more work on AccessList integration

5 files changed, 50 insertions, 81 deletions

diff --git a/mod/chat.php b/mod/chat.php
index c54d29313..c2c11d0ab 100644
--- a/mod/chat.php
+++ b/mod/chat.php
@@ -54,12 +54,11 @@ function chat_post(&$a) {
 		goaway(z_root() . '/chat/' . $channel['channel_address']);
 	}
 
+	$acl = new AccessList($channel);
+	$acl->set_from_array($_REQUEST);
 
-	$arr = array('name' => $room);
-	$arr['allow_gid']   = perms2str($_REQUEST['group_allow']);
-    $arr['allow_cid']   = perms2str($_REQUEST['contact_allow']);
-    $arr['deny_gid']    = perms2str($_REQUEST['group_deny']);
-    $arr['deny_cid']    = perms2str($_REQUEST['contact_deny']);
+	$arr = $acl->get();
+	$arr['name'] = $room;
 
 	chatroom_create($channel,$arr);
 
@@ -158,7 +157,10 @@ function chat_content(&$a) {
 			intval($a->profile['profile_uid'])
 		);
 		if($x) {
-			$private = ((($x[0]['allow_cid']) || ($x[0]['allow_gid']) || ($x[0]['deny_cid']) || ($x[0]['deny_gid'])) ? true : false);
+			$acl = new AccessList(false);
+			$acl->set($x[0]);
+
+			$private = $acl->is_private();
 			$room_name = $x[0]['cr_name'];
 			if($bookmark_link)
 				$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; 
@@ -192,14 +194,8 @@ function chat_content(&$a) {
 
 	if(local_channel() && argc() > 2 && argv(2) === 'new') {
 
-
-
-		$channel_acl = array(
-			'allow_cid' => $channel['channel_allow_cid'], 
-			'allow_gid' => $channel['channel_allow_gid'], 
-			'deny_cid'  => $channel['channel_deny_cid'], 
-			'deny_gid'  => $channel['channel_deny_gid']
-		); 
+		$acl = new AccessList($channel);
+		$channel_acl = $acl->get();
 
 		require_once('include/acl_selectors.php');
 
diff --git a/mod/events.php b/mod/events.php
index edb61a6cd..9120f8713 100755
--- a/mod/events.php
+++ b/mod/events.php
@@ -41,16 +41,11 @@ function events_post(&$a) {
 
 	$categories = escape_tags(trim($_POST['category']));
 
-
-
 	// only allow editing your own events. 
 
 	if(($xchan) && ($xchan !== get_observer_hash()))
 		return;
 
-	// The default setting for the `private` field in event_store() is false, so mirror that	
-	$private_event = false;
-
 	if($start_text) {
 		$start = $start_text;
 	}
@@ -119,6 +114,8 @@ function events_post(&$a) {
 
 	$channel = $a->get_channel();
 
+	$acl = new AccessList(false);
+
 	if($event_id) {
 		$x = q("select * from event where id = %d and uid = %d limit 1",
 			intval($event_id),
@@ -133,6 +130,8 @@ function events_post(&$a) {
 			return;
 		}
 
+		$acl->set($x[0]);
+
 		$created = $x[0]['created'];
 		$edited = datetime_convert();
 
@@ -142,39 +141,21 @@ function events_post(&$a) {
 		}
 		else {
 			$share = true;
-			$str_group_allow = $x[0]['allow_gid'];
-			$str_contact_allow = $x[0]['allow_cid'];
-			$str_group_deny = $x[0]['deny_gid'];
-			$str_contact_deny = $x[0]['deny_cid'];
-
-			if(strlen($str_group_allow) || strlen($str_contact_allow) 
-				|| strlen($str_group_deny) || strlen($str_contact_deny)) {
-				$private_event = true;
-			}
 		}
 	}
 	else {
 		$created = $edited = datetime_convert();
 		if($share) {
-			$str_group_allow   = perms2str($_POST['group_allow']);
-			$str_contact_allow = perms2str($_POST['contact_allow']);
-			$str_group_deny    = perms2str($_POST['group_deny']);
-			$str_contact_deny  = perms2str($_POST['contact_deny']);
-
-			if(strlen($str_group_allow) || strlen($str_contact_allow) 
-				|| strlen($str_group_deny) || strlen($str_contact_deny)) {
-				$private_event = true;
-			}
+			$acl->set_from_array($_POST);
 		}
 		else {
-			$str_contact_allow = '<' . $channel['channel_hash'] . '>';
-			$str_group_allow = $str_contact_deny = $str_group_deny = '';
-			$private_event = true;
+			$acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
 		}
 	}
 
