From 191cd21028ab108c2a7f982c654601d780865eff Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 13 Jul 2016 23:05:19 -0700 Subject: more perms work --- Zotlabs/Module/Connedit.php | 20 +++++++++++++------- Zotlabs/Module/Follow.php | 2 +- include/channel.php | 6 +++--- include/follow.php | 46 +++++++++++++++++++++++++++------------------ include/items.php | 7 +++---- 5 files changed, 48 insertions(+), 33 deletions(-) diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index f9b1336a8..260952b4e 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -205,20 +205,26 @@ class Connedit extends \Zotlabs\Web\Controller { if($role) { $x = get_role_perms($role); if($x['perms_connect']) { - foreach($x['perms_connect'] as $p) { - set_abconfig(local_channel(),$orig_record[0]['abook_xchan'],'my_perms',$p,1); - } + $abook_my_perms = $x['perms_connect']; + } + } + + if($all_perms) { + foreach($all_perms as $perm => $desc) { + if(array_key_exists($perm, $abook_my_perms)) + set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,1); + else + set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0); } } } - + $abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']); - $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d, + $r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d, abook_incl = '%s', abook_excl = '%s' where abook_id = %d AND abook_channel = %d", dbesc($profile_id), - intval($abook_my_perms), intval($closeness), intval($abook_pending), dbesc($abook_incl), @@ -239,7 +245,7 @@ class Connedit extends \Zotlabs\Web\Controller { info( t('Connection updated.') . EOL); else notice( t('Failed to update connection record.') . EOL); - +//@fixme perms if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms && (! intval(\App::$poi['abook_self']))) { \Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id)); diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index 5de89ef41..da9ab3670 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -47,7 +47,7 @@ class Follow extends \Zotlabs\Web\Controller { if($abconfig) $clone['abconfig'] = $abconfig; - build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone))); + build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true); $can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream')); diff --git a/include/channel.php b/include/channel.php index 95506ed78..28eac9d4c 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1604,13 +1604,13 @@ function notifications_on($channel_id,$value) { function get_channel_default_perms($uid) { - $r = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1", + $r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1", intval($uid) ); if($r) - return $r[0]['abook_my_perms']; + return load_abconfig($uid,$r[0]['abook_xchan'],'my_perms'); - return 0; + return array(); } diff --git a/include/follow.php b/include/follow.php index e5a74f85e..acd734896 100644 --- a/include/follow.php +++ b/include/follow.php @@ -67,11 +67,10 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $role = get_pconfig($uid,'system','permissions_role'); if($role) { $x = get_role_perms($role); - if($x['perms_follow']) - $my_perms = $x['perms_follow']; + if($x['perms_connect']) + $my_perms = $x['perms_connect']; } - if($is_red && $j) { logger('follow: ' . $url . ' ' . print_r($j,true), LOGGER_DEBUG); @@ -104,10 +103,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $xchan_hash = $x['hash']; - $their_perms = 0; - - $global_perms = get_perms(); - if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) { $permissions = crypto_unencapsulate(array( 'data' => $j['permissions']['data'], @@ -121,16 +116,14 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) else $permissions = $j['permissions']; - - foreach($permissions as $k => $v) { - if($v) { - $their_perms = $their_perms | intval($global_perms[$k][1]); + if(is_array($permissions) && $permissions) { + foreach($permissions as $k => $v) { + set_abconfig($channel['channel_uid'],$xchan_hash,'their_perms',$k,intval($v)); } } } else { - $their_perms = 0; $xchan_hash = ''; $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", @@ -190,6 +183,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $result['message'] = t('Protocol disabled.'); return $result; } + $singleton = intval($x['singleton']); $aid = $channel['channel_account_id']; @@ -222,6 +216,15 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) intval($uid) ); + if($is_http) { + + // Always set these "remote" permissions for feeds since we cannot interact with them + // to negotiate a suitable permission response + + set_abconfig($uid,$xchan_hash,'their_perms','view_stream',1); + set_abconfig($uid,$xchan_hash,'their_perms','republish',1); + } + if($r) { $abook_instance = $r[0]['abook_instance']; @@ -231,8 +234,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $abook_instance .= z_root(); } - $x = q("update abook set abook_their_perms = %d, abook_instance = '%s' where abook_id = %d", - intval($their_perms), + $x = q("update abook set abook_instance = '%s' where abook_id = %d", dbesc($abook_instance), intval($r[0]['abook_id']) ); @@ -242,15 +244,13 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) if($closeness === false) $closeness = 80; - $r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_instance ) - values( %d, %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s' ) ", + $r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_created, abook_updated, abook_instance ) + values( %d, %d, %d, '%s', %d, '%s', '%s', '%s' ) ", intval($aid), intval($uid), intval($closeness), dbesc($xchan_hash), intval(($is_http) ? 1 : 0), - intval(($is_http) ? $their_perms|PERMS_R_STREAM|PERMS_A_REPUBLISH : $their_perms), - intval($my_perms), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(($singleton) ? z_root() : '') @@ -260,6 +260,16 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) if(! $r) logger('mod_follow: abook creation failed'); + $all_perms = \Zotlabs\Access\Permissions::Perms(); + if($all_perms) { + foreach($all_perms as $k => $v) { + if(in_array($k,$my_perms)) + set_abconfig($uid,$xchan_hash,'my_perms',$k,1); + else + set_abconfig($uid,$xchan_hash,'my_perms',$k,0); + } + } + $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), diff --git a/include/items.php b/include/items.php index ad12e4f98..702d49d40 100755 --- a/include/items.php +++ b/include/items.php @@ -183,7 +183,7 @@ function is_item_normal($item) { * This function examines the comment_policy attached to an item and decides if the current observer has * sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed() * will not be suitable because the post owner does not have a local channel_id. - * Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set. + * Generally we should look at the item - in particular the author['abook_flags'] and see if ABOOK_FLAG_SELF is set. * If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call * can_comment_on_post() * We also check the comments_closed date/time on the item if this is set. @@ -224,8 +224,7 @@ function can_comment_on_post($observer_xchan, $item) { case 'contacts': case 'authenticated': case '': - if(array_key_exists('owner',$item)) { - if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT)) + if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) { return true; } break; @@ -2856,7 +2855,7 @@ function check_item_source($uid, $item) { if(! $x) return false; - if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH)) + if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish')) return false; if($item['item_private'] && (! intval($x[0]['abook_feed']))) -- cgit v1.2.3