aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorKlaus Weidenbach <Klaus.Weidenbach@gmx.net>2017-12-23 14:42:23 +0100
committerKlaus Weidenbach <Klaus.Weidenbach@gmx.net>2018-01-05 01:38:20 +0100
commitaa63c23839990045e8e4a1a283b91a1cd21e1e9c (patch)
tree6b67b47ff865e407fcf5c0cc240cb0ae1f2c1260 /Zotlabs
parent0bb5f38ba50dbeca5217a637cdc4b6abbe725b35 (diff)
downloadvolse-hubzilla-aa63c23839990045e8e4a1a283b91a1cd21e1e9c.tar.gz
volse-hubzilla-aa63c23839990045e8e4a1a283b91a1cd21e1e9c.tar.bz2
volse-hubzilla-aa63c23839990045e8e4a1a283b91a1cd21e1e9c.zip
:bulb: Add source documentation from recent conversations.
There have been some conversations in the last weeks which explained several parts of the code, so add it to the source code documentation. Also some other small source code documentation improvements.
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Access/AccessList.php8
-rw-r--r--Zotlabs/Access/PermissionLimits.php83
-rw-r--r--Zotlabs/Lib/MarkdownSoap.php65
-rw-r--r--Zotlabs/Lib/Permcat.php78
-rw-r--r--Zotlabs/Module/Acl.php43
-rw-r--r--Zotlabs/Thumbs/Epubthumb.php40
6 files changed, 232 insertions, 85 deletions
diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php
index 6471b0b1d..7cf7b5587 100644
--- a/Zotlabs/Access/AccessList.php
+++ b/Zotlabs/Access/AccessList.php
@@ -3,10 +3,14 @@
namespace Zotlabs\Access;
/**
- * @brief AccessList class.
+ * @brief AccessList class which represents individual content ACLs.
*
* A class to hold an AccessList object with allowed and denied contacts and
* groups.
+ *
+ * After evaluating @ref ::Zotlabs::Access::PermissionLimits "PermissionLimits"
+ * and @ref ::Zotlabs::Lib::Permcat "Permcat"s individual content ACLs are evaluated.
+ * These answer the question "Can Joe view *this* album/photo?".
*/
class AccessList {
/**
@@ -103,7 +107,7 @@ class AccessList {
* @brief Return an array consisting of the current access list components
* where the elements are directly storable.
*
- * @return Associative array with:
+ * @return array An associative array with:
* * \e string \b allow_cid => string of allowed cids
* * \e string \b allow_gid => string of allowed gids
* * \e string \b deny_cid => string of denied cids
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php
index 8caeedb91..9ee0656b1 100644
--- a/Zotlabs/Access/PermissionLimits.php
+++ b/Zotlabs/Access/PermissionLimits.php
@@ -2,35 +2,90 @@
namespace Zotlabs\Access;
-use \Zotlabs\Lib as ZLib;
+use Zotlabs\Lib\PConfig;
+/**
+ * @brief Permission limits.
+ *
+ * Permission limits are a very high level permission setting. They are hard
+ * limits by design.
+ * "Who can view my photos (at all)?"
+ * "Who can post photos in my albums (at all)?"
+ *
+ * For viewing permissions we generally set these to 'anybody' and for write
+ * permissions we generally set them to 'those I allow', though many people
+ * restrict the viewing permissions further for things like 'Can view my connections'.
+ *
+ * People get confused enough by permissions that we wanted a place to set their
+ * privacy expectations once and be done with it.
+ *
+ * Connection related permissions like "Can Joe view my photos?" are handled by
+ * @ref ::Zotlabs::Lib::Permcat "Permcat" and inherit from the channel's Permission
+ * limits.
+ *
+ * @see Permissions
+ */
class PermissionLimits {
+ /**
+ * @brief Get standard permission limits.
+ *
+ * Viewing permissions and post_comments permission are set to 'anybody',
+ * other permissions are set to 'those I allow'.
+ *
+ * The list of permissions comes from Permissions::Perms().
+ *
+ * @return array
+ */
static public function Std_Limits() {
+ $limits = [];
$perms = Permissions::Perms();
- $limits = array();
+
foreach($perms as $k => $v) {
- if(strstr($k,'view') || $k === 'post_comments')
+ if(strstr($k, 'view') || $k === 'post_comments')
$limits[$k] = PERMS_PUBLIC;
else
$limits[$k] = PERMS_SPECIFIC;
}
+
return $limits;
}
- static public function Set($channel_id,$perm,$perm_limit) {
- ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
+ /**
+ * @brief Sets a permission limit for a channel.