 	$post_tags = array();
 	$channel = $a->get_channel();
+	$ac = $acl->get();
 
 	if(strlen($categories)) {
 		$cats = explode(',',$categories);
@@ -201,11 +182,11 @@ function events_post(&$a) {
 	$datarray['uid'] = local_channel();
 	$datarray['account'] = get_account_id();
 	$datarray['event_xchan'] = $channel['channel_hash'];
-	$datarray['allow_cid'] = $str_contact_allow;
-	$datarray['allow_gid'] = $str_group_allow;
-	$datarray['deny_cid'] = $str_contact_deny;
-	$datarray['deny_gid'] = $str_group_deny;
-	$datarray['private'] = (($private_event) ? 1 : 0);
+	$datarray['allow_cid'] = $ac['allow_cid'];
+	$datarray['allow_gid'] = $ac['allow_gid'];
+	$datarray['deny_cid'] = $ac['deny_cid'];
+	$datarray['deny_gid'] = $ac['deny_gid'];
+	$datarray['private'] = (($acl->is_private()) ? 1 : 0);
 	$datarray['id'] = $event_id;
 	$datarray['created'] = $created;
 	$datarray['edited'] = $edited;
@@ -660,12 +641,9 @@ function events_content(&$a) {
 
 		require_once('include/acl_selectors.php');
 
-		$perm_defaults = array(
-			'allow_cid' => $channel['channel_allow_cid'], 
-			'allow_gid' => $channel['channel_allow_gid'], 
-			'deny_cid' => $channel['channel_deny_cid'], 
-			'deny_gid' => $channel['channel_deny_gid']
-		); 
+		$acl = new AccessList($channel);
+		$perm_defaults = $acl->get();
+
 
 		$tpl = get_markup_template('event_form.tpl');
 
diff --git a/mod/item.php b/mod/item.php
index 254904c9f..750512bcf 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -19,7 +19,6 @@ require_once('include/crypto.php');
 require_once('include/enotify.php');
 require_once('include/items.php');
 require_once('include/attach.php');
-require_once('include/AccessList.php');
 
 function item_post(&$a) {
 
diff --git a/mod/mitem.php b/mod/mitem.php
index 3959da032..0fadd1548 100644
--- a/mod/mitem.php
+++ b/mod/mitem.php
@@ -2,7 +2,6 @@
 
 require_once('include/menu.php');
 require_once('include/acl_selectors.php');
-require_once('include/AccessList.php');
 
 function mitem_init(&$a) {
 
diff --git a/mod/photos.php b/mod/photos.php
index dc70e4f90..d06a8e69c 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -85,6 +85,7 @@ function photos_post(&$a) {
 
 	$owner_record = $s[0];	
 
+	$acl = AccessList($a->data['channel']);
 
 	if((argc() > 3) && (argv(2) === 'album')) {
 
@@ -200,6 +201,7 @@ function photos_post(&$a) {
 		goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
 	}
 
+
 	if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
 
 
@@ -208,10 +210,9 @@ function photos_post(&$a) {
 		$item_id     = ((x($_POST,'item_id')) ? intval($_POST['item_id'])       : 0);
 		$albname     = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
 		$is_nsfw     = ((x($_POST,'adult'))   ? intval($_POST['adult'])         : 0);
-		$str_group_allow   = perms2str($_POST['group_allow']);
-		$str_contact_allow = perms2str($_POST['contact_allow']);
-		$str_group_deny    = perms2str($_POST['group_deny']);
-		$str_contact_deny  = perms2str($_POST['contact_deny']);
+	
+		$acl->set_from_array($_POST);
+		$perm = $acl->get();
 
 		$resource_id = $a->argv[2];
 
@@ -284,10 +285,10 @@ function photos_post(&$a) {
 
 			$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
 				dbesc($desc),
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
+				dbesc($perm['allow_cid']),
+				dbesc($perm['allow_gid']),
+				dbesc($perm['deny_cid']),
+				dbesc($perm['deny_gid']),
 				dbesc($resource_id),
 				intval($page_owner_uid)
 			);
@@ -331,20 +332,20 @@ function photos_post(&$a) {
 		// make sure the linked item has the same permissions as the photo regardless of any other changes
 		$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
 			where id = %d",
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
-				intval($item_private),
+				dbesc($perm['allow_cid']),
+				dbesc($perm['allow_gid']),
+				dbesc($perm['deny_cid']),
+				dbesc($perm['deny_gid']),
+				intval($acl->is_private()),
 				intval($item_id)
 		);
 
 		// make sure the attach has the same permissions as the photo regardless of any other changes
 		$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
+				dbesc($perm['allow_cid']),
+				dbesc($perm['allow_gid']),
+				dbesc($perm['deny_cid']),
+				dbesc($perm['deny_gid']),
 				dbesc($resource_id),
 				intval($page_owner_uid)
 		);
@@ -418,11 +419,11 @@ function photos_post(&$a) {
 	$_REQUEST['source'] = 'photos';
 	require_once('include/attach.php');
 
-	if(!local_channel()) {
+	if(! local_channel()) {
 		$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
-		$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
-		$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
-		$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+		$_REQUEST['group_allow']   = expand_acl($channel['channel_allow_gid']);
+		$_REQUEST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
+		$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
 	}
 
 	$r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
@@ -557,14 +558,10 @@ function photos_content(&$a) {
 		if($_is_owner) {
 			$channel = $a->get_channel();
 
-			$channel_acl = array(
-				'allow_cid' => $channel['channel_allow_cid'], 
-				'allow_gid' => $channel['channel_allow_gid'], 
-				'deny_cid' => $channel['channel_deny_cid'], 
-				'deny_gid' => $channel['channel_deny_gid']
-			);
+			$acl = new AccessList($channel);
+			$channel_acl = $acl->get();
 
-			$lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
+			$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
 		}
 
 		$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');