diff options
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Access/AccessList.php | 8 | ||||
| -rw-r--r-- | Zotlabs/Access/PermissionLimits.php | 83 | ||||
| -rw-r--r-- | Zotlabs/Lib/MarkdownSoap.php | 65 | ||||
| -rw-r--r-- | Zotlabs/Lib/Permcat.php | 78 | ||||
| -rw-r--r-- | Zotlabs/Module/Acl.php | 43 | ||||
| -rw-r--r-- | Zotlabs/Thumbs/Epubthumb.php | 40 |
6 files changed, 232 insertions, 85 deletions
diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php index 6471b0b1d..7cf7b5587 100644 --- a/Zotlabs/Access/AccessList.php +++ b/Zotlabs/Access/AccessList.php @@ -3,10 +3,14 @@ namespace Zotlabs\Access; /** - * @brief AccessList class. + * @brief AccessList class which represents individual content ACLs. * * A class to hold an AccessList object with allowed and denied contacts and * groups. + * + * After evaluating @ref ::Zotlabs::Access::PermissionLimits "PermissionLimits" + * and @ref ::Zotlabs::Lib::Permcat "Permcat"s individual content ACLs are evaluated. + * These answer the question "Can Joe view *this* album/photo?". */ class AccessList { /** @@ -103,7 +107,7 @@ class AccessList { * @brief Return an array consisting of the current access list components * where the elements are directly storable. * - * @return Associative array with: + * @return array An associative array with: * * \e string \b allow_cid => string of allowed cids * * \e string \b allow_gid => string of allowed gids * * \e string \b deny_cid => string of denied cids diff --git a/Zotlabs/Access/PermissionLimits.php b/Zotlabs/Access/PermissionLimits.php index 8caeedb91..9ee0656b1 100644 --- a/Zotlabs/Access/PermissionLimits.php +++ b/Zotlabs/Access/PermissionLimits.php @@ -2,35 +2,90 @@ namespace Zotlabs\Access; -use \Zotlabs\Lib as ZLib; +use Zotlabs\Lib\PConfig; +/** + * @brief Permission limits. + * + * Permission limits are a very high level permission setting. They are hard + * limits by design. + * "Who can view my photos (at all)?" + * "Who can post photos in my albums (at all)?" + * + * For viewing permissions we generally set these to 'anybody' and for write + * permissions we generally set them to 'those I allow', though many people + * restrict the viewing permissions further for things like 'Can view my connections'. + * + * People get confused enough by permissions that we wanted a place to set their + * privacy expectations once and be done with it. + * + * Connection related permissions like "Can Joe view my photos?" are handled by + * @ref ::Zotlabs::Lib::Permcat "Permcat" and inherit from the channel's Permission + * limits. + * + * @see Permissions + */ class PermissionLimits { + /** + * @brief Get standard permission limits. + * + * Viewing permissions and post_comments permission are set to 'anybody', + * other permissions are set to 'those I allow'. + * + * The list of permissions comes from Permissions::Perms(). + * + * @return array + */ static public function Std_Limits() { + $limits = []; $perms = Permissions::Perms(); - $limits = array(); + foreach($perms as $k => $v) { - if(strstr($k,'view') || $k === 'post_comments') + if(strstr($k, 'view') || $k === 'post_comments') $limits[$k] = PERMS_PUBLIC; else $limits[$k] = PERMS_SPECIFIC; } + return $limits; } - static public function Set($channel_id,$perm,$perm_limit) { - ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit); + /** + * @brief Sets a permission limit for a channel. + * + * @param int $channel_id + * @param string $perm + * @param int $perm_limit one of PERMS_* constants + */ + static public function Set($channel_id, $perm, $perm_limit) { + PConfig::Set($channel_id, 'perm_limits', $perm, $perm_limit); } - static public function Get($channel_id,$perm = '') { + /** + * @brief Get a channel's permission limits. + * + * Return a channel's permission limits from PConfig. If $perm is set just + * return this permission limit, if not set, return an array with all + * permission limits. + * + * @param int $channel_id + * @param