From e42703d55793108f456a520dad747db5c9a67518 Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 2 Jan 2022 08:49:36 +0000 Subject: lockview: provide guest links for private resources --- Zotlabs/Module/Lockview.php | 86 ++++++++++++++++++++++++++++----------------- 1 file changed, 53 insertions(+), 33 deletions(-) (limited to 'Zotlabs/Module/Lockview.php') diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 11c781df0..b4ba4caa6 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -1,6 +1,9 @@ 1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); - $type='item'; + $type = 'item'; } else { $item_id = ((argc() > 2) ? intval(argv(2)) : 0); @@ -57,22 +60,33 @@ class Lockview extends \Zotlabs\Web\Controller { killme(); $item = $r[0]; + $uid = null; + $url = ''; - //we have different naming in in menu_item table and chatroom table switch($type) { case 'menu_item': $uid = $item['mitem_channel_id']; break; case 'chatroom': $uid = $item['cr_uid']; + $channel = channelx_by_n($uid); + $url = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id']; break; - default: + case 'item': + $uid = $item['uid']; + $url = $item['plink']; + break; + case 'attach': $uid = $item['uid']; + $channel = channelx_by_n($uid); + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path']; + break; + default: break; } if($uid != local_channel()) { - echo '
' . t('Remote privacy information not available.') . '
'; + echo '
' . t('Remote privacy information not available') . '
'; killme(); } @@ -93,7 +107,7 @@ class Lockview extends \Zotlabs\Web\Controller { $deny_users = expand_acl($item['deny_cid']); $deny_groups = expand_acl($item['deny_gid']); - $o = '
' . t('Visible to:') . '
'; + $o = '
' . t('Access') . '
'; $l = array(); stringify_array_elms($allowed_groups,true); @@ -101,6 +115,7 @@ class Lockview extends \Zotlabs\Web\Controller { stringify_array_elms($deny_groups,true); stringify_array_elms($deny_users,true); + $allowed_xchans = []; $profile_groups = []; if($allowed_groups) { @@ -110,34 +125,39 @@ class Lockview extends \Zotlabs\Web\Controller { } } } + if(count($profile_groups)) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . t('Profile','acl') . ' ' . $rr['profile_name'] . '
'; + if($r) { + foreach($r as $rr) { + $l[] = '
' . $rr['profile_name'] . '
'; + } + } } if(count($allowed_groups)) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['gname'] . '
'; + if($r) { + foreach($r as $rr) { + $gid = AccessList::by_name($uid, $rr['gname']); + $pgrp_members = AccessList::members_xchan($uid, $gid); + $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); + + $l[] = '
' . $rr['gname'] . '
'; + } + } } + if(count($allowed_users)) { - $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); - if($r) - foreach($r as $rr) + $r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); + if($r) { + foreach($r as $rr) { + $allowed_xchans[] = $rr['xchan_hash']; $l[] = '
' . $rr['xchan_name'] . '
'; - if($atokens) { - foreach($atokens as $at) { - if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) { - $l[] = '
' . $at['xchan_name'] . '
'; - } } } } - $profile_groups = []; if($deny_groups) { foreach($deny_groups as $g) { @@ -146,42 +166,42 @@ class Lockview extends \Zotlabs\Web\Controller { } } } + if(count($profile_groups)) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); if($r) foreach($r as $rr) - $l[] = '
' . t('Profile','acl') . ' ' . $rr['profile_name'] . '
'; + $l[] = '
' . $rr['profile_name'] . '
'; } - - if(count($deny_groups)) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) foreach($r as $rr) - $l[] = '
' . $rr['gname'] . '
'; + $l[] = '
' . $rr['gname'] . '
'; } if(count($deny_users)) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); if($r) foreach($r as $rr) $l[] = '
' . $rr['xchan_name'] . '
'; + } + + if ($atokens && $allowed_xchans && $url) { + $l[] = '
'; + $l[] = '
' . t('Guest access') . '
