diff options
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Lib/ThreadItem.php | 4 | ||||
-rw-r--r-- | Zotlabs/Module/Item.php | 21 |
2 files changed, 18 insertions, 7 deletions
diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index 61a012f9d..b7fc8e65d 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -141,6 +141,10 @@ class ThreadItem { 'delete' => t('Delete'), ); } + elseif(is_site_admin()) { + $drop = [ 'dropping' => true, 'delete' => t('Admin Delete') ]; + } + // FIXME if($observer_is_pageowner) { $multidrop = array( diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index bba1dc02d..87f83e877 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -1084,7 +1084,7 @@ class Item extends \Zotlabs\Web\Controller { if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) { require_once('include/items.php'); - $i = q("select id, uid, author_xchan, owner_xchan, source_xchan, item_type from item where id = %d limit 1", + $i = q("select id, uid, item_origin, author_xchan, owner_xchan, source_xchan, item_type from item where id = %d limit 1", intval(argv(2)) ); @@ -1094,14 +1094,21 @@ class Item extends \Zotlabs\Web\Controller { if(local_channel() && local_channel() == $i[0]['uid']) $local_delete = true; - $sys = get_sys_channel(); - if(is_site_admin() && $sys['channel_id'] == $i[0]['uid']) - $can_delete = true; - + // The site admin can delete any post/item on the site. + // If the item originated on this site+channel the deletion will propagate downstream. + // Otherwise just the local copy is removed. + + if(is_site_admin()) { + $local_delete = true; + if(intval($i[0]['item_origin'])) + $can_delete = true; + } + $ob_hash = get_observer_hash(); - if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) + if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { $can_delete = true; - + } + if(! ($can_delete || $local_delete)) { notice( t('Permission denied.') . EOL); return; |