diff options
| -rw-r--r-- | Zotlabs/Access/PermissionLimits.php | 59 | ||||
| -rw-r--r-- | Zotlabs/Access/PermissionRoles.php | 209 | ||||
| -rw-r--r-- | Zotlabs/Access/Permissions.php | 67 | ||||
| -rw-r--r-- | Zotlabs/Module/Connedit.php | 22 | ||||
| -rw-r--r-- | Zotlabs/Module/Settings.php | 33 | ||||
| -rw-r--r-- | include/permissions.php | 502 | ||||
| -rw-r--r-- | install/perm_upgrade.php | 63 | ||||
| -rw-r--r-- | install/schema_mysql.sql | 13 | ||||
| -rw-r--r-- | install/schema_postgres.sql | 11 | ||||
| -rw-r--r-- | install/update.php | 56 |
10 files changed, 764 insertions, 271 deletions
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php new file mode 100644 index 000000000..ef254c3cf --- /dev/null +++ b/Zotlabs/Access/PermissionLimits.php @@ -0,0 +1,59 @@ +<?php + +namespace Zotlabs\Access; + +class PermissionLimits { + + static public function Std_Limits() { + $perms = Permissions::Perms(); + $limits = array(); + foreach($perms as $k => $v) { + if(strstr($k,'view')) + $limits[$k] = PERMS_PUBLIC; + else + $limits[$k] = PERMS_SPECIFIC; + } + return $limits; + } + + static public function Set($channel_id,$perm,$perm_limit) { + $r = q("select * from perm_limits where channel_id = %d and perm = '%s' limit 1", + intval($channel_id), + dbesc($perm) + ); + if($r) { + if($r[0]['perm_limit'] != $perm_limit) { + $x = q("update perm_limits set perm_limit = %d where id = %d", + dbesc($perm_limit), + intval($r[0]['id']) + ); + } + } + else { + $r = q("insert into perm_limits ( perm, channel_id, perm_limit ) + values ( '%s', %d, %d ) ", + dbesc($perm), + intval($channel_id), + intval($perm_limit) + ); + } + } + + static public function Get($channel_id,$perm = '') { + if($perm) { + $r = q("select * from perm_limits where channel_id = %d and perm = '%s' limit 1", + intval($channel_id), + dbesc($perm) + ); + if($r) + return $r[0]; + return false; + } + else { + return q("select * from perm_limits where channel_id = %d", + intval($channel_id) + ); + } + } + +}
\ No newline at end of file diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php new file mode 100644 index 000000000..d195b0bb9 --- /dev/null +++ b/Zotlabs/Access/PermissionRoles.php @@ -0,0 +1,209 @@ +<?php + + +namespace Zotlabs\Access; + +use Zotlabs\Lib as Zlib; + +class PermissionRoles { + + static public function roles() { + $roles = [ + t('Social Networking') => [ + 'social' => t('Social - Mostly Public'), + 'social_restricted' => t('Social - Restricted'), + 'social_private' => t('Social - Private') + ], + + t('Community Forum') => [ + 'forum' => t('Forum - Mostly Public'), + 'forum_restricted' => t('Forum - Restricted'), + 'forum_private' => t('Forum - Private') + ], + + t('Feed Republish') => [ + 'feed' => t('Feed - Mostly Public'), + 'feed_restricted' => t('Feed - Restricted') + ], + + t('Special Purpose') => [ + 'soapbox' => t('Special - Celebrity/Soapbox'), + 'repository' => t('Special - Group Repository') + ], + + t('Other') => [ + 'custom' => t('Custom/Expert Mode') + ] + + ]; + + return $roles; + } + + static function role_perms($role) { + + $ret = array(); + + $ret['role'] = $role; + + switch($role) { + case 'social': + $ret['perms_auto'] = false; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = true; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'chat', 'post_like', 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + break; + + case 'social_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = true; + $ret['online'] = true; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'chat', 'post_like' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'social_private': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' ]; + $ret['limits'] = PermissionLimits::Std_Limits(); + $ret['limits']['view_contacts'] = PERMS_SPECIFIC; + $ret['limits']['view_storage'] = PERMS_SPECIFIC; + + break; + + case 'forum': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'republish', 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + break; + + case 'forum_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'forum_private': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + $ret['limits']['view_profile'] = PERMS_SPECIFIC; + $ret['limits']['view_contacts'] = PERMS_SPECIFIC; + $ret['limits']['view_storage'] = PERMS_SPECIFIC; + $ret['limits']['view_pages'] = PERMS_SPECIFIC; + + break; + + case 'feed': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'feed_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'soapbox': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_like' , 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'repository': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'republish', 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + break; + + default: + break; + } + + $x = get_config('system','role_perms'); + // let system settings over-ride any or all + if($x && is_array($x) && array_key_exists($role,$x)) + $ret = array_merge($ret,$x[$role]); + + call_hooks('get_role_perms',$ret); + + return $ret; + } + +}
