diff options
-rw-r--r-- | Zotlabs/Module/Channel.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Editwebpage.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Events.php | 7 | ||||
-rw-r--r-- | Zotlabs/Module/Filestorage.php | 4 | ||||
-rw-r--r-- | Zotlabs/Module/Network.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Photos.php | 5 | ||||
-rw-r--r-- | Zotlabs/Module/Rpost.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Settings.php | 4 | ||||
-rw-r--r-- | Zotlabs/Module/Webpages.php | 3 | ||||
-rwxr-xr-x | boot.php | 17 | ||||
-rw-r--r-- | include/PermissionDescription.php | 167 | ||||
-rw-r--r-- | include/acl_selectors.php | 27 | ||||
-rw-r--r-- | view/theme/redbasic/css/style.css | 7 | ||||
-rwxr-xr-x | view/tpl/acl_selector.tpl | 8 |
14 files changed, 236 insertions, 25 deletions
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 47c5f31fb..f55705442 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -9,6 +9,7 @@ require_once('include/security.php'); require_once('include/conversation.php'); require_once('include/acl_selectors.php'); require_once('include/permissions.php'); +require_once('include/PermissionDescription.php'); class Channel extends \Zotlabs\Web\Controller { @@ -132,7 +133,7 @@ function get($update = 0, $load = false) { 'default_location' => (($is_owner) ? \App::$profile['channel_location'] : ''), 'nickname' => \App::$profile['channel_address'], 'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'), - 'acl' => (($is_owner) ? populate_acl($channel_acl,true,((\App::$profile['channel_r_stream'] & PERMS_PUBLIC) ? t('Public') : ''), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), + 'acl' => (($is_owner) ? populate_acl($channel_acl,true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''), 'showacl' => (($is_owner) ? 'yes' : ''), 'bang' => '', 'visitor' => (($is_owner || $observer) ? true : false), diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php index d3b031db2..5bd75df4a 100644 --- a/Zotlabs/Module/Editwebpage.php +++ b/Zotlabs/Module/Editwebpage.php @@ -3,6 +3,7 @@ namespace Zotlabs\Module; require_once('include/identity.php'); require_once('include/acl_selectors.php'); +require_once('include/PermissionDescription.php'); class Editwebpage extends \Zotlabs\Web\Controller { @@ -195,7 +196,7 @@ class Editwebpage extends \Zotlabs\Web\Controller { '$baseurl' => z_root(), '$defloc' => $itm[0]['location'], '$visitor' => ($is_owner) ? true : false, - '$acl' => populate_acl($itm[0],false), + '$acl' => populate_acl($itm[0],false,\PermissionDescription::fromGlobalPermission('view_pages')), '$showacl' => ($is_owner) ? true : false, '$public' => t('Public post'), '$jotnets' => $jotnets, diff --git a/Zotlabs/Module/Events.php b/Zotlabs/Module/Events.php index a14e320b2..9519ca11b 100644 --- a/Zotlabs/Module/Events.php +++ b/Zotlabs/Module/Events.php @@ -6,6 +6,7 @@ require_once('include/bbcode.php'); require_once('include/datetime.php'); require_once('include/event.php'); require_once('include/items.php'); +require_once('include/PermissionDescription.php'); class Events extends \Zotlabs\Web\Controller { @@ -237,7 +238,7 @@ class Events extends \Zotlabs\Web\Controller { - function get() { + function get() { if(argc() > 2 && argv(1) == 'ical') { $event_id = argv(2); @@ -468,7 +469,9 @@ class Events extends \Zotlabs\Web\Controller { '$share' => array('share', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))), '$preview' => t('Preview'), '$permissions' => t('Permission settings'), - '$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults),false)), + // populating the acl dialog was a permission description from view_stream because Cal.php, which + // displays events, says "since we don't currently have an event permission - use the stream permission" + '$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \PermissionDescription::fromGlobalPermission('view_stream'))), '$submit' => t('Submit'), '$advanced' => t('Advanced Options') diff --git a/Zotlabs/Module/Filestorage.php b/Zotlabs/Module/Filestorage.php index 934a1e6a4..2861f31be 100644 --- a/Zotlabs/Module/Filestorage.php +++ b/Zotlabs/Module/Filestorage.php @@ -6,6 +6,8 @@ namespace Zotlabs\Module; */ require_once('include/attach.php'); +require_once('include/PermissionDescription.php'); + /** * @@ -132,7 +134,7 @@ class Filestorage extends \Zotlabs\Web\Controller { $cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : ''); $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); - $aclselect_e = populate_acl($f, false); + $aclselect_e = populate_acl($f, false, \PermissionDescription::fromGlobalPermission('view_storage')); $is_a_dir = (intval($f['is_dir']) ? true : false); $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 2badd7280..fdfa99c12 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -6,6 +6,7 @@ require_once('include/group.php'); require_once('include/contact_widgets.php'); require_once('include/conversation.php'); require_once('include/acl_selectors.php'); +require_once('include/PermissionDescription.php'); @@ -170,7 +171,7 @@ class Network extends \Zotlabs\Web\Controller { 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, (($channel['channel_r_stream'] & PERMS_PUBLIC) ? t('Public') : ''), get_post_aclDialogDescription(), 'acl_dialog_post'), + 'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'bang' => (($private_editing) ? '!' : ''), 'visitor' => true, 'profile_uid' => local_channel(), diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 2b7f5525f..1659350a5 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -9,6 +9,7 @@ require_once('include/security.php'); require_once('include/Contact.php'); require_once('include/attach.php'); require_once('include/text.php'); +require_once('include/PermissionDescription.php'); @@ -632,7 +633,7 @@ class Photos extends \Zotlabs\Web\Controller { $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); } - $aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : ''); + $aclselect = (($_is_owner) ? populate_acl($channel_acl,false, \PermissionDescription::fromGlobalPermission('view_storage')) : ''); // this is wrong but is to work around an issue with js_upload wherein it chokes if these variables // don't exist. They really should be set to a parseable representation of the channel's default permissions @@ -1022,7 +1023,7 @@ class Photos extends \Zotlabs\Web\Controller { if($can_post) { $album_e = $ph[0]['album']; $caption_e = $ph[0]['description']; - $aclselect_e = (($_is_owner) ? populate_acl($ph[0]) : ''); + $aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \PermissionDescription::fromGlobalPermission('view_storage')) : ''); $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); $_SESSION['album_return'] = bin2hex($ph[0]['album']); diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index 41889c35c..1396f2a55 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -7,6 +7,7 @@ require_once('include/items.php'); require_once('include/taxonomy.php'); require_once('include/conversation.php'); require_once('include/zot.php'); +require_once('include/PermissionDescription.php'); /** * remote post @@ -115,7 +116,7 @@ class Rpost extends \Zotlabs\Web\Controller { 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel_acl,true,(($channel['channel_r_stream'] & PERMS_PUBLIC) ? t('Public') : ''), get_post_aclDialogDescription(), 'acl_dialog_post'), + 'acl' => populate_acl($channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'bang' => '', 'visitor' => true, 'profile_uid' => local_channel(), diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index 413648c4d..8674ca5e7 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -2,6 +2,8 @@ namespace Zotlabs\Module; /** @file */ require_once('include/zot.php'); +require_once('include/PermissionDescription.php'); + class Settings extends \Zotlabs\Web\Controller { @@ -1064,7 +1066,7 @@ class Settings extends \Zotlabs\Web\Controller { '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("\x28click to open/close\x29"), - '$aclselect' => populate_acl($perm_defaults,false), + '$aclselect' => populate_acl($perm_defaults, false, \PermissionDescription::fromDescription(t('Use my default audience setting for the type of channel'))), '$suggestme' => $suggestme, '$group_select' => $group_select, '$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', get_roles()), diff --git a/Zotlabs/Module/Webpages.php b/Zotlabs/Module/Webpages.php index 84d58058e..18dd57473 100644 --- a/Zotlabs/Module/Webpages.php +++ b/Zotlabs/Module/Webpages.php @@ -4,6 +4,7 @@ namespace