From 04b4897dd86d862957d95a5d6090af7a026dd82c Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 27 Aug 2015 18:55:30 -0700 Subject: First attempt to turn access control into an object class. The access control manipulation is getting too complex and this will help keep it manageable and reduce a lot of code duplication. --- include/AccessList.php | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 include/AccessList.php (limited to 'include') diff --git a/include/AccessList.php b/include/AccessList.php new file mode 100644 index 000000000..82d55c0e6 --- /dev/null +++ b/include/AccessList.php @@ -0,0 +1,72 @@ +allow_cid = $channel['channel_allow_cid']; + $this->allow_gid = $channel['channel_allow_gid']; + $this->deny_cid = $channel['channel_deny_cid']; + $this->deny_gid = $channel['channel_deny_gid']; + } + else { + $this->allow_cid = ''; + $this->allow_gid = ''; + $this->deny_cid = ''; + $this->deny_gid = ''; + } + + $this->explicit = false; + } + + function get_explicit() { + return $this->explicit; + } + + function set($arr,$explicit = true) { + $this->allow_cid = $arr['allow_cid']; + $this->allow_gid = $arr['allow_gid']; + $this->deny_cid = $arr['deny_cid']; + $this->deny_gid = $arr['deny_gid']; + + $this->explicit = $explicit; + } + + function get() { + return array( + 'allow_cid' => $this->allow_cid, + 'allow_gid' => $this->allow_gid, + 'deny_cid' => $this->deny_cid, + 'deny_gid' => $this->deny_gid, + ); + } + + function set_from_array($arr,$explicit = true) { + $this->allow_cid = perms2str((is_array($arr['contact_allow'])) + ? $arr['contact_allow'] : explode(',',$arr['contact_allow'])); + $this->allow_gid = perms2str((is_array($arr['group_allow'])) + ? $arr['group_allow'] : explode(',',$arr['group_allow'])); + $this->deny_cid = perms2str((is_array($arr['contact_deny'])) + ? $arr['contact_deny'] : explode(',',$arr['contact_deny'])); + $this->deny_gid = perms2str((is_array($arr['group_deny'])) + ? $arr['group_deny'] : explode(',',$arr['group_deny'])); + + $this->explicit = $explicit; + } + + function is_private() { + return (($this->allow_cid || $this->allow_gid || $this->deny_cid || $this->deny_gid) ? true : false); + } + +} + -- cgit v1.2.3 From 3fbb955cf23c5f92ba96086841ac6a2c510d4870 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 27 Aug 2015 21:22:59 -0700 Subject: start conversion to AccessList object --- include/AccessList.php | 3 +-- include/menu.php | 32 ++++++++++++++++---------------- 2 files changed, 17 insertions(+), 18 deletions(-) (limited to 'include') diff --git a/include/AccessList.php b/include/AccessList.php index 82d55c0e6..d4653de6a 100644 --- a/include/AccessList.php +++ b/include/AccessList.php @@ -10,8 +10,7 @@ class AccessList { private $explicit; - - function _construct($channel) { + function __construct($channel) { if($channel) { $this->allow_cid = $channel['channel_allow_cid']; diff --git a/include/menu.php b/include/menu.php index d20df1d6e..f853ea793 100644 --- a/include/menu.php +++ b/include/menu.php @@ -2,6 +2,7 @@ require_once('include/security.php'); require_once('include/bbcode.php'); +require_once('include/AccessList.php'); function menu_fetch($name,$uid,$observer_xchan) { @@ -299,19 +300,18 @@ function menu_add_item($menu_id, $uid, $arr) { $channel = get_app()->get_channel(); } - $str_group_allow = perms2str($arr['group_allow']); - $str_contact_allow = perms2str($arr['contact_allow']); - $str_group_deny = perms2str($arr['group_deny']); - $str_contact_deny = perms2str($arr['contact_deny']); + $acl = new AccessList($channel); + $acl->set_from_array($arr); + $p = $acl->get(); $r = q("insert into menu_item ( mitem_link, mitem_desc, mitem_flags, allow_cid, allow_gid, deny_cid, deny_gid, mitem_channel_id, mitem_menu_id, mitem_order ) values ( '%s', '%s', %d, '%s', '%s', '%s', '%s', %d, %d, %d ) ", dbesc($mitem_link), dbesc($mitem_desc), intval($mitem_flags), - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), + dbesc($p['allow_cid']), + dbesc($p['allow_gid']), + dbesc($p['deny_cid']), + dbesc($p['deny_gid']), intval($uid), intval($menu_id), intval($mitem_order) @@ -341,19 +341,19 @@ function menu_edit_item($menu_id, $uid, $arr) { $channel = get_app()->get_channel(); } - $str_group_allow = perms2str($arr['group_allow']); - $str_contact_allow = perms2str($arr['contact_allow']); - $str_group_deny = perms2str($arr['group_deny']); - $str_contact_deny = perms2str($arr['contact_deny']); + $acl = new AccessList($channel); + $acl->set_from_array($arr); + $p = $acl->get(); + $r = q("update menu_item set mitem_link = '%s', mitem_desc = '%s', mitem_flags = %d, allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', mitem_order = %d where mitem_channel_id = %d and mitem_menu_id = %d and mitem_id = %d", dbesc($mitem_link), dbesc($mitem_desc), intval($mitem_flags), - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), + dbesc($p['allow_cid']), + dbesc($p['allow_gid']), + dbesc($p['deny_cid']), + dbesc($p['deny_gid']), intval($mitem_order), intval($uid), intval($menu_id), -- cgit v1.2.3 From ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 27 Aug 2015 22:20:30 -0700 Subject: more work on AccessList integration --- include/AccessList.php | 62 +++++++++++++++++++++++++++++++++++++++++++++++++- include/menu.php | 2 +- include/text.php | 56 --------------------------------------------- 3 files changed, 62 insertions(+), 58 deletions(-) (limited to 'include') diff --git a/include/AccessList.php b/include/AccessList.php index d4653de6a..46e66d33d 100644 --- a/include/AccessList.php +++ b/include/AccessList.php @@ -8,7 +8,9 @@ class AccessList { private $deny_cid; private $deny_gid; - private $explicit; + /* indicates if we are using the default constructor values or values that have been set explicitly. */ + + private $explicit; function __construct($channel) { @@ -69,3 +71,61 @@ class AccessList { } +/** + * @brief Used to wrap ACL elements in angle brackets for storage. + * + * @param[in,out] array &$item + */ +function sanitise_acl(&$item) { + if (strlen($item)) + $item = '<' . notags(trim($item)) . '>'; + else + unset($item); +} + +/** + * @brief Convert an ACL array to a storable string. + * + * @param array $p + * @return array + */ +function perms2str($p) { + $ret = ''; + + if (is_array($p)) + $tmp = $p; + else + $tmp = explode(',', $p); + + if (is_array($tmp)) { + array_walk($tmp, 'sanitise_acl'); + $ret = implode('', $tmp); + } + + return $ret; +} + + +/** + * @brief Turn user/group ACLs stored as angle bracketed text into arrays. + * + * turn string array of angle-bracketed elements into string array + * e.g. "<123xyz><246qyo>" => array(123xyz,246qyo,sxo33e); + * + * @param string $s + * @return array + */ +function expand_acl($s) { + $ret = array(); + + if(strlen($s)) { + $t = str_replace('<','',$s); + $a = explode('>',$t); + foreach($a as $aa) { + if($aa) + $ret[] = $aa; + } + } + + return $ret; +} diff --git a/include/menu.php b/include/menu.php index f853ea793..7ed931a59 100644 --- a/include/menu.php +++ b/include/menu.php @@ -2,7 +2,7 @@ require_once('include/security.php'); require_once('include/bbcode.php'); -require_once('include/AccessList.php'); + function menu_fetch($name,$uid,$observer_xchan) { diff --git a/include/text.php b/include/text.php index f27a9ce68..e4735ac48 100644 --- a/include/text.php +++ b/include/text.php @@ -458,63 +458,7 @@ function alt_pager(&$a, $i, $more = '', $less = '') { } -/** - * @brief Turn user/group ACLs stored as angle bracketed text into arrays. - * - * turn string array of angle-bracketed elements into string array - * e.g. "<123xyz><246qyo>" => array(123xyz,246qyo,sxo33e); - * - * @param string $s - * @return array - */ -function expand_acl($s) { - $ret = array(); - if(strlen($s)) { - $t = str_replace('<','',$s); - $a = explode('>',$t); - foreach($a as $aa) { - if($aa) - $ret[] = $aa; - } - } - - return $ret; -} - -/** - * @brief Used to wrap ACL elements in angle brackets for storage. - * - * @param[in,out] array &$item - */ -function sanitise_acl(&$item) { - if (strlen($item)) - $item = '<' . notags(trim($item)) . '>'; - else - unset($item); -} - -/** - * @brief Convert an ACL array to a storable string. - * - * @param array $p - * @return array - */ -function perms2str($p) { - $ret = ''; - - if (is_array($p)) - $tmp = $p; - else - $tmp = explode(',', $p); - - if (is_array($tmp)) { - array_walk($tmp, 'sanitise_acl'); - $ret = implode('', $tmp); - } - - return $ret; -} /** * @brief Generate a guaranteed unique (for this domain) item ID for ATOM. -- cgit v1.2.3 From d05fd9632e4dc60fc3d4043374f6332a1609857f Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 27 Aug 2015 23:04:17 -0700 Subject: now we get to the heavy lifting with AccessList stuff --- include/photos.php | 86 ++++++++++++++++++------------------------------------ 1 file changed, 29 insertions(+), 57 deletions(-) (limited to 'include') diff --git a/include/photos.php b/include/photos.php index 04018ac0d..ac502ed51 100644 --- a/include/photos.php +++ b/include/photos.php @@ -34,16 +34,6 @@ function photo_upload($channel, $observer, $args) { */ $album = $args['album']; -// $newalbum = $args['newalbum']; - -// logger('photo_upload: album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG); - -// if(! $album) { -// if($newalbum) -// $album = $newalbum; -// else -// $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y-m'); -// } if(intval($args['visible']) || $args['visible'] === 'true') $visible = 1; @@ -55,38 +45,20 @@ function photo_upload($channel, $observer, $args) { // all other settings. 