aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Access/PermissionLimits.php59
-rw-r--r--Zotlabs/Access/PermissionRoles.php209
-rw-r--r--Zotlabs/Access/Permissions.php67
-rw-r--r--Zotlabs/Module/Connedit.php22
-rw-r--r--Zotlabs/Module/Settings.php33
5 files changed, 363 insertions, 27 deletions
diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php
new file mode 100644
index 000000000..ef254c3cf
--- /dev/null
+++ b/Zotlabs/Access/PermissionLimits.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace Zotlabs\Access;
+
+class PermissionLimits {
+
+ static public function Std_Limits() {
+ $perms = Permissions::Perms();
+ $limits = array();
+ foreach($perms as $k => $v) {
+ if(strstr($k,'view'))
+ $limits[$k] = PERMS_PUBLIC;
+ else
+ $limits[$k] = PERMS_SPECIFIC;
+ }
+ return $limits;
+ }
+
+ static public function Set($channel_id,$perm,$perm_limit) {
+ $r = q("select * from perm_limits where channel_id = %d and perm = '%s' limit 1",
+ intval($channel_id),
+ dbesc($perm)
+ );
+ if($r) {
+ if($r[0]['perm_limit'] != $perm_limit) {
+ $x = q("update perm_limits set perm_limit = %d where id = %d",
+ dbesc($perm_limit),
+ intval($r[0]['id'])
+ );
+ }
+ }
+ else {
+ $r = q("insert into perm_limits ( perm, channel_id, perm_limit )
+ values ( '%s', %d, %d ) ",
+ dbesc($perm),
+ intval($channel_id),
+ intval($perm_limit)
+ );
+ }
+ }
+
+ static public function Get($channel_id,$perm = '') {
+ if($perm) {
+ $r = q("select * from perm_limits where channel_id = %d and perm = '%s' limit 1",
+ intval($channel_id),
+ dbesc($perm)
+ );
+ if($r)
+ return $r[0];
+ return false;
+ }
+ else {
+ return q("select * from perm_limits where channel_id = %d",
+ intval($channel_id)
+ );
+ }
+ }
+
+} \ No newline at end of file
diff --git a/Zotlabs/Access/PermissionRoles.php b/Zotlabs/Access/PermissionRoles.php
new file mode 100644
index 000000000..d195b0bb9
--- /dev/null
+++ b/Zotlabs/Access/PermissionRoles.php
@@ -0,0 +1,209 @@
+<?php
+
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+class PermissionRoles {
+
+ static public function roles() {
+ $roles = [
+ t('Social Networking') => [
+ 'social' => t('Social - Mostly Public'),
+ 'social_restricted' => t('Social - Restricted'),
+ 'social_private' => t('Social - Private')
+ ],
+
+ t('Community Forum') => [
+ 'forum' => t('Forum - Mostly Public'),
+ 'forum_restricted' => t('Forum - Restricted'),
+ 'forum_private' => t('Forum - Private')
+ ],
+
+ t('Feed Republish') => [
+ 'feed' => t('Feed - Mostly Public'),
+ 'feed_restricted' => t('Feed - Restricted')
+ ],
+
+ t('Special Purpose') => [
+ 'soapbox' => t('Special - Celebrity/Soapbox'),
+ 'repository' => t('Special - Group Repository')
+ ],
+
+ t('Other') => [
+ 'custom' => t('Custom/Expert Mode')
+ ]
+
+ ];
+
+ return $roles;
+ }
+
+ static function role_perms($role) {
+
+ $ret = array();
+
+ $ret['role'] = $role;
+
+ switch($role) {
+ case 'social':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'chat', 'post_like', 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ break;
+
+ case 'social_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = true;
+ $ret['online'] = true;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'chat', 'post_like' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'social_private':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' ];
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ $ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+ $ret['limits']['view_storage'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'forum':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'republish', 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ break;