'; - if($atokens) { - foreach($atokens as $at) { - if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) { - $l[] = '
' . $at['xchan_name'] . '
'; - } + $allowed_xchans = array_unique($allowed_xchans); + foreach($atokens as $atoken) { + if(in_array($atoken['xchan_hash'], $allowed_xchans)) { + $l[] = '
' . $atoken['xchan_name'] . '
'; } } - - } echo $o . implode($l); killme(); - } } -- cgit v1.2.3 From 0003e0b8a5841bfc9e845f0b833aa206527826de Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 2 Jan 2022 19:33:10 +0000 Subject: lockview: fix guest links for profile groups and photos, cleanup --- Zotlabs/Module/Lockview.php | 179 +++++++++++++++++++++++++------------------- 1 file changed, 102 insertions(+), 77 deletions(-) (limited to 'Zotlabs/Module/Lockview.php') diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index b4ba4caa6..1fab6ff2f 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -1,24 +1,30 @@ 1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); - $type = 'item'; + $type = 'item'; } else { $item_id = ((argc() > 2) ? intval(argv(2)) : 0); } - if(! $item_id) + if (!$item_id) killme(); - if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom'))) + if (!in_array($type, ['item', 'photo', 'attach', 'menu_item', 'chatroom'])) killme(); // we have different naming in in menu_item table and chatroom table - switch($type) { + switch ($type) { case 'menu_item': $id = 'mitem_id'; break; @@ -56,150 +62,169 @@ class Lockview extends \Zotlabs\Web\Controller { intval($item_id) ); - if(! $r) + if (!$r) killme(); $item = $r[0]; - $uid = null; - $url = ''; + $uid = null; + $url = ''; - switch($type) { + switch ($type) { case 'menu_item': $uid = $item['mitem_channel_id']; break; case 'chatroom': - $uid = $item['cr_uid']; + $uid = $item['cr_uid']; $channel = channelx_by_n($uid); - $url = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id']; + $url = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id']; break; case 'item': $uid = $item['uid']; $url = $item['plink']; break; + case 'photo': + $uid = $item['uid']; + $channel = channelx_by_n($uid); + $url = z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $item['resource_id']; + break; case 'attach': - $uid = $item['uid']; + $uid = $item['uid']; $channel = channelx_by_n($uid); - $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path']; + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path']; break; default: break; } - if($uid != local_channel()) { + if (intval($uid) !== local_channel()) { echo '
' . t('Remote privacy information not available') . '
'; killme(); } - if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) - && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { + if (intval($item['item_private']) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid'])) + && (!strlen($item['deny_cid'])) && (!strlen($item['deny_gid']))) { // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any // specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it // as unknown specific recipients. The sender will have the visibility list and will fall through to the // next section. - echo '
' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '
'; + echo '
' . translate_scope((!$item['public_policy']) ? 'specific' : $item['public_policy']) . '
'; killme(); } - $allowed_users = expand_acl($item['allow_cid']); + $allowed_users = expand_acl($item['allow_cid']); $allowed_groups = expand_acl($item['allow_gid']); - $deny_users = expand_acl($item['deny_cid']); - $deny_groups = expand_acl($item['deny_gid']); - - $o = '
' . t('Access') . '
