diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/auth.php | 1 | ||||
-rw-r--r-- | include/connections.php | 6 | ||||
-rw-r--r-- | include/permissions.php | 56 | ||||
-rw-r--r-- | include/security.php | 74 |
4 files changed, 121 insertions, 16 deletions
diff --git a/include/auth.php b/include/auth.php index f3592cee3..fdcecec36 100644 --- a/include/auth.php +++ b/include/auth.php @@ -57,6 +57,7 @@ function account_verify_password($login, $pass) { ); if($x) { $ret['xchan'] = atoken_xchan($x[0]); + atoken_create_xchan($ret['xchan']); return $ret; } } diff --git a/include/connections.php b/include/connections.php index 9f55820cc..4f685388c 100644 --- a/include/connections.php +++ b/include/connections.php @@ -566,6 +566,7 @@ function contact_remove($channel_id, $abook_id) { drop_item($rr['id'],false); } } + q("delete from abook where abook_id = %d and abook_channel = %d", intval($abook['abook_id']), @@ -588,6 +589,11 @@ function contact_remove($channel_id, $abook_id) { intval($channel_id) ); + $r = q("delete from abconfig where chan = %d and xchan = '%s'", + intval($channel_id), + dbesc($abook['abook_xchan']) + ); + return true; } diff --git a/include/permissions.php b/include/permissions.php index a1e05d120..637193973 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -122,13 +122,21 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { dbesc($observer_xchan) ); if(! $x) { - // not in address book, see if they've got an xchan - $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", - dbesc($observer_xchan) - ); - // no xchan either, see if they've got a guest access token - if(! $y) - $x = atoken_abook($uid,$observer_xchan); + // see if they've got a guest access token; these are treated as connections + $y = atoken_abook($uid,$observer_xchan); + if($y) + $x = array($y); + + if(! $x) { + // not in address book and no guest token, see if they've got an xchan + // these *may* have individual (PERMS_SPECIFIC) permissions, but are not connections + $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", + dbesc($observer_xchan) + ); + if($y) { + $x = array(pseudo_abook($y[0])); + } + } } $abook_checked = true; @@ -190,7 +198,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // If we're still here, we have an observer, check the network. if($channel_perm & PERMS_NETWORK) { - if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) { + if($x && $x[0]['xchan_network'] === 'zot') { $ret[$perm_name] = true; continue; } @@ -238,6 +246,12 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // They're a contact, so they have permission if($channel_perm & PERMS_CONTACTS) { + // it was a fake abook entry, not really a connection + if(array_key_exists('abook_pseudo',$x[0]) && intval($x[0]['abook_pseudo'])) { + $ret[$perm_name] = false; + continue; + } + $ret[$perm_name] = true; continue; } @@ -334,13 +348,21 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { return false; if(! $x) { - // not in address book, see if they've got an xchan - $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", - dbesc($observer_xchan) - ); - // no xchan either, see if they've got a guest access token - if(! $y) - $x = atoken_abook($uid,$observer_xchan); + // see if they've got a guest access token + $y = atoken_abook($uid,$observer_xchan); + if($y) + $x = array($y); + + if(! $x) { + // not in address book and no guest token, see if they've got an xchan + $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", + dbesc($observer_xchan) + ); + if($y) { + $x = array(pseudo_abook($y[0])); + } + } + } $abperms = load_abconfig($uid,$observer_xchan,'my_perms'); } @@ -410,6 +432,10 @@ function perm_is_allowed($uid, $observer_xchan, $permission) { // They're a contact, so they have permission if($channel_perm & PERMS_CONTACTS) { + // it was a fake abook entry, not really a connection + if(array_key_exists('abook_pseudo',$x[0]) && intval($x[0]['abook_pseudo'])) { + return false; + } return true; } diff --git a/include/security.php b/include/security.php index 7d2a49bdf..83bf51bc0 100644 --- a/include/security.php +++ b/include/security.php @@ -108,6 +108,7 @@ function atoken_xchan($atoken) { 'xchan_name' => $atoken['atoken_name'], 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), 'xchan_network' => 'unknown', + 'xchan_url' => z_root(), 'xchan_hidden' => 1, 'xchan_photo_mimetype' => 'image/jpeg', 'xchan_photo_l' => get_default_profile_photo(300), @@ -119,6 +120,62 @@ function atoken_xchan($atoken) { return null; } +function atoken_delete($atoken_id) { + + $r = q("select * from atoken where atoken_id = %d", + intval($atoken_id) + ); + if(! $r) + return; + + $c = q("select channel_id, channel_hash from channel where channel_id = %d", + intval($r[0]['atoken_uid']) + ); + if(! $c) + return; + + $atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name']; + + q("delete from atoken where atoken_id = %d", + intval($atoken_id) + ); + q("delete from abconfig where chan = %d and xchan = '%s'", + intval($c[0]['channel_id']), + dbesc($atoken_xchan) + ); +} + + + +// in order for atoken logins to create content (such as posts) they need a stored xchan. +// we'll create one on the first atoken_login; it can't really ever go away but perhaps +// @fixme we should set xchan_deleted if it's expired or removed + +function atoken_create_xchan($xchan) { + + $r = q("select xchan_hash from xchan where xchan_hash = '%s'", + dbesc($xchan['xchan_hash']) + ); + if($r) + return; + + $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s ) + values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", + dbesc($xchan['xchan_hash']), + dbesc($xchan['xchan_hash']), + dbesc($xchan['xchan_addr']), + dbesc($xchan['xchan_url']), + dbesc($xchan['xchan_name']), + dbesc($xchan['xchan_network']), + dbesc($xchan['xchan_photo_mimetype']), + dbesc($xchan['xchan_photo_l']), + dbesc($xchan['xchan_photo_m']), + dbesc($xchan['xchan_photo_s']) + ); + + return true; +} + function atoken_abook($uid,$xchan_hash) { if(substr($xchan_hash,16,1) != '.') @@ -149,6 +206,21 @@ function atoken_abook($uid,$xchan_hash) { } +function pseudo_abook($xchan) { + if(! $xchan) + return false; + + // set abook_pseudo to flag that we aren't really connected. + + $xchan['abook_pseudo'] = 1; + $xchan['abook_blocked'] = 0; + $xchan['abook_ignored'] = 0; + $xchan['abook_pending'] = 0; + return $xchan; + +} + + /** * @brief Change to another channel with current logged-in account. * @@ -424,7 +496,7 @@ function public_permissions_sql($observer_hash) { * In this implementation, a security token is reusable (if the user submits a form, goes back and resubmits the form, maybe with small changes; * or if the security token is used for ajax-calls that happen several times), but only valid for a certain amout of time (3hours). * The "typename" seperates the security tokens of different types of forms. This could be relevant in the following case: - * A security token is used to protekt a link from CSRF (e.g. the "delete this profile"-link). + * A security token is used to protekt a link from CSRF (e.g. the "delete this profile"-link). * If the new page contains by any chance external elements, then the used security token is exposed by the referrer. * Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are, * so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types). |