From c29483b88cda69beb51f00ee8f2d262bc6784a24 Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 15:18:44 +0100
Subject: respect parent dir permissions

---
 include/attach.php | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index 155ddbc96..c38301e01 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -966,6 +966,35 @@ function pipe_streams($in, $out) {
 
 function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $verb, $no_activity) {
 
+	//if we got no object something went wrong
+	if(!$object)
+		return;
+
+	$is_dir = (($object['flags'] & ATTACH_FLAG_DIR) ? true : false);
+
+	//do not send activity for folders for now
+	if($is_dir)
+		return;
+
+	//check for recursive perms if we are in a folder
+	if($object['folder']) {
+
+		$folder_hash = $object['folder'];
+
+		$r_perms = check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash);
+
+		$allow_cid = $r_perms['allow_cid'];
+		$allow_gid = $r_perms['allow_gid'];
+		$deny_cid = $r_perms['deny_cid'];
+		$deny_gid = $r_perms['deny_gid'];
+
+		if(!$allow_gid && !$allow_cid) {
+			notice( t('Allowed permissions for this file are not recursive. None of your allowed contacts will have access to this file.') . EOL);
+			$verb = 'update';
+		}
+
+	}
+
 	require_once('include/items.php');
 
 	$poster = get_app()->get_observer();
@@ -1124,3 +1153,48 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) {
 	return $object;
 
 }
+
+function check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash) {
+
+	$arr_allow_cid = expand_acl($allow_cid);
+	$arr_allow_gid = expand_acl($allow_gid);
+	$arr_deny_cid = expand_acl($deny_cid);
+	$arr_deny_gid = expand_acl($deny_gid);
+
+	while($folder_hash) {
+		$x = q("SELECT * FROM attach WHERE hash = '%s'",
+			dbesc($folder_hash)
+		);
+
+		$parents_arr_allow_cid[] = expand_acl($x[0]['allow_cid']);
+		$parents_arr_allow_gid[] = expand_acl($x[0]['allow_gid']);
+		$parents_arr_deny_cid[] = expand_acl($x[0]['deny_cid']);
+		$parents_arr_deny_gid[] = expand_acl($x[0]['deny_gid']);
+
+		$folder_hash = $x[0]['folder'];
+	}
+
+	foreach($parents_arr_allow_gid as $folder_arr_allow_gid) {
+		$arr_allow_gid = array_intersect($arr_allow_gid, $folder_arr_allow_gid);
+	}
+
+	foreach($parents_arr_allow_cid as $folder_arr_allow_cid) {
+		$arr_allow_cid = array_intersect($arr_allow_cid, $folder_arr_allow_cid);
+	}
+
+	foreach($parents_arr_deny_gid as $folder_arr_deny_gid) {
+		$arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid);
+	}
+
+	foreach($parents_arr_deny_cid as $folder_arr_deny_cid) {
+		$arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid);
+	}
+
+	$ret['allow_gid'] = perms2str($arr_allow_gid);
+	$ret['allow_cid'] = perms2str($arr_allow_cid);
+	$ret['deny_gid'] = perms2str(array_unique($arr_deny_gid));
+	$ret['deny_cid'] = perms2str(array_unique($arr_deny_cid));
+
+	return $ret;
+
+}
-- 
cgit v1.2.3


From e0bc01a7f60668c35f677fbc52ba2e8aec70683a Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 15:25:30 +0100
Subject: just select perms

---
 include/attach.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index c38301e01..07f31761d 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -1162,7 +1162,7 @@ function check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $fo
 	$arr_deny_gid = expand_acl($deny_gid);
 
 	while($folder_hash) {
-		$x = q("SELECT * FROM attach WHERE hash = '%s'",
+		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, FROM attach WHERE hash = '%s'",
 			dbesc($folder_hash)
 		);
 
-- 
cgit v1.2.3


From 1b30e43c45100fc8f1a9f558237068ce24130264 Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 15:26:35 +0100
Subject: typo

---
 include/attach.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index 07f31761d..12144d380 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -1162,7 +1162,7 @@ function check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $fo
 	$arr_deny_gid = expand_acl($deny_gid);
 
 	while($folder_hash) {
-		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, FROM attach WHERE hash = '%s'",
+		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM attach WHERE hash = '%s'",
 			dbesc($folder_hash)
 		);
 
-- 
cgit v1.2.3


From 74da8f2e87e863d6cde2598d6929fa035499fddd Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 15:31:51 +0100
Subject: we also need folder here

