diff options
Diffstat (limited to 'include/permissions.php')
| -rw-r--r-- | include/permissions.php | 99 |
1 files changed, 87 insertions, 12 deletions
diff --git a/include/permissions.php b/include/permissions.php index 72e002ace..029bc1288 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -1,4 +1,4 @@ -<?php +<?php /** @file */ function get_perms() { @@ -23,11 +23,13 @@ function get_perms() { 'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on my posts'), ''), 'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''), 'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''), - 'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post tags'), t('Advanced - useful for creating group forum channels')), - 'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('Requires compatible chat plugin')), + 'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')), + 'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')), 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my "public" file storage'), ''), 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my "public" pages'), ''), + 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my "public" posts in derived channels'), t('Somewhat advanced - very useful in open communities')), + 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')), ); $ret = array('global_permissions' => $global_perms); @@ -86,13 +88,25 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) { // These take priority over all other settings. if($observer_xchan) { + if($r[0][$channel_perm] & PERMS_AUTHED) { + $ret[$perm_name] = true; + continue; + } + if(! $abook_checked) { - $x = q("select abook_my_perms, abook_flags from abook + $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", intval($uid), dbesc($observer_xchan), intval(ABOOK_FLAG_SELF) ); + if(! $x) { + // not in address book, see if they've got an xchan + $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", + dbesc($observer_xchan) + ); + } + $abook_checked = true; } @@ -135,11 +149,13 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) { continue; } - // If we're still here, we have an observer, which means they're in the network. + // If we're still here, we have an observer, check the network. if($r[0][$channel_perm] & PERMS_NETWORK) { - $ret[$perm_name] = true; - continue; + if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) { + $ret[$perm_name] = true; + continue; + } } // If PERMS_SITE is specified, find out if they've got an account on this hub @@ -168,6 +184,13 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) { $ret[$perm_name] = false; continue; } + + // They are in your address book, but haven't been approved + + if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) { + $ret[$perm_name] = false; + continue; + } if(($r) && ($r[0][$channel_perm] & PERMS_CONTACTS)) { @@ -192,6 +215,8 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) { continue; } + + $arr = array( 'channel_id' => $uid, 'observer_hash' => $observer_xchan, @@ -229,7 +254,11 @@ function perm_is_allowed($uid,$observer_xchan,$permission) { return false; if($observer_xchan) { - $x = q("select abook_my_perms, abook_flags from abook where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", + if($r[0][$channel_perm] & PERMS_AUTHED) + return true; + + $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash + where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1", intval($uid), dbesc($observer_xchan), intval(ABOOK_FLAG_SELF) @@ -243,6 +272,12 @@ function perm_is_allowed($uid,$observer_xchan,$permission) { if(($x) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED)) return false; + if(! $x) { + // not in address book, see if they've got an xchan + $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", + dbesc($observer_xchan) + ); + } } @@ -261,11 +296,12 @@ function perm_is_allowed($uid,$observer_xchan,$permission) { return false; } - // If we're still here, we have an observer, which means they're in the network. - - if($r[0][$channel_perm] & PERMS_NETWORK) - return true; + // If we're still here, we have an observer, check the network. + if($r[0][$channel_perm] & PERMS_NETWORK) { + if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) + return true; + } // If PERMS_SITE is specified, find out if they've got an account on this hub @@ -282,6 +318,10 @@ function perm_is_allowed($uid,$observer_xchan,$permission) { return false; } + if($x[0]['abook_flags'] & ABOOK_FLAG_PENDING) { + return false; + } + if($r[0][$channel_perm] & PERMS_CONTACTS) { return true; } @@ -315,3 +355,38 @@ function check_list_permissions($uid,$arr,$perm) { return($result); } + + +function site_default_perms() { + + $typical = array( + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_photos' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_photos' => 0, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => 0, + 'write_pages' => 0, + 'delegate' => 0, + ); + + + $global_perms = get_perms(); + $ret = array(); + + foreach($global_perms as $perm => $v) { + $x = get_config('default_perms',$perm); + if($x === false) + $x = $typical[$perm]; + $ret[$perm] = $x; + } + return $ret; +} |