diff options
Diffstat (limited to 'Zotlabs/Access')
-rw-r--r-- | Zotlabs/Access/AccessList.php | 8 | ||||
-rw-r--r-- | Zotlabs/Access/PermissionLimits.php | 85 |
2 files changed, 77 insertions, 16 deletions
diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php index 6471b0b1d..7cf7b5587 100644 --- a/Zotlabs/Access/AccessList.php +++ b/Zotlabs/Access/AccessList.php @@ -3,10 +3,14 @@ namespace Zotlabs\Access; /** - * @brief AccessList class. + * @brief AccessList class which represents individual content ACLs. * * A class to hold an AccessList object with allowed and denied contacts and * groups. + * + * After evaluating @ref ::Zotlabs::Access::PermissionLimits "PermissionLimits" + * and @ref ::Zotlabs::Lib::Permcat "Permcat"s individual content ACLs are evaluated. + * These answer the question "Can Joe view *this* album/photo?". */ class AccessList { /** @@ -103,7 +107,7 @@ class AccessList { * @brief Return an array consisting of the current access list components * where the elements are directly storable. * - * @return Associative array with: + * @return array An associative array with: * * \e string \b allow_cid => string of allowed cids * * \e string \b allow_gid => string of allowed gids * * \e string \b deny_cid => string of denied cids diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php index 8caeedb91..1d15098fc 100644 --- a/Zotlabs/Access/PermissionLimits.php +++ b/Zotlabs/Access/PermissionLimits.php @@ -2,35 +2,92 @@ namespace Zotlabs\Access; -use \Zotlabs\Lib as ZLib; +use Zotlabs\Lib\PConfig; +/** + * @brief Permission limits. + * + * Permission limits are a very high level permission setting. They are hard + * limits by design. + * "Who can view my photos (at all)?" + * "Who can post photos in my albums (at all)?" + * + * For viewing permissions we generally set these to 'anybody' and for write + * permissions we generally set them to 'those I allow', though many people + * restrict the viewing permissions further for things like 'Can view my connections'. + * + * People get confused enough by permissions that we wanted a place to set their + * privacy expectations once and be done with it. + * + * Connection related permissions like "Can Joe view my photos?" are handled by + * @ref ::Zotlabs::Lib::Permcat "Permcat" and inherit from the channel's Permission + * limits. + * + * @see Permissions + */ class PermissionLimits { + /** + * @brief Get standard permission limits. + * + * Viewing permissions and post_comments permission are set to 'anybody', + * other permissions are set to 'those I allow'. + * + * The list of permissions comes from Permissions::Perms(). + * + * @return array + */ static public function Std_Limits() { + $limits = []; $perms = Permissions::Perms(); - $limits = array(); + + $anon_comments = get_config('system','anonymous_comments',true); + foreach($perms as $k => $v) { - if(strstr($k,'view') || $k === 'post_comments') + if(strstr($k, 'view') || ($k === 'post_comments' && $anon_comments)) $limits[$k] = PERMS_PUBLIC; else $limits[$k] = PERMS_SPECIFIC; } + return $limits; } - static public function Set($channel_id,$perm,$perm_limit) { - ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit); + /** + * @brief Sets a permission limit for a channel. + * + * @param int $channel_id + * @param string $perm + * @param int $perm_limit one of PERMS_* constants + */ + static public function Set($channel_id, $perm, $perm_limit) { + PConfig::Set($channel_id, 'perm_limits', $perm, $perm_limit); } - static public function Get($channel_id,$perm = '') { + /** + * @brief Get a channel's permission limits. + * + * Return a channel's permission limits from PConfig. If $perm is set just + * return this permission limit, if not set, return an array with all + * permission limits. + * + * @param int $channel_id + * @param string $perm (optional) + * @return + * * \b boolean false if no perm_limits set for this channel + * * \b int if $perm is set, return one of PERMS_* constants for this permission + * * \b array with all permission limits, if $perm is not set + */ + static public function Get($channel_id, $perm = '') { if($perm) { - return Zlib\PConfig::Get($channel_id,'perm_limits',$perm); - } - else { - Zlib\PConfig::Load($channel_id); - if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id])) - return \App::$config[$channel_id]['perm_limits']; - return false; + return PConfig::Get($channel_id, 'perm_limits', $perm); } - } + + PConfig::Load($channel_id); + if(array_key_exists($channel_id, \App::$config) + && array_key_exists('perm_limits', \App::$config[$channel_id])) + return \App::$config[$channel_id]['perm_limits']; + + return false; + } }
\ No newline at end of file |