\ No newline at end of file diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php new file mode 100644 index 000000000..520957638 --- /dev/null +++ b/Zotlabs/Access/Permissions.php @@ -0,0 +1,67 @@ +<?php + + +namespace Zotlabs\Access; + +use Zotlabs\Lib as Zlib; + +class Permissions { + + static public function Perms($filter = '') { + + $perms = [ + [ 'view_stream' => t('Can view my normal stream and posts') ], + [ 'send_stream' => t('Can send me their channel stream and posts') ], + [ 'view_profile' => t('Can view my default channel profile') ], + [ 'view_contacts' => t('Can view my connections') ], + [ 'view_storage' => t('Can view my file storage and photos') ], + [ 'write_storage' => t('Can upload/modify my file storage and photos') ], + [ 'view_pages' => t('Can view my channel webpages') ], + [ 'write_pages' => t('Can create/edit my channel webpages') ], + [ 'post_wall' => t('Can post on my channel (wall) page') ], + [ 'post_comments' => t('Can comment on or like my posts') ], + [ 'post_mail' => t('Can send me private mail messages') ], + [ 'post_like' => t('Can like/dislike profiles and profile things') ], + [ 'tag_deliver' => t('Can forward to all my channel connections via @+ mentions in posts') ], + [ 'chat' => t('Can chat with me (when available)') ], + [ 'republish' => t('Can source my public posts in derived channels') ], + [ 'delegate' => t('Can administer my channel') ] + ]; + + $x = array('permissions' => $perms, 'filter' => $filter); + call_hooks('permissions_list',$x); + return($x['permissions']); + + } + + static public function BlockedAnonPerms() { + + // Perms from the above list that are blocked from anonymous observers. + // e.g. you must be authenticated. + + $perms = [ 'send_stream', 'write_pages', 'post_wall', 'write_storage', 'post_comments', 'post_mail', 'post_like', 'tag_deliver', 'chat', 'republish', 'delegate' ]; + + $x = array('permissions' => $perms); + call_hooks('write_perms',$x); + return($x['permissions']); + + } + + + static public function OwnerLimitSet($channel_id,$permission,$limit) { + return Zlib\PConfig::Set($channel_id,'perms',$permission,$limit); + } + + static public function OwnerLimitGet($channel_id,$permission) { + return Zlib\PConfig::Get($channel_id,'perms',$permission); + } + + static public function Set($channel_id,$xchan_hash,$permission,$value) { + return Zlib\AbConfig::Set($channel_id,$xchan_hash,'perms',$permission,$value); + } + + static public function Get($channel_id,$xchan_hash,$permission) { + return Zlib\AbConfig::Get($channel_id,$xchan_hash,'perms',$permission); + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 7db4950b1..a5c5175dc 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -131,6 +131,8 @@ class Connedit extends \Zotlabs\Web\Controller { foreach($_POST as $k => $v) { if(strpos($k,'perms_') === 0) { + $perm = substr($k,6); + set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,(($v) ? 1 : 0)); $abook_my_perms += $v; } } @@ -195,8 +197,11 @@ class Connedit extends \Zotlabs\Web\Controller { $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { $x = get_role_perms($role); - if($x['perms_accept']) - $abook_my_perms = $x['perms_accept']; + if($x['perms_connect']) { + foreach($x['perms_connect'] as $p) { + set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'my_perms',$p,1); + } + } } } @@ -372,8 +377,8 @@ class Connedit extends \Zotlabs\Web\Controller { $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { $x = get_role_perms($role); - if($x['perms_accept']) - $my_perms = $x['perms_accept']; + if($x['perms_connect']) + $my_perms = $x['perms_connect']; } $yes_no = array(t('No'),t('Yes')); @@ -654,7 +659,8 @@ class Connedit extends \Zotlabs\Web\Controller { $perms = array(); $channel = \App::get_channel(); - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); + $existing = get_all_perms(local_channel(),$contact['abook_xchan']); $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes'))); @@ -671,8 +677,10 @@ class Connedit extends \Zotlabs\Web\Controller { $affinity = t('Set Affinity & Profile'); foreach($global_perms as $k => $v) { - $thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : ''); - $checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : ''); + $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); +//fixme + + $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index 875004fae..85da261fc 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -30,7 +30,7 @@ class Settings extends \Zotlabs\Web\Controller { } - function post() { + function post() { if(! local_channel()) return; @@ -40,7 +40,7 @@ class Settings extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - logger('mod_settings: ' . print_r($_REQUEST,true)); + // logger('mod_settings: ' . print_r($_REQUEST,true)); if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ @@ -311,10 +311,10 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); foreach($global_perms as $k => $v) { - $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' '; + \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k])); } $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_POST); @@ -370,10 +370,10 @@ class Settings extends \Zotlabs\Web\Controller { ); } - $r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1", - intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0), - intval(local_channel()) - ); + foreach($global_perms as $k => $v) { + set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k,((array_key_exists($k,$role_permissions['perms_connect'])) ? 1 : 0)); + } + set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0)); foreach($role_permissions as $p => $v) { @@ -864,11 +864,7 @@ class Settings extends \Zotlabs\Web\Controller { return $o; } - - - - - + if(argv(1) === 'channel') { require_once('include/acl_selectors.php'); @@ -885,9 +881,8 @@ class Settings extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); - - $global_perms = get_perms(); - + $global_perms = \Zotlabs\Access\Permissions::Perms(); + $permiss = array(); $perm_opts = array( @@ -905,15 +900,13 @@ class Settings extends \Zotlabs\Web\Controller { foreach($global_perms as $k => $perm) { $options = array(); foreach($perm_opts as $opt) { - if((! $perm[2]) && $opt[1] == PERMS_PUBLIC) - continue; $options[$opt[1]] = $opt[0]; } - $permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options); + $permiss[] = array($k,$perm,$channel[$perm[0]],$perm[4],$options); } - // logger('permiss: ' . print_r($permiss,true)); + // logger('permiss: ' . print_r($permiss,true)); diff --git a/include/permissions.php b/include/permissions.php index 19242d29f..dff7d65ff 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -67,7 +67,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { if($api) return get_all_api_perms($uid,$api); - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); // Save lots of individual lookups @@ -85,7 +85,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // First find out what the channel owner declared permissions to be. - $channel_perm = $permission[0]; + $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name); if(! $channel_checked) { $r = q("select * from channel where channel_id = %d limit 1", @@ -105,7 +105,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // These take priority over all other settings. if($observer_xchan) { - if($r[0][$channel_perm] & PERMS_AUTHED) { + if($channel_perm & PERMS_AUTHED) { $ret[$perm_name] = true; continue; } @@ -122,7 +122,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { dbesc($observer_xchan) ); } - + $abperms = load_abconfig($uid,$observer_xchan); $abook_checked = true; } @@ -136,7 +136,10 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // Check if this is a write permission and they are being ignored // This flag is only visible internally. - if(($x) && ($internal_use) && (! $global_perms[$perm_name][2]) && intval($x[0]['abook_ignored'])) { + $blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms(); + + + if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) { $ret[$perm_name] = false; continue; } @@ -154,7 +157,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // if you've moved elsewhere, you will only have read only access if(($observer_xchan) && ($r[0]['channel_hash'] === $observer_xchan)) { - if($r[0]['channel_moved'] && (! $permission[2])) + if($r[0]['channel_moved'] && (in_array($perm_name,$blocked_anon_perms))) $ret[$perm_name] = false; else $ret[$perm_name] = true; @@ -163,7 +166,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // Anybody at all (that wasn't blocked or ignored). They have permission. - if($r[0][$channel_perm] & PERMS_PUBLIC) { + if($channel_perm & PERMS_PUBLIC) { $ret[$perm_name] = true; continue; } @@ -178,7 +181,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // If we're still here, we have an observer, check the network. - if($r[0][$channel_perm] & PERMS_NETWORK) { + if($channel_perm & PERMS_NETWORK) { if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) { $ret[$perm_name] = true; continue; @@ -187,7 +190,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // If PERMS_SITE is specified, find out if they've got an account on this hub - if($r[0][$channel_perm] & PERMS_SITE) { + if($channel_perm & PERMS_SITE) { if(! $onsite_checked) { $c = q("select channel_hash from channel where channel_hash = '%s' limit 1", dbesc($observer_xchan) @@ -214,7 +217,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // They are in your address book, but haven't been approved - if($r[0][$channel_perm] & PERMS_PENDING) { + if($channel_perm & PERMS_PENDING) { $ret[$perm_name] = true; continue; } @@ -226,15 +229,15 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // They're a contact, so they have permission - if($r[0][$channel_perm] & PERMS_CONTACTS) { + if($channel_perm & PERMS_CONTACTS) { $ret[$perm_name] = true; continue; } // Permission granted to certain channels. Let's see if the observer is one of them - if($r[0][$channel_perm] & PERMS_SPECIFIC) { - if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) { + if($channel_perm & PERMS_SPECIFIC) { + if(array_key_exists('my_perms',$abperms) && array_key_exists($perm_name,$abperms['my_perms']) && $abperms['my_perms'][$perm_name]) { $ret[$perm_name] = true; continue; } @@ -284,21 +287,20 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { if($arr['result']) return true; - $global_perms = get_perms(); + $global_perms = \Zotlabs\Access\Permissions::Perms(); // First find out what the channel owner declared permissions to be. - $channel_perm = $global_perms[$permission][0]; + $channel_perm = \Zotlabs\Access\PermissionLimits($uid,$permission); - $r = q("select %s, channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1", - dbesc($channel_perm), + $r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1", intval($uid) ); if(! $r) return false; if($observer_xchan) { - if($r[0][$channel_perm] & PERMS_AUTHED) + if($channel_perm & PERMS_AUTHED) return true; $x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash @@ -321,7 +323,10 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { dbesc($observer_xchan) ); } + $abperms = load_abconfig($uid,$observer_xchan); } + + $blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms(); // system is blocked to anybody who is not authenticated @@ -333,13 +338,13 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { // in which case you will have read_only access if($r[0]['channel_hash'] === $observer_xchan) { - if($r[0]['channel_moved'] && (! $global_perms[$permission][2])) + if($r[0]['channel_moved'] && (in_array($permission,$blocked_anon_perms))) return false; else return true; } - if($r[0][$channel_perm] & PERMS_PUBLIC) + if($channel_perm & PERMS_PUBLIC) return true; // If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set @@ -350,14 +355,14 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { // If we're still here, we have an observer, check the network. - if($r[0][$channel_perm] & PERMS_NETWORK) { + if($channel_perm & PERMS_NETWORK) { if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) return true; } // If PERMS_SITE is specified, find out if they've got an account on this hub - if($r[0][$channel_perm] & PERMS_SITE) { + if($channel_perm & PERMS_SITE) { $c = q("select channel_hash from channel where channel_hash = '%s' limit 1", dbesc($observer_xchan) ); @@ -376,7 +381,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { // They are in your address book, but haven't been approved - if($r[0][$channel_perm] & PERMS_PENDING) { + if($channel_perm & PERMS_PENDING) { return true; } @@ -386,15 +391,16 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { // They're a contact, so they have permission - if($r[0][$channel_perm] & PERMS_CONTACTS) { + if($channel_perm & PERMS_CONTACTS) { return true; } // Permission granted to certain channels. Let's see if the observer is one of them - if(($r) && $r[0][$channel_perm] & PERMS_SPECIFIC) { - if($x[0]['abook_my_perms'] & $global_perms[$permission][1]) + if(($r) && ($channel_perm & PERMS_SPECIFIC)) { + if(array_key_exists('my_perms',$abperms) && array_key_exists($permission,$abperms['my_perms']) && $abperms['my_perms'][$permission]) { return true; + } } // No permissions allowed. @@ -560,28 +566,28 @@ function