'; - $l = array(); + $deny_users = expand_acl($item['deny_cid']); + $deny_groups = expand_acl($item['deny_gid']); - stringify_array_elms($allowed_groups,true); - stringify_array_elms($allowed_users,true); - stringify_array_elms($deny_groups,true); - stringify_array_elms($deny_users,true); + stringify_array_elms($allowed_groups, true); + stringify_array_elms($allowed_users, true); + stringify_array_elms($deny_groups, true); + stringify_array_elms($deny_users, true); $allowed_xchans = []; $profile_groups = []; - if($allowed_groups) { - foreach($allowed_groups as $g) { - if(substr($g,0,4) === '\'vp.') { - $profile_groups[] = '\'' . substr($g,4); + if ($allowed_groups) { + foreach ($allowed_groups as $g) { + if (substr($g, 0, 4) === '\'vp.') { + $profile_groups[] = '\'' . substr($g, 4); } } } - if(count($profile_groups)) { - $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); - if($r) { - foreach($r as $rr) { - $l[] = '
' . $rr['profile_name'] . '
'; + if ($profile_groups) { + $r = q("SELECT id, profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); + if ($r) { + foreach ($r as $rr) { + $pgrp_members = AccessList::profile_members_xchan($uid, $rr['id']); + $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); + $access_list[] = '
' . $rr['profile_name'] . '
'; } } } - if(count($allowed_groups)) { - $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); - if($r) { - foreach($r as $rr) { - $gid = AccessList::by_name($uid, $rr['gname']); - $pgrp_members = AccessList::members_xchan($uid, $gid); + if ($allowed_groups) { + $r = q("SELECT id, gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); + if ($r) { + foreach ($r as $rr) { + $pgrp_members = AccessList::members_xchan($uid, $rr['id']); $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); - - $l[] = '
' . $rr['gname'] . '
'; + $access_list[] = '
' . $rr['gname'] . '
'; } } } - if(count($allowed_users)) { - $r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); - if($r) { - foreach($r as $rr) { + if ($allowed_users) { + $r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )"); + if ($r) { + foreach ($r as $rr) { $allowed_xchans[] = $rr['xchan_hash']; - $l[] = '
' . $rr['xchan_name'] . '
'; + if (!in_array($rr['xchan_hash'], $atoken_xchans)) { + $access_list[] = '
' . $rr['xchan_name'] . '
'; + } } } } $profile_groups = []; - if($deny_groups) { - foreach($deny_groups as $g) { - if(substr($g,0,4) === '\'vp.') { - $profile_groups[] = '\'' . substr($g,4); + if ($deny_groups) { + foreach ($deny_groups as $g) { + if (substr($g, 0, 4) === '\'vp.') { + $profile_groups[] = '\'' . substr($g, 4); } } } - if(count($profile_groups)) { + if ($profile_groups) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['profile_name'] . '
'; + if ($r) { + foreach ($r as $rr) { + $access_list[] = '
' . $rr['profile_name'] . '
'; + } + } } - if(count($deny_groups)) { + if ($deny_groups) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['gname'] . '
'; + if ($r) { + foreach ($r as $rr) { + $access_list[] = '
' . $rr['gname'] . '
'; + } + } } - if(count($deny_users)) { + + if ($deny_users) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['xchan_name'] . '
'; + if ($r) { + foreach ($r as $rr) { + $access_list[] = '
' . $rr['xchan_name'] . '
'; + } + } } if ($atokens && $allowed_xchans && $url) { - $l[] = '
'; - $l[] = '
' . t('Guest access') . '
'; + if ($access_list) { + $guest_access_list[] = '
'; + } + + $guest_access_list[] = '
' . t('Guest access') . '
'; $allowed_xchans = array_unique($allowed_xchans); - foreach($atokens as $atoken) { - if(in_array($atoken['xchan_hash'], $allowed_xchans)) { - $l[] = '
' . $atoken['xchan_name'] . '
'; + foreach ($atokens as $atoken) { + if (in_array($atoken['xchan_hash'], $allowed_xchans)) { + $guest_access_list[] = '
' . $atoken['xchan_name'] . '
'; } } } - echo $o . implode($l); + $o = ''; + if ($access_list) { + $o = '
' . t('Access') . '
'; + } + + echo $o . implode($access_list) . implode($guest_access_list); killme(); } -- cgit v1.2.3 From f6093872ec9792e7b43918f26400c2d7466827b3 Mon Sep 17 00:00:00 2001 From: Mario Date: Mon, 3 Jan 2022 09:35:42 +0000 Subject: minor usability improvement --- Zotlabs/Module/Lockview.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Lockview.php') diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 1fab6ff2f..ab2a492b4 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -214,7 +214,7 @@ class Lockview extends Controller { $allowed_xchans = array_unique($allowed_xchans); foreach ($atokens as $atoken) { if (in_array($atoken['xchan_hash'], $allowed_xchans)) { - $guest_access_list[] = '
