diff options
author | zotlabs <mike@macgirvin.com> | 2017-08-10 21:08:07 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-08-10 21:08:07 -0700 |
commit | 1408e3da3bcb818134b76db338fb913ae0b54aa1 (patch) | |
tree | e9c6722cec7f308e5960622f022d0f28d056b171 /Zotlabs | |
parent | 5f6eedcc1a6e719c2ac6fa93219f700e0d430b59 (diff) | |
download | volse-hubzilla-1408e3da3bcb818134b76db338fb913ae0b54aa1.tar.gz volse-hubzilla-1408e3da3bcb818134b76db338fb913ae0b54aa1.tar.bz2 volse-hubzilla-1408e3da3bcb818134b76db338fb913ae0b54aa1.zip |
prevent uploads to comments if the channel has a default private ACL.
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Lib/ThreadItem.php | 2 | ||||
-rw-r--r-- | Zotlabs/Lib/ThreadStream.php | 9 |
2 files changed, 9 insertions, 2 deletions
diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index 4a66c84bc..2a9a7e779 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -739,7 +739,7 @@ class ThreadItem { '$edvideo' => t('Video'), '$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''), '$indent' => $indent, - '$can_upload' => perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage'), + '$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()), '$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false), '$encrypt' => t('Encrypt text'), '$cipher' => $conv->get_cipher(), diff --git a/Zotlabs/Lib/ThreadStream.php b/Zotlabs/Lib/ThreadStream.php index 35ccf4fdb..0465b20ef 100644 --- a/Zotlabs/Lib/ThreadStream.php +++ b/Zotlabs/Lib/ThreadStream.php @@ -28,9 +28,10 @@ class ThreadStream { // wherein we've already prepared a top level item which doesn't look anything like // a normal "post" item - public function __construct($mode, $preview, $prepared_item = '') { + public function __construct($mode, $preview, $uploadable, $prepared_item = '') { $this->set_mode($mode); $this->preview = $preview; + $this->uploadable = $uploadable; $this->prepared_item = $prepared_item; $c = ((local_channel()) ? get_pconfig(local_channel(),'system','default_cipher') : ''); if($c) @@ -61,6 +62,7 @@ class ThreadStream { // pull some trickery which allows us to re-invoke this function afterward // it's an ugly hack so @FIXME $this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments'); + $this->uploadable = false; break; case 'page': $this->profile_owner = \App::$profile['uid']; @@ -92,6 +94,11 @@ class ThreadStream { return $this->commentable; } + public function is_uploadable() { + return $this->uploadable; + } + + /** * Check if page is a preview */ |