---
 include/attach.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index 12144d380..23cfca0d0 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -1162,7 +1162,7 @@ function check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $fo
 	$arr_deny_gid = expand_acl($deny_gid);
 
 	while($folder_hash) {
-		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM attach WHERE hash = '%s'",
+		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s'",
 			dbesc($folder_hash)
 		);
 
-- 
cgit v1.2.3


From 2546b0a5255b4e7031a94b3a59deb1687a68e350 Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 16:48:49 +0100
Subject: one important line missing

---
 include/attach.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index 23cfca0d0..d99d8d89e 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -991,6 +991,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
 		if(!$allow_gid && !$allow_cid) {
 			notice( t('Allowed permissions for this file are not recursive. None of your allowed contacts will have access to this file.') . EOL);
 			$verb = 'update';
+			$update = true;
 		}
 
 	}
-- 
cgit v1.2.3


From ed3b5f8251fa1534c967e756529aa397cc78fb3a Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 17:12:13 +0100
Subject: comment this out for now - it is not always true

---
 include/attach.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index d99d8d89e..5f9d38115 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -987,13 +987,13 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
 		$allow_gid = $r_perms['allow_gid'];
 		$deny_cid = $r_perms['deny_cid'];
 		$deny_gid = $r_perms['deny_gid'];
-
+/*
 		if(!$allow_gid && !$allow_cid) {
 			notice( t('Allowed permissions for this file are not recursive. None of your allowed contacts will have access to this file.') . EOL);
 			$verb = 'update';
 			$update = true;
 		}
-
+*/
 	}
 
 	require_once('include/items.php');
-- 
cgit v1.2.3


From a80057fec7980c54df73626be9af3e08f03f5ce7 Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Mon, 2 Feb 2015 17:45:30 +0100
Subject: comment out latest changes - needs more testing

---
 include/attach.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index 5f9d38115..7ebc4489d 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -975,7 +975,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
 	//do not send activity for folders for now
 	if($is_dir)
 		return;
-
+/*
 	//check for recursive perms if we are in a folder
 	if($object['folder']) {
 
@@ -987,15 +987,15 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
 		$allow_gid = $r_perms['allow_gid'];
 		$deny_cid = $r_perms['deny_cid'];
 		$deny_gid = $r_perms['deny_gid'];
-/*
+
 		if(!$allow_gid && !$allow_cid) {
 			notice( t('Allowed permissions for this file are not recursive. None of your allowed contacts will have access to this file.') . EOL);
 			$verb = 'update';
 			$update = true;
 		}
-*/
-	}
 
+	}
+*/
 	require_once('include/items.php');
 
 	$poster = get_app()->get_observer();
-- 
cgit v1.2.3


From e5849f9432c76697c1db7758e5c1b31a788052a4 Mon Sep 17 00:00:00 2001
From: marijus <mario@mariovavti.com>
Date: Wed, 4 Feb 2015 22:55:22 +0100
Subject: not quite there yet but getting closer a little

---
 include/attach.php | 88 +++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 60 insertions(+), 28 deletions(-)

(limited to 'include/attach.php')

diff --git a/include/attach.php b/include/attach.php
index 7ebc4489d..a300e34b0 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -966,6 +966,10 @@ function pipe_streams($in, $out) {
 
 function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $verb, $no_activity) {
 
+	require_once('include/items.php');
+
+	$poster = get_app()->get_observer();
+
 	//if we got no object something went wrong
 	if(!$object)
 		return;
@@ -975,6 +979,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
 	//do not send activity for folders for now
 	if($is_dir)
 		return;
+
 /*
 	//check for recursive perms if we are in a folder
 	if($object['folder']) {
@@ -983,22 +988,14 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
 
 		$r_perms = check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $folder_hash);
 
-		$allow_cid = $r_perms['allow_cid'];
-		$allow_gid = $r_perms['allow_gid'];
-		$deny_cid = $r_perms['deny_cid'];
-		$deny_gid = $r_perms['deny_gid'];
-
-		if(!$allow_gid && !$allow_cid) {
-			notice( t('Allowed permissions for this file are not recursive. None of your allowed contacts will have access to this file.') . EOL);
-			$verb = 'update';
-			$update = true;
-		}
+		$allow_cid = perms2str($r_perms['allow_cid']);
+		$allow_gid = perms2str($r_perms['allow_gid']);
+		$deny_cid = perms2str($r_perms['deny_cid']);
+		$deny_gid = perms2str($r_perms['deny_gid']);
 
 	}
 */
-	require_once('include/items.php');
 
-	$poster = get_app()->get_observer();
 
