diff options
| -rw-r--r-- | Zotlabs/Access/Permissions.php | 158 | ||||
| -rw-r--r-- | Zotlabs/Lib/Apps.php | 3 | ||||
| -rw-r--r-- | Zotlabs/Module/Notifications.php | 2 | ||||
| -rwxr-xr-x | include/dba/dba_driver.php | 2 | ||||
| -rw-r--r-- | include/text.php | 2 | ||||
| -rw-r--r-- | install/sample-nginx.conf | 2 | ||||
| -rw-r--r-- | install/update.php | 2 | ||||
| -rw-r--r-- | tests/unit/Access/PermissionsTest.php | 148 | ||||
| -rw-r--r-- | view/css/mod_setup.css | 6 | ||||
| -rwxr-xr-x | view/tpl/notifications.tpl | 20 | ||||
| -rwxr-xr-x | view/tpl/notify.tpl | 4 |
11 files changed, 276 insertions, 73 deletions
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php index 110e536ce..62c4af0ff 100644 --- a/Zotlabs/Access/Permissions.php +++ b/Zotlabs/Access/Permissions.php @@ -1,45 +1,52 @@ <?php - namespace Zotlabs\Access; use Zotlabs\Lib as Zlib; +/** + * @brief Extensible permissions. + * + * To add new permissions, add to the list of $perms below, with a simple description. + * + * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role + * if this permission should be granted to new connections. + * + * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom + * permission roles. You will want to set a default PermissionLimit for each channel and also + * provide a sane default for any existing connections. You may or may not wish to provide a + * default auto permission. If in doubt, leave this alone as custom permissions by definition + * are the responsibility of the channel owner to manage. You just don't want to create any + * suprises or break things so you have an opportunity to provide sane settings. + * + * Update the version here and in PermissionRoles. + * + * + * Permissions with 'view' in the name are considered read permissions. Anything + * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else + * is given PERMS_SPECIFIC. + * + * PermissionLimits::Std_limits() retrieves the standard limits. A permission role + * MAY alter an individual setting after retrieving the Std_limits if you require + * something different for a specific permission within the given role. + * + */ class Permissions { - /** - * Extensible permissions. - * To add new permissions, add to the list of $perms below, with a simple description. - * - * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role - * if this permission should be granted to new connections. - * - * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom - * permission roles. You will want to set a default PermissionLimit for each channel and also - * provide a sane default for any existing connections. You may or may not wish to provide a - * default auto permission. If in doubt, leave this alone as custom permissions by definition - * are the responsibility of the channel owner to manage. You just don't want to create any - * suprises or break things so you have an opportunity to provide sane settings. - * - * Update the version here and in PermissionRoles - * - * - * Permissions with 'view' in the name are considered read permissions. Anything - * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else - * is given PERMS_SPECIFIC. - * - * PermissionLimits::Std_limits() retrieves the standard limits. A permission role - * MAY alter an individual setting after retrieving the Std_limits if you require - * something different for a specific permission within the given role. - * - */ - static public function version() { // This must match the version in PermissionRoles.php before permission updates can run. return 2; } - + /** + * @brief Return an array with Permissions. + * + * @hooks permissions_list + * * \e array \b permissions + * * \e string \b filter + * @param string $filter (optional) only passed to hook permission_list + * @return Associative array with permissions and short description. + */ static public function Perms($filter = '') { $perms = [ @@ -63,18 +70,27 @@ class Permissions { 'delegate' => t('Can administer my channel') ]; - $x = array('permissions' => $perms, 