diff options
| author | friendica <info@friendica.com> | 2013-06-16 00:57:39 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2013-06-16 00:57:39 -0700 |
| commit | 2971ee9a4c91aaeb558ddd6127d5baf4c74fefba (patch) | |
| tree | 12966e4f50e367ef9186ecfc804cae447f173142 /include/zot.php | |
| parent | a37ac8f2f36353bba26ccd2631bf1c85ae6e02da (diff) | |
| download | volse-hubzilla-2971ee9a4c91aaeb558ddd6127d5baf4c74fefba.tar.gz volse-hubzilla-2971ee9a4c91aaeb558ddd6127d5baf4c74fefba.tar.bz2 volse-hubzilla-2971ee9a4c91aaeb558ddd6127d5baf4c74fefba.zip | |
hopefully this won't screw up everything - if it does, revert. Otherwise this should work at delivery time to check tag deliveries and bounce the message before it's stored if the channel doesn't allow you to post and you aren't allowed to tag deliver either. Previously this was handled after the post was already stored so you needed posting permission as well as tag deliver permission to get past the checks.
Diffstat (limited to 'include/zot.php')
| -rw-r--r-- | include/zot.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/zot.php b/include/zot.php index 2eb3b5eb0..79031ab26 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1017,9 +1017,11 @@ function process_delivery($sender,$arr,$deliveries,$relay) { $channel = $r[0]; + $tag_delivery = tgroup_check($channel['channel_id'],$arr); + $perm = (($arr['mid'] == $arr['parent_mid']) ? 'send_stream' : 'post_comments'); - if(! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) { + if((! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) && (! $tag_delivery)) { logger("permission denied for delivery {$channel['channel_id']}"); $result[] = array($d['hash'],'permission denied'); continue; |