+ *
+ * @param int $channel_id
+ * @param string $perm
+ * @param int $perm_limit one of PERMS_* constants
+ */
+ static public function Set($channel_id, $perm, $perm_limit) {
+ PConfig::Set($channel_id, 'perm_limits', $perm, $perm_limit);
}
- static public function Get($channel_id,$perm = '') {
+ /**
+ * @brief Get a channel's permission limits.
+ *
+ * Return a channel's permission limits from PConfig. If $perm is set just
+ * return this permission limit, if not set, return an array with all
+ * permission limits.
+ *
+ * @param int $channel_id
+ * @param string $perm (optional)
+ * @return
+ * * \b boolean false if no perm_limits set for this channel
+ * * \b int if $perm is set, return one of PERMS_* constants for this permission
+ * * \b array with all permission limits, if $perm is not set
+ */
+ static public function Get($channel_id, $perm = '') {
if($perm) {
- return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
- }
- else {
- Zlib\PConfig::Load($channel_id);
- if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
- return \App::$config[$channel_id]['perm_limits'];
- return false;
+ return PConfig::Get($channel_id, 'perm_limits', $perm);
}
- }
+
+ PConfig::Load($channel_id);
+ if(array_key_exists($channel_id, \App::$config)
+ && array_key_exists('perm_limits', \App::$config[$channel_id]))
+ return \App::$config[$channel_id]['perm_limits'];
+
+ return false;
+ }
} \ No newline at end of file
diff --git a/Zotlabs/Lib/MarkdownSoap.php b/Zotlabs/Lib/MarkdownSoap.php
index fa279b07c..a58a5753a 100644
--- a/Zotlabs/Lib/MarkdownSoap.php
+++ b/Zotlabs/Lib/MarkdownSoap.php
@@ -3,51 +3,66 @@
namespace Zotlabs\Lib;
/**
- * MarkdownSoap
+ * @brief MarkdownSoap class.
+ *
* Purify Markdown for storage
+ * @code{.php}
* $x = new MarkdownSoap($string_to_be_cleansed);
* $text = $x->clean();
- *
+ * @endcode
* What this does:
* 1. extracts code blocks and privately escapes them from processing
* 2. Run html purifier on the content
* 3. put back the code blocks
* 4. run htmlspecialchars on the entire content for safe storage
*
- * At render time:
+ * At render time:
+ * @code{.php}
* $markdown = \Zotlabs\Lib\MarkdownSoap::unescape($text);
* $html = \Michelf\MarkdownExtra::DefaultTransform($markdown);
+ * @endcode
*/
-
-
-
class MarkdownSoap {
+ /**
+ * @var string
+ */
+ private $str;
+ /**
+ * @var string
+ */
private $token;
- private $str;
function __construct($s) {
- $this->str = $s;
+ $this->str = $s;
$this->token = random_string(20);
}
-
function clean() {
$x = $this->extract_code($this->str);
$x = $this->purify($x);
- $x = $this->putback_code($x);
+ $x = $this->putback_code($x);
$x = $this->escape($x);
-
+
return $x;
}
+ /**
+ * @brief Extracts code blocks and privately escapes them from processing.
+ *
+ * @see encode_code()
+ * @see putback_code()
+ *
+ * @param string $s
+ * @return string
+ */
function extract_code($s) {
-
+
$text = preg_replace_callback('{
(?:\n\n|\A\n?)
( # $1 = the code block -- one or more lines, starting with a space/tab
@@ -62,7 +77,7 @@ class MarkdownSoap {
return $text;
}
-
+
function encode_code($matches) {
return $this->token . ';' . base64_encode($matches[0]) . ';' ;
}
@@ -71,8 +86,17 @@ class MarkdownSoap {
return base64_decode($matches[1]);
}
+ /**
+ * @brief Put back the code blocks.
+ *
+ * @see extract_code()
+ * @see decode_code()
+ *
+ * @param string $s
+ * @return string
+ */
function putback_code($s) {
- $text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm',[ $this, 'decode_code' ], $s);
+ $text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm', [ $this, 'decode_code' ], $s);
return $text;
}
@@ -84,20 +108,25 @@ class MarkdownSoap {
}
function protect_autolinks($s) {
- $s = preg_replace('/\<(https?\:\/\/)(.*?)\>/','[$1$2]($1$2)',$s);
+ $s = preg_replace('/\<(https?\:\/\/)(.*?)\>/', '[$1$2]($1$2)', $s);
return $s;
}
function unprotect_autolinks($s) {
return $s;
-
}
function escape($s) {
- return htmlspecialchars($s,ENT_QUOTES,'UTF-8',false);
+ return htmlspecialchars($s, ENT_QUOTES, 'UTF-8', false);
}
+ /**
+ * @brief Converts special HTML entities back to characters.