'filter' => $filter); - call_hooks('permissions_list',$x); - return($x['permissions']); + $x = [ + 'permissions' => $perms, + 'filter' => $filter + ]; + call_hooks('permissions_list', $x); + return($x['permissions']); } + /** + * @brief Perms from the above list that are blocked from anonymous observers. + * + * e.g. you must be authenticated. + * + * @hooks write_perms + * * \e array \b permissions + * @return Associative array with permissions and short description. + */ static public function BlockedAnonPerms() { - // Perms from the above list that are blocked from anonymous observers. - // e.g. you must be authenticated. - - $res = array(); + $res = []; $perms = PermissionLimits::Std_limits(); foreach($perms as $perm => $limit) { if($limit != PERMS_PUBLIC) { @@ -82,17 +98,22 @@ class Permissions { } } - $x = array('permissions' => $res); - call_hooks('write_perms',$x); - return($x['permissions']); + $x = ['permissions' => $res]; + call_hooks('write_perms', $x); + return($x['permissions']); } - // converts [ 0 => 'view_stream', ... ] - // to [ 'view_stream' => 1 ] - // for any permissions in $arr; - // Undeclared permissions are set to 0 - + /** + * @brief Converts indexed perms array to associative perms array. + * + * Converts [ 0 => 'view_stream', ... ] + * to [ 'view_stream' => 1 ] for any permissions in $arr; + * Undeclared permissions which exist in Perms() are added and set to 0. + * + * @param array $arr + * @return array + */ static public function FilledPerms($arr) { if(is_null($arr)) { btlogger('FilledPerms: null'); @@ -101,15 +122,26 @@ class Permissions { $everything = self::Perms(); $ret = []; foreach($everything as $k => $v) { - if(in_array($k,$arr)) + if(in_array($k, $arr)) $ret[$k] = 1; else $ret[$k] = 0; } - return $ret; + return $ret; } + /** + * @brief Convert perms array to indexed array. + * + * Converts [ 'view_stream' => 1 ] for any permissions in $arr + * to [ 0 => ['name' => 'view_stream', 'value' => 1], ... ] + * + * @param array $arr associative perms array 'view_stream' => 1 + * @return Indexed array with elements that look like + * * \e string \b name the perm name (e.g. view_stream) + * * \e int \b value the value of the perm (e.g. 1) + */ static public function OPerms($arr) { $ret = []; if($arr) { @@ -120,7 +152,12 @@ class Permissions { return $ret; } - + /** + * @brief + * + * @param int $channel_id + * @return boolean|array + */ static public function FilledAutoperms($channel_id) { if(! intval(get_pconfig($channel_id,'system','autoperms'))) return false; @@ -137,16 +174,33 @@ class Permissions { return $arr; } - static public function PermsCompare($p1,$p2) { + /** + * @brief Compares that all Permissions from $p1 exist also in $p2. + * + * @param array $p1 The perms that have to exist in $p2 + * @param array $p2 The perms to compare against + * @return boolean true if all perms from $p1 exist also in $p2 + */ + static public function PermsCompare($p1, $p2) { foreach($p1 as $k => $v) { - if(! array_key_exists($k,$p2)) + if(! array_key_exists($k, $p2)) return false; + if($p1[$k] != $p2[$k]) return false; } + return true; } + /** + * @brief + * + * @param int $channel_id A channel id + * @return associative array + * * \e array \b perms Permission array + * * \e int \b automatic 0 or 1 + */ static public function connect_perms($channel_id) { @@ -156,7 +210,7 @@ class Permissions { // If a default permcat exists, use that - $pc = ((feature_enabled($channel_id,'permcats')) ? get_pconfig($channel_id,'system','default_permcat') : 'default'); + $pc = ((feature_enabled($channel_id,'permcats')) ? get_pconfig($channel_id,'system','default_permcat') : 'default'); if(! in_array($pc, [ '','default' ])) { $pcp = new Zlib\Permcat($channel_id); $permcat = $pcp->fetch($pc); @@ -168,7 +222,7 @@ class Permissions { } // look up the permission role to see if it specified auto-connect - // and if there was no permcat or a default permcat, set the perms + // and if there was no permcat or a default permcat, set the perms // from the role $role = get_pconfig($channel_id,'system','permissions_role'); @@ -196,7 +250,7 @@ class Permissions { } // If we reached this point with no permissions, the channel is using - // custom perms but they are not automatic. They will be stored in abconfig with + // custom perms but they are not automatic. They will be stored in abconfig with // the channel's channel_hash (the 'self' connection). if(! $my_perms) { diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index ed18ff3cb..06ec7c39d 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -666,9 +666,6 @@ class Apps { - - - static public function app_decode($s) { $x = base64_decode(str_replace(array('<br />',"\r","\n",' '),array('','','',''),$s)); return json_decode($x,true); diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php index e0313dd8b..652648701 100644 --- a/Zotlabs/Module/Notifications.php +++ b/Zotlabs/Module/Notifications.php @@ -40,7 +40,7 @@ class Notifications extends \Zotlabs\Web\Controller { $o .= replace_macros(get_markup_template('notifications.tpl'),array( '$notif_header' => t('System Notifications'), - '$notif_link_mark_seen' => t('Mark all system notifications seen'), + '$notif_link_mark_seen' => t('Mark all seen'), '$notif_content' => $notif_content, '$notifications_available' => $notifications_available, )); diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index ad1d9d194..d362f58b2 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -452,7 +452,7 @@ function db_getfunc($f) { function db_logger($s,$level = LOGGER_NORMAL,$syslog = LOG_INFO) { - if(\DBA::$logging) + if(\DBA::$logging || ! \DBA::$dba) return; $saved = \DBA::$dba->debug; diff --git a/include/text.php b/include/text.php index fb39313a2..b17564b9f 100644 --- a/include/text.php +++ b/include/text.php @@ -1158,7 +1158,6 @@ function list_smilies($default_only = false) { $texts = array( '<3', '</3', - '<\\3', ':-)', ';-)', ':-(', @@ -1193,7 +1192,6 @@ function list_smilies($default_only = false) { $icons = array( '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-heart.gif" alt="<3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="</3" />', - '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="<\\3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-smile.gif" alt=":-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-wink.gif" alt=";-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-frown.gif" alt=":-(" />', diff --git a/install/sample-nginx.conf b/install/sample-nginx.conf index 85178596a..4121ff2ec 100644 --- a/install/sample-nginx.conf +++ b/install/sample-nginx.conf @@ -56,7 +56,7 @@ server { ssl_certificate_key /etc/nginx/ssl/example.net.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES256-SHA:!DHE-RSA-AES128-SHA:!DHE-RSA-AES256-SHA256:!DHE-RSA-CAMELLIA128-SHA:!DHE-RSA-CAMELLIA256-SHA; + ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; ssl_prefer_server_ciphers on; fastcgi_param HTTPS on; diff --git a/install/update.php b/install/update.php index affdb6ffb..06084a422 100644 --- a/install/update.php +++ b/install/update.php @@ -2533,7 +2533,7 @@ function update_r1189() { } function update_r1190() { - $r1 = q("alter table abook add abook_not_here int(11) not null default '0' "); + $r1 = q("alter table abook add abook_not_here smallint not null default 0 "); $r2 = q("create index abook_not_here on abook (abook_not_here)"); diff --git a/tests/unit/Access/PermissionsTest.php b/tests/unit/Access/PermissionsTest.php new file mode 100644 index 000000000..93c641fb1 --- /dev/null +++ b/tests/unit/Access/PermissionsTest.php @@ -0,0 +1,148 @@ +<?php +/* + * Copyright (c) 2017 Hubzilla + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +namespace Zotlabs\Tests\Unit\Access; + +use Zotlabs\Tests\Unit\UnitTestCase; +use Zotlabs\Access\Permissions; + +/** + * @brief Unit Test case for Permissions class. + * + * @covers Zotlabs\Access\Permissions + */ +class PermissionsTest extends UnitTestCase { + + /** + * @dataProvider FilledPermsProvider + */ + public function testFilledPerms($permarr, $expected) { + $this->markTestIncomplete( + 'Need to mock static function