diff options
author | Mario Vavti <mario@mariovavti.com> | 2019-02-06 06:46:05 +0100 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2019-02-06 06:46:05 +0100 |
commit | 860dead9851116617a275fbe08e861ce5d8642f9 (patch) | |
tree | 20191c39a735788ca8d22bd43a19ab32b480662f /Zotlabs | |
parent | 4bcddca1f0e193e699b55a917aebfab17e63d735 (diff) | |
parent | 518ceb53a8de5b4ee375947721d56f7a43621a61 (diff) | |
download | volse-hubzilla-860dead9851116617a275fbe08e861ce5d8642f9.tar.gz volse-hubzilla-860dead9851116617a275fbe08e861ce5d8642f9.tar.bz2 volse-hubzilla-860dead9851116617a275fbe08e861ce5d8642f9.zip |
Merge remote-tracking branch 'mike/master' into dev
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Lib/Libzot.php | 40 |
1 files changed, 28 insertions, 12 deletions
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 27502009c..189526c7b 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -1487,8 +1487,31 @@ class Libzot { $allowed = can_comment_on_post($sender,$parent[0]); } } - if($request) { - $allowed = true; + + if ($request) { + + // Conversation fetches (e.g. $request == true) take place for + // a) new comments on expired posts + // b) hyperdrive (friend-of-friend) conversations + // c) Repeats of posts by others + + + // over-ride normal connection permissions for hyperdrive (friend-of-friend) conversations + // (if hyperdrive is enabled) and repeated posts by a friend. + // If $allowed is already true, this is probably the conversation of a direct friend or a + // conversation fetch for a new comment on an expired post + // Comments of all these activities are allowed and will only be rejected (later) if the parent + // doesn't exist. + + if ($perm === 'send_stream') { + if (get_pconfig($channel['channel_id'],'system','hyperdrive',false) || $arr['verb'] === 'Announce') { + $allowed = true; + } + } + else { + $allowed = true; + } + $friendofriend = true; } @@ -1500,7 +1523,7 @@ class Libzot { } } - logger('item: ' . print_r($arr,true), LOGGER_DATA); + // logger('item: ' . print_r($arr,true), LOGGER_DATA); if($arr['mid'] !== $arr['parent_mid']) { @@ -1526,19 +1549,11 @@ class Libzot { // have the copy and we don't want the request to loop. // Also don't do this if this comment came from a conversation request packet. // It's possible that comments are allowed but posting isn't and that could - // cause a conversation fetch loop. We can detect these packets since they are - // delivered via a 'notify' packet type that has a message_id element in the - // initial zot packet (just like the corresponding 'request' packet type which - // makes the request). + // cause a conversation fetch loop. // We'll also check the send_stream permission - because if it isn't allowed, // the top level post is unlikely to be imported and // this is just an exercise in futility. - - if((! get_pconfig($channel['channel_id'],'system','hyperdrive',false)) || (! $arr['verb'] === 'Announce')) { - continue; - } - if((! $relay) && (! $request) && (! $local_public) && perm_is_allowed($channel['channel_id'],$sender,'send_stream')) { self::fetch_conversation($channel,$arr['parent_mid']); @@ -1814,6 +1829,7 @@ class Libzot { $arr['owner_xchan'] = $a['signature']['signer']; } + /// @FIXME - spoofable if($AS->data['hubloc']) { $arr['item_verified'] = true; |