aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Access/PermissionRoles.php51
-rw-r--r--Zotlabs/Access/Permissions.php4
-rw-r--r--Zotlabs/Lib/NativeWiki.php2
-rw-r--r--Zotlabs/Module/Wiki.php11
-rw-r--r--Zotlabs/Web/Router.php25
5 files changed, 60 insertions, 33 deletions
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php
index f21025442..d7e162197 100644
--- a/Zotlabs/Access/PermissionRoles.php
+++ b/Zotlabs/Access/PermissionRoles.php
@@ -8,7 +8,7 @@ use Zotlabs\Lib as Zlib;
class PermissionRoles {
static public function version() {
- return 1;
+ return 2;
}
static function role_perms($role) {
@@ -25,7 +25,7 @@ class PermissionRoles {
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like', 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -38,7 +38,7 @@ class PermissionRoles {
$ret['online'] = true;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -52,7 +52,7 @@ class PermissionRoles {
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' ];
$ret['limits'] = PermissionLimits::Std_Limits();
$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
@@ -67,7 +67,7 @@ class PermissionRoles {
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'view_pages', 'view_wiki', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -80,7 +80,7 @@ class PermissionRoles {
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'view_pages', 'view_wiki', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -95,7 +95,7 @@ class PermissionRoles {
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'post_wall', 'post_comments',
+ 'view_pages', 'view_wiki', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -103,6 +103,7 @@ class PermissionRoles {
$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
$ret['limits']['view_storage'] = PERMS_SPECIFIC;
$ret['limits']['view_pages'] = PERMS_SPECIFIC;
+ $ret['limits']['view_wiki'] = PERMS_SPECIFIC;
break;
@@ -114,7 +115,7 @@ class PermissionRoles {
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -128,7 +129,7 @@ class PermissionRoles {
$ret['online'] = false;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -143,7 +144,7 @@ class PermissionRoles {
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'post_like' , 'republish' ];
+ 'view_pages', 'view_wiki', 'post_like' , 'republish' ];
$ret['limits'] = PermissionLimits::Std_Limits();
@@ -157,8 +158,8 @@ class PermissionRoles {
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
- 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
- 'post_mail', 'post_like' , 'republish', 'chat' ];
+ 'view_pages', 'view_wiki', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'republish', 'chat', 'write_wiki' ];
$ret['limits'] = PermissionLimits::Std_Limits();
break;
@@ -185,6 +186,12 @@ class PermissionRoles {
// if($perm === 'mynewperm')
// \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1);
+ if($perm === 'view_wiki')
+ \Zotlabs\Access\PermissionLimits::Set($uid,$perm,PERMS_PUBLIC);
+
+ if($perm === 'write_wiki')
+ \Zotlabs\Access\PermissionLimits::Set($uid,$perm,PERMS_SPECIFIC);
+
// set autoperms here if applicable
// choices are to set to 0, 1, or the value of an existing perm
@@ -195,7 +202,13 @@ class PermissionRoles {
$value = 0;
// if($perm === 'mynewperm')
- // $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm'));
+ // $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm');
+
+ if($perm === 'view_wiki')
+ $value = get_abconfig($uid,$c['channel_hash'],'autoperms','view_pages');
+
+ if($perm === 'write_wiki')
+ $value = get_abconfig($uid,$c['channel_hash'],'autoperms','write_pages');
if($c) {
set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value);
@@ -212,8 +225,16 @@ class PermissionRoles {
// case 'mynewperm':
// choices are to set to 1, set to 0, or clone an existing perm
// set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
- // get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm'));
-
+ // intval(get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm')));
+
+ case 'view_wiki':
+ set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+ intval(get_abconfig($uid,$ab['abook_xchan'],'my_perms','view_pages')));
+
+ case 'write_wiki':
+ set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+ intval(get_abconfig($uid,$ab['abook_xchan'],'my_perms','write_pages')));
+
default:
break;
}
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php
index 5fded5f03..81408f122 100644
--- a/Zotlabs/Access/Permissions.php
+++ b/Zotlabs/Access/Permissions.php
@@ -36,7 +36,7 @@ class Permissions {
static public function version() {
// This must match the version in PermissionRoles.php before permission updates can run.
