From 53217ad9a7c123eecc72b40952ccd6f21dde54f2 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Thu, 3 Jul 2014 19:34:00 -0700
Subject: add 'block_public' checking to get_all_perms() and perm_is_allowed()
 so we have everything related to allowing or denying something in one place.
 Currently this check is done separately in a huge number of places. Now we
 can start to remove all the extra checks. A couple of them are still
 necessary, but most are now redundant.

---
 include/permissions.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'include/permissions.php')

diff --git a/include/permissions.php b/include/permissions.php
index a3ec13925..9fded3b43 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -126,6 +126,13 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
 			}
 		}
 
+		// system is blocked to anybody who is not authenticated
+
+		if((! $observer_xchan) && intval(get_config('system','block_public'))) {
+			$ret[$perm_name] = false;
+			continue;
+		}
+
 		// Check if this $uid is actually the $observer_xchan - if it's your content
 		// you always have permission to do anything
 
@@ -282,6 +289,11 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
 		}
 	}
 
+	// system is blocked to anybody who is not authenticated
+
+	if((! $observer_xchan) && intval(get_config('system','block_public')))
+		return false;
+
 	// Check if this $uid is actually the $observer_xchan
 
 	if($r[0]['channel_hash'] === $observer_xchan)
-- 
cgit v1.2.3