aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-02-12 15:56:33 -0800
committerzotlabs <mike@macgirvin.com>2017-02-12 15:56:33 -0800
commitccdfbc721fa0cf6710cce262cbaa219e2803e8c2 (patch)
tree3ff4e912a8496d6e6ae7abb530afc80eeba8b24c /include
parentbc3605a5025908ae0835c057cb7caa1bc26d9c37 (diff)
downloadvolse-hubzilla-ccdfbc721fa0cf6710cce262cbaa219e2803e8c2.tar.gz
volse-hubzilla-ccdfbc721fa0cf6710cce262cbaa219e2803e8c2.tar.bz2
volse-hubzilla-ccdfbc721fa0cf6710cce262cbaa219e2803e8c2.zip
Create virtual privacy groups for private profile member lists
Diffstat (limited to 'include')
-rw-r--r--include/attach.php58
-rw-r--r--include/group.php68
-rw-r--r--include/photos.php53
-rw-r--r--include/security.php16
4 files changed, 153 insertions, 42 deletions
diff --git a/include/attach.php b/include/attach.php
index dc5bfd308..937d33ea3 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -28,29 +28,31 @@ function z_mime_content_type($filename) {
$mime_types = array(
- 'txt' => 'text/plain',
- 'htm' => 'text/html',
+ 'txt' => 'text/plain',
+ 'htm' => 'text/html',
'html' => 'text/html',
- 'php' => 'text/html',
- 'css' => 'text/css',
- 'js' => 'application/javascript',
+ 'php' => 'text/html',
+ 'css' => 'text/css',
+ 'md' => 'text/markdown',
+ 'bb' => 'text/bbcode',
+ 'js' => 'application/javascript',
'json' => 'application/json',
- 'xml' => 'application/xml',
- 'swf' => 'application/x-shockwave-flash',
- 'flv' => 'video/x-flv',
+ 'xml' => 'application/xml',
+ 'swf' => 'application/x-shockwave-flash',
+ 'flv' => 'video/x-flv',
'epub' => 'application/epub+zip',
// images
- 'png' => 'image/png',
- 'jpe' => 'image/jpeg',
+ 'png' => 'image/png',
+ 'jpe' => 'image/jpeg',
'jpeg' => 'image/jpeg',
- 'jpg' => 'image/jpeg',
- 'gif' => 'image/gif',
- 'bmp' => 'image/bmp',
- 'ico' => 'image/vnd.microsoft.icon',
+ 'jpg' => 'image/jpeg',
+ 'gif' => 'image/gif',
+ 'bmp' => 'image/bmp',
+ 'ico' => 'image/vnd.microsoft.icon',
'tiff' => 'image/tiff',
- 'tif' => 'image/tiff',
- 'svg' => 'image/svg+xml',
+ 'tif' => 'image/tiff',
+ 'svg' => 'image/svg+xml',
'svgz' => 'image/svg+xml',
// archives
@@ -61,27 +63,27 @@ function z_mime_content_type($filename) {
'cab' => 'application/vnd.ms-cab-compressed',
// audio/video
- 'mp3' => 'audio/mpeg',
- 'wav' => 'audio/wav',
- 'qt' => 'video/quicktime',
- 'mov' => 'video/quicktime',
- 'ogg' => 'audio/ogg',
- 'ogv' => 'video/ogg',
- 'ogx' => 'application/ogg',
+ 'mp3' => 'audio/mpeg',
+ 'wav' => 'audio/wav',
+ 'qt' => 'video/quicktime',
+ 'mov' => 'video/quicktime',
+ 'ogg' => 'audio/ogg',
+ 'ogv' => 'video/ogg',
+ 'ogx' => 'application/ogg',
'flac' => 'audio/flac',
'opus' => 'audio/ogg',
'webm' => 'video/webm',
// 'webm' => 'audio/webm',
- 'mp4' => 'video/mp4',
-// 'mp4' => 'audio/mp4',
- 'mkv' => 'video/x-matroska',
+ 'mp4' => 'video/mp4',
+// 'mp4' => 'audio/mp4',
+ 'mkv' => 'video/x-matroska',
// adobe
'pdf' => 'application/pdf',
'psd' => 'image/vnd.adobe.photoshop',
- 'ai' => 'application/postscript',
+ 'ai' => 'application/postscript',
'eps' => 'application/postscript',
- 'ps' => 'application/postscript',
+ 'ps' => 'application/postscript',
// ms office
'doc' => 'application/msword',
diff --git a/include/group.php b/include/group.php
index 38d9d190f..3b208ef95 100644
--- a/include/group.php
+++ b/include/group.php
@@ -227,6 +227,26 @@ function group_get_members_xchan($gid) {
return $ret;
}
+function group_get_profile_members_xchan($uid,$gid) {
+ $ret = [];
+
+ if(intval($gid)) {
+ $r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
+ intval($gid),
+ intval($uid)
+ );
+ if($r) {
+ foreach($r as $rr) {
+ $ret[] = $rr['xchan'];
+ }
+ }
+ }
+ return $ret;
+}
+
+
+
+
function mini_group_select($uid,$group = '') {