' . $atoken['xchan_name'] . '
'; + $guest_access_list[] = '
' . $atoken['xchan_name'] . '
'; } } } -- cgit v1.2.3 From fa8fb9e73f55ba723a12200c4223854e380f0a57 Mon Sep 17 00:00:00 2001 From: Mario Date: Mon, 3 Jan 2022 11:00:14 +0000 Subject: more lockview ui improvements --- Zotlabs/Module/Lockview.php | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) (limited to 'Zotlabs/Module/Lockview.php') diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index ab2a492b4..3637482c7 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -109,7 +109,7 @@ class Lockview extends Controller { // as unknown specific recipients. The sender will have the visibility list and will fall through to the // next section. - echo '
' . translate_scope((!$item['public_policy']) ? 'specific' : $item['public_policy']) . '
'; + echo '
' . translate_scope((!$item['public_policy']) ? 'specific' : $item['public_policy']) . '
'; killme(); } @@ -140,7 +140,7 @@ class Lockview extends Controller { foreach ($r as $rr) { $pgrp_members = AccessList::profile_members_xchan($uid, $rr['id']); $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); - $access_list[] = '
' . $rr['profile_name'] . '
'; + $access_list[] = '
' . $rr['profile_name'] . '
'; } } } @@ -151,7 +151,7 @@ class Lockview extends Controller { foreach ($r as $rr) { $pgrp_members = AccessList::members_xchan($uid, $rr['id']); $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); - $access_list[] = '
' . $rr['gname'] . '
'; + $access_list[] = '
' . $rr['gname'] . '
'; } } } @@ -162,7 +162,7 @@ class Lockview extends Controller { foreach ($r as $rr) { $allowed_xchans[] = $rr['xchan_hash']; if (!in_array($rr['xchan_hash'], $atoken_xchans)) { - $access_list[] = '
' . $rr['xchan_name'] . '
'; + $access_list[] = '
' . $rr['xchan_name'] . '
'; } } } @@ -181,7 +181,7 @@ class Lockview extends Controller { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); if ($r) { foreach ($r as $rr) { - $access_list[] = '
' . $rr['profile_name'] . '
'; + $access_list[] = '
' . $rr['profile_name'] . '
'; } } } @@ -190,7 +190,7 @@ class Lockview extends Controller { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if ($r) { foreach ($r as $rr) { - $access_list[] = '
' . $rr['gname'] . '
'; + $access_list[] = '
' . $rr['gname'] . '
'; } } } @@ -199,32 +199,39 @@ class Lockview extends Controller { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); if ($r) { foreach ($r as $rr) { - $access_list[] = '
' . $rr['xchan_name'] . '
'; + $access_list[] = '
' . $rr['xchan_name'] . '
'; } } } if ($atokens && $allowed_xchans && $url) { - if ($access_list) { - $guest_access_list[] = '
'; - } - $guest_access_list[] = '
' . t('Guest access') . '
'; + $guest_access_list = []; $allowed_xchans = array_unique($allowed_xchans); foreach ($atokens as $atoken) { if (in_array($atoken['xchan_hash'], $allowed_xchans)) { - $guest_access_list[] = '
' . $atoken['xchan_name'] . '
'; + $guest_access_list[] = '
' . $atoken['xchan_name'] . '
'; } } } - $o = ''; + $access_list_header = ''; if ($access_list) { - $o = '
' . t('Access') . '
'; + $access_list_header = '
' . t('Access') . '
'; + } + + $guest_access_list_header = ''; + if ($guest_access_list) { + $guest_access_list_header = '
' . t('Guest access') . '
'; + } + + $divider = ''; + if ($access_list && $guest_access_list) { + $divider = '
'; } - echo $o . implode($access_list) . implode($guest_access_list); + echo $access_list_header . implode($access_list) . $divider . $guest_access_list_header . implode($guest_access_list); killme(); } -- cgit v1.2.3