diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/account.php | 23 | ||||
| -rw-r--r-- | include/bb2diaspora.php | 6 | ||||
| -rwxr-xr-x | include/diaspora.php | 32 | ||||
| -rw-r--r-- | include/follow.php | 13 | ||||
| -rw-r--r-- | include/identity.php | 101 | ||||
| -rwxr-xr-x | include/items.php | 28 | ||||
| -rw-r--r-- | include/network.php | 32 | ||||
| -rw-r--r-- | include/notifier.php | 9 | ||||
| -rw-r--r-- | include/permissions.php | 290 | ||||
| -rw-r--r-- | include/photos.php | 1 | ||||
| -rw-r--r-- | include/widgets.php | 10 | ||||
| -rw-r--r-- | include/zot.php | 46 |
12 files changed, 527 insertions, 64 deletions
diff --git a/include/account.php b/include/account.php index a3d6ef025..df484e608 100644 --- a/include/account.php +++ b/include/account.php @@ -616,6 +616,29 @@ function service_class_fetch($uid,$property) { return((array_key_exists($property,$arr)) ? $arr[$property] : false); } +// like service_class_fetch but queries by account rather than channel + +function account_service_class_fetch($aid,$property) { + + $r = q("select account_service_class as service_class from account where account_id = %d limit 1", + intval($aid) + ); + if($r !== false && count($r)) { + $service_class = $r[0]['service_class']; + } + + if(! x($service_class)) + return false; // everything is allowed + + $arr = get_config('service_class',$service_class); + + if(! is_array($arr) || (! count($arr))) + return false; + + return((array_key_exists($property,$arr)) ? $arr[$property] : false); +} + + function upgrade_link($bbcode = false) { $l = get_config('service_class','upgrade_link'); if(! $l) diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php index 846725639..e60f72add 100644 --- a/include/bb2diaspora.php +++ b/include/bb2diaspora.php @@ -269,12 +269,12 @@ function bb2diaspora_itemwallwall(&$item) { logger('bb2diaspora_itemwallwall: author: ' . print_r($item['author'],true), LOGGER_DEBUG); } - if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author'])) && $item['author']['url'] && $item['author']['name'] && $item['author']['photo']['src']) { + if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_m']) { logger('bb2diaspora_itemwallwall: wall to wall post',LOGGER_DEBUG); // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. $item['body'] = "\n\n" - . '[img]' . $item['author']['photo']['src'] . '[/img]' - . '[url=' . $item['author']['url'] . ']' . $item['author']['name'] . '[/url]' . "\n\n" + . '[img]' . $item['author']['xchan_photo_m'] . '[/img]' + . '[url=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/url]' . "\n\n" . $item['body']; } } diff --git a/include/diaspora.php b/include/diaspora.php index ea3c78bfe..3b6321643 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -2043,35 +2043,33 @@ function diaspora_signed_retraction($importer,$xml,$msg) { } if($type === 'StatusMessage' || $type === 'Comment' || $type === 'Like') { - $r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1", + $r = q("select * from item where mid = '%s' and uid = %d limit 1", dbesc($guid), intval($importer['channel_id']) ); - if(count($r)) { - if(link_compare($r[0]['author-link'],$contact['url'])) { - q("update item set `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' , `title` = '' where `id` = %d", - dbesc(datetime_convert()), - dbesc(datetime_convert()), - intval($r[0]['id']) - ); + if($r) { + if($r[0]['author_xchan'] == $contact['xchan_hash']) { + + drop_item($r[0]['id'],false, DROPITEM_PHASE1); // Now check if the retraction needs to be relayed by us // // The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always // return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent. // The only item with `parent` and `id` as the parent id is the parent item. - $p = q("select origin from item where parent = %d and id = %d limit 1", + $p = q("select item_flags from item where parent = %d and id = %d limit 1", $r[0]['parent'], $r[0]['parent'] ); - if(count($p)) { - if(($p[0]['origin']) && (! $parent_author_signature)) { - q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", - $r[0]['id'], - dbesc($signed_data), - dbesc($sig), - dbesc($diaspora_handle) - ); + if($p) { + if(($p[0]['item_flags'] & ITEM_ORIGIN) && (! $parent_author_signature)) { +// FIXME so we can relay this +// q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", +// $r[0]['id'], +// dbesc($signed_data), +// dbesc($sig), +// dbesc($diaspora_handle) +// ); // the