2 files changed, 37 insertions, 0 deletions

diff --git a/include/permissions.php b/include/permissions.php
index 638bedb24..a1e05d120 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -1,4 +1,7 @@
 <?php
+
+require_once('include/security.php');
+
 /**
  * @file include/permissions.php
  *
@@ -123,6 +126,9 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
 					$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
 						dbesc($observer_xchan)
 					);
+					// no xchan either, see if they've got a guest access token
+					if(! $y)
+						$x = atoken_abook($uid,$observer_xchan);
 				}
 
 				$abook_checked = true;
@@ -332,6 +338,9 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 			$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
 				dbesc($observer_xchan)
 			);
+			// no xchan either, see if they've got a guest access token
+			if(! $y)
+				$x = atoken_abook($uid,$observer_xchan);
 		}
 		$abperms = load_abconfig($uid,$observer_xchan,'my_perms');
 	}
diff --git a/include/security.php b/include/security.php
index c67a1b400..7d2a49bdf 100644
--- a/include/security.php
+++ b/include/security.php
@@ -119,6 +119,34 @@ function atoken_xchan($atoken) {
 	return null;
 }
 
+function atoken_abook($uid,$xchan_hash) {
+
+	if(substr($xchan_hash,16,1) != '.')
+		return false;
+
+	$r = q("select channel_hash from channel where channel_id = %d limit 1",
+		intval($uid)
+	);
+
+	if(! $r)
+		return false;
+
+	$x = q("select * from atoken where atoken_uid = %d and atoken_name = '%s'",
+		intval($uid),
+		dbesc(substr($xchan_hash,17))
+	);
+
+	if($x) {
+		$xchan = atoken_xchan($x[0]);
+		$xchan['abook_blocked'] = 0;
+		$xchan['abook_ignored'] = 0;
+		$xchan['abook_pending'] = 0;
+		return $xchan;
+	}
+
+	return false;
+
+}
 
 
 /**