aboutsummaryrefslogtreecommitdiffstats
path: root/include/permissions.php
diff options
context:
space:
mode:
authorRedMatrix <info@friendica.com>2014-06-20 08:57:21 +1000
committerRedMatrix <info@friendica.com>2014-06-20 08:57:21 +1000
commit4c0b8bc637fe6773f8053b1672122c18a5788986 (patch)
treeb0513171eccb338c55b7d1a50da0f67e6e8b6f65 /include/permissions.php
parentc012c648e0691868370a5a8c1eb468020fef6330 (diff)
parentb20887995a2b3277659e01d99ae4de238f7175ef (diff)
downloadvolse-hubzilla-4c0b8bc637fe6773f8053b1672122c18a5788986.tar.gz
volse-hubzilla-4c0b8bc637fe6773f8053b1672122c18a5788986.tar.bz2
volse-hubzilla-4c0b8bc637fe6773f8053b1672122c18a5788986.zip
Merge pull request #498 from solstag/perms_pending
Implements a new permission level PERMS_PENDING
Diffstat (limited to 'include/permissions.php')
-rw-r--r--include/permissions.php40
1 files changed, 23 insertions, 17 deletions
diff --git a/include/permissions.php b/include/permissions.php
index 029bc1288..a3ec13925 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -177,32 +177,36 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue;
}
- // If PERMS_CONTACTS or PERMS_SPECIFIC, they need to be in your address book
- // $x is a valid address book entry
+ // From here on we require that the observer be a connection and
+ // handle whether we're allowing any, approved or specific ones
if(! $x) {
$ret[$perm_name] = false;
continue;
}
-
+
// They are in your address book, but haven't been approved
+ if($r[0][$channel_perm] & PERMS_PENDING) {
+ $ret[$perm_name] = true;
+ continue;
+ }
+
if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
$ret[$perm_name] = false;
continue;
}
- if(($r) && ($r[0][$channel_perm] & PERMS_CONTACTS)) {
-
- // They're a contact, so they have permission
+ // They're a contact, so they have permission
+ if($r[0][$channel_perm] & PERMS_CONTACTS) {
$ret[$perm_name] = true;
continue;
}
// Permission granted to certain channels. Let's see if the observer is one of them
- if(($r) && ($r[0][$channel_perm] & PERMS_SPECIFIC)) {
+ if($r[0][$channel_perm] & PERMS_SPECIFIC) {
if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) {
$ret[$perm_name] = true;
continue;
@@ -216,7 +220,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
}
-
$arr = array(
'channel_id' => $uid,
'observer_hash' => $observer_xchan,
@@ -229,7 +232,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
function perm_is_allowed($uid,$observer_xchan,$permission) {
-
$arr = array(
'channel_id' => $uid,
'observer_hash' => $observer_xchan,
@@ -280,7 +282,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
}
}
-
// Check if this $uid is actually the $observer_xchan
if($r[0]['channel_hash'] === $observer_xchan)
@@ -312,16 +313,27 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($c)
return true;
return false;
- }
+ }
+
+ // From here on we require that the observer be a connection and
+ // handle whether we're allowing any, approved or specific ones
if(! $x) {
return false;
}
+ // They are in your address book, but haven't been approved
+
+ if($r[0][$channel_perm] & PERMS_PENDING) {
+ return true;
+ }
+
if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
return false;
}
+ // They're a contact, so they have permission
+
if($r[0][$channel_perm] & PERMS_CONTACTS) {
return true;
}
@@ -333,13 +345,9 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
return true;
}
-
-
-
// No permissions allowed.
return false;
-
}
@@ -356,7 +364,6 @@ function check_list_permissions($uid,$arr,$perm) {
}
-
function site_default_perms() {
$typical = array(
@@ -378,7 +385,6 @@ function site_default_perms() {
'delegate' => 0,
);
-
$global_perms = get_perms();
$ret = array();