diff options
Diffstat (limited to 'include')
-rwxr-xr-x | include/items.php | 4 | ||||
-rw-r--r-- | include/zot.php | 104 |
2 files changed, 97 insertions, 11 deletions
diff --git a/include/items.php b/include/items.php index 605dcd51a..ed1c08b68 100755 --- a/include/items.php +++ b/include/items.php @@ -489,6 +489,8 @@ function get_item_elements($x) { $arr['item_private'] = ((array_key_exists('flags',$x) && is_array($x['flags']) && in_array('private',$x['flags'])) ? 1 : 0); + if(array_key_exists('flags',$x) && in_array('deleted',$x['flags'])) + $arr['item_restrict'] = ITEM_DELETED; // Here's the deal - the site might be down or whatever but if there's a new person you've never // seen before sending stuff to your stream, we MUST be able to look them up and import their data from their @@ -1262,7 +1264,7 @@ function item_store($arr,$force_parent = false) { // pull out all the taxonomy stuff for separate storage $terms = null; - if(x($arr,'term')) { + if(array_key_exists('term',$arr)) { $terms = $arr['term']; unset($arr['term']); } diff --git a/include/zot.php b/include/zot.php index 93c63be28..aceee5f71 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1,6 +1,8 @@ <?php require_once('include/crypto.php'); +require_once('include/items.php'); + /** * * @function zot_new_uid($channel_nick) @@ -615,11 +617,11 @@ function zot_import($arr) { $incoming = $data['pickup']; if(is_array($incoming)) { foreach($incoming as $i) { - $i['notify'] = json_decode($i['notify'],true); - $i['message'] = json_decode($i['message'],true); + + $i['notify']['sender']['hash'] = base64url_encode(hash('whirlpool',$i['notify']['sender']['guid'] . $i['notify']['sender']['guid_sig'], true)); $deliveries = null; - if($i['notify'] && array_key_exists('recipients',$i['notify']) && count($i['notify']['recipients'])) { + if(array_key_exists('recipients',$i['notify']) && count($i['notify']['recipients'])) { logger('specific recipients'); $recip_arr = array(); foreach($i['notify']['recipients'] as $recip) { @@ -649,14 +651,13 @@ function zot_import($arr) { if($i['message']) { if($i['message']['type'] === 'activity') { - $arr = get_item_elements($i); + $arr = get_item_elements($i['message']); logger('Activity received: ' . print_r($arr,true)); logger('Activity recipients: ' . print_r($deliveries,true)); - - - // process the message - +dbg(1); + process_delivery($i['notify']['sender'],$arr,$deliveries); +dbg(0); } elseif($i['message']['type'] === 'mail') { @@ -667,6 +668,13 @@ function zot_import($arr) { } +// A public message with no listed recipients can be delivered to anybody who +// has PERMS_NETWORK for that type of post, or PERMS_SITE and is one the same +// site, or PERMS_SPECIFIC and the sender is a contact who is granted +// permissions via their connection permissions in the address book. +// Here we take a given message and construct a list of hashes of everybody +// on the site that we should deliver to. + function public_recips($msg) { @@ -703,7 +711,7 @@ function public_recips($msg) { $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and ( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " ) ", - dbesc(base64url_encode(hash('whirlpool',$msg['notify']['sender']['guid'] . $msg['notify']['sender']['guid_sig'], true))) + dbesc($msg['notify']['sender']['hash']) ); if(! $x) @@ -713,4 +721,80 @@ function public_recips($msg) { return $r; -}
\ No newline at end of file +} + + +function process_delivery($sender,$arr,$deliveries) { + + + foreach($deliveries as $d) { + $r = q("select * from channel where channel_hash = '%s' limit 1", + dbesc($d['hash']) + ); + + if(! $r) + continue; + + $channel = $r[0]; + + $perm = (($arr['uri'] == $arr['parent_uri']) ? 'send_stream' : 'post_comments'); + + if(! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) { + logger("permission denied for delivery {$channel['channel_id']}"); + continue; + } + + if($arr['item_restrict'] & ITEM_DELETED) { + delete_imported_item($sender,$arr,$channel['channel_id']); + continue; + } + + $r = q("select edited from item where uri = '%s' and uid = %d limit 1", + dbesc($arr['uri']), + intval($channel['uid']) + ); + if($r) + update_imported_item($sender,$arr,$channel['channel_id']); + else { + $arr['aid'] = $channel['channel_account_id']; + $arr['uid'] = $channel['channel_id']; + $item_id = item_store($arr); + } + } +} + +function update_imported_item($sender,$item,$uid) { +// FIXME + logger('item exists: updating or ignoring'); + +} + +function delete_imported_item($sender,$item,$uid) { + + $r = q("select id from item where author_xchan = '%s' or owner_xchan = '%s' + and uri = '%s' and uid = %d limit 1", + dbesc($sender['hash']), + dbesc($sender['hash']), + dbesc($item['uri']), + intval($uid) + ); + if(! $r) { + logger('delete_imported_item: failed: ownership issue'); + return; + } + + $r = q("update item set body = '', title = '', item_restrict = %d, edited = '%s', changed = '%s' + where ( thr_parent = '%s' or parent_uri = '%s' ) and uid = %d", + intval(ITEM_DELETED), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc($item['uri']), + dbesc($item['uri']), + intval($uid) + ); + + if(! $r) + logger("delete_imported_item: db update failed. Item = {$item['uri']} uid = $uid"); + +} + |