Merge remote-tracking branch 'upstream/dev' into doco

6 files changed, 82 insertions, 23 deletions

diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index 2b364d9ac..6f5b0ddf9 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -103,7 +103,24 @@ class Acl extends \Zotlabs\Web\Controller {
 		$contacts = array();
 		
 		if($type == '' || $type == 'g') {
-	
+
+			$r = q("select id, profile_guid, profile_name from profile where is_default = 0 and uid = %d",
+				intval(local_channel())
+			);	
+			if($r) {
+				foreach($r as $rv) {
+					$groups[] = array(
+						"type"  => "g",
+						"photo" => "images/twopeople.png",
+						"name"  => t('Profile','acl') . ' ' . $rv['profile_name'],
+						"id"	=> 'vp' . $rv['id'],
+						"xid"   => 'vp.' . $rv['profile_guid'],
+						"uids"  => group_get_profile_members_xchan(local_channel(), $rv['id']),
+						"link"  => ''
+					);
+				}
+			}
+
 			$r = q("SELECT groups.id, groups.hash, groups.gname
 					FROM groups, group_member 
 					WHERE groups.deleted = 0 AND groups.uid = %d 
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index d8422266c..7a753c286 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -245,14 +245,6 @@ class Connedit extends \Zotlabs\Web\Controller {
 			intval(local_channel())
 		);
 	
-		if($orig_record[0]['abook_profile'] != $profile_id) {
-			//Update profile photo permissions
-	
-			logger('A new profile was assigned - updating profile photos');
-			profile_photo_set_profile_perms(local_channel(),$profile_id);
-	
-		}
-	
 		if($r)
 			info( t('Connection updated.') . EOL);
 		else
diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php
index 7d1d8a43f..fc7d5c7c8 100644
--- a/Zotlabs/Module/Lockview.php
+++ b/Zotlabs/Module/Lockview.php
@@ -32,10 +32,10 @@ class Lockview extends \Zotlabs\Web\Controller {
 		if(! $item_id)
 			killme();
 	
-		if (!in_array($type, array('item','photo','event', 'menu_item', 'chatroom')))
+		if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom')))
 			killme();
 	
-		//we have different naming in in menu_item table and chatroom table
+		// we have different naming in in menu_item table and chatroom table
 		switch($type) {
 			case 'menu_item':
 				$id = 'mitem_id';
@@ -101,6 +101,22 @@ class Lockview extends \Zotlabs\Web\Controller {
 		stringify_array_elms($deny_groups,true);
 		stringify_array_elms($deny_users,true);
 	
+
+		$profile_groups = [];
+		if($allowed_groups) {
+			foreach($allowed_groups as $g) {
+				if(substr($g,0,4) === '\'vp.') {
+					$profile_groups[] = '\'' . substr($g,4);
+				}
+			}
+		}
+		if(count($profile_groups)) {
+			$r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
+			if($r)
+				foreach($r as $rr) 
+					$l[] = '<li><b>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</b></li>';
+		}
+
 		if(count($allowed_groups)) {
 			$r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
 			if($r)
@@ -120,6 +136,25 @@ class Lockview extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
+
+
+		$profile_groups = [];
+		if($deny_groups) {
+			foreach($deny_groups as $g) {
+				if(substr($g,0,4) === '\'vp.') {
+					$profile_groups[] = '\'' . substr($g,4);
+				}
+			}
+		}
+		if(count($profile_groups)) {
+			$r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
+			if($r)
+				foreach($r as $rr) 
+					$l[] = '<li><b><strike>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</strike></b></li>';
+		}
+
+
+
 		if(count($deny_groups)) {
 			$r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
 			if($r)
diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php
index 5b88f67f5..29a239f4d 100644
--- a/Zotlabs/Module/Profile_photo.php
+++ b/Zotlabs/Module/Profile_photo.php
@@ -180,6 +180,10 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 						dbesc(datetime_convert()),
 						dbesc($channel['xchan_hash'])
 					);
+
+					photo_profile_setperms(local_channel(),$base_image['resource_id'],$_REQUEST['profile']);
+
+
 					// Similarly, tell the nav bar to bypass the cache and update the avater image.
 					$_SESSION['reload_avatar'] = true;
 	