 	$mid = item_message_id();
 
@@ -1162,40 +1159,75 @@ function check_recursive_perms($allow_cid, $allow_gid, $deny_cid, $deny_gid, $fo
 	$arr_deny_cid = expand_acl($deny_cid);
 	$arr_deny_gid = expand_acl($deny_gid);
 
+	$count = 0;
 	while($folder_hash) {
-		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s'",
+		$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s' LIMIT 1",
 			dbesc($folder_hash)
 		);
 
-		$parents_arr_allow_cid[] = expand_acl($x[0]['allow_cid']);
-		$parents_arr_allow_gid[] = expand_acl($x[0]['allow_gid']);
-		$parents_arr_deny_cid[] = expand_acl($x[0]['deny_cid']);
-		$parents_arr_deny_gid[] = expand_acl($x[0]['deny_gid']);
+		//only process private folders
+		if($x[0]['allow_cid'] || $x[0]['allow_gid'] || $x[0]['deny_cid'] || $x[0]['deny_gid']) {
+
+			$parent_arr['allow_cid'][] = expand_acl($x[0]['allow_cid']);
+			$parent_arr['allow_gid'][] = expand_acl($x[0]['allow_gid']);
+			$parent_arr['deny_cid'][] = expand_acl($x[0]['deny_cid']);
+			$parent_arr['deny_gid'][] = expand_acl($x[0]['deny_gid']);
+
+			$parents_arr = $parent_arr;
+
+			$count++;
+
+		}
 
 		$folder_hash = $x[0]['folder'];
+
 	}
 
-	foreach($parents_arr_allow_gid as $folder_arr_allow_gid) {
-		$arr_allow_gid = array_intersect($arr_allow_gid, $folder_arr_allow_gid);
+	//if there are no perms on the file we get them from the first parent folder
+	if(!$arr_allow_cid && !$arr_allow_gid && !$arr_deny_cid && !$arr_deny_gid) {
+		$arr_allow_cid = $parent_arr['allow_cid'][0];
+		$arr_allow_gid = $parent_arr['allow_gid'][0];
+		$arr_deny_cid = $parent_arr['deny_cid'][0];
+		$arr_deny_gid = $parent_arr['deny_gid'][0];
 	}
 
-	foreach($parents_arr_allow_cid as $folder_arr_allow_cid) {
-		$arr_allow_cid = array_intersect($arr_allow_cid, $folder_arr_allow_cid);
+	//allow_cid
+	foreach ($parents_arr['allow_cid'] as $folder_arr_allow_cid) {
+		foreach ($folder_arr_allow_cid as $ac_hash) {
+			$count_values[$ac_hash]++;
+		}
+	}
+	foreach ($arr_allow_cid as $fac_hash) {
+		if(($count_values[$fac_hash]) && ($count_values[$fac_hash] == $count))
+			$r_arr_allow_cid[] = $fac_hash;
 	}
 
-	foreach($parents_arr_deny_gid as $folder_arr_deny_gid) {
+
+	//allow_gid
+	foreach ($parents_arr['allow_gid'] as $folder_arr_allow_gid) {
+		foreach ($folder_arr_allow_gid as $ag_hash) {
+			$count_values[$ag_hash]++;
+		}
+	}
+	foreach ($arr_allow_gid as $fag_hash) {
+		if(($count_values[$fag_hash]) && ($count_values[$fag_hash] == $count))
+			$r_arr_allow_gid[] = $fag_hash;
+	}
+
+	//deny_gid
+	foreach($parents_arr['deny_gid'] as $folder_arr_deny_gid) {
 		$arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid);
 	}
 
-	foreach($parents_arr_deny_cid as $folder_arr_deny_cid) {
+	//deny_cid
+	foreach($parents_arr['deny_cid'] as $folder_arr_deny_cid) {
 		$arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid);
 	}
 
-	$ret['allow_gid'] = perms2str($arr_allow_gid);
-	$ret['allow_cid'] = perms2str($arr_allow_cid);
-	$ret['deny_gid'] = perms2str(array_unique($arr_deny_gid));
-	$ret['deny_cid'] = perms2str(array_unique($arr_deny_cid));
+	$ret['allow_gid'] = $r_arr_allow_gid;
+	$ret['allow_cid'] = $r_arr_allow_cid;
+	$ret['deny_gid'] = array_unique($r_arr_deny_gid);
+	$ret['deny_cid'] = array_unique($r_arr_deny_cid);
 
 	return $ret;
-
 }
-- 
cgit v1.2.3