get_role_perms($role) { $ret['default_collection'] = false; $ret['directory_publish'] = true; $ret['online'] = true; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_NETWORK; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'chat', 'post_like', 'republish' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -590,28 +596,29 @@ function get_role_perms($role) { $ret['default_collection'] = true; $ret['directory_publish'] = true; $ret['online'] = true; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_SPECIFIC; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'chat', 'post_like' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; + break; @@ -620,28 +627,28 @@ function get_role_perms($role) { $ret['default_collection'] = true; $ret['directory_publish'] = false; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_SPECIFIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_SPECIFIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_SPECIFIC; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_SPECIFIC, + 'view_storage' => PERMS_SPECIFIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -650,28 +657,28 @@ function get_role_perms($role) { $ret['default_collection'] = false; $ret['directory_publish'] = true; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_NETWORK; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'republish', 'chat' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -680,28 +687,28 @@ function get_role_perms($role) { $ret['default_collection'] = true; $ret['directory_publish'] = true; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_SPECIFIC; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'chat' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -710,28 +717,29 @@ function get_role_perms($role) { $ret['default_collection'] = true; $ret['directory_publish'] = false; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILEPERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_SPECIFIC; - $ret['channel_r_abook'] = PERMS_SPECIFIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_SPECIFIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_SPECIFIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_SPECIFIC; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'chat' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_SPECIFIC, + 'view_contacts' => PERMS_SPECIFIC, + 'view_storage' => PERMS_SPECIFIC, + 'view_pages' => PERMS_SPECIFIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -740,28 +748,29 @@ function get_role_perms($role) { $ret['default_collection'] = false; $ret['directory_publish'] = true; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_NETWORK; - $ret['channel_w_like'] = PERMS_NETWORK; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'republish' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -770,28 +779,28 @@ function get_role_perms($role) { $ret['default_collection'] = true; $ret['directory_publish'] = false; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_NETWORK; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'republish' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -800,26 +809,29 @@ function get_role_perms($role) { $ret['default_collection'] = false; $ret['directory_publish'] = true; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_NETWORK; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_like' , 'republish' ]; + + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; break; @@ -828,28 +840,30 @@ function get_role_perms($role) { $ret['default_collection'] = false; $ret['directory_publish'] = true; $ret['online'] = false; - $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; - $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; - $ret['channel_r_stream'] = PERMS_PUBLIC; - $ret['channel_r_profile'] = PERMS_PUBLIC; - $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_SPECIFIC; - $ret['channel_w_wall'] = PERMS_SPECIFIC; - $ret['channel_w_tagwall'] = PERMS_SPECIFIC; - $ret['channel_w_comment'] = PERMS_SPECIFIC; - $ret['channel_w_mail'] = PERMS_SPECIFIC; - $ret['channel_w_chat'] = PERMS_SPECIFIC; - $ret['channel_a_delegate'] = PERMS_SPECIFIC; - $ret['channel_r_storage'] = PERMS_PUBLIC; - $ret['channel_w_storage'] = PERMS_SPECIFIC; - $ret['channel_r_pages'] = PERMS_PUBLIC; - $ret['channel_w_pages'] = PERMS_SPECIFIC; - $ret['channel_a_republish'] = PERMS_SPECIFIC; - $ret['channel_w_like'] = PERMS_NETWORK; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'republish', 'chat' ]; + $ret['limits'] = [ + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_like' => PERMS_SPECIFIC, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => PERMS_SPECIFIC, + 