diff options
author | friendica <info@friendica.com> | 2014-07-03 19:34:00 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-07-03 19:36:59 -0700 |
commit | 53217ad9a7c123eecc72b40952ccd6f21dde54f2 (patch) | |
tree | 3f7801e420aa16e5d511fe10aff2a7b605f8b598 /include | |
parent | 5ed9444beea56c8d4559a01434406f8de8588c57 (diff) | |
download | volse-hubzilla-53217ad9a7c123eecc72b40952ccd6f21dde54f2.tar.gz volse-hubzilla-53217ad9a7c123eecc72b40952ccd6f21dde54f2.tar.bz2 volse-hubzilla-53217ad9a7c123eecc72b40952ccd6f21dde54f2.zip |
add 'block_public' checking to get_all_perms() and perm_is_allowed() so we have everything related to allowing or denying something in one place. Currently this check is done separately in a huge number of places. Now we can start to remove all the extra checks. A couple of them are still necessary, but most are now redundant.
Diffstat (limited to 'include')
-rw-r--r-- | include/permissions.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/include/permissions.php b/include/permissions.php index a3ec13925..9fded3b43 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -126,6 +126,13 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) { } } + // system is blocked to anybody who is not authenticated + + if((! $observer_xchan) && intval(get_config('system','block_public'))) { + $ret[$perm_name] = false; + continue; + } + // Check if this $uid is actually the $observer_xchan - if it's your content // you always have permission to do anything @@ -282,6 +289,11 @@ function perm_is_allowed($uid,$observer_xchan,$permission) { } } + // system is blocked to anybody who is not authenticated + + if((! $observer_xchan) && intval(get_config('system','block_public'))) + return false; + // Check if this $uid is actually the $observer_xchan if($r[0]['channel_hash'] === $observer_xchan) |