+ *
+ * @param string $s
+ * @return string
+ */
static public function unescape($s) {
- return htmlspecialchars_decode($s,ENT_QUOTES);
+ return htmlspecialchars_decode($s, ENT_QUOTES);
}
}
diff --git a/Zotlabs/Lib/Permcat.php b/Zotlabs/Lib/Permcat.php
index 505ee2cfc..ca4aed9ed 100644
--- a/Zotlabs/Lib/Permcat.php
+++ b/Zotlabs/Lib/Permcat.php
@@ -2,12 +2,36 @@
namespace Zotlabs\Lib;
-use \Zotlabs\Access as Zaccess;
-
+use Zotlabs\Access\PermissionRoles;
+use Zotlabs\Access\Permissions;
+
+/**
+ * @brief Permission Categories. Permission rules for various classes of connections.
+ *
+ * Connection permissions answer the question "Can Joe view my photos?"
+ *
+ * Some permissions may be inherited from the channel's "privacy settings"
+ * (@ref ::Zotlabs::Access::PermissionLimits "PermissionLimits") "Who can view my
+ * photos (at all)?" which have higher priority than individual connection settings.
+ * We evaluate permission limits first, and then fall through to connection
+ * permissions if the permission limits didn't already make a definitive decision.
+ *
+ * After PermissionLimits and connection permissions are evaluated, individual
+ * content ACLs are evaluated (@ref ::Zotlabs::Access::AccessList "AccessList").
+ * These answer the question "Can Joe view *this* album/photo?".
+ */
class Permcat {
+ /**
+ * @var array
+ */
private $permcats = [];
+ /**
+ * @brief Permcat constructor.
+ *
+ * @param int $channel_id
+ */
public function __construct($channel_id) {
$perms = [];
@@ -16,16 +40,16 @@ class Permcat {
$role = get_pconfig($channel_id,'system','permissions_role');
if($role) {
- $x = Zaccess\PermissionRoles::role_perms($role);
+ $x = PermissionRoles::role_perms($role);
if($x['perms_connect']) {
- $perms = Zaccess\Permissions::FilledPerms($x['perms_connect']);
+ $perms = Permissions::FilledPerms($x['perms_connect']);
}
}
// if no role perms it may be a custom role, see if there any autoperms
if(! $perms) {
- $perms = Zaccess\Permissions::FilledAutoPerms($channel_id);
+ $perms = Permissions::FilledAutoPerms($channel_id);
}
// if no autoperms it may be a custom role with manual perms
@@ -50,13 +74,13 @@ class Permcat {
// nothing was found - create a filled permission array where all permissions are 0
if(! $perms) {
- $perms = Zaccess\Permissions::FilledPerms([]);
+ $perms = Permissions::FilledPerms([]);
}
$this->permcats[] = [
'name' => 'default',
'localname' => t('default','permcat'),
- 'perms' => Zaccess\Permissions::Operms($perms),
+ 'perms' => Permissions::Operms($perms),
'system' => 1
];
@@ -67,26 +91,39 @@ class Permcat {
$this->permcats[] = [
'name' => $p[$x][0],
'localname' => $p[$x][1],
- 'perms' => Zaccess\Permissions::Operms(Zaccess\Permissions::FilledPerms($p[$x][2])),
+ 'perms' => Permissions::Operms(Permissions::FilledPerms($p[$x][2])),
'system' => intval($p[$x][3])
];
}
}
}
-
+ /**
+ * @brief Return array with permcats.
+ *
+ * @return array
+ */
public function listing() {
return $this->permcats;
}
+ /**
+ * @brief
+ *
+ * @param string $name
+ * @return array
+ * * \e array with permcats
+ * * \e bool \b error if $name not found in permcats true
+ */
public function fetch($name) {
if($name && $this->permcats) {
foreach($this->permcats as $permcat) {
- if(strcasecmp($permcat['name'],$name) === 0) {
+ if(strcasecmp($permcat['name'], $name) === 0) {
return $permcat;
}
}
}
+
return ['error' => true];
}
@@ -118,29 +155,32 @@ class Permcat {
$permcats[] = [ $xv['k'], $xv['k'], $value, 0 ];
}
}
- }
+ }
- call_hooks('permcats',$permcats);
+ /**
+ * @hooks permcats
+ * * \e array
+ */
+ call_hooks('permcats', $permcats);
return $permcats;
-
}
- static public function find_permcat($arr,$name) {
+ static public function find_permcat($arr, $name) {
if((! $arr) || (! $name))
return false;
+
foreach($arr as $p)
if($p['name'] == $name)
return $p['value'];
}
- static public function update($channel_id, $name,$permarr) {
- PConfig::Set($channel_id,'permcat',$name,$permarr);
+ static public function update($channel_id, $name, $permarr) {
+ PConfig::Set($channel_id, 'permcat', $name, $permarr);
}
- static public function delete($channel_id,$name) {
- PConfig::Delete($channel_id,'permcat',$name);
+ static public function delete($channel_id, $name) {
+ PConfig::Delete($channel_id, 'permcat', $name);
}
-
} \ No newline at end of file
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index ad1c8b8cd..fae7e2e44 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -1,36 +1,39 @@
<?php
+
namespace Zotlabs\Module;
-/*
- * ACL selector json backend
+require_once 'include/acl_selectors.php';
+require_once 'include/group.php';
+
+/**
+ * @brief ACL selector json backend.
