aboutsummaryrefslogtreecommitdiffstats
path: root/include/permissions.php
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-05-17 19:49:36 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-05-17 19:49:36 -0700
commit7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00 (patch)
treed88838524fa5f6cbf1d072da73eddafd4b752ffb /include/permissions.php
parentf0cb3cba124e637fa46143b692dbb561d4ee3ae0 (diff)
parent76558df9667b4900b4036faca0075985596b93cd (diff)
downloadvolse-hubzilla-7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00.tar.gz
volse-hubzilla-7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00.tar.bz2
volse-hubzilla-7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00.zip
Merge branch 'master' into tres
Diffstat (limited to 'include/permissions.php')
-rw-r--r--include/permissions.php84
1 files changed, 84 insertions, 0 deletions
diff --git a/include/permissions.php b/include/permissions.php
index 68ff2b3d4..f63c6da18 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -65,6 +65,10 @@ function get_perms() {
*/
function get_all_perms($uid, $observer_xchan, $internal_use = true) {
+ $api = get_app()->get_oauth_key();
+ if($api)
+ return get_all_api_perms($uid,$api);
+
$global_perms = get_perms();
// Save lots of individual lookups
@@ -265,6 +269,10 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
*/
function perm_is_allowed($uid, $observer_xchan, $permission) {
+ $api = get_app()->get_oauth_key();
+ if($api)
+ return api_perm_is_allowed($uid,$api,$permission);
+
$arr = array(
'channel_id' => $uid,
'observer_hash' => $observer_xchan,
@@ -388,6 +396,82 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
return false;
}
+function get_all_api_perms($uid,$api) {
+
+ $global_perms = get_perms();
+
+ $ret = array();
+
+ $r = q("select * from xperm where xp_client = '%s' and xp_channel = %d",
+ dbesc($api),
+ intval($uid)
+ );
+
+ if(! $r)
+ return false;
+
+ $allow_all = false;
+ $allowed = array();
+ foreach($r as $rr) {
+ if($rr['xp_perm'] === 'all')
+ $allow_all = true;
+ if(! in_array($rr['xp_perm'],$allowed))
+ $allowed[] = $rr['xp_perm'];
+ }
+
+ foreach($global_perms as $perm_name => $permission) {
+ if($allow_all || in_array($perm_name,$allowed))
+ $ret[$perm_name] = true;
+ else
+ $ret[$perm_name] = false;
+
+ }
+
+ $arr = array(
+ 'channel_id' => $uid,
+ 'observer_hash' => $observer_xchan,
+ 'permissions' => $ret);
+
+ call_hooks('get_all_api_perms',$arr);
+
+ return $arr['permissions'];
+
+}
+
+
+function api_perm_is_allowed($uid,$api,$permission) {
+
+ $arr = array(
+ 'channel_id' => $uid,
+ 'observer_hash' => $observer_xchan,
+ 'permission' => $permission,
+ 'result' => false
+ );
+
+ call_hooks('api_perm_is_allowed', $arr);
+ if($arr['result'])
+ return true;
+
+ $r = q("select * from xperm where xp_client = '%s' and xp_channel = %d and ( xp_perm = 'all' OR xp_perm = '%s' )",
+ dbesc($api),
+ intval($uid),
+ dbesc($permission)
+ );
+
+ if(! $r)
+ return false;
+
+ foreach($r as $rr) {
+ if($rr['xp_perm'] === 'all' || $rr['xp_perm'] === $permission)
+ return true;
+
+ }
+
+ return false;
+
+}
+
+
// Check a simple array of observers against a permissions
// return a simple array of those with permission