diff options
author | redmatrix <redmatrix@redmatrix.me> | 2015-05-17 19:49:36 -0700 |
---|---|---|
committer | redmatrix <redmatrix@redmatrix.me> | 2015-05-17 19:49:36 -0700 |
commit | 7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00 (patch) | |
tree | d88838524fa5f6cbf1d072da73eddafd4b752ffb /include/permissions.php | |
parent | f0cb3cba124e637fa46143b692dbb561d4ee3ae0 (diff) | |
parent | 76558df9667b4900b4036faca0075985596b93cd (diff) | |
download | volse-hubzilla-7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00.tar.gz volse-hubzilla-7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00.tar.bz2 volse-hubzilla-7c7a5cba8fe6fd6dc15acc14954d9ba9ed632c00.zip |
Merge branch 'master' into tres
Diffstat (limited to 'include/permissions.php')
-rw-r--r-- | include/permissions.php | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/include/permissions.php b/include/permissions.php index 68ff2b3d4..f63c6da18 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -65,6 +65,10 @@ function get_perms() { */ function get_all_perms($uid, $observer_xchan, $internal_use = true) { + $api = get_app()->get_oauth_key(); + if($api) + return get_all_api_perms($uid,$api); + $global_perms = get_perms(); // Save lots of individual lookups @@ -265,6 +269,10 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { */ function perm_is_allowed($uid, $observer_xchan, $permission) { + $api = get_app()->get_oauth_key(); + if($api) + return api_perm_is_allowed($uid,$api,$permission); + $arr = array( 'channel_id' => $uid, 'observer_hash' => $observer_xchan, @@ -388,6 +396,82 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { return false; } +function get_all_api_perms($uid,$api) { + + $global_perms = get_perms(); + + $ret = array(); + + $r = q("select * from xperm where xp_client = '%s' and xp_channel = %d", + dbesc($api), + intval($uid) + ); + + if(! $r) + return false; + + $allow_all = false; + $allowed = array(); + foreach($r as $rr) { + if($rr['xp_perm'] === 'all') + $allow_all = true; + if(! in_array($rr['xp_perm'],$allowed)) + $allowed[] = $rr['xp_perm']; + } + + foreach($global_perms as $perm_name => $permission) { + if($allow_all || in_array($perm_name,$allowed)) + $ret[$perm_name] = true; + else + $ret[$perm_name] = false; + + } + + $arr = array( + 'channel_id' => $uid, + 'observer_hash' => $observer_xchan, + 'permissions' => $ret); + + call_hooks('get_all_api_perms',$arr); + + return $arr['permissions']; + +} + + +function api_perm_is_allowed($uid,$api,$permission) { + + $arr = array( + 'channel_id' => $uid, + 'observer_hash' => $observer_xchan, + 'permission' => $permission, + 'result' => false + ); + + call_hooks('api_perm_is_allowed', $arr); + if($arr['result']) + return true; + + $r = q("select * from xperm where xp_client = '%s' and xp_channel = %d and ( xp_perm = 'all' OR xp_perm = '%s' )", + dbesc($api), + intval($uid), + dbesc($permission) + ); + + if(! $r) + return false; + + foreach($r as $rr) { + if($rr['xp_perm'] === 'all' || $rr['xp_perm'] === $permission) + return true; + + } + + return false; + +} + + // Check a simple array of observers against a permissions // return a simple array of those with permission |