diff options
author | friendica <info@friendica.com> | 2014-10-28 20:01:44 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-10-28 20:01:44 -0700 |
commit | 7d9f785758ee6e4c19838e532f9930e227e95fc6 (patch) | |
tree | 308fbc0547ad1cb3e86920948647d33a36e78c9d /mod/item.php | |
parent | d9c5823593400ec82ce7e547a1a0c9674aa1f248 (diff) | |
download | volse-hubzilla-7d9f785758ee6e4c19838e532f9930e227e95fc6.tar.gz volse-hubzilla-7d9f785758ee6e4c19838e532f9930e227e95fc6.tar.bz2 volse-hubzilla-7d9f785758ee6e4c19838e532f9930e227e95fc6.zip |
if any privacy tags are created on a top level post, restrict the post; since it could have been quite sensitive. If there were errors processing the actual tag restrict the post to the profile owner. Also make the "privacy tag over-rides ACL" behaviour configurable. Default is that privacy tags over-ride the ACL.
Diffstat (limited to 'mod/item.php')
-rw-r--r-- | mod/item.php | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/mod/item.php b/mod/item.php index 22d285571..3dea8809c 100644 --- a/mod/item.php +++ b/mod/item.php @@ -596,7 +596,14 @@ function item_post(&$a) { logger('handle_tag: ' . print_r($success,tue), LOGGER_DATA); if(($access_tag) && (! $parent_item)) { logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DATA); - if ($first_access_tag) { + if ($first_access_tag && (! get_pconfig($profile_uid,'system','no_private_mention_acl_override'))) { + + // This is a tough call, hence configurable. The issue is that one can type in a @!privacy mention + // and also have a default ACL (perhaps from viewing a collection) and could be suprised that the + // privacy mention wasn't the only recipient. So the default is to wipe out the existing ACL if a + // private mention is found. This can be over-ridden if you wish private mentions to be in + // addition to the current ACL settings. + $str_contact_allow = ''; $str_group_allow = ''; $first_access_tag = false; @@ -1162,6 +1169,8 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { // $r is set if we found something + $channel = get_app()->get_channel(); + if($r) { $profile = $r[0]['xchan_url']; $newname = $r[0]['xchan_name']; @@ -1198,6 +1207,10 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { } } + if(($exclusive) && (! $access_tag)) { + $access_tag .= 'cid:' . $channel['channel_hash']; + } + // if there is an url for this channel if(isset($profile)) { |