From 82e867a9a8008c4fb3e7ed9e9408bd9e38bf7ff2 Mon Sep 17 00:00:00 2001
From: Mario Vavti <mario@mariovavti.com>
Date: Wed, 10 Aug 2016 16:17:09 +0200
Subject: implement acl for folder creation

---
 Zotlabs/Module/File_upload.php | 23 ++++++++++++++---------
 Zotlabs/Storage/Browser.php    |  5 ++++-
 2 files changed, 18 insertions(+), 10 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php
index 999b241f1..d5c0c7e05 100644
--- a/Zotlabs/Module/File_upload.php
+++ b/Zotlabs/Module/File_upload.php
@@ -21,18 +21,23 @@ class File_upload extends \Zotlabs\Web\Controller {
 	
 		$_REQUEST['source'] = 'file_upload';
 
-        if($channel['channel_id'] != local_channel()) {
-            $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
-            $_REQUEST['group_allow']   = expand_acl($channel['channel_allow_gid']);
-            $_REQUEST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
-            $_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
-        }
+		if($channel['channel_id'] != local_channel()) {
+			$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
+			$_REQUEST['group_allow']   = expand_acl($channel['channel_allow_gid']);
+			$_REQUEST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
+			$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
+		}
 
-		if($_REQUEST['directory_name'])
+		if($_REQUEST['filename']) {
+			$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
+			$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
+			$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
+			$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
 			$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
-		else
+		}
+		else {
 			$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
-
+		}
 		goaway(z_root() . '/' . $_REQUEST['return_url']);
 	
 	}
diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php
index e72c4fb62..948f7c733 100644
--- a/Zotlabs/Storage/Browser.php
+++ b/Zotlabs/Storage/Browser.php
@@ -316,6 +316,8 @@ class Browser extends DAV\Browser\Plugin {
 		$quota['desc'] = $quotaDesc;
 		$quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB
 
+		$path = trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/');
+
 		$output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
 				'$folder_header' => t('Create new folder'),
 				'$folder_submit' => t('Create'),
@@ -330,7 +332,8 @@ class Browser extends DAV\Browser\Plugin {
 				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$return_url' => \App::$cmd,
-				'$path' => trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/'),
+				'$path' => $path,
+				'$folder' => find_folder_hash_by_path($this->auth->owner_id, $path),
 				'$dragdroptext' => t('Drop files here to immediately upload')
 			));
 	}
-- 
cgit v1.2.3