'allow_cid' being passed from an external source takes priority over channel settings. // ...messy... needs re-factoring once the photos/files integration stabilises - if(array_key_exists('allow_cid',$args)) { - $str_group_allow = $args['allow_gid']; - $str_contact_allow = $args['allow_cid']; - $str_group_deny = $args['deny_gid']; - $str_contact_deny = $args['deny_cid']; - } - else { - $str_group_allow = $channel['channel_allow_gid']; - $str_contact_allow = $channel['channel_allow_cid']; - $str_group_deny = $channel['channel_deny_gid']; - $str_contact_deny = $channel['channel_deny_cid']; - } - - if($args['directory']) { - $str_group_allow = $args['directory']['allow_gid']; - $str_contact_allow = $args['directory']['allow_cid']; - $str_group_deny = $args['directory']['deny_gid']; - $str_contact_deny = $args['directory']['deny_cid']; - } - + $acl = new AccessList($channel); + if(array_key_exists('directory',$args) && $args['directory']) + $acl->set($args['directory']); + if(array_key_exists('allow_cid',$args)) + $acl->set($args); if( (array_key_exists('group_allow',$args)) || (array_key_exists('contact_allow',$args)) || (array_key_exists('group_deny',$args)) || (array_key_exists('contact_deny',$args))) { - - $str_group_allow = perms2str(((is_array($args['group_allow'])) ? $args['group_allow'] : explode(',',$args['group_allow']))); - $str_contact_allow = perms2str(((is_array($args['contact_allow'])) ? $args['contact_allow'] : explode(',',$args['contact_allow']))); - $str_group_deny = perms2str(((is_array($args['group_deny'])) ? $args['group_deny'] : explode(',',$args['group_deny']))); - $str_contact_deny = perms2str(((is_array($args['contact_deny'])) ? $args['contact_deny'] : explode(',',$args['contact_deny']))); - + $acl->set_from_array($args); } + $ac = $acl->get(); + $os_storage = 0; if($args['os_path'] && $args['getimagesize']) { @@ -200,8 +172,8 @@ function photo_upload($channel, $observer, $args) { $p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash, 'filename' => $filename, 'album' => $album, 'scale' => 0, 'photo_usage' => PHOTO_NORMAL, - 'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, - 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny, + 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], + 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], 'os_storage' => $os_storage, 'os_path' => $args['os_path'] ); if($args['created']) @@ -320,26 +292,26 @@ function photo_upload($channel, $observer, $args) { if($lat && $lon) $arr['coord'] = $lat . ' ' . $lon; - $arr['aid'] = $account_id; - $arr['uid'] = $channel_id; - $arr['mid'] = $mid; - $arr['parent_mid'] = $mid; - $arr['item_hidden'] = $item_hidden; - $arr['resource_type'] = 'photo'; - $arr['resource_id'] = $photo_hash; - $arr['owner_xchan'] = $channel['channel_hash']; - $arr['author_xchan'] = $observer['xchan_hash']; - $arr['title'] = $title; - $arr['allow_cid'] = $str_contact_allow; - $arr['allow_gid'] = $str_group_allow; - $arr['deny_cid'] = $str_contact_deny; - $arr['deny_gid'] = $str_group_deny; - $arr['verb'] = ACTIVITY_POST; - $arr['item_wall'] = 1; - $arr['item_origin'] = 1; + $arr['aid'] = $account_id; + $arr['uid'] = $channel_id; + $arr['mid'] = $mid; + $arr['parent_mid'] = $mid; + $arr['item_hidden'] = $item_hidden; + $arr['resource_type'] = 'photo'; + $arr['resource_id'] = $photo_hash; + $arr['owner_xchan'] = $channel['channel_hash']; + $arr['author_xchan'] = $observer['xchan_hash']; + $arr['title'] = $title; + $arr['allow_cid'] = $ac['allow_cid']; + $arr['allow_gid'] = $ac['allow_gid'] + $arr['deny_cid'] = $ac['deny_cid']; + $arr['deny_gid'] = $ac['deny_gid']; + $arr['verb'] = ACTIVITY_POST; + $arr['item_wall'] = 1; + $arr['item_origin'] = 1; $arr['item_thread_top'] = 1; - - $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; + $arr['item_private'] = intval($acl->is_private()); + $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; // We should also put a width_x_height on large photos. Left as an exercise for // devs looking for simple stuff to fix. -- cgit v1.2.3 From a42b23658752709f80da12051b0ee9c11b6a5580 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Fri, 28 Aug 2015 14:21:49 -0700 Subject: more AccessList stuff - this time it's mod-item, which is a biggie --- include/photos.