diff options
| author | zotlabs <mike@macgirvin.com> | 2018-04-02 20:39:28 -0700 |
|---|---|---|
| committer | zotlabs <mike@macgirvin.com> | 2018-04-02 20:39:28 -0700 |
| commit | 4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899 (patch) | |
| tree | 283e8a30e8a15e1a5ba88687f455daecac84416e /include/items.php | |
| parent | 753e1e4616acc19ff54024443e9ed3d60b0296fc (diff) | |
| download | volse-hubzilla-4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899.tar.gz volse-hubzilla-4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899.tar.bz2 volse-hubzilla-4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899.zip | |
community tagging refactor - we no longer send an edited post/comment to everybody. The post owner approves the tag and this is transmitted along with the tag activity. Recipients check the signature of the approval and add the tag to their local copy of the post.
Diffstat (limited to 'include/items.php')
| -rwxr-xr-x | include/items.php | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/include/items.php b/include/items.php index 5e84c62c7..62f1c6195 100755 --- a/include/items.php +++ b/include/items.php @@ -2735,13 +2735,12 @@ function item_community_tag($channel,$item) { // See if we are the owner of the parent item and have given permission to tag our posts. // If so tag the parent post. - logger('tag_deliver: community tag activity received'); - - // refactor of this code block is in progress and is not yet completed + logger('tag_deliver: community tag activity received: channel: ' . $channel['channel_name']); $tag_the_post = false; $p = null; + $j_obj = json_decode($item['obj'],true); $j_tgt = json_decode($item['target'],true); if($j_tgt && $j_tgt['id']) { $p = q("select * from item where mid = '%s' and uid = %d limit 1", @@ -2753,9 +2752,9 @@ function item_community_tag($channel,$item) { xchan_query($p); $items = fetch_post_tags($p,true); $pitem = $items[0]; - $auth = get_iconfig($pitem,'system','communitytagauth'); + $auth = get_iconfig($item,'system','communitytagauth'); if($auth) { - if(rsa_verify('tagauth.' . $item['mid'],$auth,$pitem['owner']['xchan_pubkey'])) { + if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey'])) { logger('tag_deliver: tagging the post: ' . $channel['channel_name']); $tag_the_post = true; } @@ -2765,18 +2764,17 @@ function item_community_tag($channel,$item) { logger('tag_deliver: community tag recipient: ' . $channel['channel_name']); $tag_the_post = true; $sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']); - set_iconfig($item['id'],'system','communitytagauth',$sig,1); + logger('tag_deliver: setting iconfig for ' . $item['id']); + set_iconfig($item['id'],'system','communitytagauth',base64url_encode($sig),1); } } if($tag_the_post) { store_item_tag($channel['channel_id'],$pitem['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']); } - - } - - if(! $tag_the_post) { - logger('Tag permission denied for ' . $channel['channel_address']); + else { + logger('Tag permission denied for ' . $channel['channel_address']); + } } } |