diff options
-rw-r--r-- | include/ConversationObject.php | 5 | ||||
-rwxr-xr-x | include/items.php | 21 | ||||
-rw-r--r-- | mod/item.php | 22 | ||||
-rw-r--r-- | version.inc | 2 |
4 files changed, 35 insertions, 15 deletions
diff --git a/include/ConversationObject.php b/include/ConversationObject.php index 5157dad05..bf4300cb1 100644 --- a/include/ConversationObject.php +++ b/include/ConversationObject.php @@ -154,7 +154,10 @@ class Conversation extends BaseObject { $item->set_commentable(false); } elseif(($this->observer) && (! $item->is_commentable())) { - $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data)); + if((array_key_exists('owner',$item->data)) && ($item->data['owner']['abook_flags'] & ABOOK_FLAG_SELF)) + $item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments')); + else + $item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data)); } $item->set_conversation($this); diff --git a/include/items.php b/include/items.php index 79229acfe..b58b4415e 100755 --- a/include/items.php +++ b/include/items.php @@ -83,9 +83,20 @@ function collect_recipients($item,&$private) { } - +/** + * @function can_comment_on_post($observer_xchan,$item); + * + * This function examines the comment_policy attached to an item and decides if the current observer has + * sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed() + * will not be suitable because the post owner does not have a local channel_id. + * Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set. + * If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call + * can_comment_on_post() function can_comment_on_post($observer_xchan,$item) { + +// logger('can_comment_on_post: comment_policy: ' . $item['comment_policy'], LOGGER_DEBUG); + if(! $observer_xchan) return false; if($item['comment_policy'] === 'none') @@ -98,10 +109,10 @@ function can_comment_on_post($observer_xchan,$item) { return true; break; case 'public': - # We don't allow public comments yet, until a policy - # for dealing with anonymous comments is in place with - # a means to moderate comments. Until that time, return - # false. + // We don't allow public comments yet, until a policy + // for dealing with anonymous comments is in place with + // a means to moderate comments. Until that time, return + // false. return false; break; case 'contacts': diff --git a/mod/item.php b/mod/item.php index 813bcf283..f1fbd53b3 100644 --- a/mod/item.php +++ b/mod/item.php @@ -161,20 +161,26 @@ function item_post(&$a) { if($parent) { logger('mod_item: item_post parent=' . $parent); - if(! can_comment_on_post($observer['xchan_hash'],$parent_item)) { + $can_comment = false; + if((array_key_exists('owner',$parent_item)) && ($parent_item['owner']['abook_flags'] & ABOOK_FLAG_SELF)) + $can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments'); + else + $can_comment = can_comment_on_post($observer['xchan_hash'],$parent_item); + + if(! $can_comment) { notice( t('Permission denied.') . EOL) ; if(x($_REQUEST,'return')) goaway($a->get_baseurl() . "/" . $return_path ); killme(); } } - - - if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],(($parent) ? 'post_comments' : 'post_wall'))) { - notice( t('Permission denied.') . EOL) ; - if(x($_REQUEST,'return')) - goaway($a->get_baseurl() . "/" . $return_path ); - killme(); + else { + if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_wall')) { + notice( t('Permission denied.') . EOL) ; + if(x($_REQUEST,'return')) + goaway($a->get_baseurl() . "/" . $return_path ); + killme(); + } } diff --git a/version.inc b/version.inc index f88a7aa92..b3826e196 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2013-09-26.448 +2013-09-28.450 |