$grps = array();
@@ -320,20 +340,46 @@ function group_side($every="connections",$each="group",$edit = false, $group_id
return $o;
}
-function expand_groups($a) {
- if(! (is_array($a) && count($a)))
+function expand_groups($g) {
+ if(! (is_array($g) && count($g)))
return array();
- $x = $a;
- stringify_array_elms($x,true);
- $groups = implode(',', $x);
- if($groups)
- $r = q("SELECT xchan FROM group_member WHERE gid IN ( select id from groups where hash in ( $groups ))");
- $ret = array();
+ $ret = [];
+ $x = [];
- if($r)
- foreach($r as $rr)
- $ret[] = $rr['xchan'];
+ // private profile linked virtual groups
+
+ foreach($g as $gv) {
+ if(substr($gv,0,3) === 'vp.') {
+ $profile_hash = substr($gv,3);
+ if($profile_hash) {
+ $r = q("select abook_xchan from abook where abook_profile = '%s'",
+ dbesc($profile_hash)
+ );
+ if($r) {
+ foreach($r as $rv) {
+ $ret[] = $rv['abook_xchan'];
+ }
+ }
+ }
+ }
+ else {
+ $x[] = $gv;
+ }
+ }
+
+ if($x) {
+ stringify_array_elms($x,true);
+ $groups = implode(',', $x);
+ if($groups) {
+ $r = q("SELECT xchan FROM group_member WHERE gid IN ( select id from groups where hash in ( $groups ))");
+ if($r) {
+ foreach($r as $rr) {
+ $ret[] = $rr['xchan'];
+ }
+ }
+ }
+ }
return $ret;
}
diff --git a/include/photos.php b/include/photos.php
index 55cc2d945..4cd5952f9 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -718,10 +718,59 @@ function gps2Num($coordPart) {
return floatval($parts[0]) / floatval($parts[1]);
}
+
+function photo_profile_setperms($channel_id,$resource_id,$profile_id) {
+
+ if(! $profile_id)
+ return;
+
+ $r = q("select profile_guid, is_default from profile where id = %d and uid = %d limit 1",
+ dbesc($profile_id),
+ intval($channel_id)
+ );
+
+ if(! $r)
+ return;
+
+ $is_default = $r[0]['is_default'];
+ $profile_guid = $r[0]['profile_guid'];
+
+ if($is_default) {
+ $r = q("update photo set allow_cid = '', allow_gid = '', deny_cid = '', deny_gid = ''
+ where resource_id = '%s' and uid = %d",
+ dbesc($resource_id),
+ intval($channel_id)
+ );
+ $r = q("update attach set allow_cid = '', allow_gid = '', deny_cid = '', deny_gid = ''
+ where hash = '%s' and uid = %d",
+ dbesc($resource_id),
+ intval($channel_id)
+ );
+ }
+ else {
+ $r = q("update photo set allow_cid = '', allow_gid = '%s', deny_cid = '', deny_gid = ''
+ where resource_id = '%s' and uid = %d",
+ dbesc('vp.' . $profile_guid),
+ dbesc($resource_id),
+ intval($channel_id)
+ );
+
+ $r = q("update attach set allow_cid = '', allow_gid = '%s', deny_cid = '', deny_gid = ''
+ where hash = '%s' and uid = %d",
+ dbesc('vp.' . $profile_guid),
+ dbesc($resource_id),
+ intval($channel_id)
+ );
+ }
+}
+
function profile_photo_set_profile_perms($uid, $profileid = 0) {
- $allowcid = '';
- if($profileid) {
+ $allowcid = '';
+
+
+ if($profileid) {
+
$r = q("SELECT photo, profile_guid, id, is_default, uid
FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1",
intval($uid),
diff --git a/include/security.php b/include/security.php
index 57b33251f..b49ceec0d 100644
--- a/include/security.php
+++ b/include/security.php
@@ -553,7 +553,21 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
// var $contact_id = xchan_hash of connection
function init_groups_visitor($contact_id) {
- $groups = array();
+ $groups = [];
+
+ // private profiles are treated as a virtual group
+
+ $r = q("SELECT abook_profile from abook where abook_xchan = '%s' and abook_profile != '' ",
+ dbesc($contact_id)
+ );
+ if($r) {
+ foreach($r as $rv) {
+ $groups[] = 'vp.' . $rv['abook_profile'];
+ }
+ }
+
+ // physical groups this channel is a member of
+
$r = q("SELECT hash FROM groups left join group_member on groups.id = group_member.gid WHERE xchan = '%s' ",
dbesc($contact_id)
);