+
+ case 'forum_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'forum_private':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' , 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ $ret['limits']['view_profile'] = PERMS_SPECIFIC;
+ $ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+ $ret['limits']['view_storage'] = PERMS_SPECIFIC;
+ $ret['limits']['view_pages'] = PERMS_SPECIFIC;
+
+ break;
+
+ case 'feed':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' , 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'feed_restricted':
+ $ret['perms_auto'] = false;
+ $ret['default_collection'] = true;
+ $ret['directory_publish'] = false;
+ $ret['online'] = false;
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'send_stream', 'post_wall', 'post_comments',
+ 'post_mail', 'post_like' , 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'soapbox':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'post_like' , 'republish' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+
+ break;
+
+ case 'repository':
+ $ret['perms_auto'] = true;
+ $ret['default_collection'] = false;
+ $ret['directory_publish'] = true;
+ $ret['online'] = false;
+
+ $ret['perms_connect'] = [
+ 'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+ 'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
+ 'post_mail', 'post_like' , 'republish', 'chat' ];
+
+ $ret['limits'] = PermissionLimits::Std_Limits();
+ break;
+
+ default:
+ break;
+ }
+
+ $x = get_config('system','role_perms');
+ // let system settings over-ride any or all
+ if($x && is_array($x) && array_key_exists($role,$x))
+ $ret = array_merge($ret,$x[$role]);
+
+ call_hooks('get_role_perms',$ret);
+
+ return $ret;
+ }
+
+} \ No newline at end of file
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php
new file mode 100644
index 000000000..520957638
--- /dev/null
+++ b/Zotlabs/Access/Permissions.php
@@ -0,0 +1,67 @@
+<?php
+
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+class Permissions {
+
+ static public function Perms($filter = '') {
+
+ $perms = [
+ [ 'view_stream' => t('Can view my normal stream and posts') ],
+ [ 'send_stream' => t('Can send me their channel stream and posts') ],
+ [ 'view_profile' => t('Can view my default channel profile') ],
+ [ 'view_contacts' => t('Can view my connections') ],
+ [ 'view_storage' => t('Can view my file storage and photos') ],
+ [ 'write_storage' => t('Can upload/modify my file storage and photos') ],
+ [ 'view_pages' => t('Can view my channel webpages') ],
+ [ 'write_pages' => t('Can create/edit my channel webpages') ],
+ [ 'post_wall' => t('Can post on my channel (wall) page') ],
+ [ 'post_comments' => t('Can comment on or like my posts') ],
+ [ 'post_mail' => t('Can send me private mail messages') ],
+ [ 'post_like' => t('Can like/dislike profiles and profile things') ],
+ [ 'tag_deliver' => t('Can forward to all my channel connections via @+ mentions in posts') ],
+ [ 'chat' => t('Can chat with me (when available)') ],
+ [ 'republish' => t('Can source my public posts in derived channels') ],
+ [ 'delegate' => t('Can administer my channel') ]
+ ];
+
+ $x = array('permissions' => $perms, 'filter' => $filter);
+ call_hooks('permissions_list',$x);
+ return($x['permissions']);
+
+ }
+
+ static public function BlockedAnonPerms() {
+
+ // Perms from the above list that are blocked from anonymous observers.
+ // e.g. you must be authenticated.
