From c29483b88cda69beb51f00ee8f2d262bc6784a24 Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 15:18:44 +0100
Subject: respect parent dir permissions

---
 include/attach.php       | 74 ++++++++++++++++++++++++++++++++++++++++++++++++
 view/tpl/attach_edit.tpl |  2 ++
 2 files changed, 76 insertions(+)

diff --git a/include/attach.php b/include/attach.php
index 155ddbc96..c38301e01 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -966,6 +966,35 @@ function pipe_streams($in, $out) {
 
 function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $verb, $no_activity) {
 
+	//if we got no object something went wrong
+	if(!$object)
+		return;
+
+	$is_dir = (($object['flags'] & ATTACH_FLAG_DIR) ? true : false);
+
+	//do not send activity for folders for now
+	if($is_dir)
+		return;
+
+	//check for recursive perms if we are in a folder
+	if($object['folder']) {
+
+		$folder_hash = $object['folder'];
+
+		$r_perms = check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash);
+
+		$allow_cid = $r_perms['allow_cid'];
+		$allow_gid = $r_perms['allow_gid'];
+		$deny_cid = $r_perms['deny_cid'];
+		$deny_gid = $r_perms['deny_gid'];
+
+		if(!$allow_gid && !$allow_cid) {
+			notice( t('Allowed permissions for this file are not recursive. None of your allowed contacts will have access to this file.') . EOL);
+			$verb = 'update';
+		}
+
+	}
+
 	require_once('include/items.php');
 
 	$poster = get_app()->get_observer();
@@ -1124,3 +1153,48 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) {
 	return $object;
 
 }
+
+function check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash) {
+
+	$arr_allow_cid = expand_acl($allow_cid);
+	$arr_allow_gid = expand_acl($allow_gid);
+	$arr_deny_cid = expand_acl($deny_cid);
+	$arr_deny_gid = expand_acl($deny_gid);
+
+	while($folder_hash) {
+		$x = q("SELECT * FROM attach WHERE hash = '%s'",
+			dbesc($folder_hash)
+		);
+
+		$parents_arr_allow_cid[] = expand_acl($x[0]['allow_cid']);
+		$parents_arr_allow_gid[] = expand_acl($x[0]['allow_gid']);
+		$parents_arr_deny_cid[] = expand_acl($x[0]['deny_cid']);
+		$parents_arr_deny_gid[] = expand_acl($x[0]['deny_gid']);
+
+		$folder_hash = $x[0]['folder'];
+	}
+
+	foreach($parents_arr_allow_gid as $folder_arr_allow_gid) {
+		$arr_allow_gid = array_intersect($arr_allow_gid, $folder_arr_allow_gid);
+	}
+
+	foreach($parents_arr_allow_cid as $folder_arr_allow_cid) {
+		$arr_allow_cid = array_intersect($arr_allow_cid, $folder_arr_allow_cid);
+	}
+
+	foreach($parents_arr_deny_gid as $folder_arr_deny_gid) {
+		$arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid);
+	}
+
+	foreach($parents_arr_deny_cid as $folder_arr_deny_cid) {
+		$arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid);
+	}
+
+	$ret['allow_gid'] = perms2str($arr_allow_gid);
+	$ret['allow_cid'] = perms2str($arr_allow_cid);
+	$ret['deny_gid'] = perms2str(array_unique($arr_deny_gid));
+	$ret['deny_cid'] = perms2str(array_unique($arr_deny_cid));
+
+	return $ret;
+
+}
diff --git a/view/tpl/attach_edit.tpl b/view/tpl/attach_edit.tpl
index 5a8743919..4a438e8fd 100644
--- a/view/tpl/attach_edit.tpl
+++ b/view/tpl/attach_edit.tpl
@@ -22,11 +22,13 @@
 			</label>
 		</div>
 		{{/if}}
+		{{if !$isadir}}
 		<div id="attach-edit-activity" class="btn-group" data-toggle="buttons">
 			<label class="btn btn-default btn-xs" title="{{$activity_btn_title}}">
 				<input type="checkbox" autocomplete="off" name="no_activity" value="1"><i class="icon-ban-circle jot-icons"></i>
 			</label>
 		</div>
+		{{/if}}
 		<div id="attach-edit-perms" class="btn-group">
 			<button id="dbtn-acl" class="btn btn-default btn-xs" data-toggle="modal" data-target="#aclModal" title="{{$permset}}" onclick="return false;">
 				<i id="jot-perms-icon" class="icon-{{$lockstate}} jot-icons"></i>
-- 
cgit v1.2.3