5 files changed, 48 insertions, 33 deletions

diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index f9b1336a8..260952b4e 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -205,20 +205,26 @@ class Connedit extends \Zotlabs\Web\Controller {
 			if($role) {
 				$x = get_role_perms($role);
 				if($x['perms_connect']) {
-					foreach($x['perms_connect'] as $p) {
-						set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'my_perms',$p,1);
-					}
+					$abook_my_perms = $x['perms_connect'];
+				}
+			}
+
+			if($all_perms) {
+				foreach($all_perms as $perm => $desc) {
+					if(array_key_exists($perm, $abook_my_perms))
+						set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,1);
+					else
+						set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0);
 				}
 			}
 		}
-	
+
 		$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
 	
-		$r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d,
+		$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
 			abook_incl = '%s', abook_excl = '%s'
 			where abook_id = %d AND abook_channel = %d",
 			dbesc($profile_id),
-			intval($abook_my_perms),
 			intval($closeness),
 			intval($abook_pending),
 			dbesc($abook_incl),
@@ -239,7 +245,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 			info( t('Connection updated.') . EOL);
 		else
 			notice( t('Failed to update connection record.') . EOL);
-	
+//@fixme perms	
 		if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms
 			&& (! intval(\App::$poi['abook_self']))) {
 			\Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id));
diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php
index 5de89ef41..da9ab3670 100644
--- a/Zotlabs/Module/Follow.php
+++ b/Zotlabs/Module/Follow.php
@@ -47,7 +47,7 @@ class Follow extends \Zotlabs\Web\Controller {
 		if($abconfig)
 			$clone['abconfig'] = $abconfig;
 	
-		build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
+		build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true);
 	
 		$can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream'));
 	
diff --git a/include/channel.php b/include/channel.php
index 95506ed78..28eac9d4c 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -1604,13 +1604,13 @@ function notifications_on($channel_id,$value) {
 
 function get_channel_default_perms($uid) {
 
-	$r = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1",
+	$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1",
 		intval($uid)
 	);
 	if($r)
-		return $r[0]['abook_my_perms'];
+		return load_abconfig($uid,$r[0]['abook_xchan'],'my_perms');
 
-	return 0;
+	return array();
 }
 
 
diff --git a/include/follow.php b/include/follow.php
index e5a74f85e..acd734896 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -67,11 +67,10 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 	$role = get_pconfig($uid,'system','permissions_role');
 	if($role) {
 		$x = get_role_perms($role);
-		if($x['perms_follow'])
-			$my_perms = $x['perms_follow'];
+		if($x['perms_connect'])
+			$my_perms = $x['perms_connect'];
 	}
 
-
 	if($is_red && $j) {
 
 		logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG);
@@ -104,10 +103,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 
 		$xchan_hash = $x['hash'];
 
-		$their_perms = 0;
-
-		$global_perms = get_perms();
-
 		if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) {
 			$permissions = crypto_unencapsulate(array(
 				'data' => $j['permissions']['data'],
@@ -121,16 +116,14 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 		else
 			$permissions = $j['permissions'];
 
-
-		foreach($permissions as $k => $v) {
-			if($v) {
-				$their_perms = $their_perms | intval($global_perms[$k][1]);
+		if(is_array($permissions) && $permissions) {
+			foreach($permissions as $k => $v) {
+				set_abconfig($channel['channel_uid'],$xchan_hash,'their_perms',$k,intval($v));
 			}
 		}
 	}
 	else {
 
-		$their_perms = 0;
 		$xchan_hash = '';
 
 		$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
@@ -190,6 +183,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 		$result['message'] = t('Protocol disabled.');
 		return $result;
 	}
+
 	$singleton = intval($x['singleton']);
 
 	$aid = $channel['channel_account_id'];
@@ -222,6 +216,15 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 		intval($uid)
 	);
 
+	if($is_http) {
+
+		// Always set these "remote" permissions for feeds since we cannot interact with them
+		// to negotiate a suitable permission response
+
+		set_abconfig($uid,$xchan_hash,'their_perms','view_stream',1);
+		set_abconfig($uid,$xchan_hash,'their_perms','republish',1);
+	}
+
 	if($r) {
 		$abook_instance = $r[0]['abook_instance'];
 
@@ -231,8 +234,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 			$abook_instance .= z_root();
 		}
 
-		$x = q("update abook set abook_their_perms = %d, abook_instance = '%s' where abook_id = %d",
-			intval($their_perms),
+		$x = q("update abook set abook_instance = '%s' where abook_id = %d",
 			dbesc($abook_instance),
 			intval($r[0]['abook_id'])
 		);		
@@ -242,15 +244,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 		if($closeness === false)
 			$closeness = 80;
 
-		$r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_instance )
-			values( %d, %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s' ) ",
+		$r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_created, abook_updated, abook_instance )
+			values( %d, %d, %d, '%s', %d, '%s', '%s', '%s' ) ",
 			intval($aid),
 			intval($uid),
 			intval($closeness),
 			dbesc($xchan_hash),
 			intval(($is_http) ? 1 : 0),
-			intval(($is_http) ? $their_perms|PERMS_R_STREAM|PERMS_A_REPUBLISH : $their_perms),
-			intval($my_perms),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			dbesc(($singleton) ? z_root() : '')
@@ -260,6 +260,16 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
 	if(! $r)
 		logger('mod_follow: abook creation failed');
 
+	$all_perms = \Zotlabs\Access\Permissions::Perms();
+	if($all_perms) {
+		foreach($all_perms as $k => $v) {
+			if(in_array($k,$my_perms))
+				set_abconfig($uid,$xchan_hash,'my_perms',$k,1);
+			else
+				set_abconfig($uid,$xchan_hash,'my_perms',$k,0);
+		}
+	}
+
 	$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash 
 		where abook_xchan = '%s' and abook_channel = %d limit 1",
 		dbesc($xchan_hash),
diff --git a/include/items.php b/include/items.php
index ad12e4f98..702d49d40 100755
--- a/include/items.php
+++ b/include/items.php
@@ -183,7 +183,7 @@ function is_item_normal($item) {
  * This function examines the comment_policy attached to an item and decides if the current observer has
  * sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed()
  * will not be suitable because the post owner does not have a local channel_id.
- * Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set.
+ * Generally we should look at the item - in particular the author['abook_flags'] and see if ABOOK_FLAG_SELF is set.
  * If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call
  * can_comment_on_post()
  * We also check the comments_closed date/time on the item if this is set.
@@ -224,8 +224,7 @@ function can_comment_on_post($observer_xchan, $item) {
 		case 'contacts':
 		case 'authenticated':
 		case '':
-			if(array_key_exists('owner',$item)) {
-				if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT))
+			if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
 					return true;
 			}
 			break;
@@ -2856,7 +2855,7 @@ function check_item_source($uid, $item) {
 	if(! $x)
 		return false;
 
-	if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH))
+	if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish'))
 		return false;
 
 	if($item['item_private'] && (! intval($x[0]['abook_feed'])))