+
+ $perms = [ 'send_stream', 'write_pages', 'post_wall', 'write_storage', 'post_comments', 'post_mail', 'post_like', 'tag_deliver', 'chat', 'republish', 'delegate' ];
+
+ $x = array('permissions' => $perms);
+ call_hooks('write_perms',$x);
+ return($x['permissions']);
+
+ }
+
+
+ static public function OwnerLimitSet($channel_id,$permission,$limit) {
+ return Zlib\PConfig::Set($channel_id,'perms',$permission,$limit);
+ }
+
+ static public function OwnerLimitGet($channel_id,$permission) {
+ return Zlib\PConfig::Get($channel_id,'perms',$permission);
+ }
+
+ static public function Set($channel_id,$xchan_hash,$permission,$value) {
+ return Zlib\AbConfig::Set($channel_id,$xchan_hash,'perms',$permission,$value);
+ }
+
+ static public function Get($channel_id,$xchan_hash,$permission) {
+ return Zlib\AbConfig::Get($channel_id,$xchan_hash,'perms',$permission);
+ }
+
+} \ No newline at end of file
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index 7db4950b1..a5c5175dc 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -131,6 +131,8 @@ class Connedit extends \Zotlabs\Web\Controller {
foreach($_POST as $k => $v) {
if(strpos($k,'perms_') === 0) {
+ $perm = substr($k,6);
+ set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,(($v) ? 1 : 0));
$abook_my_perms += $v;
}
}
@@ -195,8 +197,11 @@ class Connedit extends \Zotlabs\Web\Controller {
$role = get_pconfig(local_channel(),'system','permissions_role');
if($role) {
$x = get_role_perms($role);
- if($x['perms_accept'])
- $abook_my_perms = $x['perms_accept'];
+ if($x['perms_connect']) {
+ foreach($x['perms_connect'] as $p) {
+ set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'my_perms',$p,1);
+ }
+ }
}
}
@@ -372,8 +377,8 @@ class Connedit extends \Zotlabs\Web\Controller {
$role = get_pconfig(local_channel(),'system','permissions_role');
if($role) {
$x = get_role_perms($role);
- if($x['perms_accept'])
- $my_perms = $x['perms_accept'];
+ if($x['perms_connect'])
+ $my_perms = $x['perms_connect'];
}
$yes_no = array(t('No'),t('Yes'));
@@ -654,7 +659,8 @@ class Connedit extends \Zotlabs\Web\Controller {
$perms = array();
$channel = \App::get_channel();
- $global_perms = get_perms();
+ $global_perms = \Zotlabs\Access\Permissions::Perms();
+
$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
@@ -671,8 +677,10 @@ class Connedit extends \Zotlabs\Web\Controller {
$affinity = t('Set Affinity & Profile');
foreach($global_perms as $k => $v) {
- $thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : '');
- $checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : '');
+ $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
+//fixme
+
+ $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php
index 875004fae..85da261fc 100644
--- a/Zotlabs/Module/Settings.php
+++ b/Zotlabs/Module/Settings.php
@@ -30,7 +30,7 @@ class Settings extends \Zotlabs\Web\Controller {
}
- function post() {
+ function post() {
if(! local_channel())
return;
@@ -40,7 +40,7 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
- logger('mod_settings: ' . print_r($_REQUEST,true));
+ // logger('mod_settings: ' . print_r($_REQUEST,true));
if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){
@@ -311,10 +311,10 @@ class Settings extends \Zotlabs\Web\Controller {
intval(local_channel())
);
- $global_perms = get_perms();
+ $global_perms = \Zotlabs\Access\Permissions::Perms();
foreach($global_perms as $k => $v) {
- $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
+ \Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
}
$acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_POST);
@@ -370,10 +370,10 @@ class Settings extends \Zotlabs\Web\Controller {
);
}
- $r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1",
- intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0),
- intval(local_channel())
- );
+ foreach($global_perms as $k => $v) {
+ set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k,((array_key_exists($k,$role_permissions['perms_connect'])) ? 1 : 0));
+ }
+
set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0));
foreach($role_permissions as $p => $v) {
@@ -864,11 +864,7 @@ class Settings extends \Zotlabs\Web\Controller {
return $o;
}
-
-
-
-
-
+
if(argv(1) === 'channel') {
require_once('include/acl_selectors.php');
@@ -885,9 +881,8 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
-
- $global_perms = get_perms();
-
+ $global_perms = \Zotlabs\Access\Permissions::Perms();
+
$permiss = array();
$perm_opts = array(
@@ -905,15 +900,13 @@ class Settings extends \Zotlabs\Web\Controller {
foreach($global_perms as $k => $perm) {
$options = array();
foreach($perm_opts as $opt) {
- if((! $perm[2]) && $opt[1] == PERMS_PUBLIC)
- continue;
$options[$opt[1]] = $opt[0];
}
- $permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options);
+ $permiss[] = array($k,$perm,$channel[$perm[0]],$perm[4],$options);
}
- // logger('permiss: ' . print_r($permiss,true));
+ // logger('permiss: ' . print_r($permiss,true));
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-19 04:12:40 +0000