From 78f64c90a353606b0a46185d07e65359eebe99ad Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 31 Oct 2012 20:53:02 -0700
Subject: get permission discovery working - guid sigs were getting truncated
 in db

---
 include/permissions.php | 122 ++++++------------------------------------------
 include/zot.php         |  51 ++++++++++++++++++++
 2 files changed, 65 insertions(+), 108 deletions(-)

(limited to 'include')

diff --git a/include/permissions.php b/include/permissions.php
index e32704883..51e47007c 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -29,7 +29,7 @@
  * @returns: array of all permissions, key is permission name, value is integer 0 or 1
  */
 
-function get_all_perms($uid,$observer) {
+function get_all_perms($uid,$observer,$internal_use = true) {
 
 	global $global_perms;
 
@@ -61,21 +61,21 @@ function get_all_perms($uid,$observer) {
 		}
 
 		if(! $r) {
-			$ret[$perm_name] = 0;
+			$ret[$perm_name] = false;
 			continue;
 		}
 
 		// Check if this $uid is actually the $observer
 
 		if($r[0]['channel_hash'] === $observer) {
-			$ret[$perm_name] = 1;
+			$ret[$perm_name] = true;
 			continue;
 		}
 
 		// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
 
 		if(! $observer) {
-			$ret[$perm_name] = (($r[0][$channel_perm] & PERMS_PUBLIC) ? 1 : 0);
+			$ret[$perm_name] = (($r[0][$channel_perm] & PERMS_PUBLIC) ? true : false);
 			continue;
 		}
 
@@ -83,7 +83,7 @@ function get_all_perms($uid,$observer) {
 		// If we're still here, we have an observer, which means they're in the network.
 
 		if($r[0][$channel_perm] & PERMS_NETWORK) {
-			$ret[$perm_name] = 1;
+			$ret[$perm_name] = true;
 			continue;
 		}
 
@@ -99,9 +99,9 @@ function get_all_perms($uid,$observer) {
 			}
 	
 			if($c)
-				$ret[$perm_name] = 1;
+				$ret[$perm_name] = true;
 			else
-				$ret[$perm_name] = 0;
+				$ret[$perm_name] = false;
 
 			continue;
 		}	
@@ -122,7 +122,7 @@ function get_all_perms($uid,$observer) {
 		// If they're blocked - they can't read or write
  
 		if((! $x) || ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) {
-			$ret[$perm_name] = 0;
+			$ret[$perm_name] = false;
 			continue;
 		}
 		
@@ -131,15 +131,16 @@ function get_all_perms($uid,$observer) {
 		if($r && $r[0][$channel_perm] & PERMS_CONTACTS) {
 
 			// Check if this is a write permission and they are being ignored
+			// This flag is only visible internally.
 
-			if((! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED)) {
-				$ret[$perm_name] = 0;
+			if(($internal_use) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED)) {
+				$ret[$perm_name] = false;
 				continue;
 			}
 
 			// Otherwise they're a contact, so they have permission
 
-			$ret[$perm_name] = 1;
+			$ret[$perm_name] = true;
 			continue;
 		}
 
@@ -147,14 +148,14 @@ function get_all_perms($uid,$observer) {
 
 		if(($r) && ($r[0][$channel_perm] & PERMS_SPECIFIC)) {
 			if(($x) && ($x[0]['abook_my_perms'] & $global_perms[$permission][1])) {
-				$ret[$perm_name] = 1;
+				$ret[$perm_name] = true;
 				continue;
 			}
 		}
 
 		// No permissions allowed.
 
-		$ret[$perm_name] = 0;
+		$ret[$perm_name] = false;
 		continue;
 
 	}
@@ -249,98 +250,3 @@ function perm_is_allowed($uid,$observer,$permission) {
 
 
 