existence of parent_author_signature would have meant the parent_author or owner // is already relaying. diff --git a/include/follow.php b/include/follow.php index 18a9e66ea..3c1fcd890 100644 --- a/include/follow.php +++ b/include/follow.php @@ -63,6 +63,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $my_perms = PERMS_W_STREAM|PERMS_W_MAIL; + $role = get_pconfig($uid,'system','permissions_role'); + if($role) { + $x = get_role_perms($role); + if($x['perms_follow']) + $my_perms = $x['perms_follow']; + } + logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG); @@ -153,6 +160,12 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $xchan_hash = $r[0]['xchan_hash']; $their_perms = 0; $my_perms = PERMS_W_STREAM|PERMS_W_MAIL; + $role = get_pconfig($uid,'system','permissions_role'); + if($role) { + $x = get_role_perms($role); + if($x['perms_follow']) + $my_perms = $x['perms_follow']; + } } } diff --git a/include/identity.php b/include/identity.php index d8f59e56c..50c5d13b9 100644 --- a/include/identity.php +++ b/include/identity.php @@ -215,18 +215,38 @@ function create_identity($arr) { if(array_key_exists('primary', $arr)) $primary = intval($arr['primary']); + $perms_sql = ''; - $defperms = site_default_perms(); + $role_permissions = null; $global_perms = get_perms(); - foreach($defperms as $p => $v) { - $perms_keys .= ', ' . $global_perms[$p][0]; - $perms_vals .= ', ' . intval($v); + + if(array_key_exists('permissions_role',$arr) && $arr['permissions_role']) { + $role_permissions = get_role_perms($arr['permissions_role']); + + if($role_permissions) { + foreach($role_permissions as $p => $v) { + if(strpos($p,'channel_') !== false) { + $perms_keys .= ', ' . $p; + $perms_vals .= ', ' . intval($v); + } + if($p === 'directory_publish') + $publish = intval($v); + } + } } + else { + $defperms = site_default_perms(); + foreach($defperms as $p => $v) { + $perms_keys .= ', ' . $global_perms[$p][0]; + $perms_vals .= ', ' . intval($v); + } + } + $expire = get_config('system', 'default_expire_days'); $expire = (($expire===false)? '0': $expire); - + $r = q("insert into channel ( channel_account_id, channel_primary, channel_name, channel_address, channel_guid, channel_guid_sig, channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_expire_days $perms_keys ) @@ -246,8 +266,6 @@ function create_identity($arr) { ); - - $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($arr['account_id']), @@ -322,24 +340,55 @@ function create_identity($arr) { dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}") ); - $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags ) - values ( %d, %d, '%s', %d, '%s', '%s', %d ) ", + $myperms = 0; + if($role_permissions) { + $myperms = ((array_key_exists('perms_auto',$role_permissions) && $role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0); + } + + $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags, abook_my_perms ) + values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc($hash), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), - intval(ABOOK_FLAG_SELF) + intval(ABOOK_FLAG_SELF), + intval($myperms) ); if(intval($ret['channel']['channel_account_id'])) { - // Create a group with no members. This allows somebody to use it + // Save our permissions role so we can perhaps call it up and modify it later. + + if($role_permissions) { + set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']); + if(array_key_exists('online',$role_permissions)) + set_pconfig('system','hide_presence',1-intval($role_permissions['online'])); + } + + // Create a group with yourself as a member. This allows somebody to use it // right away as a default group for new contacts. require_once('include/group.php'); group_add($newuid, t('Friends')); + group_add_member($newuid,t('Friends'),$ret['channel']['channel_hash']); + + // if our role_permissions indicate that we're using a default collection ACL, add it. + + if(is_array($role_permissions) && $role_permissions['default_collection']) { + $r = q("select hash from groups where uid = %d and name = '%s' limit 1", + intval($newuid), + dbesc( t('Friends') ) + ); + if($r) { + q("update channel set channel_allow_gid = '%s' where channel_id = %d limit 1", + dbesc('<' . $r[0]['hash'] . '>'), + intval($newuid) + ); + } + } + call_hooks('register_account', $newuid); @@ -396,7 +445,7 @@ function