diff options
| author | friendica <info@friendica.com> | 2012-10-28 18:50:35 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-10-28 18:50:35 -0700 |
| commit | 4bcf19632bc5158095a5d2d5d63dea1b25b146b7 (patch) | |
| tree | 362ccfbd661b779bd864fa6c7416c9a7b1c15069 /include/Contact.php | |
| parent | 1a9ab127482ee4eb17e3d2bd0ffa222f7053715b (diff) | |
| download | volse-hubzilla-4bcf19632bc5158095a5d2d5d63dea1b25b146b7.tar.gz volse-hubzilla-4bcf19632bc5158095a5d2d5d63dea1b25b146b7.tar.bz2 volse-hubzilla-4bcf19632bc5158095a5d2d5d63dea1b25b146b7.zip | |
Now have a solid permissions model. Create a few functions to enumerate them and then we're off to the races.
Diffstat (limited to 'include/Contact.php')
| -rw-r--r-- | include/Contact.php | 93 |
1 files changed, 0 insertions, 93 deletions
diff --git a/include/Contact.php b/include/Contact.php index fc0a6dd25..f442f112c 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -1,100 +1,7 @@ <?php -function map_perms($channel,$zguid,$zsig) { - $is_contact = false; - $is_site = false; - $is_network = false; - $is_anybody = true; - - - // To avoid sending the lengthy target_sig with each request, - // We should provide an array of results for each target - // and let the sender match the signature. - - if(strlen($zguid) && strlen($zsig)) { - - $is_network = true; - - $r = q("select * from contact where guid = '%s' and uid = %d limit 1", - dbesc($zguid), - intval($channel['channel_id']) - ); - if($r && count($r)) { - $is_contact = true; - $contact = $r[0]; - } - $r = q("select * from channel where channel_guid = '%s'", - dbesc($zguid) - ); - if($r && count($r)) { - foreach($r as $rr) { - if(base64url_encode(rsa_sign($rr['channel_guid'],$rr['channel_prvkey'])) === $zsig) { - $is_site = true; - break; - } - } - } - } - - $perms = array( - 'view_stream' => array('channel_r_stream', PERMS_R_STREAM ), - 'view_profile' => array('channel_r_profile', PERMS_R_PROFILE), - 'view_photos' => array('channel_r_photos', PERMS_R_PHOTOS), - 'view_contacts' => array('channel_r_abook', PERMS_R_ABOOK), - - 'send_stream' => array('channel_w_stream', PERMS_W_STREAM), - 'post_wall' => array('channel_w_wall', PERMS_W_WALL), - 'tag_deliver' => array('channel_w_tagwall', PERMS_W_TAGWALL), - 'post_comments' => array('channel_w_comment', PERMS_W_COMMENT), - 'post_mail' => array('channel_w_mail', PERMS_W_MAIL), - 'post_photos' => array('channel_w_photos', PERMS_W_PHOTOS), - 'chat' => array('channel_w_chat', PERMS_W_CHAT), - ); - - - $ret = array(); - - foreach($perms as $k => $v) { - $ret[$k] = z_check_perms($k,$v,$channel,$contact,$is_contact,$is_site,$is_network,$is_anybody); - - } - - return $ret; - -} - -function z_check_perms($k,$v,$channel,$contact,$is_contact,$is_site,$is_network,$is_anybody) { - - $allow = (($contact['self']) ? true : false); - - switch($channel[$v[0]]) { - case PERMS_PUBLIC: - if($is_anybody) - $allow = true; - break; - case PERMS_NETWORK: - if($is_network) - $allow = true; - break; - case PERMS_SITE: - if($is_site) - $allow = true; - break; - case PERMS_CONTACTS: - if($is_contact) - $allow = true; - break; - case PERMS_SPECIFIC: - if($is_contact && is_array($contact) && ($contact['my_perms'] & $v[1])) - $allow = true; - break; - default: - break; - } - return $allow; -} |