- return 1;
+ return 2;
}
@@ -50,7 +50,9 @@ class Permissions {
'view_storage' => t('Can view my file storage and photos'),
'write_storage' => t('Can upload/modify my file storage and photos'),
'view_pages' => t('Can view my channel webpages'),
+ 'view_wiki' => t('Can view my wiki pages'),
'write_pages' => t('Can create/edit my channel webpages'),
+ 'write_wiki' => t('Can write to my wiki pages'),
'post_wall' => t('Can post on my channel (wall) page'),
'post_comments' => t('Can comment on or like my posts'),
'post_mail' => t('Can send me private mail messages'),
diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php
index ccb0ff150..519102d24 100644
--- a/Zotlabs/Lib/NativeWiki.php
+++ b/Zotlabs/Lib/NativeWiki.php
@@ -201,7 +201,7 @@ class NativeWiki {
else {
// TODO: Create a new permission setting for wiki analogous to webpages. Until
// then, use webpage permissions
- $write = perm_is_allowed($owner_id, $observer_hash,'write_pages');
+ $write = perm_is_allowed($owner_id, $observer_hash,'write_wiki');
return array('read' => true, 'write' => $write, 'success' => true);
}
}
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index 5397deebe..d42c26681 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -45,6 +45,11 @@ class Wiki extends \Zotlabs\Web\Controller {
}
+ if(! perm_is_allowed(\App::$profile_uid,get_observer_hash(),'view_wiki')) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
// TODO: Combine the interface configuration into a unified object
// Something like $interface = array('new_page_button' => false, 'new_wiki_button' => false, ...)
@@ -309,7 +314,11 @@ class Wiki extends \Zotlabs\Web\Controller {
return;
}
-
+ if(! perm_is_allowed(\App::$profile_uid,get_observer_hash(),'write_wiki')) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
// /wiki/channel/preview
// Render mardown-formatted text in HTML for preview
if((argc() > 2) && (argv(2) === 'preview')) {
diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php
index 271836ba9..ba2e78b25 100644
--- a/Zotlabs/Web/Router.php
+++ b/Zotlabs/Web/Router.php
@@ -121,29 +121,24 @@ class Router {
/*
* The URL provided does not resolve to a valid module.
- *
- * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'.
- * We don't like doing this, but as it occasionally accounts for 10-20% or more of all site traffic -
- * we are going to trap this and redirect back to the requested page. As long as you don't have a critical error on your page
- * this will often succeed and eventually do the right thing.
- *
- * Otherwise we are going to emit a 404 not found.
*/
if(! (\App::$module_loaded)) {
- // Stupid browser tried to pre-fetch our Javascript img template. Don't log the event or return anything - just quietly exit.
+ $x = [
+ 'module' => $module,
+ 'installed' => \App::$module_loaded,
+ 'controller' => $this->controller
+ ];
+ call_hooks('page_not_found',$x);
+
+ // Stupid browser tried to pre-fetch our Javascript img template.
+ // Don't log the event or return anything - just quietly exit.
+
if((x($_SERVER, 'QUERY_STRING')) && preg_match('/{[0-9]}/', $_SERVER['QUERY_STRING']) !== 0) {
killme();
}
- if((x($_SERVER, 'QUERY_STRING'))
- && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html')
- && \App::$config['system']['dreamhost_error_hack']) {
- logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI'],LOGGER_DEBUG);
- goaway(z_root() . $_SERVER['REQUEST_URI']);
- }
-
if(get_config('system','log_404',true)) {
logger("Module {$module} not found.", LOGGER_DEBUG, LOG_WARNING);
logger('index.php: page not found: ' . $_SERVER['REQUEST_URI']