Implements a new permission level PERMS_PENDING

With this a user can allow some action to any user which connects
to them, even before they've connected back.

Ref.
https://mobiliza.org.br/display/478d9e71eaf55748dc646d3990651d6d34cfb7db5c38360538ec730ca3ccf908@zothub.com

Also some code cleanup and an alternative logic for handling
notifications of permission changes in zot.php.

This assumes that private posts are still restricted to people in
your addressbook. Regardless of your global permissions, a
pending channel won't get private posts, even if the post
only has a deny clause not matching the pending channel.

1 files changed, 23 insertions, 17 deletions

diff --git a/include/permissions.php b/include/permissions.php
index 029bc1288..a3ec13925 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -177,32 +177,36 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
 			continue;
 		}	
 
-		// If PERMS_CONTACTS or PERMS_SPECIFIC, they need to be in your address book
-		// $x is a valid address book entry
+		// From here on we require that the observer be a connection and
+		// handle whether we're allowing any, approved or specific ones
 
 		if(! $x) {
 			$ret[$perm_name] = false;
 			continue;
 		}
-		
+
 		// They are in your address book, but haven't been approved
 
+		if($r[0][$channel_perm] & PERMS_PENDING) {
+			$ret[$perm_name] = true;
+			continue;
+		}
+
 		if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
 			$ret[$perm_name] = false;
 			continue;
 		}
 
-		if(($r) && ($r[0][$channel_perm] & PERMS_CONTACTS)) {
-
-			// They're a contact, so they have permission
+		// They're a contact, so they have permission
 
+		if($r[0][$channel_perm] & PERMS_CONTACTS) {
 			$ret[$perm_name] = true;
 			continue;
 		}
 
 		// Permission granted to certain channels. Let's see if the observer is one of them
 
-		if(($r) && ($r[0][$channel_perm] & PERMS_SPECIFIC)) {
+		if($r[0][$channel_perm] & PERMS_SPECIFIC) {
 			if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) {
 				$ret[$perm_name] = true;
 				continue;
@@ -216,7 +220,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
 
 	}
 
-
 	$arr = array(
 		'channel_id'    => $uid,
 		'observer_hash' => $observer_xchan,
@@ -229,7 +232,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
 
 function perm_is_allowed($uid,$observer_xchan,$permission) {
 
-
 	$arr = array(
 		'channel_id'    => $uid,
 		'observer_hash' => $observer_xchan,
@@ -280,7 +282,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
 		}
 	}
 
-
 	// Check if this $uid is actually the $observer_xchan
 
 	if($r[0]['channel_hash'] === $observer_xchan)
@@ -312,16 +313,27 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
 		if($c)
 			return true;
 		return false;
-	}	
+	}
+
+	// From here on we require that the observer be a connection and
+	// handle whether we're allowing any, approved or specific ones
 
 	if(! $x) {
 		return false;
 	}
 
+	// They are in your address book, but haven't been approved
+
+	if($r[0][$channel_perm] & PERMS_PENDING) {
+		return true;
+	}
+
 	if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
 		return false;
 	}
 
+	// They're a contact, so they have permission
+
 	if($r[0][$channel_perm] & PERMS_CONTACTS) {
 		return true;
 	}
@@ -333,13 +345,9 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
 			return true;
 	}
 
-
-
-
 	// No permissions allowed.
 
 	return false;		
-
 }
 
 
@@ -356,7 +364,6 @@ function check_list_permissions($uid,$arr,$perm) {
 }
 
 
-
 function site_default_perms() {
 
 	$typical = array(
@@ -378,7 +385,6 @@ function site_default_perms() {
 		'delegate'      => 0,
 	);
 
-
 	$global_perms = get_perms();
 	$ret = array();