From d05fd9632e4dc60fc3d4043374f6332a1609857f Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 27 Aug 2015 23:04:17 -0700 Subject: now we get to the heavy lifting with AccessList stuff --- include/photos.php | 86 ++++++++++++++++++----------------------------------- mod/filestorage.php | 14 ++++----- mod/settings.php | 31 ++++++++----------- 3 files changed, 48 insertions(+), 83 deletions(-) diff --git a/include/photos.php b/include/photos.php index 04018ac0d..ac502ed51 100644 --- a/include/photos.php +++ b/include/photos.php @@ -34,16 +34,6 @@ function photo_upload($channel, $observer, $args) { */ $album = $args['album']; -// $newalbum = $args['newalbum']; - -// logger('photo_upload: album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG); - -// if(! $album) { -// if($newalbum) -// $album = $newalbum; -// else -// $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y-m'); -// } if(intval($args['visible']) || $args['visible'] === 'true') $visible = 1; @@ -55,38 +45,20 @@ function photo_upload($channel, $observer, $args) { // all other settings. 'allow_cid' being passed from an external source takes priority over channel settings. // ...messy... needs re-factoring once the photos/files integration stabilises - if(array_key_exists('allow_cid',$args)) { - $str_group_allow = $args['allow_gid']; - $str_contact_allow = $args['allow_cid']; - $str_group_deny = $args['deny_gid']; - $str_contact_deny = $args['deny_cid']; - } - else { - $str_group_allow = $channel['channel_allow_gid']; - $str_contact_allow = $channel['channel_allow_cid']; - $str_group_deny = $channel['channel_deny_gid']; - $str_contact_deny = $channel['channel_deny_cid']; - } - - if($args['directory']) { - $str_group_allow = $args['directory']['allow_gid']; - $str_contact_allow = $args['directory']['allow_cid']; - $str_group_deny = $args['directory']['deny_gid']; - $str_contact_deny = $args['directory']['deny_cid']; - } - + $acl = new AccessList($channel); + if(array_key_exists('directory',$args) && $args['directory']) + $acl->set($args['directory']); + if(array_key_exists('allow_cid',$args)) + $acl->set($args); if( (array_key_exists('group_allow',$args)) || (array_key_exists('contact_allow',$args)) || (array_key_exists('group_deny',$args)) || (array_key_exists('contact_deny',$args))) { - - $str_group_allow = perms2str(((is_array($args['group_allow'])) ? $args['group_allow'] : explode(',',$args['group_allow']))); - $str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow']))); - $str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny']))); - $str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny']))); - + $acl->set_from_array($args); } + $ac = $acl->get(); + $os_storage = 0; if($args['os_path'] && $args['getimagesize']) { @@ -200,8 +172,8 @@ function photo_upload($channel, $observer, $args) { $p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash, 'filename' => $filename, 'album' => $album, 'scale' => 0, 'photo_usage' => PHOTO_NORMAL, - 'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, - 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny, + 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], + 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], 'os_storage' => $os_storage, 'os_path' => $args['os_path'] ); if($args['created']) @@ -320,26 +292,26 @@ function photo_upload($channel, $observer, $args) { if($lat && $lon) $arr['coord'] = $lat . ' ' . $lon; - $arr['aid'] = $account_id; - $arr['uid'] = $channel_id; - $arr['mid'] = $mid; - $arr['parent_mid'] = $mid; - $arr['item_hidden'] = $item_hidden; - $arr['resource_type'] = 'photo'; - $arr['resource_id'] = $photo_hash; - $arr['owner_xchan'] = $channel['channel_hash']; - $arr['author_xchan'] = $observer['xchan_hash']; - $arr['title'] = $title; - $arr['allow_cid'] = $str_contact_allow; - $arr['allow_gid'] = $str_group_allow; - $arr['deny_cid'] = $str_contact_deny; - $arr['deny_gid'] = $str_group_deny; - $arr['verb'] = ACTIVITY_POST; - $arr['item_wall'] = 1; - $arr['item_origin'] = 1; + $arr['aid'] = $account_id; + $arr['uid'] = $channel_id; + $arr['mid'] = $mid; + $arr['parent_mid'] = $mid; + $arr['item_hidden'] = $item_hidden; + $arr['resource_type'] = 'photo'; + $arr['resource_id'] = $photo_hash; + $arr['owner_xchan'] = $channel['channel_hash']; + $arr['author_xchan'] = $observer['xchan_hash']; + $arr['title'] = $title; + $arr['allow_cid'] = $ac['allow_cid']; + $arr['allow_gid'] = $ac['allow_gid'] + $arr['deny_cid'] = $ac['deny_cid']; + $arr['deny_gid'] = $ac['deny_gid']; + $arr['verb'] = ACTIVITY_POST; + $arr['item_wall'] = 1; + $arr['item_origin'] = 1; $arr['item_thread_top'] = 1; - - $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; + $arr['item_private'] = intval($acl->is_private()); + $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; // We should also put a width_x_height on large photos. Left as an exercise for // devs looking for simple stuff to fix. diff --git a/mod/filestorage.php b/mod/filestorage.php index 9787c0380..7ba8c1801 100644 --- a/mod/filestorage.php +++ b/mod/filestorage.php @@ -28,20 +28,20 @@ function filestorage_post(&$a) { return; } - $str_group_allow = perms2str($_REQUEST['group_allow']); - $str_contact_allow = perms2str($_REQUEST['contact_allow']); - $str_group_deny = perms2str($_REQUEST['group_deny']); - $str_contact_deny = perms2str($_REQUEST['contact_deny']); - $channel = $a->get_channel(); + + $acl = new AccessList($channel); + $acl->set_from_array($_REQUEST); + $x = $acl->get(); + $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); - attach_change_permissions($channel_id, $resource, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $recurse); + attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse); - file_activity($channel_id, $object, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, 'post', $notify); + file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify); goaway($cloudPath); } diff --git a/mod/settings.php b/mod/settings.php index cbd6abafc..8bfff3765 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -311,17 +311,16 @@ function settings_post(&$a) { foreach($global_perms as $k => $v) { $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' '; } - - $str_group_allow = perms2str($_POST['group_allow']); - $str_contact_allow = perms2str($_POST['contact_allow']); - $str_group_deny = perms2str($_POST['group_deny']); - $str_contact_deny = perms2str($_POST['contact_deny']); - $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', channel_deny_cid = '%s', channel_deny_gid = '%s' - where channel_id = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), + $acl = new AccessList($channel); + $acl->set_from_array($_POST); + $x = $acl->get(); + + $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', + channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", + dbesc($x['allow_cid']), + dbesc($x['allow_gid']), + dbesc($x['deny_cid']), + dbesc($x['deny_gid']), intval(local_channel()) ); } @@ -983,14 +982,8 @@ function settings_content(&$a) { $stpl = get_markup_template('settings.tpl'); - $celeb = false; - - $perm_defaults = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); + $acl = new AccessList($channel); + $perm_defaults = $acl->get(); require_once('include/group.php'); $group_select = mini_group_select(local_channel(),$channel['channel_default_group']); -- cgit v1.2.3