Permissions::Perms() ...' + ); + //$this->assertEquals($expected, Permissions::FilledPerms($permarr)); + +/* $perms = $this->getMockBuilder(Permissions::class) + ->setMethods(['Perms']) + ->getMock(); + $perms->expects($this->once()) + ->method('Perms'); + // still calls the static self::Perms() + $perms->FilledPerms($permarr); +*/ + } + public function FilledPermsProvider() { + return [ + 'empty' => [ + [], + ['perm1' => 0, 'perm2' => 0] + ], + 'valild' => [ + [['perm1' => 1]], + ['perm1' => 1, 'perm2' => 0] + ] + ]; + } +/* public function testFilledPermsNull() { + // need to mock global function btlogger(); + Permissions::FilledPerms(null); + } +*/ + /** + * @dataProvider OPermsProvider + * + * @param array $permarr + * @param array $expected + */ + public function testOPerms($permarr, $expected) { + $this->assertEquals($expected, Permissions::OPerms($permarr)); + } + /** + * @return Associative array with test values for OPerms() + * * \e array Array to test + * * \e array Expect array + */ + public function OPermsProvider() { + return [ + 'empty' => [ + [], + [] + ], + 'valid' => [ + ['perm1' => 1, 'perm2' => 0], + [['name' => 'perm1', 'value' => 1], ['name' => 'perm2', 'value' => 0]] + ], + 'null array' => [ + null, + [] + ] + ]; + } + + + /** + * @dataProvider permsCompareProvider + * + * @param array $p1 + * @param array $p2 + * @param boolean $expectedresult + */ + public function testPermsCompare($p1, $p2, $expectedresult) { + $this->assertEquals($expectedresult, Permissions::PermsCompare($p1, $p2)); + } + /** + * @return Associative array with test values for PermsCompare() + * * \e array 1st array + * * \e array 2nd array + * * \e boolean expected result for the test + */ + public function permsCompareProvider() { + return [ + 'equal' => [ + ['perm1' => 1, 'perm2' => 0], + ['perm1' => 1, 'perm2' => 0], + true + ], + 'different values' => [ + ['perm1' => 1, 'perm2' => 0], + ['perm1' => 0, 'perm2' => 1], + false + ], + 'different order' => [ + ['perm1' => 1, 'perm2' => 0], + ['perm2' => 0, 'perm1' => 1], + true + ], + 'partial first in second' => [ + ['perm1' => 1], + ['perm1' => 1, 'perm2' => 0], + true + ], + 'partial second in first' => [ + ['perm1' => 1, 'perm2' => 0], + ['perm1' => 1], + false + ] + ]; + } +}
\ No newline at end of file diff --git a/view/css/mod_setup.css b/view/css/mod_setup.css index ee725d055..f0d91a0ae 100644 --- a/view/css/mod_setup.css +++ b/view/css/mod_setup.css @@ -32,3 +32,9 @@ margin-top: 18px; margin-left: 20px; } + +main { + max-width: 790px; + margin-left: auto; + margin-right: auto; +} diff --git a/view/tpl/notifications.tpl b/view/tpl/notifications.tpl index 0b24da7c3..53ff8de52 100755 --- a/view/tpl/notifications.tpl +++ b/view/tpl/notifications.tpl @@ -1,11 +1,11 @@ -<div class="generic-content-wrapper-styled"> - -<h1>{{$notif_header}}</h1> - -{{if $notifications_available}} -<a href="#" onclick="markRead('notify'); setTimeout(function() { window.location.href=window.location.href; },1500); return false;">{{$notif_link_mark_seen}}</a> -{{/if}} -<div class="notif-network-wrapper"> - {{$notif_content}} -</div> +<div class="generic-content-wrapper"> + <div class="section-title-wrapper clearfix"> + {{if $notifications_available}} + <a href="#" class="btn btn-outline-secondary btn-sm float-right" onclick="markRead('notify'); setTimeout(function() { window.location.href=window.location.href; },1500); return false;">{{$notif_link_mark_seen}}</a> + {{/if}} + <h2>{{$notif_header}}</h2> + </div> + <div class="section-content-wrapper"> + {{$notif_content}} + </div> </div> diff --git a/view/tpl/notify.tpl b/view/tpl/notify.tpl index d3c79be82..ae6e160b1 100755 --- a/view/tpl/notify.tpl +++ b/view/tpl/notify.tpl @@ -1,3 +1,3 @@ -<div class="notif-item"> - <a href="{{$item_link}}"><img src="{{$item_image}}" class="notif-image">{{$item_text}} <span class="notif-when">{{$item_when}}</span></a> +<div class="mb-2 notif-item"> + <a href="{{$item_link}}"><img src="{{$item_image}}" class="menu-img-1">{{$item_text}} <span class="notif-when">{{$item_when}}</span></a> </div> |