aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Access
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Access')
-rw-r--r--Zotlabs/Access/PermissionLimits.php36
-rw-r--r--Zotlabs/Access/PermissionRoles.php215
-rw-r--r--Zotlabs/Access/Permissions.php74
3 files changed, 325 insertions, 0 deletions
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php
new file mode 100644
index 000000000..909b654d5
--- /dev/null
+++ b/Zotlabs/Access/PermissionLimits.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace Zotlabs\Access;
+
+use \Zotlabs\Lib as ZLib;
+
+class PermissionLimits {
+
+ static public function Std_Limits() {
+ $perms = Permissions::Perms();
+ $limits = array();
+ foreach($perms as $k => $v) {
+ if(strstr($k,'view'))
+ $limits[$k] = PERMS_PUBLIC;
+ else
+ $limits[$k] = PERMS_SPECIFIC;
+ }
+ return $limits;
+ }
+
+ static public function Set($channel_id,$perm,$perm_limit) {
+ ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
+ }
+
+ static public function Get($channel_id,$perm = '') {
+ if($perm) {
+ return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
+ }
+ else {
+ Zlib\PConfig::Load($channel_id);
+ if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
+ return \App::$config[$channel_id]['perm_limits'];
+ return false;
+ }
+ }
+} \ No newline at end of file
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php
new file mode 100644
index 000000000..8b116adc5
--- /dev/null
+++ b/Zotlabs/Access/PermissionRoles.php
@@ -0,0 +1,215 @@
+<?php
+
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+class PermissionRoles {
+
+
+ static function role_perms($role) {
+
+ $ret = array();
+
+ $ret['role'] = $role;
+
+ switch($role) {
+ case 'social':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'chat', 'post_like', 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ break;
+
+ case 'social_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'chat', 'post_like' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'social_private':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' ];
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ $ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+ $ret['limits']['view_storage'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'forum':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'republish', 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ break;
+
+ case 'forum_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'forum_private':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' , 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ $ret['limits']['view_profile'] = PERMS_SPECIFIC;
+ $ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+ $ret['limits']['view_storage'] = PERMS_SPECIFIC;
+ $ret['limits']['view_pages'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'feed':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' , 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'feed_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' , 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'soapbox':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_like' , 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'repository':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'republish', 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ break;
+
+ default:
+ break;
+ }
+
+ $x = get_config('system','role_perms');
+ // let system settings over-ride any or all
+ if($x && is_array($x) && array_key_exists($role,$x))
+ $ret = array_merge($ret,$x[$role]);
+
+ call_hooks('get_role_perms',$ret);
+
+ return $ret;
+ }
+
+
+
+
+ static public function roles() {
+ $roles = [
+ t('Social Networking') => [
+ 'social' => t('Social - Mostly Public'),
+ 'social_restricted' => t('Social - Restricted'),
+ 'social_private' => t('Social - Private')
+ ],
+
+ t('Community Forum') => [
+ 'forum' => t('Forum - Mostly Public'),
+ 'forum_restricted' => t('Forum - Restricted'),
+ 'forum_private' => t('Forum - Private')
+ ],
+
+ t('Feed Republish') => [
+ 'feed' => t('Feed - Mostly Public'),
+ 'feed_restricted' => t('Feed - Restricted')
+ ],
+
+ t('Special Purpose') => [
+ 'soapbox' => t('Special - Celebrity/Soapbox'),
+ 'repository' => t('Special - Group Repository')
+ ],
+
+ t('Other') => [
+ 'custom' => t('Custom/Expert Mode')
+ ]
+
+ ];
+
+ return $roles;
+ }
+
+
+
+} \ No newline at end of file
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php
new file mode 100644
index 000000000..b389fc229
--- /dev/null
+++ b/Zotlabs/Access/Permissions.php
@@ -0,0 +1,74 @@
+<?php
+
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+class Permissions {
+
+ /**
+ * Extensible permissions.
+ * To add new permissions, add to the list of $perms below, with a simple description.
+ * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
+ * if this permission should be granted to new connections.
+ *
+ * Permissions with 'view' in the name are considered read permissions. Anything
+ * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
+ * is given PERMS_SPECIFIC.
+ *
+ * PermissionLimits::Std_limits() retrieves the standard limits. A permission role
+ * MAY alter an individual setting after retrieving the Std_limits if you require
+ * something different for a specific permission within the given role.
+ *
+ */
+
+
+ static public function Perms($filter = '') {
+
+ $perms = [
+ 'view_stream' => t('Can view my channel stream and posts'),
+ 'send_stream' => t('Can send me their channel stream and posts'),
+ 'view_profile' => t('Can view my default channel profile'),
+ 'view_contacts' => t('Can view my connections'),
+ 'view_storage' => t('Can view my file storage and photos'),
+ 'write_storage' => t('Can upload/modify my file storage and photos'),
+ 'view_pages' => t('Can view my channel webpages'),
+ 'write_pages' => t('Can create/edit my channel webpages'),
+ 'post_wall' => t('Can post on my channel (wall) page'),
+ 'post_comments' => t('Can comment on or like my posts'),
+ 'post_mail' => t('Can send me private mail messages'),
+ 'post_like' => t('Can like/dislike profiles and profile things'),
+ 'tag_deliver' => t('Can forward to all my channel connections via @+ mentions in posts'),
+ 'chat' => t('Can chat with me'),
+ 'republish' => t('Can source my public posts in derived channels'),
+ 'delegate' => t('Can administer my channel')
+ ];
+
+ $x = array('permissions' => $perms, 'filter' => $filter);
+ call_hooks('permissions_list',$x);
+ return($x['permissions']);
+
+ }
+
+ static public function BlockedAnonPerms() {
+
+ // Perms from the above list that are blocked from anonymous observers.
+ // e.g. you must be authenticated.
+
+ $res = array();
+ $perms = PermissionLimits::Std_limits();
+ foreach($perms as $perm => $limit) {
+ if($limit != PERMS_PUBLIC) {
+ $res[] = $perm;
+ }
+ }
+
+ $x = array('permissions' => $res);
+ call_hooks('write_perms',$x);
+ return($x['permissions']);
+
+ }
+
+
+} \ No newline at end of file