diff options
Diffstat (limited to 'Zotlabs/Module')
| -rw-r--r-- | Zotlabs/Module/Acl.php | 19 | ||||
| -rw-r--r-- | Zotlabs/Module/Connedit.php | 8 | ||||
| -rw-r--r-- | Zotlabs/Module/Lockview.php | 39 | ||||
| -rw-r--r-- | Zotlabs/Module/Profile_photo.php | 10 | ||||
| -rw-r--r-- | Zotlabs/Module/Profperm.php | 10 |
5 files changed, 64 insertions, 22 deletions
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 2b364d9ac..6f5b0ddf9 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -103,7 +103,24 @@ class Acl extends \Zotlabs\Web\Controller { $contacts = array(); if($type == '' || $type == 'g') { - + + $r = q("select id, profile_guid, profile_name from profile where is_default = 0 and uid = %d", + intval(local_channel()) + ); + if($r) { + foreach($r as $rv) { + $groups[] = array( + "type" => "g", + "photo" => "images/twopeople.png", + "name" => t('Profile','acl') . ' ' . $rv['profile_name'], + "id" => 'vp' . $rv['id'], + "xid" => 'vp.' . $rv['profile_guid'], + "uids" => group_get_profile_members_xchan(local_channel(), $rv['id']), + "link" => '' + ); + } + } + $r = q("SELECT groups.id, groups.hash, groups.gname FROM groups, group_member WHERE groups.deleted = 0 AND groups.uid = %d diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index d8422266c..7a753c286 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -245,14 +245,6 @@ class Connedit extends \Zotlabs\Web\Controller { intval(local_channel()) ); - if($orig_record[0]['abook_profile'] != $profile_id) { - //Update profile photo permissions - - logger('A new profile was assigned - updating profile photos'); - profile_photo_set_profile_perms(local_channel(),$profile_id); - - } - if($r) info( t('Connection updated.') . EOL); else diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 7d1d8a43f..fc7d5c7c8 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -32,10 +32,10 @@ class Lockview extends \Zotlabs\Web\Controller { if(! $item_id) killme(); - if (!in_array($type, array('item','photo','event', 'menu_item', 'chatroom'))) + if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom'))) killme(); - //we have different naming in in menu_item table and chatroom table + // we have different naming in in menu_item table and chatroom table switch($type) { case 'menu_item': $id = 'mitem_id'; @@ -101,6 +101,22 @@ class Lockview extends \Zotlabs\Web\Controller { stringify_array_elms($deny_groups,true); stringify_array_elms($deny_users,true); + + $profile_groups = []; + if($allowed_groups) { + foreach($allowed_groups as $g) { + if(substr($g,0,4) === '\'vp.') { + $profile_groups[] = '\'' . substr($g,4); + } + } + } + if(count($profile_groups)) { + $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); + if($r) + foreach($r as $rr) + $l[] = '<li><b>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</b></li>'; + } + if(count($allowed_groups)) { $r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); if($r) @@ -120,6 +136,25 @@ class Lockview extends \Zotlabs\Web\Controller { } } } + + + $profile_groups = []; + if($deny_groups) { + foreach($deny_groups as $g) { + if(substr($g,0,4) === '\'vp.') { + $profile_groups[] = '\'' . substr($g,4); + } + } + } + if(count($profile_groups)) { + $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); + if($r) + foreach($r as $rr) + $l[] = '<li><b><strike>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</strike></b></li>'; + } + + + if(count($deny_groups)) { $r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index 5b88f67f5..29a239f4d 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -180,6 +180,10 @@ class Profile_photo extends \Zotlabs\Web\Controller { dbesc(datetime_convert()), dbesc($channel['xchan_hash']) ); + + photo_profile_setperms(local_channel(),$base_image['resource_id'],$_REQUEST['profile']); + + // Similarly, tell the nav bar to bypass the cache and update the avater image. $_SESSION['reload_avatar'] = true; @@ -188,9 +192,6 @@ class Profile_photo extends \Zotlabs\Web\Controller { // Update directory in background \Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id'])); - // Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures' - - profile_photo_set_profile_perms(local_channel(),$_REQUEST['profile']); } else notice( t('Unable to process image') . EOL); @@ -338,7 +339,8 @@ class Profile_photo extends \Zotlabs\Web\Controller { dbesc($channel['xchan_hash']) ); - profile_photo_set_profile_perms(local_channel()); // Reset default photo permissions to public + photo_profile_setperms(local_channel(),$resource_id,$_REQUEST['profile']); + \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); goaway(z_root() . '/profiles'); } diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php index 99cd4c58f..900e2f981 100644 --- a/Zotlabs/Module/Profperm.php +++ b/Zotlabs/Module/Profperm.php @@ -22,7 +22,7 @@ class Profperm extends \Zotlabs\Web\Controller { } - function get() { + function get() { if(! local_channel()) { notice( t('Permission denied') . EOL); @@ -94,12 +94,8 @@ class Profperm extends \Zotlabs\Web\Controller { } - - //Time to update the permissions on the profile-pictures as well - - profile_photo_set_profile_perms(local_channel(),$profile['id']); - - $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'", + $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash + WHERE abook_channel = %d AND abook_profile = '%s'", intval(local_channel()), dbesc($profile['profile_guid']) ); |