From 9713436f497a031e4369130dda40b415ff285fd8 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 2 May 2018 18:23:42 -0700 Subject: backend work to allow admin to delete photos. Still requires frontend work to give admin access to either the photos and/or the delete link. --- Zotlabs/Module/Item.php | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'Zotlabs/Module/Item.php') diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 87f83e877..fd99c4a64 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -1084,6 +1084,8 @@ class Item extends \Zotlabs\Web\Controller { if((argc() == 3) && (argv(1) === 'drop') && intval(argv(2))) { require_once('include/items.php'); + + $i = q("select id, uid, item_origin, author_xchan, owner_xchan, source_xchan, item_type from item where id = %d limit 1", intval(argv(2)) ); @@ -1091,9 +1093,16 @@ class Item extends \Zotlabs\Web\Controller { if($i) { $can_delete = false; $local_delete = false; - if(local_channel() && local_channel() == $i[0]['uid']) + + if(local_channel() && local_channel() == $i[0]['uid']) { $local_delete = true; + } + $ob_hash = get_observer_hash(); + if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { + $can_delete = true; + } + // The site admin can delete any post/item on the site. // If the item originated on this site+channel the deletion will propagate downstream. // Otherwise just the local copy is removed. @@ -1104,10 +1113,6 @@ class Item extends \Zotlabs\Web\Controller { $can_delete = true; } - $ob_hash = get_observer_hash(); - if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { - $can_delete = true; - } if(! ($can_delete || $local_delete)) { notice( t('Permission denied.') . EOL); -- cgit v1.2.3