set_default_login_identity($account_id,$channel_id,$force = true) { * */ -function identity_basic_export($channel_id) { +function identity_basic_export($channel_id, $items = false) { /* * Red basic channel export @@ -468,8 +517,36 @@ function identity_basic_export($channel_id) { $ret['photo'] = array('type' => $r[0]['type'], 'data' => base64url_encode($r[0]['data'])); } + if(! $items) + return $ret; + + + $r = q("select * from item_id where uid = %d", + intval($channel_id) + ); + + if($r) + $ret['item_id'] = $r; + + $key = get_config('system','prvkey'); + + // warning: this may run into memory limits on smaller systems + + $r = q("select * from item where (item_flags & %d) and not (item_restrict & %d) and uid = %d", + intval(ITEM_WALL), + intval(ITEM_DELETED), + intval($channel_id) + ); + if($r) { + $ret['item'] = array(); + xchan_query($r); + $r = fetch_post_tags($r,true); + foreach($r as $rr) + $ret['item'][] = encode_item($rr,true); + } return $ret; + } diff --git a/include/items.php b/include/items.php index beec65d8a..1fa833eb2 100755 --- a/include/items.php +++ b/include/items.php @@ -1007,8 +1007,7 @@ function import_author_unknown($x) { } - -function encode_item($item) { +function encode_item($item,$mirror = false) { $x = array(); $x['type'] = 'activity'; $x['encoding'] = 'zot'; @@ -1030,14 +1029,37 @@ function encode_item($item) { $c_scope = map_scope($comment_scope); + $key = get_config('system','prvkey'); + if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED)) { - $key = get_config('system','prvkey'); if($item['title']) $item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key); if($item['body']) $item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key); } + // If we're trying to backup an item so that it's recoverable or for export/imprt, + // add all the attributes we need to recover it + + if($mirror) { + $x['id'] = $item['id']; + $x['parent'] = $item['parent']; + $x['uid'] = $item['uid']; + $x['allow_cid'] = $item['allow_cid']; + $x['allow_gid'] = $item['allow_gid']; + $x['deny_cid'] = $item['deny_cid']; + $x['deny_gid'] = $item['deny_gid']; + $x['revision'] = $item['revision']; + $x['layout_mid'] = $item['layout_mid']; + $x['postopts'] = $item['postopts']; + $x['resource_id'] = $item['resource_id']; + $x['resource_type'] = $item['resource_type']; + $x['item_restrict'] = $item['item_restrict']; + $x['item_flags'] = $item['item_flags']; + $x['diaspora_meta'] = crypto_unencapsulate(json_decode($item['diaspora_meta'],true),$key); + $x['attach'] = $item['attach']; + } + $x['message_id'] = $item['mid']; $x['message_top'] = $item['parent_mid']; diff --git a/include/network.php b/include/network.php index 0191f203d..7286f0b12 100644 --- a/include/network.php +++ b/include/network.php @@ -38,6 +38,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { return false; @curl_setopt($ch, CURLOPT_HEADER, true); + @curl_setopt($ch, CURLINFO_HEADER_OUT, true); @curl_setopt($ch, CURLOPT_CAINFO, get_capath()); @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); @@ -47,11 +48,8 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { if($ciphers) @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers); - if (x($opts,'accept_content')){ - @curl_setopt($ch,CURLOPT_HTTPHEADER, array ( - "Accept: " . $opts['accept_content'] - )); - } + if(x($opts,'headers')) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); if(x($opts,'timeout') && intval($opts['timeout'])) { @curl_setopt($ch, CURLOPT_TIMEOUT, $opts['timeout']); @@ -126,6 +124,10 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { } $ret['body'] = substr($s,strlen($header)); $ret['header'] = $header; + + if(x($opts,'debug')) { + $ret['debug'] = $curl_info; + } @curl_close($ch); return($ret); @@ -166,6 +168,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { return ret; @curl_setopt($ch, CURLOPT_HEADER, true); + @curl_setopt($ch, CURLINFO_HEADER_OUT, true); @curl_setopt($ch, CURLOPT_CAINFO, get_capath()); @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); @curl_setopt($ch, CURLOPT_POST,1); @@ -176,12 +179,6 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { if($ciphers) @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers); - - if (x($opts,'accept_content')){ - @curl_setopt($ch,CURLOPT_HTTPHEADER, array ( - "Accept: " . $opts['accept_content'] - )); - } if(x($opts,'headers')) @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); @@ -258,11 +255,24 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) { $ret['body'] = substr($s,strlen($header)); $ret['header'] = $header; + + if(x($opts,'debug')) { + $ret['debug'] = $curl_info; + } + + curl_close($ch); return($ret); } +function z_post_url_json($url,$params,$redirects = 0, $opts = array()) { + + $opts = array_merge($opts,array('headers' => array('Content-Type: application/json'))); + return z_post_url($url,json_encode($params),$redirects,$opts); + +} + function json_return_and_die($x) { header("content-type: application/json"); diff --git a/include/notifier.php b/include/notifier.php index ae781bcf8..3f34d6133 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -455,8 +455,8 @@ function notifier_run($argv, $argc){ // for public posts always include our own hub - - $sql_extra = (($private) ? "" : " or hubloc_url = '" . dbesc(z_root()) . "' "); +// this shouldn't be needed any more. collect_recipients should take care of it. +// $sql_extra = (($private) ? "" : " or hubloc_url = '" . dbesc(z_root()) . "' "); logger('notifier: hub choice: ' . intval($relay_to_owner) . ' ' . intval($private) . ' ' . $cmd, LOGGER_DEBUG); @@ -478,7 +478,9 @@ function notifier_run($argv, $argc){ } else { $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host from hubloc - where hubloc_hash in (" . implode(',',$recipients) . ") $sql_extra group by hubloc_sitekey"); + where hubloc_hash in (" . implode(',',$recipients) . ") and not (hubloc_flags & %d) group by hubloc_sitekey", + intval(HUBLOC_FLAGS_DELETED) + ); } if(! $r) { @@ -493,6 +495,7 @@ function notifier_run($argv, $argc){ foreach($hubs as $hub) { // don't try to deliver to deleted hublocs - and inexplicably SQL "distinct" and "group by" // both return records with duplicate keys in rare circumstances +// FIXME this is probably redundant now. if((! ($hub['hubloc_flags'] & HUBLOC_FLAGS_DELETED)) && (! in_array($hub['hubloc_sitekey'],$keys))) { $hublist[] = $hub['hubloc_host']; $keys[] = $hub['hubloc_sitekey']; diff --git a/include/permissions.php b/include/permissions.php index 8e4676f51..e25052f95 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -419,11 +419,12 @@ function site_default_perms() { * * Given a string for the channel role ('social','forum', etc) * return an array of all permission fields pre-filled for this role. - * This includes the channel permission scope indicators as well as - * perms_auto: The permissions to apply automatically on receipt of a connection request + * This includes the channel permission scope indicators (anything beginning with 'channel_') as well as + * perms_auto: true or false to create auto-permissions for this channel * perms_follow: The permissions to apply when initiating a connection request to another channel * perms_accept: The permissions to apply when accepting a connection request from another channel (not automatic) - * + * default_collection: true or false to make the default ACL include the channel's default collection + * directory_publish: true or false to publish this channel in the directory * Any attributes may be extended (new roles defined) and modified (specific permissions altered) by plugins * */ @@ -436,7 +437,10 @@ function get_role_perms($role) { switch($role) { case 'social': - $ret['perms_auto'] = 0; + $ret['perms_auto'] = false; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = true; $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; @@ -462,6 +466,259 @@ function get_role_perms($role) { $ret['channel_w_like'] = PERMS_NETWORK; break; + + + case 'social_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = true; + $ret['online'] = true; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_PUBLIC; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = PERMS_SPECIFIC; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_CONTACTS; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_CONTACTS; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_CONTACTS; + + break; + + + case 'social_private': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_CONTACTS; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = PERMS_SPECIFIC; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_SPECIFIC; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_SPECIFIC; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_CONTACTS; + + break; + + case 