aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Lib/Libzot.php40
-rwxr-xr-xboot.php2
2 files changed, 29 insertions, 13 deletions
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index 27502009c..189526c7b 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -1487,8 +1487,31 @@ class Libzot {
$allowed = can_comment_on_post($sender,$parent[0]);
}
}
- if($request) {
- $allowed = true;
+
+ if ($request) {
+
+ // Conversation fetches (e.g. $request == true) take place for
+ // a) new comments on expired posts
+ // b) hyperdrive (friend-of-friend) conversations
+ // c) Repeats of posts by others
+
+
+ // over-ride normal connection permissions for hyperdrive (friend-of-friend) conversations
+ // (if hyperdrive is enabled) and repeated posts by a friend.
+ // If $allowed is already true, this is probably the conversation of a direct friend or a
+ // conversation fetch for a new comment on an expired post
+ // Comments of all these activities are allowed and will only be rejected (later) if the parent
+ // doesn't exist.
+
+ if ($perm === 'send_stream') {
+ if (get_pconfig($channel['channel_id'],'system','hyperdrive',false) || $arr['verb'] === 'Announce') {
+ $allowed = true;
+ }
+ }
+ else {
+ $allowed = true;
+ }
+
$friendofriend = true;
}
@@ -1500,7 +1523,7 @@ class Libzot {
}
}
- logger('item: ' . print_r($arr,true), LOGGER_DATA);
+ // logger('item: ' . print_r($arr,true), LOGGER_DATA);
if($arr['mid'] !== $arr['parent_mid']) {
@@ -1526,19 +1549,11 @@ class Libzot {
// have the copy and we don't want the request to loop.
// Also don't do this if this comment came from a conversation request packet.
// It's possible that comments are allowed but posting isn't and that could
- // cause a conversation fetch loop. We can detect these packets since they are
- // delivered via a 'notify' packet type that has a message_id element in the
- // initial zot packet (just like the corresponding 'request' packet type which
- // makes the request).
+ // cause a conversation fetch loop.
// We'll also check the send_stream permission - because if it isn't allowed,
// the top level post is unlikely to be imported and
// this is just an exercise in futility.
-
- if((! get_pconfig($channel['channel_id'],'system','hyperdrive',false)) || (! $arr['verb'] === 'Announce')) {
- continue;
- }
-
if((! $relay) && (! $request) && (! $local_public)
&& perm_is_allowed($channel['channel_id'],$sender,'send_stream')) {
self::fetch_conversation($channel,$arr['parent_mid']);
@@ -1814,6 +1829,7 @@ class Libzot {
$arr['owner_xchan'] = $a['signature']['signer'];
}
+
/// @FIXME - spoofable
if($AS->data['hubloc']) {
$arr['item_verified'] = true;
diff --git a/boot.php b/boot.php
index 14458cd4f..3843aea55 100755
--- a/boot.php
+++ b/boot.php
@@ -468,7 +468,7 @@ define ( 'NAMESPACE_YMEDIA', 'http://search.yahoo.com/mrss/' );
define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams' );
-define ( 'ZOT_APSCHEMA_REV', '/apschema/v1.2' );
+define ( 'ZOT_APSCHEMA_REV', '/apschema/v1.3' );
/**
* activity stream defines
*/