Zotlabs\Module; require_once('include/identity.php'); require_once('include/conversation.php'); require_once('include/acl_selectors.php'); +require_once('include/PermissionDescription.php'); class Webpages extends \Zotlabs\Web\Controller { @@ -111,7 +112,7 @@ class Webpages extends \Zotlabs\Web\Controller { 'nickname' => \App::$profile['channel_address'], 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), 'bang' => '', - 'acl' => (($is_owner) ? populate_acl($channel_acl,false) : ''), + 'acl' => (($is_owner) ? populate_acl($channel_acl,false, \PermissionDescription::fromGlobalPermission('view_pages')) : ''), 'showacl' => (($is_owner) ? true : false), 'visitor' => true, 'profile_uid' => intval($owner), @@ -313,15 +313,14 @@ define ( 'PERMS_A_REPUBLISH', 0x10000); define ( 'PERMS_W_LIKE', 0x20000); // General channel permissions - -define ( 'PERMS_PUBLIC' , 0x0001 ); -define ( 'PERMS_NETWORK' , 0x0002 ); -define ( 'PERMS_SITE' , 0x0004 ); -define ( 'PERMS_CONTACTS' , 0x0008 ); -define ( 'PERMS_SPECIFIC' , 0x0080 ); -define ( 'PERMS_AUTHED' , 0x0100 ); -define ( 'PERMS_PENDING' , 0x0200 ); - + // 0 = Only you +define ( 'PERMS_PUBLIC' , 0x0001 ); // anybody +define ( 'PERMS_NETWORK' , 0x0002 ); // anybody in this network +define ( 'PERMS_SITE' , 0x0004 ); // anybody on this site +define ( 'PERMS_CONTACTS' , 0x0008 ); // any of my connections +define ( 'PERMS_SPECIFIC' , 0x0080 ); // only specific connections +define ( 'PERMS_AUTHED' , 0x0100 ); // anybody authenticated (could include visitors from other networks) +define ( 'PERMS_PENDING' , 0x0200 ); // any connections including those who haven't yet been approved // Address book flags diff --git a/include/PermissionDescription.php b/include/PermissionDescription.php new file mode 100644 index 000000000..d5a3a972c --- /dev/null +++ b/include/PermissionDescription.php @@ -0,0 +1,167 @@ +<?php + +if(class_exists('PermissionDescription')) return; + +require_once("include/permissions.php"); +require_once("include/language.php"); +require_once("include/text.php"); + + +/** + * Encapsulates information the ACL dialog requires to describe + * permission settings for an item with an empty ACL. + * i.e the caption, icon, and tooltip for the no-ACL option in the ACL dialog. + */ +class PermissionDescription { + + private $global_perm; + private $channel_perm; + private $fallback_description; + + /** + * Constructor is private. + * Use static methods fromGlobalPermission(), fromStandalonePermission(), or fromDescription() + * to create instances. + */ + private function __construct($global_perm, $channel_perm, $description = '') { + + $this->global_perm = $global_perm; + $this->channel_perm = $channel_perm; + + $this->fallback_description = ($description == '') ? t('Visible to your default audience') : $description; + } + + /** + * If the interpretation of an empty ACL can't be summarised with a global default permission + * or a specific permission setting then use this method and describe what it means instead. + * + * @param string $description - the caption for the no-ACL option in the ACL dialog. + * @return a new instance of PermissionDescription + */ + public static function fromDescription($description) { + return new PermissionDescription('', 0x80000, $description); + } + + + /** + * Use this method only if the interpretation of an empty ACL doesn't fall back to a global + * default permission. You should pass one of the constants from boot.php - PERMS_PUBLIC, PERMS_NETWORK etc. + * + * @param integer $perm - a single enumerated constant permission - PERMS_PUBLIC, PERMS_NETWORK etc. + * @return a new instance of PermissionDescription + */ + public static function fromStandalonePermission($perm) { + + $result = new PermissionDescription('', $perm); + + $checkPerm = $this->get_permission_description(); + if ($checkPerm == $this->fallback_description) { + $result = null; + logger('null PermissionDescription from unknown standalone permission: ' . $perm ,LOGGER_DEBUG, LOG_ERROR); + } + + return $result; + } + + /** + * This is the preferred way to create a PermissionDescription, as it provides the most details. + * Use this method if you know an empty ACL will result in one of the global default permissions + * being used, such as channel_r_stream (for which you would pass 'view_stream'). + * + * @param string $permname - a key for the global perms array from get_perms() in permissions.php, + * e.g. 