+ *
* This module provides JSON lists of connections and local/remote channels
* (xchans) to populate various tools such as the ACL (AccessControlList) popup
- * and various auto-complete functions (such as email recipients, search, and
+ * and various auto-complete functions (such as email recipients, search, and
* mention targets.
+ *
* There are two primary output structural formats. One for the ACL widget and
* the other for auto-completion.
- * Many of the behaviour variations are triggered on the use of single character keys
- * however this functionality has grown in an ad-hoc manner and has gotten quite messy over time.
+ *
+ * Many of the behaviour variations are triggered on the use of single character
+ * keys however this functionality has grown in an ad-hoc manner and has gotten
+ * quite messy over time.
*/
-
-require_once("include/acl_selectors.php");
-require_once("include/group.php");
-
-
class Acl extends \Zotlabs\Web\Controller {
function init() {
-
+
logger('mod_acl: ' . print_r($_REQUEST,true));
-
+
$start = (x($_REQUEST,'start') ? $_REQUEST['start'] : 0);
$count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 500);
$search = (x($_REQUEST,'search') ? $_REQUEST['search'] : '');
$type = (x($_REQUEST,'type') ? $_REQUEST['type'] : '');
- $noforums = (x($_REQUEST,'n') ? $_REQUEST['n'] : false);
+ $noforums = (x($_REQUEST,'n') ? $_REQUEST['n'] : false);
- // $type =
+ // $type =
// '' => standard ACL request
// 'g' => Groups only ACL request
// 'f' => forums only ACL request
@@ -382,15 +385,13 @@ class Acl extends \Zotlabs\Web\Controller {
'count' => $count,
'items' => $items,
);
-
-
-
+
echo json_encode($o);
-
+
killme();
}
-
-
+
+
function navbar_complete(&$a) {
// logger('navbar_complete');
@@ -447,5 +448,5 @@ class Acl extends \Zotlabs\Web\Controller {
}
return array();
}
-
+
}
diff --git a/Zotlabs/Thumbs/Epubthumb.php b/Zotlabs/Thumbs/Epubthumb.php
index 4213b5267..22f1a5e8f 100644
--- a/Zotlabs/Thumbs/Epubthumb.php
+++ b/Zotlabs/Thumbs/Epubthumb.php
@@ -2,36 +2,54 @@
namespace Zotlabs\Thumbs;
-require_once('library/epub-meta/epub.php');
+require_once 'library/epub-meta/epub.php';
+/**
+ * @brief Thumbnail creation for epub files.
+ *
+ */
class Epubthumb {
+ /**
+ * @brief Match for application/epub+zip.
+ *
+ * @param string $type MimeType
+ * @return boolean
+ */
function Match($type) {
return(($type === 'application/epub+zip') ? true : false );
}
- function Thumb($attach,$preview_style,$height = 300, $width = 300) {
+ /**
+ * @brief
+ *
+ * @param array $attach
+ * @param number $preview_style unused
+ * @param number $height (optional) default 300
+ * @param number $width (optional) default 300
+ */
+ function Thumb($attach, $preview_style, $height = 300, $width = 300) {
$photo = false;
- $ep = new \Epub(dbunescbin($attach['content']));
+ $ep = new \EPub(dbunescbin($attach['content']));
$data = $ep->Cover();
if($data['found']) {
$photo = $data['data'];
}
- if($photo) {
+ if($photo) {
$image = imagecreatefromstring($photo);
- $dest = imagecreatetruecolor( $width, $height );
- $srcwidth = imagesx($image);
- $srcheight = imagesy($image);
+ $dest = imagecreatetruecolor($width, $height);
+ $srcwidth = imagesx($image);
+ $srcheight = imagesy($image);
- imagealphablending($dest, false);
+ imagealphablending($dest, false);
imagesavealpha($dest, true);
- imagecopyresampled($dest, $image, 0, 0, 0, 0, $width, $height, $srcwidth, $srcheight);
- imagedestroy($image);
- imagejpeg($dest,dbunescbin($attach['content']) . '.thumb');
+ imagecopyresampled($dest, $image, 0, 0, 0, 0, $width, $height, $srcwidth, $srcheight);
+ imagedestroy($image);
+ imagejpeg($dest, dbunescbin($attach['content']) . '.thumb');
}
}
}