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/photos.php b/include/photos.php index ac502ed51..b4129fbf1 100644 --- a/include/photos.php +++ b/include/photos.php @@ -303,7 +303,7 @@ function photo_upload($channel, $observer, $args) { $arr['author_xchan'] = $observer['xchan_hash']; $arr['title'] = $title; $arr['allow_cid'] = $ac['allow_cid']; - $arr['allow_gid'] = $ac['allow_gid'] + $arr['allow_gid'] = $ac['allow_gid']; $arr['deny_cid'] = $ac['deny_cid']; $arr['deny_gid'] = $ac['deny_gid']; $arr['verb'] = ACTIVITY_POST; -- cgit v1.2.3 From e23f86faa91f6b12ad499d27d3a06a6873230714 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Sun, 30 Aug 2015 22:39:33 -0700 Subject: more work on doco search --- include/widgets.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'include') diff --git a/include/widgets.php b/include/widgets.php index 5e70730a3..96727cf0a 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -1063,3 +1063,15 @@ function widget_tasklist($arr) { } + +function widget_helpindex($arr) { + $o .= '
' . '

' . t('Documentation') . '

'; + $o .= '
'; + return $o; + +} \ No newline at end of file -- cgit v1.2.3 From c865f17dc0b56be926ae43cd3e4318498e03ad97 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Sun, 30 Aug 2015 22:46:00 -0700 Subject: schedule a doco update once weekly --- include/importdoc.php | 31 +++++++++++++++++++++++++++++++ include/poller.php | 3 +++ 2 files changed, 34 insertions(+) create mode 100755 include/importdoc.php (limited to 'include') diff --git a/include/importdoc.php b/include/importdoc.php new file mode 100755 index 000000000..9cce35c50 --- /dev/null +++ b/include/importdoc.php @@ -0,0 +1,31 @@ + Date: Sun, 30 Aug 2015 23:01:39 -0700 Subject: unclosed link tags --- include/widgets.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/widgets.php b/include/widgets.php index 96727cf0a..42d9db19a 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -1067,10 +1067,10 @@ function widget_tasklist($arr) { function widget_helpindex($arr) { $o .= '
' . '

' . t('Documentation') . '

'; $o .= '
'; return $o; -- cgit v1.2.3 From 5fe902137505662f622dbc187969d11fab028358 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Mon, 31 Aug 2015 16:26:29 -0700 Subject: rename 'register_account' hook to 'create_identity'. --- include/identity.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/identity.php b/include/identity.php index 871d85700..89589802f 100644 --- a/include/identity.php +++ b/include/identity.php @@ -427,7 +427,7 @@ function create_identity($arr) { } } - call_hooks('register_account', $newuid); + call_hooks('create_identity', $newuid); proc_run('php','include/directory.php', $ret['channel']['channel_id']); } -- cgit v1.2.3 From d7cf7316beaecc6efacc01d56dbb066af8174416 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Mon, 31 Aug 2015 20:55:25 -0700 Subject: change the likes db structure to make it more easily importable/exportable --- include/identity.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/identity.php b/include/identity.php index daa985c2f..c892a4b55 100644 --- a/include/identity.php +++ b/include/identity.php @@ -565,7 +565,7 @@ function identity_basic_export($channel_id, $items = false) { if(! $items) return $ret; - $r = q("select likes.*, item.mid from likes left join item on likes.iid = item.id where likes.channel_id = %d", + $r = q("select * likes where channel_id = %d", intval($channel_id) ); -- cgit v1.2.3 From 039f56f390c69ad0aedadcca3d611fea0d9eebf9 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Mon, 31 Aug 2015 20:58:05 -0700 Subject: mostly doc tweaks, some import/export work --- include/identity.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/identity.php b/include/identity.php index 89589802f..cc2a37cc7 100644 --- a/include/identity.php +++ b/include/identity.php @@ -565,7 +565,7 @@ function identity_basic_export($channel_id, $items = false) { if(! $items) return $ret; - $r = q("select likes.*, item.mid from likes left join item on likes.iid = item.id where likes.channel_id = %d", + $r = q("select * from likes where channel_id = %d", intval($channel_id) ); -- cgit v1.2.3