aboutsummaryrefslogtreecommitdiffstats
path: root/include/zot.php
diff options
context:
space:
mode:
authorM.Dent <dentm42@dm42.net>2018-09-01 13:45:05 -0400
committerM.Dent <dentm42@dm42.net>2018-09-01 13:45:05 -0400
commite2824f925964fbfe160255de6e733b4c2de3cecb (patch)
treef7a4c72de76b5c5f9c153b8ced5f0d495634b37b /include/zot.php
parentda441c59f6e476139dbd4bad7022eb37bd4ad1a4 (diff)
downloadvolse-hubzilla-e2824f925964fbfe160255de6e733b4c2de3cecb.tar.gz
volse-hubzilla-e2824f925964fbfe160255de6e733b4c2de3cecb.tar.bz2
volse-hubzilla-e2824f925964fbfe160255de6e733b4c2de3cecb.zip
Fix: Authors unable to comment on posts they authored when under owned by others in certain circumstances.
Diffstat (limited to 'include/zot.php')
-rw-r--r--include/zot.php17
1 files changed, 15 insertions, 2 deletions
diff --git a/include/zot.php b/include/zot.php
index 52102e147..3523dd2ec 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -1808,8 +1808,21 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
else {
$arr['item_wall'] = 0;
}
-
- if((! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) && (! $tag_delivery) && (! $local_public)) {
+
+ $allowed = (perm_is_allowed($channel['channel_id'],$sender['hash'],$perm) && (! $tag_delivery) && (! $local_public));
+
+ if(! $allowed && $perm == 'post_comments') {
+logger("Channel = ".intval($channel['channel_id']));
+ $parent = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($arr['parent_mid']),
+ intval($channel['channel_id'])
+ );
+ if ($parent) {
+ $allowed = can_comment_on_post($d['hash'],$parent[0]);
+ }
+ }
+
+ if (! $allowed) {
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
$DR->update('permission denied');
$result[] = $DR->get();