@@ -188,9 +192,6 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 					// Update directory in background
 					\Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id']));
 	
-					// Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures'
-	
-					profile_photo_set_profile_perms(local_channel(),$_REQUEST['profile']);	
 				}
 				else
 					notice( t('Unable to process image') . EOL);
@@ -338,7 +339,8 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 					dbesc($channel['xchan_hash'])
 				);
 	
-				profile_photo_set_profile_perms(local_channel()); // Reset default photo permissions to public
+				photo_profile_setperms(local_channel(),$resource_id,$_REQUEST['profile']);
+
 				\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
 				goaway(z_root() . '/profiles');
 			}
diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php
index 99cd4c58f..900e2f981 100644
--- a/Zotlabs/Module/Profperm.php
+++ b/Zotlabs/Module/Profperm.php
@@ -22,7 +22,7 @@ class Profperm extends \Zotlabs\Web\Controller {
 	}
 	
 	
-		function get() {
+	function get() {
 	
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
@@ -94,12 +94,8 @@ class Profperm extends \Zotlabs\Web\Controller {
 	
 				}
 	
-	
-				//Time to update the permissions on the profile-pictures as well
-
-				profile_photo_set_profile_perms(local_channel(),$profile['id']);
-	
-				$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
+				$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash 
+					WHERE abook_channel = %d AND abook_profile = '%s'",
 					intval(local_channel()),
 					dbesc($profile['profile_guid'])
 				);
diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php
index 9ea459dab..5b9cfdaca 100644
--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -18,6 +18,7 @@ class Channel {
 	
 		$role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : '');
 		$oldrole = get_pconfig(local_channel(),'system','permissions_role');
+
 	
 		if(($role != $oldrole) || ($role === 'custom')) {
 	
@@ -144,6 +145,7 @@ class Channel {
 		$post_joingroup   = (($_POST['post_joingroup'] == 1) ? 1: 0);
 		$post_profilechange   = (($_POST['post_profilechange'] == 1) ? 1: 0);
 		$adult            = (($_POST['adult'] == 1) ? 1 : 0);
+		$defpermcat       = ((x($_POST,'defpermcat')) ? notags(trim($_POST['defpermcat'])) : 'default');
 	
 		$cal_first_day   = (((x($_POST,'first_day')) && (intval($_POST['first_day']) == 1)) ? 1: 0);
 	
@@ -232,6 +234,7 @@ class Channel {
 		set_pconfig(local_channel(),'system','photo_path',$photo_path);
 		set_pconfig(local_channel(),'system','attach_path',$attach_path);
 		set_pconfig(local_channel(),'system','cal_first_day',$cal_first_day);
+		set_pconfig(local_channel(),'system','default_permcat',$defpermcat);
 	
 		$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d",
 			dbesc($username),
@@ -411,6 +414,19 @@ class Channel {
 			'$basepath' => \App::get_hostname()
 		));
 
+
+
+		$pcat = new \Zotlabs\Lib\Permcat(local_channel());
+		$pcatlist = $pcat->listing();
+		$permcats = [];
+		if($pcatlist) {
+			foreach($pcatlist as $pc) {
+				$permcats[$pc['name']] = $pc['localname'];
+			}
+		}
+
+		$default_permcat = get_pconfig(local_channel(),'system','default_permcat','default');
+
 	
 		$stpl = get_markup_template('settings.tpl');
 	
@@ -500,7 +516,8 @@ class Channel {
 			'$suggestme' => $suggestme,
 			'$group_select' => $group_select,
 			'$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', $perm_roles),
-	
+			'$defpermcat' => [ 'defpermcat', t('Default Permissions Group'), $default_permcat, '', $permcats ],	
+			'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
 			'$profile_in_dir' => $profile_in_dir,
 			'$hide_friends' => $hide_friends,
 			'$hide_wall' => $hide_wall,