diff options
| author | friendica <info@friendica.com> | 2012-09-10 22:00:56 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-09-10 22:00:56 -0700 |
| commit | c8957b36ea11a41604330c8f87c0fc0611ef18e6 (patch) | |
| tree | 4a1b2ae68d463a69c388fa6ee0a7453cc8e74498 /include/Contact.php | |
| parent | 61cca7637af3c4484d90ed9e1208a10845758276 (diff) | |
| download | volse-hubzilla-c8957b36ea11a41604330c8f87c0fc0611ef18e6.tar.gz volse-hubzilla-c8957b36ea11a41604330c8f87c0fc0611ef18e6.tar.bz2 volse-hubzilla-c8957b36ea11a41604330c8f87c0fc0611ef18e6.zip | |
permissions responder + upstream merge
Diffstat (limited to 'include/Contact.php')
| -rw-r--r-- | include/Contact.php | 65 |
1 files changed, 59 insertions, 6 deletions
diff --git a/include/Contact.php b/include/Contact.php index 5e0964d03..571c956f1 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -1,15 +1,15 @@ <?php -function map_perms($entity,$zguid) { +function map_perms($entity,$zguid,$zsig) { $is_contact = false; $is_site = false; $is_network = false; $is_anybody = true; - if(strlen($zguid)) { - + if(strlen($zguid) && strlen($zsig)) { + $is_network = true; $r = q("select * from contact where guid = '%s' and uid = %d limit 1", @@ -20,23 +20,76 @@ function map_perms($entity,$zguid) { $is_contact = true; $contact = $r[0]; } - $r = q("select * from entity where entity_global_id = '%s' limit 1", + $r = q("select * from entity where entity_global_id = '%s'", dbesc($zguid) ); if($r && count($r)) { - $is_site = true; + foreach($r as $rr) { + if(base64url_encode(rsa_sign($rr['entity_global_id'],$rr['entity_prvkey'])) === $zsig) { + $is_site = true; + break; + } + } } } + $perms = array( + 'view_stream' => array('entity_r_stream', PERMS_R_STREAM ), + 'view_profile' => array('entity_r_profile', PERMS_R_PROFILE), + 'view_photos' => array('entity_r_photos', PERMS_R_PHOTOS), + 'view_contacts' => array('entity_r_abook', PERMS_R_ABOOK), + + 'send_stream' => array('entity_w_stream', PERMS_W_STREAM), + 'post_wall' => array('entity_w_wall', PERMS_W_WALL), + 'tag_deliver' => array('entity_w_tagwall', PERMS_W_TAGWALL), + 'post_comments' => array('entity_w_comment', PERMS_W_COMMENT), + 'post_mail' => array('entity_w_mail', PERMS_W_MAIL), + 'post_photos' => array('entity_w_photos', PERMS_W_PHOTOS), + 'chat' => array('entity_w_chat', PERMS_W_CHAT), + ); + $ret = array(); + foreach($perms as $k => $v) { + $ret[$k] = z_check_perms($k,$v,$entity,$contact,$is_contact,$is_site,$is_network,$is_anybody); + } -} + return $ret; +} +function z_check_perms($k,$v,$entity,$contact,$is_contact,$is_site,$is_network,$is_anybody) { + $allow = (($contact['self']) ? true : false); + + switch($entity[$v[0]]) { + case PERMS_PUBLIC: + if($is_anybody) + $allow = true; + break; + case PERMS_NETWORK: + if($is_network) + $allow = true; + break; + case PERMS_SITE: + if($is_site) + $allow = true; + break; + case PERMS_CONTACTS: + if($is_contact) + $allow = true; + break; + case PERMS_SPECIFIC: + if($is_contact && is_array($contact) && ($contact['my_perms'] & $v[1])) + $allow = true; + break; + default: + break; + } + return $allow; +} |