aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-07-19 20:49:54 -0700
committerredmatrix <git@macgirvin.com>2016-07-19 20:49:54 -0700
commita961d5e6c8cd79b375e13a0b3d887e521392f8aa (patch)
tree192647b603c2b2db250df6b008c302e4fe755f23 /Zotlabs
parent237cca7a0d0a025bdbccef19b8e25a687ec7cfa3 (diff)
downloadvolse-hubzilla-a961d5e6c8cd79b375e13a0b3d887e521392f8aa.tar.gz
volse-hubzilla-a961d5e6c8cd79b375e13a0b3d887e521392f8aa.tar.bz2
volse-hubzilla-a961d5e6c8cd79b375e13a0b3d887e521392f8aa.zip
permission fixes
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/PermissionDescription.php17
-rw-r--r--Zotlabs/Module/Item.php8
-rw-r--r--Zotlabs/Module/Profiles.php4
3 files changed, 11 insertions, 18 deletions
diff --git a/Zotlabs/Lib/PermissionDescription.php b/Zotlabs/Lib/PermissionDescription.php
index 55aac2dea..b6c6dd29d 100644
--- a/Zotlabs/Lib/PermissionDescription.php
+++ b/Zotlabs/Lib/PermissionDescription.php
@@ -78,22 +78,13 @@ class PermissionDescription {
$result = null;
- $global_perms = get_perms();
+ $global_perms = \Zotlabs\Access\Permissions::Perms();
if (array_key_exists($permname, $global_perms)) {
- $permDetails = $global_perms[$permname];
-
- // It should be OK to always just read the permissions from App::$channel
- //
- // App::$profile is a union of channel and profile fields.
- // The distinction is basically that App::$profile is pointing to the resource
- // being observed. App::$channel is referring to the current logged-in channel
- // member (if this is a local channel) e.g. the observer. We only show the ACL
- // widget to the page owner (observer and observed are the same) so in that case
- // I believe either may be safely used here.
- $channelPerm = \App::$channel[$permDetails[0]];
- $result = new PermissionDescription($permDetails[1], $channelPerm);
+ $channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname);
+
+ $result = new PermissionDescription('', $channelPerm);
} else {
// The acl dialog can handle null arguments, but it shouldn't happen
logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index 235c5528e..919ee3c4a 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -316,9 +316,11 @@ class Item extends \Zotlabs\Web\Controller {
}
$acl = new \Zotlabs\Access\AccessList($channel);
+
+ $view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');
+ $comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
-
- $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
+ $public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
if($webpage)
$public_policy = '';
if($public_policy)
@@ -810,7 +812,7 @@ class Item extends \Zotlabs\Web\Controller {
$datarray['layout_mid'] = $layout_mid;
$datarray['public_policy'] = $public_policy;
- $datarray['comment_policy'] = map_scope($channel['channel_w_comment']);
+ $datarray['comment_policy'] = map_scope($comment_policy);
$datarray['term'] = $post_tags;
$datarray['plink'] = $plink;
$datarray['route'] = $route;
diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php
index 899c79b15..4b05182c2 100644
--- a/Zotlabs/Module/Profiles.php
+++ b/Zotlabs/Module/Profiles.php
@@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$profile_id' => $r[0]['id'],
'$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'),
'$is_default' => $is_default,
- '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])),
+ '$default' => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))),
'$advanced' => $advanced,
'$name' => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'),
'$pdesc' => array('pdesc', t('Title/Description'), $r[0]['pdesc']),
@@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller {
'$alt' => t('Profile Image'),
'$profile_name' => $rr['profile_name'],
'$visible' => (($rr['is_default'])
- ? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>'
+ ? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>'
: '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
));
}