'write_pages' => PERMS_SPECIFIC, + 'republish' => PERMS_SPECIFIC, + 'delegate' => PERMS_SPECIFIC + ]; + break; diff --git a/install/perm_upgrade.php b/install/perm_upgrade.php new file mode 100644 index 000000000..b5412b942 --- /dev/null +++ b/install/perm_upgrade.php @@ -0,0 +1,63 @@ +<?php + +function perm_limits_upgrade($channel) { + perm_limits_upgrade_create($channel['channel_id'],'view_stream',$channel['channel_r_stream']); + perm_limits_upgrade_create($channel['channel_id'],'view_profile',$channel['channel_r_profile']); + perm_limits_upgrade_create($channel['channel_id'],'view_contacts',$channel['channel_r_abook']); + perm_limits_upgrade_create($channel['channel_id'],'view_storage',$channel['channel_r_storage']); + perm_limits_upgrade_create($channel['channel_id'],'view_pages',$channel['channel_r_pages']); + perm_limits_upgrade_create($channel['channel_id'],'send_stream',$channel['channel_w_stream']); + perm_limits_upgrade_create($channel['channel_id'],'post_wall',$channel['channel_w_wall']); + perm_limits_upgrade_create($channel['channel_id'],'post_comments',$channel['channel_w_comment']); + perm_limits_upgrade_create($channel['channel_id'],'post_mail',$channel['channel_w_mail']); + perm_limits_upgrade_create($channel['channel_id'],'post_like',$channel['channel_w_like']); + perm_limits_upgrade_create($channel['channel_id'],'tag_deliver',$channel['channel_w_tagwall']); + perm_limits_upgrade_create($channel['channel_id'],'chat',$channel['channel_w_chat']); + perm_limits_upgrade_create($channel['channel_id'],'write_storage',$channel['channel_w_storage']); + perm_limits_upgrade_create($channel['channel_id'],'write_pages',$channel['channel_w_pages']); + perm_limits_upgrade_create($channel['channel_id'],'republish',$channel['channel_a_republish']); + perm_limits_upgrade_create($channel['channel_id'],'delegate',$channel['channel_a_delegate']); +} + + + + +function perm_abook_upgrade($abook) { + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','view_stream',intval(($abook['abook_their_perms'] & PERMS_R_STREAM)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','view_profile',intval(($abook['abook_their_perms'] & PERMS_R_PROFILE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','view_contacts',intval(($abook['abook_their_perms'] & PERMS_R_ABOOK)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','view_storage',intval(($abook['abook_their_perms'] & PERMS_R_STORAGE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','view_pages',intval(($abook['abook_their_perms'] & PERMS_R_PAGES)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','send_stream',intval(($abook['abook_their_perms'] & PERMS_W_STREAM)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','post_wall',intval(($abook['abook_their_perms'] & PERMS_W_WALL)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','post_comments',intval(($abook['abook_their_perms'] & PERMS_W_COMMENT)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','post_mail',intval(($abook['abook_their_perms'] & PERMS_W_MAIL)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','post_like',intval(($abook['abook_their_perms'] & PERMS_W_LIKE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','tag_deliver',intval(($abook['abook_their_perms'] & PERMS_W_TAGWALL)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','chat',intval(($abook['abook_their_perms'] & PERMS_W_CHAT)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','write_storage',intval(($abook['abook_their_perms'] & PERMS_W_STORAGE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','write_pages',intval(($abook['abook_their_perms'] & PERMS_W_PAGES)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','republish',intval(($abook['abook_their_perms'] & PERMS_A_REPUBLISH)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'their_perms','delegate',intval(($abook['abook_their_perms'] & PERMS_A_DELEGATE)? 