'forum': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_PUBLIC; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = PERMS_CONTACTS; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_CONTACTS; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_CONTACTS; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_NETWORK; + + break; + + case 'forum_restricted': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_PUBLIC; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = PERMS_SPECIFIC; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_CONTACTS; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_CONTACTS; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_CONTACTS; + + break; + + + case 'forum_private': + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_CONTACTS; + $ret['channel_r_photos'] = PERMS_CONTACTS; + $ret['channel_r_abook'] = PERMS_CONTACTS; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = 0; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_SPECIFIC; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_SPECIFIC; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_CONTACTS; + $ret['channel_r_pages'] = PERMS_CONTACTS; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_CONTACTS; + + break; + + case 'feed': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_PUBLIC; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = PERMS_SPECIFIC; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_CONTACTS; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_CONTACTS; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_NETWORK; + $ret['channel_w_like'] = PERMS_NETWORK; + + break; + + case 'feed_restricted': + + $ret['perms_auto'] = false; + $ret['default_collection'] = true; + $ret['directory_publish'] = false; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_PUBLIC; + $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_wall'] = PERMS_CONTACTS; + $ret['channel_w_tagwall'] = PERMS_SPECIFIC; + $ret['channel_w_comment'] = PERMS_CONTACTS; + $ret['channel_w_mail'] = PERMS_CONTACTS; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = PERMS_CONTACTS; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_NETWORK; + + break; + + case 'soapbox': + $ret['perms_auto'] = true; + $ret['default_collection'] = false; + $ret['directory_publish'] = true; + $ret['online'] = false; + $ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; + $ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; + $ret['channel_r_stream'] = PERMS_PUBLIC; + $ret['channel_r_profile'] = PERMS_PUBLIC; + $ret['channel_r_photos'] = PERMS_PUBLIC; + $ret['channel_r_abook'] = PERMS_PUBLIC; + $ret['channel_w_stream'] = 0; + $ret['channel_w_wall'] = 0; + $ret['channel_w_tagwall'] = 0; + $ret['channel_w_comment'] = 0; + $ret['channel_w_mail'] = 0; + $ret['channel_w_photos'] = 0; + $ret['channel_w_chat'] = 0; + $ret['channel_a_delegate'] = 0; + $ret['channel_r_storage'] = PERMS_PUBLIC; + $ret['channel_r_pages'] = PERMS_PUBLIC; + $ret['channel_w_pages'] = 0; + $ret['channel_a_republish'] = PERMS_SPECIFIC; + $ret['channel_w_like'] = PERMS_NETWORK; + + break; + + default: + break; } @@ -471,3 +728,28 @@ function get_role_perms($role) { } +function role_selector($current) { + $roles = array( + 'social' => array( t('Social Networking'), + array('social' => t('Mostly Public'), 'social_restricted' => t('Restricted'), 'social_private' => t('Private'))), + 'forum' => array( t('Community Forum'), + array('forum' => t('Mostly Public'), 'forum_restricted' => t('Restricted'), 'forum_private' => t('Private'))), + 'feed' => array( t('Feed Republish'), + array('feed' => t('Mostly Public'), 'feed_restricted' => t('Restricted'))), + 'soapbox' => array( t('Celebrity/Soapbox'), + array('soapbox' => t('Mostly Public'))), + 'other' => array( t('Other'), + array('custom' => t('Custom/Expert Mode')))); + $o = '<select name="permissions_role" id="privacy-role-select">'; + foreach($roles as $k => $v) { + $o .= '<optgroup label="'. htmlspecialchars($v[0]) . '" >'; + foreach($v[1] as $kk => $vv) { + $selected = (($kk === $current) ? ' selected="selected" ' : ''); + $o .= '<option value="' . $kk . '" ' . $selected . '>' . htmlspecialchars($vv) . '</option>'; + } + $o .= '<optgroup>'; + } + $o .