diff options
author | friendica <info@friendica.com> | 2015-03-13 14:48:44 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2015-03-13 14:48:44 -0700 |
commit | f458c29a2bd3cadfc17324e35a9367c61d9bb19f (patch) | |
tree | 7dce060eb8162a29e4a1cc1f688b593425505804 /include/diaspora.php | |
parent | ce33eca4b2d394db64bc2e1c6f3113292d5efca8 (diff) | |
download | volse-hubzilla-f458c29a2bd3cadfc17324e35a9367c61d9bb19f.tar.gz volse-hubzilla-f458c29a2bd3cadfc17324e35a9367c61d9bb19f.tar.bz2 volse-hubzilla-f458c29a2bd3cadfc17324e35a9367c61d9bb19f.zip |
invoke tgroup_check() on diaspora posts/comments in case the recipient is a forum with channel_w_stream permissions restricted.
Diffstat (limited to 'include/diaspora.php')
-rwxr-xr-x | include/diaspora.php | 53 |
1 files changed, 34 insertions, 19 deletions
diff --git a/include/diaspora.php b/include/diaspora.php index da55b8fb6..e3bfc2806 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -805,11 +805,6 @@ function diaspora_post($importer,$xml,$msg) { } - if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream'))) { - logger('diaspora_post: Ignoring this author.'); - return 202; - } - $search_guid = ((strlen($guid) == 64) ? $guid . '%' : $guid); $r = q("SELECT id FROM item WHERE uid = %d AND mid like '%s' LIMIT 1", @@ -889,6 +884,15 @@ function diaspora_post($importer,$xml,$msg) { $datarray['item_flags'] = ITEM_THREAD_TOP; $datarray['item_unseen'] = 1; + + $tgroup = tgroup_check($importer['channel_id'],$datarray); + + if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) && (! $tgroup)) { + logger('diaspora_post: Ignoring this author.'); + return 202; + } + + $result = item_store($datarray); return; @@ -955,11 +959,6 @@ function diaspora_reshare($importer,$xml,$msg) { if(! $contact) return; - if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream'))) { - logger('diaspora_reshare: Ignoring this author: ' . $diaspora_handle . ' ' . print_r($xml,true)); - return 202; - } - $search_guid = ((strlen($guid) == 64) ? $guid . '%' : $guid); $r = q("SELECT id FROM item WHERE uid = %d AND mid like '%s' LIMIT 1", intval($importer['channel_id']), @@ -1072,6 +1071,15 @@ function diaspora_reshare($importer,$xml,$msg) { $datarray['app'] = 'Diaspora'; + + $tgroup = tgroup_check($importer['channel_id'],$datarray); + + if((! $importer['system']) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) && (! $tgroup)) { + logger('diaspora_post: Ignoring this author.'); + return 202; + } + + $result = item_store($datarray); return; @@ -1229,15 +1237,6 @@ function diaspora_comment($importer,$xml,$msg) { if(intval($parent_item['item_private'])) $pubcomment = 0; - // So basically if something arrives at the sys channel it's by definition public and we allow it. - // If $pubcomment and the parent was public, we allow it. - // In all other cases, honour the permissions for this Diaspora connection - - if((! $importer['system']) && (! $pubcomment) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments'))) { - logger('diaspora_comment: Ignoring this author.'); - return 202; - } - $search_guid = $guid; if(strlen($guid) == 64) $search_guid = $guid . '%'; @@ -1382,6 +1381,22 @@ function diaspora_comment($importer,$xml,$msg) { $datarray['diaspora_meta'] = json_encode(crypto_encapsulate(json_encode($x),$key)); } + + + // So basically if something arrives at the sys channel it's by definition public and we allow it. + // If $pubcomment and the parent was public, we allow it. + // In all other cases, honour the permissions for this Diaspora connection + + $tgroup = tgroup_check($importer['channel_id'],$datarray); + + if((! $importer['system']) && (! $pubcomment) && (! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) && (! $tgroup)) { + logger('diaspora_comment: Ignoring this author.'); + return 202; + } + + + + $result = item_store($datarray); if($result && $result['success']) |