aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2018-04-02 20:39:28 -0700
committerzotlabs <mike@macgirvin.com>2018-04-02 20:39:28 -0700
commit4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899 (patch)
tree283e8a30e8a15e1a5ba88687f455daecac84416e /include
parent753e1e4616acc19ff54024443e9ed3d60b0296fc (diff)
downloadvolse-hubzilla-4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899.tar.gz
volse-hubzilla-4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899.tar.bz2
volse-hubzilla-4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899.zip
community tagging refactor - we no longer send an edited post/comment to everybody. The post owner approves the tag and this is transmitted along with the tag activity. Recipients check the signature of the approval and add the tag to their local copy of the post.
Diffstat (limited to 'include')
-rwxr-xr-xinclude/items.php20
1 files changed, 9 insertions, 11 deletions
diff --git a/include/items.php b/include/items.php
index 5e84c62c7..62f1c6195 100755
--- a/include/items.php
+++ b/include/items.php
@@ -2735,13 +2735,12 @@ function item_community_tag($channel,$item) {
// See if we are the owner of the parent item and have given permission to tag our posts.
// If so tag the parent post.
- logger('tag_deliver: community tag activity received');
-
- // refactor of this code block is in progress and is not yet completed
+ logger('tag_deliver: community tag activity received: channel: ' . $channel['channel_name']);
$tag_the_post = false;
$p = null;
+ $j_obj = json_decode($item['obj'],true);
$j_tgt = json_decode($item['target'],true);
if($j_tgt && $j_tgt['id']) {
$p = q("select * from item where mid = '%s' and uid = %d limit 1",
@@ -2753,9 +2752,9 @@ function item_community_tag($channel,$item) {
xchan_query($p);
$items = fetch_post_tags($p,true);
$pitem = $items[0];
- $auth = get_iconfig($pitem,'system','communitytagauth');
+ $auth = get_iconfig($item,'system','communitytagauth');
if($auth) {
- if(rsa_verify('tagauth.' . $item['mid'],$auth,$pitem['owner']['xchan_pubkey'])) {
+ if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey'])) {
logger('tag_deliver: tagging the post: ' . $channel['channel_name']);
$tag_the_post = true;
}
@@ -2765,18 +2764,17 @@ function item_community_tag($channel,$item) {
logger('tag_deliver: community tag recipient: ' . $channel['channel_name']);
$tag_the_post = true;
$sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']);
- set_iconfig($item['id'],'system','communitytagauth',$sig,1);
+ logger('tag_deliver: setting iconfig for ' . $item['id']);
+ set_iconfig($item['id'],'system','communitytagauth',base64url_encode($sig),1);
}
}
if($tag_the_post) {
store_item_tag($channel['channel_id'],$pitem['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']);
}
-
- }
-
- if(! $tag_the_post) {
- logger('Tag permission denied for ' . $channel['channel_address']);
+ else {
+ logger('Tag permission denied for ' . $channel['channel_address']);
+ }
}
}