From 20f3d097080fde4315b25523fe29b129cdd7034c Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 18 Aug 2013 20:20:03 -0700 Subject: some sane permission defaults. --- include/follow.php | 5 +++-- include/identity.php | 15 +++++++++++++-- include/permissions.php | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/follow.php b/include/follow.php index 6b192234c..ce550b07f 100644 --- a/include/follow.php +++ b/include/follow.php @@ -145,12 +145,13 @@ function new_contact($uid,$url,$channel,$interactive = false) { ); } else { - $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_their_perms, abook_created, abook_updated ) - values( %d, %d, '%s', %d, '%s', '%s' ) ", + $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated ) + values( %d, %d, '%s', %d, %d, '%s', '%s' ) ", intval($aid), intval($uid), dbesc($xchan_hash), intval($their_perms), + intval(PERMS_W_STREAM|PERMS_W_MAIL), dbesc(datetime_convert()), dbesc(datetime_convert()) ); diff --git a/include/identity.php b/include/identity.php index 99b90cc8b..5f210c456 100644 --- a/include/identity.php +++ b/include/identity.php @@ -115,11 +115,19 @@ function create_identity($arr) { if(array_key_exists('primary', $arr)) $primary = intval($arr['primary']); + $perms_sql = ''; + + $defperms = site_default_perms(); + $global_perms = get_perms(); + foreach($defperms as $p => $v) { + $perms_keys .= ', ' . $global_perms[$p][0]; + $perms_vals .= ', ' . intval($v); + } $r = q("insert into channel ( channel_account_id, channel_primary, channel_name, channel_address, channel_guid, channel_guid_sig, - channel_hash, channel_prvkey, channel_pubkey, channel_pageflags ) - values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d ) ", + channel_hash, channel_prvkey, channel_pubkey, channel_pageflags $perms_keys ) + values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d $perms_vals ) ", intval($arr['account_id']), intval($primary), @@ -133,6 +141,9 @@ function create_identity($arr) { intval($pageflags) ); + + + $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($arr['account_id']), diff --git a/include/permissions.php b/include/permissions.php index e7f50ceeb..bf50ebdd1 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -328,3 +328,38 @@ function check_list_permissions($uid,$arr,$perm) { return($result); } + + +function site_default_perms() { + + $typical = array( + 'view_stream' => PERMS_PUBLIC, + 'view_profile' => PERMS_PUBLIC, + 'view_photos' => PERMS_PUBLIC, + 'view_contacts' => PERMS_PUBLIC, + 'view_storage' => PERMS_PUBLIC, + 'view_pages' => PERMS_PUBLIC, + 'send_stream' => PERMS_SPECIFIC, + 'post_wall' => PERMS_SPECIFIC, + 'post_comments' => PERMS_SPECIFIC, + 'post_mail' => PERMS_SPECIFIC, + 'post_photos' => 0, + 'tag_deliver' => PERMS_SPECIFIC, + 'chat' => PERMS_SPECIFIC, + 'write_storage' => 0, + 'write_pages' => 0, + 'delegate' => 0, + ); + + + $global_perms = get_perms(); + $ret = array(); + + foreach($global_perms as $perm => $v) { + $x = get_config('default_perms',$perm); + if($x === false) + $x = $typical[$perm]; + $ret[$perm] = $x; + } + return $ret; +} -- cgit v1.2.3