diff options
Diffstat (limited to 'Zotlabs/Access')
-rw-r--r-- | Zotlabs/Access/PermissionLimits.php | 36 | ||||
-rw-r--r-- | Zotlabs/Access/PermissionRoles.php | 215 | ||||
-rw-r--r-- | Zotlabs/Access/Permissions.php | 74 |
3 files changed, 325 insertions, 0 deletions
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php new file mode 100644 index 000000000..909b654d5 --- /dev/null +++ b/Zotlabs/Access/PermissionLimits.php @@ -0,0 +1,36 @@ +<?php + +namespace Zotlabs\Access; + +use \Zotlabs\Lib as ZLib; + +class PermissionLimits { + + static public function Std_Limits() { + $perms = Permissions::Perms(); + $limits = array(); + foreach($perms as $k => $v) { + if(strstr($k,'view')) + $limits[$k] = PERMS_PUBLIC; + else + $limits[$k] = PERMS_SPECIFIC; + } + return $limits; + } + + static public function Set($channel_id,$perm,$perm_limit) { + ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit); + } + + static public function Get($channel_id,$perm = '') { + if($perm) { + return Zlib\PConfig::Get($channel_id,'perm_limits',$perm); + } + else { + Zlib\PConfig::Load($channel_id); + if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id])) + return \App::$config[$channel_id]['perm_limits']; + return false; + } + } +}
\ No newline at end of file diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php new file mode 100644 index 000000000..8b116adc5 --- /dev/null +++ b/Zotlabs/Access/PermissionRoles.php @@ -0,0 +1,215 @@ +<?php + + +namespace Zotlabs\Access; + +use Zotlabs\Lib as Zlib; + +class PermissionRoles { + + + static function role_perms($role) { + + $ret = array(); + + $ret['role'] = $role; + + switch($role) { + case 'social': + $ret['perms_auto'] = false; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = true; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'chat', 'post_like', 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + break; + + case 'social_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = true; + $ret['online'] = true; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'chat', 'post_like' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'social_private': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' ]; + $ret['limits'] = PermissionLimits::Std_Limits(); + $ret['limits']['view_contacts'] = PERMS_SPECIFIC; + $ret['limits']['view_storage'] = PERMS_SPECIFIC; + + break; + + case 'forum': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'republish', 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + break; + + case 'forum_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'forum_private': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + $ret['limits']['view_profile'] = PERMS_SPECIFIC; + $ret['limits']['view_contacts'] = PERMS_SPECIFIC; + $ret['limits']['view_storage'] = PERMS_SPECIFIC; + $ret['limits']['view_pages'] = PERMS_SPECIFIC; + + break; + + case 'feed': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'feed_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'send_stream', 'post_wall', 'post_comments', + 'post_mail', 'post_like' , 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'soapbox': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'post_like' , 'republish' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + + break; + + case 'repository': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + + $ret['perms_connect'] = [ + 'view_stream', 'view_profile', 'view_contacts', 'view_storage', + 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver', + 'post_mail', 'post_like' , 'republish', 'chat' ]; + + $ret['limits'] = PermissionLimits::Std_Limits(); + break; + + default: + break; + } + + $x = get_config('system','role_perms'); + // let system settings over-ride any or all + if($x && is_array($x) && array_key_exists($role,$x)) + $ret = array_merge($ret,$x[$role]); + + call_hooks('get_role_perms',$ret); + + return $ret; + } + + + + + static public function roles() { + $roles = [ + t('Social Networking') => [ + 'social' => t('Social - Mostly Public'), + 'social_restricted' => t('Social - Restricted'), + 'social_private' => t('Social - Private') + ], + + t('Community Forum') => [ + 'forum' => t('Forum - Mostly Public'), + 'forum_restricted' => t('Forum - Restricted'), + 'forum_private' => t('Forum - Private') + ], + + t('Feed Republish') => [ + 'feed' => t('Feed - Mostly Public'), + 'feed_restricted' => t('Feed - Restricted') + ], + + t('Special Purpose') => [ + 'soapbox' => t('Special - Celebrity/Soapbox'), + 'repository' => t('Special - Group Repository') + ], + + t('Other') => [ + 'custom' => t('Custom/Expert Mode') + ] + + ]; + + return $roles; + } + + + +}
\ No newline at end of file diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php new file mode 100644 index 000000000..b389fc229 --- /dev/null +++ b/Zotlabs/Access/Permissions.php @@ -0,0 +1,74 @@ +<?php + + +namespace Zotlabs\Access; + +use Zotlabs\Lib as Zlib; + +class Permissions { + + /** + * Extensible permissions. + * To add new permissions, add to the list of $perms below, with a simple description. + * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role + * if this permission should be granted to new connections. + * + * Permissions with 'view' in the name are considered read permissions. Anything + * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else + * is given PERMS_SPECIFIC. + * + * PermissionLimits::Std_limits() retrieves the standard limits. A permission role + * MAY alter an individual setting after retrieving the Std_limits if you require + * something different for a specific permission within the given role. + * + */ + + + static public function Perms($filter = '') { + + $perms = [ + 'view_stream' => t('Can view my channel stream and posts'), + 'send_stream' => t('Can send me their channel stream and posts'), + 'view_profile' => t('Can view my default channel profile'), + 'view_contacts' => t('Can view my connections'), + 'view_storage' => t('Can view my file storage and photos'), + 'write_storage' => t('Can upload/modify my file storage and photos'), + 'view_pages' => t('Can view my channel webpages'), + 'write_pages' => t('Can create/edit my channel webpages'), + 'post_wall' => t('Can post on my channel (wall) page'), + 'post_comments' => t('Can comment on or like my posts'), + 'post_mail' => t('Can send me private mail messages'), + 'post_like' => t('Can like/dislike profiles and profile things'), + 'tag_deliver' => t('Can forward to all my channel connections via @+ mentions in posts'), + 'chat' => t('Can chat with me'), + 'republish' => t('Can source my public posts in derived channels'), + 'delegate' => t('Can administer my channel') + ]; + + $x = array('permissions' => $perms, 'filter' => $filter); + call_hooks('permissions_list',$x); + return($x['permissions']); + + } + + static public function BlockedAnonPerms() { + + // Perms from the above list that are blocked from anonymous observers. + // e.g. you must be authenticated. + + $res = array(); + $perms = PermissionLimits::Std_limits(); + foreach($perms as $perm => $limit) { + if($limit != PERMS_PUBLIC) { + $res[] = $perm; + } + } + + $x = array('permissions' => $res); + call_hooks('write_perms',$x); + return($x['permissions']); + + } + + +}
\ No newline at end of file |