'view_stream', 'view_profile', etc. + * @return a new instance of PermissionDescription + */ + public static function fromGlobalPermission($permname) { + + $result = null; + + $global_perms = get_perms(); + + if (array_key_exists($permname, $global_perms)) { + + $permDetails = $global_perms[$permname]; + $channelPerm = \App::$channel[$permDetails[0]]; + $result = new PermissionDescription($permDetails[1], $channelPerm); + } else { + // The acl dialog can handle null arguments, but it shouldn't happen + logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR); + } + return $result; + } + + + /** + * Gets a localized description of the permission, or a generic message if the permission + * is unknown. + * + * @return string description + */ + public function get_permission_description() { + + switch($this->channel_perm) { + + case 0: return t('Only me'); + case PERMS_PUBLIC: return t('Public'); + case PERMS_NETWORK: return t('Anybody in the $Projectname network'); + case PERMS_SITE: return sprintf(t('Any account on %s'), \App::get_hostname()); + case PERMS_CONTACTS: return t('Any of my connections'); + case PERMS_SPECIFIC: + // Because we're describing the permissions of an item with an empty ACL, + // the owner will be the only person able to see it if the permissions are + // set to "only specified connections". + return t('Only me (only specified contacts and me)'); + case PERMS_AUTHED: return t('Anybody authenticated (could include visitors from other networks)'); + case PERMS_PENDING: return t('Any connections including those who haven\'t yet been approved'); + default: return $this->fallback_description; + } + } + + /** + * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public, + * otherwise returns empty string. + * + * @return string icon css class name (often FontAwesome) + */ + public function get_permission_icon() { + + switch($this->channel_perm) { + + case 0:/* only me */ return 'fa-eye-slash'; + case PERMS_PUBLIC: return 'fa-globe'; + case PERMS_NETWORK: return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use + case PERMS_SITE: return 'fa-sitemap'; + case PERMS_CONTACTS: return 'fa-group'; + case PERMS_SPECIFIC: + // Because we're describing the permissions of an item with an empty ACL, + // the owner will be the only person able to see it if the permissions are + // set to "only specified connections". + return 'fa-eye-slash'; + case PERMS_AUTHED: return ''; + case PERMS_PENDING: return ''; + default: return ''; + } + } + + + /** + * Returns a localized description of where the permission came from, if this is known. + * If it's not know, or if the permission is standalone and didn't come from a default + * permission setting, then empty string is returned. + * + * @return string description or empty string + */ + public function get_permission_origin_description() { + + switch($this->global_perm) { + + case PERMS_R_STREAM: return t('This is your default setting for the audience of your normal stream, and posts.'); + case PERMS_R_PROFILE: return t('This is your default setting for who can view your default channel profile'); + case PERMS_R_ABOOK: return t('This is your default setting for who can view your connections'); + case PERMS_R_STORAGE: return t('This is your default setting for who can view your file storage and photos'); + case PERMS_R_PAGES: return t('This is your default setting for the audience of your webpages'); + default: return ''; + } + } + +} diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 4cc01d15b..ce0a32798 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -6,6 +6,9 @@ /** * @package acl_selectors */ + +require_once("include/PermissionDescription.php"); + function group_select($selname,$selclass,$preselected = false,$size = 4) { $a = get_app(); @@ -215,20 +218,34 @@ function fixacl(&$item) { * * @param array $default Optional access control list for the initial state of the dialog. * @param boolean $show_jotnets Whether plugins for federated networks should be included in the permissions dialog -* @param string $showall_caption An optional caption to describe the scope