-function map_perms($channel,$zguid,$zsig) {
-
-	$is_contact = false;
-	$is_site    = false;
-	$is_network = false;
-	$is_anybody = true;
-
-
-	// To avoid sending the lengthy target_sig with each request,
-	// We should provide an array of results for each target
-	// and let the sender match the signature.
-
-	if(strlen($zguid) && strlen($zsig)) {
-		
-		$is_network = true;
-
-		$r = q("select * from contact where guid = '%s' and uid = %d limit 1",
-			dbesc($zguid),
-			intval($channel['channel_id'])
-		);
-		if($r && count($r)) {
-			$is_contact = true;
-			$contact = $r[0];
-		}
-		$r = q("select * from channel where channel_guid = '%s'",
-			dbesc($zguid)
-		);
-		if($r && count($r)) {
-			foreach($r as $rr) {
-				if(base64url_encode(rsa_sign($rr['channel_guid'],$rr['channel_prvkey'])) === $zsig) {
-					$is_site = true;
-					break;
-				}
-			}
-		}
-	}
-
-	$perms = array(
-		'view_stream'   => array('channel_r_stream',  PERMS_R_STREAM ),
-		'view_profile'  => array('channel_r_profile', PERMS_R_PROFILE),
-		'view_photos'   => array('channel_r_photos',  PERMS_R_PHOTOS),
-		'view_contacts' => array('channel_r_abook',   PERMS_R_ABOOK),
-
-		'send_stream'   => array('channel_w_stream',  PERMS_W_STREAM),
-		'post_wall'     => array('channel_w_wall',    PERMS_W_WALL),
-		'tag_deliver'   => array('channel_w_tagwall', PERMS_W_TAGWALL),
-		'post_comments' => array('channel_w_comment', PERMS_W_COMMENT),
-		'post_mail'     => array('channel_w_mail',    PERMS_W_MAIL),
-		'post_photos'   => array('channel_w_photos',  PERMS_W_PHOTOS),
-		'chat'          => array('channel_w_chat',    PERMS_W_CHAT),
-	);
-
-
-	$ret = array();
-
-	foreach($perms as $k => $v) {
-		$ret[$k] = z_check_perms($k,$v,$channel,$contact,$is_contact,$is_site,$is_network,$is_anybody);
-
-	}
-
-	return $ret;
-
-}
-
-function z_check_perms($k,$v,$channel,$contact,$is_contact,$is_site,$is_network,$is_anybody) {
-
-	$allow = (($contact['self']) ? true : false);
-	
-	switch($channel[$v[0]]) {
-		case PERMS_PUBLIC:
-				if($is_anybody)
-					$allow = true;
-				break;
-		case PERMS_NETWORK:
-				if($is_network)
-					$allow = true;
-				break;
-		case PERMS_SITE:
-				if($is_site)
-					$allow = true;
-				break;
-		case PERMS_CONTACTS:
-				if($is_contact)
-					$allow = true;
-				break;
-		case PERMS_SPECIFIC:
-				if($is_contact && is_array($contact) && ($contact['my_perms'] & $v[1]))
-					$allow = true;
-				break;
-		default:
-				break;
-	}
-	return $allow; 
-}
-
diff --git a/include/zot.php b/include/zot.php
index c9fd25de4..6d48f1e7c 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -72,6 +72,57 @@ function zot_notify($channel,$url) {
 	return($x);
 }
 
+function zot_finger($webbie,$channel) {
+
+	if(strpos($webbie,'@') === false) {
+		$address = $webbie;
+		$host = get_app()->get_hostname();
+	}
+	else {
+		$address = substr($webbie,0,strpos($webbie,'@'));
+		$host = substr($webbie,strpos($webbie,'@')+1);
+	}
+
+	$xchan_addr = $address . '@' . $host;
+
+	$r = q("select xchan.*, hubloc.* from xchan 
+			left join hubloc on xchan_hash = hubloc_hash
+			where xchan_addr = '%s' and (hubloc_flags & %d) limit 1",
+		dbesc($xchan_address),
+		intval(HUBLOC_FLAGS_PRIMARY)
+	);
+
+	if($r) {
+		$url = $r[0]['hubloc_url'];
+	}
+	else {
+		$url = 'https://' . $host;
+	}
+	
+	$rhs = '/.well-known/zot-guid';
+
+	if($channel) {
+		$postvars = array(
+			'address' => $address,
+			'target'  => $channel['channel_guid'],
+			'target_sig' => $channel['channel_guid_sig']
+		);
+		$result = z_post_url($url . $rhs,$postvars);
+		if(! $result['success'])
+			$result = z_post_url('http://' . $host . $rhs,$postvars);
+	}		
+	else {
+		$rhs .= 'address=' . urlencode($address);
+
+		$result =  z_fetch_url($url . $rhs);
+		if(! $result['success'])
+			$result = z_fetch_url('http://' . $host . $rhs);
+	}
+	
+	return $result;	 
+
+}
+
 		
 function zot_gethub($arr) {
 
-- 
cgit v1.2.3