string $perm (optional) + * @return + * * \b boolean false if no perm_limits set for this channel + * * \b int if $perm is set, return one of PERMS_* constants for this permission + * * \b array with all permission limits, if $perm is not set + */ + static public function Get($channel_id, $perm = '') { if($perm) { - return Zlib\PConfig::Get($channel_id,'perm_limits',$perm); - } - else { - Zlib\PConfig::Load($channel_id); - if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id])) - return \App::$config[$channel_id]['perm_limits']; - return false; + return PConfig::Get($channel_id, 'perm_limits', $perm); } - } + + PConfig::Load($channel_id); + if(array_key_exists($channel_id, \App::$config) + && array_key_exists('perm_limits', \App::$config[$channel_id])) + return \App::$config[$channel_id]['perm_limits']; + + return false; + } }
\ No newline at end of file diff --git a/Zotlabs/Lib/MarkdownSoap.php b/Zotlabs/Lib/MarkdownSoap.php index fa279b07c..a58a5753a 100644 --- a/Zotlabs/Lib/MarkdownSoap.php +++ b/Zotlabs/Lib/MarkdownSoap.php @@ -3,51 +3,66 @@ namespace Zotlabs\Lib; /** - * MarkdownSoap + * @brief MarkdownSoap class. + * * Purify Markdown for storage + * @code{.php} * $x = new MarkdownSoap($string_to_be_cleansed); * $text = $x->clean(); - * + * @endcode * What this does: * 1. extracts code blocks and privately escapes them from processing * 2. Run html purifier on the content * 3. put back the code blocks * 4. run htmlspecialchars on the entire content for safe storage * - * At render time: + * At render time: + * @code{.php} * $markdown = \Zotlabs\Lib\MarkdownSoap::unescape($text); * $html = \Michelf\MarkdownExtra::DefaultTransform($markdown); + * @endcode */ - - - class MarkdownSoap { + /** + * @var string + */ + private $str; + /** + * @var string + */ private $token; - private $str; function __construct($s) { - $this->str = $s; + $this->str = $s; $this->token = random_string(20); } - function clean() { $x = $this->extract_code($this->str); $x = $this->purify($x); - $x = $this->putback_code($x); + $x = $this->putback_code($x); $x = $this->escape($x); - + return $x; } + /** + * @brief Extracts code blocks and privately escapes them from processing. + * + * @see encode_code() + * @see putback_code() + * + * @param string $s + * @return string + */ function extract_code($s) { - + $text = preg_replace_callback('{ (?:\n\n|\A\n?) ( # $1 = the code block -- one or more lines, starting with a space/tab @@ -62,7 +77,7 @@ class MarkdownSoap { return $text; } - + function encode_code($matches) { return $this->token . ';' . base64_encode($matches[0]) . ';' ; } @@ -71,8 +86,17 @@ class MarkdownSoap { return base64_decode($matches[1]); } + /** + * @brief Put back the code blocks. + * + * @see extract_code() + * @see decode_code() + * + * @param string $s + * @return string + */ function putback_code($s) { - $text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm',[ $this, 'decode_code' ], $s); + $text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm', [ $this, 'decode_code' ], $s); return $text; } @@ -84,20 +108,25 @@ class MarkdownSoap { } function protect_autolinks($s) { - $s = preg_replace('/\<(https?\:\/\/)(.*?)\>/','[$1$2]($1$2)',$s); + $s = preg_replace('/\<(https?\:\/\/)(.*?)\>/', '[$1$2]($1$2)', $s); return $s; } function unprotect_autolinks($s) { return $s; - } function escape($s) { - return htmlspecialchars($s,ENT_QUOTES,'UTF-8',false); + return htmlspecialchars($s, ENT_QUOTES, 'UTF-8', false); } + /** + * @brief Converts special HTML entities back to characters. + * + * @param string $s + * @return string + */ static public function unescape($s) { - return htmlspecialchars_decode($s,ENT_QUOTES); + return htmlspecialchars_decode($s, ENT_QUOTES); } } diff --git a/Zotlabs/Lib/Permcat.php b/Zotlabs/Lib/Permcat.php index 505ee2cfc..ca4aed9ed 100644 --- a/Zotlabs/Lib/Permcat.php +++ b/Zotlabs/Lib/Permcat.php @@ -2,12 +2,36 @@ namespace Zotlabs\Lib; -use \Zotlabs\Access as Zaccess; - +use