
+
+			$desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access the private content.');
+
+			$desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
+
+			$tpl = get_markup_template("settings_tokens.tpl");
+			$o .= replace_macros($tpl, array(
+				'$form_security_token' => get_form_security_token("settings_tokens"),
+				'$title'	=> t('Guest Access Tokens'),
+				'$desc'     => $desc,
+				'$desc2' => $desc2,
+				'$tokens' => $t,
+				'$atoken' => $atoken,
+				'$url1' => z_root() . '/channel/' . $channel['channel_address'],
+				'$url2' => z_root() . '/photos/' . $channel['channel_address'],
+				'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
+				'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''),
+				'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
+				'$submit' 	=> t('Submit')
+			));
+			return $o;
+		}
+
+