code_allowed is a real mess. Start the cleanup by remving the account level code allow and limiting to specific channels only. This reduces the possibility of cross channel security issues coming into play. Then provide a single function for checking the code permission. This is only partially done as we often need to check against the observer or logged in channel as well as the resource owner to ensure that this only returns true for local channels which also own the requested resource.

author: zotlabs <mike@macgirvin.com> 2017-03-13 16:19:47 -0700
committer: Mario Vavti <mario@mariovavti.com> 2017-03-29 13:32:23 +0200
commit: 0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0 (patch)
tree: 86d0d53082292dfeb2b4230b36f5675da35db36a /boot.php
parent: 107083e3e49ddb91de7df5133fc6771721e31e10 (diff)
download: volse-hubzilla-0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0.tar.gz
volse-hubzilla-0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0.tar.bz2
volse-hubzilla-0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/boot.php b/boot.php
index edd483e82..6c6078173 100755
--- a/boot.php
+++ b/boot.php
@@ -549,7 +549,6 @@ define ( 'ACCOUNT_PENDING',      0x0010 );
  * Account roles
  */
 
-define ( 'ACCOUNT_ROLE_ALLOWCODE', 0x0001 );
 define ( 'ACCOUNT_ROLE_SYSTEM',    0x0002 );
 define ( 'ACCOUNT_ROLE_DEVELOPER', 0x0004 );
 define ( 'ACCOUNT_ROLE_ADMIN',     0x1000 );
author	zotlabs <mike@macgirvin.com>	2017-03-13 16:19:47 -0700
committer	Mario Vavti <mario@mariovavti.com>	2017-03-29 13:32:23 +0200
commit	0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0 (patch)
tree	86d0d53082292dfeb2b4230b36f5675da35db36a /boot.php
parent	107083e3e49ddb91de7df5133fc6771721e31e10 (diff)
download	volse-hubzilla-0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0.tar.gz volse-hubzilla-0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0.tar.bz2 volse-hubzilla-0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0.zip