Zotlabs\Access\PermissionRoles; +use Zotlabs\Access\Permissions; + +/** + * @brief Permission Categories. Permission rules for various classes of connections. + * + * Connection permissions answer the question "Can Joe view my photos?" + * + * Some permissions may be inherited from the channel's "privacy settings" + * (@ref ::Zotlabs::Access::PermissionLimits "PermissionLimits") "Who can view my + * photos (at all)?" which have higher priority than individual connection settings. + * We evaluate permission limits first, and then fall through to connection + * permissions if the permission limits didn't already make a definitive decision. + * + * After PermissionLimits and connection permissions are evaluated, individual + * content ACLs are evaluated (@ref ::Zotlabs::Access::AccessList "AccessList"). + * These answer the question "Can Joe view *this* album/photo?". + */ class Permcat { + /** + * @var array + */ private $permcats = []; + /** + * @brief Permcat constructor. + * + * @param int $channel_id + */ public function __construct($channel_id) { $perms = []; @@ -16,16 +40,16 @@ class Permcat { $role = get_pconfig($channel_id,'system','permissions_role'); if($role) { - $x = Zaccess\PermissionRoles::role_perms($role); + $x = PermissionRoles::role_perms($role); if($x['perms_connect']) { - $perms = Zaccess\Permissions::FilledPerms($x['perms_connect']); + $perms = Permissions::FilledPerms($x['perms_connect']); } } // if no role perms it may be a custom role, see if there any autoperms if(! $perms) { - $perms = Zaccess\Permissions::FilledAutoPerms($channel_id); + $perms = Permissions::FilledAutoPerms($channel_id); } // if no autoperms it may be a custom role with manual perms @@ -50,13 +74,13 @@ class Permcat { // nothing was found - create a filled permission array where all permissions are 0 if(! $perms) { - $perms = Zaccess\Permissions::FilledPerms([]); + $perms = Permissions::FilledPerms([]); } $this->permcats[] = [ 'name' => 'default', 'localname' => t('default','permcat'), - 'perms' => Zaccess\Permissions::Operms($perms), + 'perms' => Permissions::Operms($perms), 'system' => 1 ]; @@ -67,26 +91,39 @@ class Permcat { $this->permcats[] = [ 'name' => $p[$x][0], 'localname' => $p[$x][1], - 'perms' => Zaccess\Permissions::Operms(Zaccess\Permissions::FilledPerms($p[$x][2])), + 'perms' => Permissions::Operms(Permissions::FilledPerms($p[$x][2])), 'system' => intval($p[$x][3]) ]; } } } - + /** + * @brief Return array with permcats. + * + * @return array + */ public function listing() { return $this->permcats; } + /** + * @brief + * + * @param string $name + * @return array + * * \e array with permcats + * * \e bool \b error if $name not found in permcats true + */ public function fetch($name) { if($name && $this->permcats) { foreach($this->permcats as $permcat) { - if(strcasecmp($permcat['name'],$name) === 0) { + if(strcasecmp($permcat['name'], $name) === 0) { return $permcat; } } } + return ['error' => true]; } @@ -118,29 +155,32 @@ class Permcat { $permcats[] = [ $xv['k'], $xv['k'], $value, 0 ]; } } - } + } - call_hooks('permcats',$permcats); + /** + * @hooks permcats + * * \e array + */ + call_hooks('permcats', $permcats); return $permcats; - } - static public function find_permcat($arr,$name) { + static public function find_permcat($arr, $name) { if((! $arr) || (! $name)) return false; + foreach($arr as $p) if($p['name'] == $name) return $p['value']; } - static public function update($channel_id, $name,$permarr) { - PConfig::Set($channel_id,'permcat',$name,$permarr); + static public function update($channel_id, $name, $permarr) { + PConfig::Set($channel_id, 'permcat', $name, $permarr); } - static public function delete($channel_id,$name) { - PConfig::Delete($channel_id,'permcat',$name); + static public function delete($channel_id, $name) { + PConfig::Delete($channel_id, 'permcat', $name); } - }
