aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2018-03-22 19:52:25 -0700
committerzotlabs <mike@macgirvin.com>2018-03-22 19:52:25 -0700
commit034032c7c27ca0e0ba0720aeea84ba6272eb6d36 (patch)
tree6951198d7533b2666b8d2dc0828028623bfc98f2 /include
parent05e11844e5a0f90b7f45f27047b2926442484108 (diff)
downloadvolse-hubzilla-034032c7c27ca0e0ba0720aeea84ba6272eb6d36.tar.gz
volse-hubzilla-034032c7c27ca0e0ba0720aeea84ba6272eb6d36.tar.bz2
volse-hubzilla-034032c7c27ca0e0ba0720aeea84ba6272eb6d36.zip
slight change in mail privacy implementation. If you initiate a private mail conversation and they respond, accept the reply. You can't hide behind your permissions or lack thereof. Often this will be accidental. If you truly want to block them from replying and your permissions otherwise would not allow them to reply, delete the conversation.
Diffstat (limited to 'include')
-rw-r--r--include/zot.php26
1 files changed, 22 insertions, 4 deletions
diff --git a/include/zot.php b/include/zot.php
index c11cace2a..25ea9b8fb 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -2285,13 +2285,31 @@ function process_mail_delivery($sender, $arr, $deliveries) {
continue;
}
+
if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) {
- logger("permission denied for mail delivery {$channel['channel_id']}");
- $DR->update('permission denied');
- $result[] = $DR->get();
- continue;
+
+ /*
+ * Always allow somebody to reply if you initiated the conversation. It's anti-social
+ * and a bit rude to send a private message to somebody and block their ability to respond.
+ * If you are being harrassed and want to put an end to it, delete the conversation.
+ */
+
+ $return = false;
+ if($arr['parent_mid']) {
+ $return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
+ dbesc($arr['parent_mid']),
+ intval($channel['channel_id'])
+ );
+ }
+ if(! $return) {
+ logger("permission denied for mail delivery {$channel['channel_id']}");
+ $DR->update('permission denied');
+ $result[] = $DR->get();
+ continue;
+ }
}
+
$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
dbesc($arr['mid']),
intval($channel['channel_id'])