of an unrestricted post. e.g. "Public" +* @param PermissionDescription $emptyACL_description - An optional description for the permission implied by selecting an empty ACL. Preferably an instance of PermissionDescription. * @param string $dialog_description Optional message to include at the top of the dialog. E.g. "Warning: Post permissions cannot be changed once sent". * @param string $context_help Allows the dialog to present a help icon. E.g. "acl_dialog_post" * @param boolean $readonly Not implemented yet. When implemented, the dialog will use acl_readonly.tpl instead, so that permissions may be viewed for posts that can no longer have their permissions changed. * * @return string html modal dialog built from acl_selector.tpl */ -function populate_acl($defaults = null,$show_jotnets = true, $showall_caption = '', $dialog_description = '', $context_help = '', $readonly = false) { +function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_description = '', $dialog_description = '', $context_help = '', $readonly = false) { $allow_cid = $allow_gid = $deny_cid = $deny_gid = false; + $showall_origin = ''; + $showall_icon = 'fa-globe'; - if(! $showall_caption) + + if(! $emptyACL_description) { $showall_caption = t('Visible to your default audience'); + } else if (is_a($emptyACL_description, 'PermissionDescription')) { + $showall_caption = $emptyACL_description->get_permission_description(); + $showall_origin = $emptyACL_description->get_permission_origin_description(); + $showall_icon = $emptyACL_description->get_permission_icon(); + + } else { + // For backwards compatibility we still accept a string... for now! + $showall_caption = $emptyACL_description; + } + + if(is_array($defaults)) { $allow_cid = ((strlen($defaults['allow_cid'])) ? explode('><', $defaults['allow_cid']) : array() ); @@ -252,6 +269,8 @@ function populate_acl($defaults = null,$show_jotnets = true, $showall_caption = $tpl = get_markup_template("acl_selector.tpl"); $o = replace_macros($tpl, array( '$showall' => $showall_caption, + '$showallOrigin' => $showall_origin, + '$showallIcon' => $showall_icon, '$showlimited' => t("Limit access:"), '$showlimitedDesc' => t('Select "Show" to allow viewing. "Don\'t show" lets you override and limit the scope of "Show".'), '$show' => t("Show"), @@ -278,7 +297,7 @@ function populate_acl($defaults = null,$show_jotnets = true, $showall_caption = * populate_acl() call for wall posts or network posts. * * This string is needed in 3 different files, and our .po translation system currently -* cannot be used as a string table (because the value is always the key is english) so +* cannot be used as a string table (because the value is always the key in english) so * I've centralized the value here (making this function name the "key") until we have a * better way. * diff --git a/view/theme/redbasic/css/style.css b/view/theme/redbasic/css/style.css index 547fe9ec3..ebabd68e4 100644 --- a/view/theme/redbasic/css/style.css +++ b/view/theme/redbasic/css/style.css @@ -1046,6 +1046,13 @@ a.rconnect:hover, a.rateme:hover, div.rateme:hover { font-size: 140%; } +#acl-info-icon, +#acl-info-icon:active { + font-size: 110%; + color: $link_colour; + text-decoration: none; +} + #acl-showall-caption { margin-left: 0.35em; } diff --git a/view/tpl/acl_selector.tpl b/view/tpl/acl_selector.tpl index 0df72747a..050417257 100755 --- a/view/tpl/acl_selector.tpl +++ b/view/tpl/acl_selector.tpl @@ -25,8 +25,12 @@ <div id="acl-radiowrapper-showall" class="radio"> <label> <input id="acl-showall" type="radio" name="optionsRadios" value="option1" checked> - <i class="fa fa-globe"></i><span id=acl-showall-caption>{{$showall}}</span> + {{if $showallIcon}}<i class="fa {{$showallIcon}}"></i>{{/if}} + <span id="acl-showall-caption">{{$showall}}</span> </label> + {{if $showallOrigin}} + <a id="acl-info-icon" role="button" tabindex="0" class="fa fa-info-circle" data-trigger="focus" data-toggle="popover" data-placement="top" data-content="{{$showallOrigin}}"></a> + {{/if}} </div> <div id="acl-radiowrapper-showlimited" class="radio"> <label> @@ -61,6 +65,8 @@ </div><!-- /.modal --> <script> + $('[data-toggle="popover"]').popover(); // Init the popover, if present + if(typeof acl=="undefined"){ acl = new ACL( baseurl+"/acl", |