\ No newline at end of file diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index ad1c8b8cd..fae7e2e44 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -1,36 +1,39 @@ <?php + namespace Zotlabs\Module; -/* - * ACL selector json backend +require_once 'include/acl_selectors.php'; +require_once 'include/group.php'; + +/** + * @brief ACL selector json backend. + * * This module provides JSON lists of connections and local/remote channels * (xchans) to populate various tools such as the ACL (AccessControlList) popup - * and various auto-complete functions (such as email recipients, search, and + * and various auto-complete functions (such as email recipients, search, and * mention targets. + * * There are two primary output structural formats. One for the ACL widget and * the other for auto-completion. - * Many of the behaviour variations are triggered on the use of single character keys - * however this functionality has grown in an ad-hoc manner and has gotten quite messy over time. + * + * Many of the behaviour variations are triggered on the use of single character + * keys however this functionality has grown in an ad-hoc manner and has gotten + * quite messy over time. */ - -require_once("include/acl_selectors.php"); -require_once("include/group.php"); - - class Acl extends \Zotlabs\Web\Controller { function init() { - + logger('mod_acl: ' . print_r($_REQUEST,true)); - + $start = (x($_REQUEST,'start') ? $_REQUEST['start'] : 0); $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 500); $search = (x($_REQUEST,'search') ? $_REQUEST['search'] : ''); $type = (x($_REQUEST,'type') ? $_REQUEST['type'] : ''); - $noforums = (x($_REQUEST,'n') ? $_REQUEST['n'] : false); + $noforums = (x($_REQUEST,'n') ? $_REQUEST['n'] : false); - // $type = + // $type = // '' => standard ACL request // 'g' => Groups only ACL request // 'f' => forums only ACL request @@ -382,15 +385,13 @@ class Acl extends \Zotlabs\Web\Controller { 'count' => $count, 'items' => $items, ); - - - + echo json_encode($o); - + killme(); } - - + + function navbar_complete(&$a) { // logger('navbar_complete'); @@ -447,5 +448,5 @@ class Acl extends \Zotlabs\Web\Controller { } return array(); } - + } diff --git a/Zotlabs/Thumbs/Epubthumb.php b/Zotlabs/Thumbs/Epubthumb.php index 4213b5267..22f1a5e8f 100644 --- a/Zotlabs/Thumbs/Epubthumb.php +++ b/Zotlabs/Thumbs/Epubthumb.php @@ -2,36 +2,54 @@ namespace Zotlabs\Thumbs; -require_once('library/epub-meta/epub.php'); +require_once 'library/epub-meta/epub.php'; +/** + * @brief Thumbnail creation for epub files. + * + */ class Epubthumb { + /** + * @brief Match for application/epub+zip. + * + * @param string $type MimeType + * @return boolean + */ function Match($type) { return(($type === 'application/epub+zip') ? true : false ); } - function Thumb($attach,$preview_style,$height = 300, $width = 300) { + /** + * @brief + * + * @param array $attach + * @param number $preview_style unused + * @param number $height (optional) default 300 + * @param number $width (optional) default 300 + */ + function Thumb($attach, $preview_style, $height = 300, $width = 300) { $photo = false; - $ep = new \Epub(dbunescbin($attach['content'])); + $ep = new \EPub(dbunescbin($attach['content'])); $data = $ep->Cover(); if($data['found']) { $photo = $data['data']; } - if($photo) { + if($photo) { $image = imagecreatefromstring($photo); - $dest = imagecreatetruecolor( $width, $height ); - $srcwidth = imagesx($image); - $srcheight = imagesy($image); + $dest = imagecreatetruecolor($width, $height); + $srcwidth = imagesx($image); + $srcheight = imagesy($image); - imagealphablending($dest, false); + imagealphablending($dest, false); imagesavealpha($dest, true); - imagecopyresampled($dest, $image, 0, 0, 0, 0, $width, $height, $srcwidth, $srcheight); - imagedestroy($image); - imagejpeg($dest,dbunescbin($attach['content']) . '.thumb'); + imagecopyresampled($dest, $image, 0, 0, 0, 0, $width, $height, $srcwidth, $srcheight); + imagedestroy($image); + imagejpeg($dest, dbunescbin($attach['content']) . '.thumb'); } } } |