aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/ConversationObject.php5
-rwxr-xr-xinclude/items.php21
-rw-r--r--mod/item.php22
-rw-r--r--version.inc2
4 files changed, 35 insertions, 15 deletions
diff --git a/include/ConversationObject.php b/include/ConversationObject.php
index 5157dad05..bf4300cb1 100644
--- a/include/ConversationObject.php
+++ b/include/ConversationObject.php
@@ -154,7 +154,10 @@ class Conversation extends BaseObject {
$item->set_commentable(false);
}
elseif(($this->observer) && (! $item->is_commentable())) {
- $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data));
+ if((array_key_exists('owner',$item->data)) && ($item->data['owner']['abook_flags'] & ABOOK_FLAG_SELF))
+ $item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments'));
+ else
+ $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data));
}
$item->set_conversation($this);
diff --git a/include/items.php b/include/items.php
index 79229acfe..b58b4415e 100755
--- a/include/items.php
+++ b/include/items.php
@@ -83,9 +83,20 @@ function collect_recipients($item,&$private) {
}
-
+/**
+ * @function can_comment_on_post($observer_xchan,$item);
+ *
+ * This function examines the comment_policy attached to an item and decides if the current observer has
+ * sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed()
+ * will not be suitable because the post owner does not have a local channel_id.
+ * Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set.
+ * If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call
+ * can_comment_on_post()
function can_comment_on_post($observer_xchan,$item) {
+
+// logger('can_comment_on_post: comment_policy: ' . $item['comment_policy'], LOGGER_DEBUG);
+
if(! $observer_xchan)
return false;
if($item['comment_policy'] === 'none')
@@ -98,10 +109,10 @@ function can_comment_on_post($observer_xchan,$item) {
return true;
break;
case 'public':
- # We don't allow public comments yet, until a policy
- # for dealing with anonymous comments is in place with
- # a means to moderate comments. Until that time, return
- # false.
+ // We don't allow public comments yet, until a policy
+ // for dealing with anonymous comments is in place with
+ // a means to moderate comments. Until that time, return
+ // false.
return false;
break;
case 'contacts':
diff --git a/mod/item.php b/mod/item.php
index 813bcf283..f1fbd53b3 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -161,20 +161,26 @@ function item_post(&$a) {
if($parent) {
logger('mod_item: item_post parent=' . $parent);
- if(! can_comment_on_post($observer['xchan_hash'],$parent_item)) {
+ $can_comment = false;
+ if((array_key_exists('owner',$parent_item)) && ($parent_item['owner']['abook_flags'] & ABOOK_FLAG_SELF))
+ $can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments');
+ else
+ $can_comment = can_comment_on_post($observer['xchan_hash'],$parent_item);
+
+ if(! $can_comment) {
notice( t('Permission denied.') . EOL) ;
if(x($_REQUEST,'return'))
goaway($a->get_baseurl() . "/" . $return_path );
killme();
}
}
-
-
- if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],(($parent) ? 'post_comments' : 'post_wall'))) {
- notice( t('Permission denied.') . EOL) ;
- if(x($_REQUEST,'return'))
- goaway($a->get_baseurl() . "/" . $return_path );
- killme();
+ else {
+ if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_wall')) {
+ notice( t('Permission denied.') . EOL) ;
+ if(x($_REQUEST,'return'))
+ goaway($a->get_baseurl() . "/" . $return_path );
+ killme();
+ }
}
diff --git a/version.inc b/version.inc
index f88a7aa92..b3826e196 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2013-09-26.448
+2013-09-28.450