1 : 0)); + + + + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','view_stream',intval(($abook['abook_my_perms'] & PERMS_R_STREAM)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','view_profile',intval(($abook['abook_my_perms'] & PERMS_R_PROFILE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','view_contacts',intval(($abook['abook_my_perms'] & PERMS_R_ABOOK)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','view_storage',intval(($abook['abook_my_perms'] & PERMS_R_STORAGE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','view_pages',intval(($abook['abook_my_perms'] & PERMS_R_PAGES)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','send_stream',intval(($abook['abook_my_perms'] & PERMS_W_STREAM)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','post_wall',intval(($abook['abook_my_perms'] & PERMS_W_WALL)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','post_comments',intval(($abook['abook_my_perms'] & PERMS_W_COMMENT)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','post_mail',intval(($abook['abook_my_perms'] & PERMS_W_MAIL)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','post_like',intval(($abook['abook_my_perms'] & PERMS_W_LIKE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','tag_deliver',intval(($abook['abook_my_perms'] & PERMS_W_TAGWALL)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','chat',intval(($abook['abook_my_perms'] & PERMS_W_CHAT)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','write_storage',intval(($abook['abook_my_perms'] & PERMS_W_STORAGE)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','write_pages',intval(($abook['abook_my_perms'] & PERMS_W_PAGES)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','republish',intval(($abook['abook_my_perms'] & PERMS_A_REPUBLISH)? 1 : 0)); + set_abconfig($abook['abook_channel'],$abook['abook_hash'],'my_perms','delegate',intval(($abook['abook_my_perms'] & PERMS_A_DELEGATE)? 1 : 0)); + + +}
\ No newline at end of file diff --git a/install/schema_mysql.sql b/install/schema_mysql.sql index d2a5ac85e..223f94162 100644 --- a/install/schema_mysql.sql +++ b/install/schema_mysql.sql @@ -903,6 +903,19 @@ CREATE TABLE IF NOT EXISTS `pconfig` ( UNIQUE KEY `access` (`uid`,`cat`,`k`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; + +create table if not exists perm_limits { + id int(10) not null AUTO_INCREMENT, + perm varchar(64) not null default '', + channel_id int(10) unsigned not null default 0, + perm_limit int(10) unsigned not null default 0, + PRIMARY KEY (`id`), + KEY `perm` (`perm`), + KEY `channel_id` (`channel_id`), + KEY `perm_limit` (`perm_limit`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8; + + CREATE TABLE IF NOT EXISTS `photo` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `aid` int(10) unsigned NOT NULL DEFAULT '0', diff --git a/install/schema_postgres.sql b/install/schema_postgres.sql index 378308233..36018de3e 100644 --- a/install/schema_postgres.sql +++ b/install/schema_postgres.sql @@ -888,6 +888,17 @@ CREATE TABLE "pconfig" ( PRIMARY KEY ("id"), UNIQUE ("uid","cat","k") ); +create table perm_limits ( + id serial NOT NULL, + perm varchar(64) not null default '', + channel_id int(10) unsigned not null default 0, + perm_limit int(10) unsigned not null default 0, + primary key id +); +create index "idx_perm" on perm_limits ("perm"); +create index "idx_channel_id" on perm_limits ("channel_id"); +create index "idx_perm_limit" on perm_limits ("perm_limit"); + CREATE TABLE "photo" ( "id" serial NOT NULL, "aid" bigint NOT NULL DEFAULT '0', diff --git a/install/update.php b/install/update.php index 3cb5010eb..c87971913 100644 --- a/install/update.php +++ b/install/update.php @@ -2360,4 +2360,60 @@ function update_r1178() { if($r1) return UPDATE_SUCCESS; return UPDATE_FAILED; +} + +function update_r1179() { + + require_once('install/perm_upgrade.php'); + + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + $r1 = q("create table perm_limits ( + id serial NOT NULL, + perm varchar(64) not null default '', + channel_id int(10) unsigned not null default 0, + perm_limit int(10) unsigned not null default 0 + primary_key id )"); + $r2 = q("create index \"idx_perm\" on perm_limits (\"perm\") "); + $r3 = q("create index \"idx_channel_id\" on perm_limits (\"channel_id\") "); + $r4 = q("create index \"idx_perm_limit\" on perm_limits (\"perm_limit\") "); + + + $r = $r1 && $r2 && $r3 && $r4; + } + + else { + $r1 = q("create table if not exists perm_limits { + id int(10) not null AUTO_INCREMENT, + perm varchar(64) not null default '', + channel_id int(10) unsigned not null default 0, + perm_limit int(10) unsigned not null default 0, + PRIMARY KEY (`id`), + KEY `perm` (`perm`), + KEY `channel_id` (`channel_id`), + KEY `perm_limit` (`perm_limit`) + ) ENGINE=MyISAM DEFAULT CHARSET=utf8 "); + + $r = $r1; + } + + $r1 = q("select * from channel where true"); + if($r1) { + foreach($r1 as $rr) { + perm_limits_upgrade($rr); + } + } + + $r2 = q("select * from abook where true"); + if($r2) { + foreach($r2 as $rr) { + perm_abook_upgrade($rr); + } + } + + $r = $r && $r1 && $r2; + if($r) + return UPDATE_SUCCESS; + return UPDATE_FAILED; + + }
\ No newline at end of file |