From 034032c7c27ca0e0ba0720aeea84ba6272eb6d36 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 22 Mar 2018 19:52:25 -0700
Subject: slight change in mail privacy implementation. If you initiate a
 private mail conversation and they respond, accept the reply. You can't hide
 behind your permissions or lack thereof. Often this will be accidental. If
 you truly want to block them from replying and your permissions otherwise
 would not allow them to reply, delete the conversation.

---
 include/zot.php | 26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

(limited to 'include/zot.php')

diff --git a/include/zot.php b/include/zot.php
index c11cace2a..25ea9b8fb 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -2285,13 +2285,31 @@ function process_mail_delivery($sender, $arr, $deliveries) {
 			continue;
 		}
 
+
 		if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) {
-			logger("permission denied for mail delivery {$channel['channel_id']}");
-			$DR->update('permission denied');
-			$result[] = $DR->get();
-			continue;
+
+			/* 
+			 * Always allow somebody to reply if you initiated the conversation. It's anti-social
+			 * and a bit rude to send a private message to somebody and block their ability to respond.
+			 * If you are being harrassed and want to put an end to it, delete the conversation.
+			 */
+
+			$return = false;
+			if($arr['parent_mid']) {
+				$return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
+					dbesc($arr['parent_mid']),
+					intval($channel['channel_id'])
+				);
+			}
+			if(! $return) {
+				logger("permission denied for mail delivery {$channel['channel_id']}");
+				$DR->update('permission denied');
+				$result[] = $DR->get();
+				continue;
+			}
 		}
 
+
 		$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
 			dbesc($arr['mid']),
 			intval($channel['channel_id'])
-- 
cgit v1.2.3