= '</select>'; + return $o; +} + diff --git a/include/photos.php b/include/photos.php index 06a99457a..badbbd791 100644 --- a/include/photos.php +++ b/include/photos.php @@ -266,6 +266,7 @@ function photo_upload($channel, $observer, $args) { proc_run('php', "include/notifier.php", 'wall-new', $item_id); $ret['success'] = true; + $ret['item'] = $arr; $ret['body'] = $arr['body']; $ret['resource_id'] = $photo_hash; $ret['photoitem_id'] = $item_id; diff --git a/include/widgets.php b/include/widgets.php index 1aa018fb6..f1c9ceada 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -481,11 +481,11 @@ function widget_settings_menu($arr) { 'selected' => '' ), -// array( -// 'label' => t('Export account'), -// 'url' => $a->get_baseurl(true) . '/uexport/complete', -// 'selected' => '' -// ), + array( + 'label' => t('Export content'), + 'url' => $a->get_baseurl(true) . '/uexport/complete', + 'selected' => '' + ), array( 'label' => t('Automatic Permissions (Advanced)'), diff --git a/include/zot.php b/include/zot.php index f6732037a..b7ffe14e4 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1844,8 +1844,10 @@ function sync_locations($sender,$arr,$absolute = false) { if($absolute && $xisting) { foreach($xisting as $x) { if(! array_key_exists('updated',$x)) { - logger('sync_locations: removing unreferenced hub location ' . $x['hubloc_url']); - $r = q("delete from hubloc where hubloc_id = %d limit 1", + logger('sync_locations: deleting unreferenced hub location ' . $x['hubloc_url']); + $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d), hubloc_updated = '%s' where hubloc_id = %d limit 1", + intval(HUBLOC_FLAGS_DELETED), + dbesc(datetime_convert()), intval($x['hubloc_id']) ); $what .= 'removed_hub'; @@ -2336,7 +2338,7 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { function process_channel_sync_delivery($sender,$arr,$deliveries) { // FIXME - this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic. -// TODO: missing group membership changes + $result = array(); @@ -2352,6 +2354,10 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { $channel = $r[0]; + $max_friends = service_class_fetch($channel['channel_id'],'total_channels'); + $max_feeds = account_service_class_fetch($channel['channel_account_id'],'total_feeds'); + + if($channel['channel_hash'] != $sender['hash']) { logger('process_channel_sync_delivery: possible forgery. Sender ' . $sender['hash'] . ' is not ' . $channel['channel_hash']); $result[] = array($d['hash'],'channel mismatch',$channel['channel_name'],''); @@ -2385,6 +2391,19 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { if(array_key_exists('abook',$arr) && is_array($arr['abook']) && count($arr['abook'])) { + $total_friends = 0; + $total_feeds = 0; + + $r = q("select abook_id, abook_flags from abook where abook_channel = %d", + intval($channel['channel_id']) + ); + if($r) { + // don't count yourself + $total_friends = ((count($r) > 0) ? $count($r) - 1 : 0); + foreach($r as $rr) + if($rr['abook_flags'] & ABOOK_FLAG_FEED) + $total_feeds ++; + } $disallowed = array('abook_id','abook_account','abook_channel'); @@ -2395,14 +2414,18 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { logger('process_channel_sync_delivery: removing abook entry for ' . $abook['abook_xchan']); require_once('include/Contact.php'); - $r = q("select abook_id from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d ) limit 1", + $r = q("select abook_id, abook_flags from abook where abook_xchan = '%s' and abook_channel = %d and not ( abook_flags & %d ) limit 1", dbesc($abook['abook_xchan']), intval($channel['channel_id']), intval(ABOOK_FLAG_SELF) ); - if($r) + if($r) { contact_remove($channel['channel_id'],$r[0]['abook_id']); - + if($total_friends) + $total_friends --; + if($r[0]['abook_flags'] & ABOOK_FLAG_FEED) + $total_feeds --; + } continue; } @@ -2449,10 +2472,21 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { // make sure we have an abook entry for this xchan on this system if(! $r) { + if($max_friends !== false && $total_friends > $max_friends) { + logger('process_channel_sync_delivery: total_channels service class limit exceeded'); + continue; + } + if($max_feeds !== false && ($clean['abook_flags'] & ABOOK_FLAG_FEED) && $total_feeds > $max_feeds) { + logger('process_channel_sync_delivery: total_feeds service class limit exceeded'); + continue; + } q("insert into abook ( abook_xchan, abook_channel ) values ('%s', %d ) ", dbesc($clean['abook_xchan']), intval($channel['channel_id']) ); + $total_friends ++; + if($clean['abook_flags'] & ABOOK_FLAG_FEED) + $total_feeds ++; } if(count($clean)) { |