From ca0bc2bb7bc2b9e7d81a356a394d47bcb688004c Mon Sep 17 00:00:00 2001
From: redmatrix <redmatrix@redmatrix.me>
Date: Thu, 27 Aug 2015 22:20:30 -0700
Subject: more work on AccessList integration

---
 mod/photos.php | 53 +++++++++++++++++++++++++----------------------------
 1 file changed, 25 insertions(+), 28 deletions(-)

(limited to 'mod/photos.php')

diff --git a/mod/photos.php b/mod/photos.php
index dc70e4f90..d06a8e69c 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -85,6 +85,7 @@ function photos_post(&$a) {
 
 	$owner_record = $s[0];	
 
+	$acl = AccessList($a->data['channel']);
 
 	if((argc() > 3) && (argv(2) === 'album')) {
 
@@ -200,6 +201,7 @@ function photos_post(&$a) {
 		goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
 	}
 
+
 	if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
 
 
@@ -208,10 +210,9 @@ function photos_post(&$a) {
 		$item_id     = ((x($_POST,'item_id')) ? intval($_POST['item_id'])       : 0);
 		$albname     = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
 		$is_nsfw     = ((x($_POST,'adult'))   ? intval($_POST['adult'])         : 0);
-		$str_group_allow   = perms2str($_POST['group_allow']);
-		$str_contact_allow = perms2str($_POST['contact_allow']);
-		$str_group_deny    = perms2str($_POST['group_deny']);
-		$str_contact_deny  = perms2str($_POST['contact_deny']);
+	
+		$acl->set_from_array($_POST);
+		$perm = $acl->get();
 
 		$resource_id = $a->argv[2];
 
@@ -284,10 +285,10 @@ function photos_post(&$a) {
 
 			$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
 				dbesc($desc),
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
+				dbesc($perm['allow_cid']),
+				dbesc($perm['allow_gid']),
+				dbesc($perm['deny_cid']),
+				dbesc($perm['deny_gid']),
 				dbesc($resource_id),
 				intval($page_owner_uid)
 			);
@@ -331,20 +332,20 @@ function photos_post(&$a) {
 		// make sure the linked item has the same permissions as the photo regardless of any other changes
 		$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
 			where id = %d",
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
-				intval($item_private),
+				dbesc($perm['allow_cid']),
+				dbesc($perm['allow_gid']),
+				dbesc($perm['deny_cid']),
+				dbesc($perm['deny_gid']),
+				intval($acl->is_private()),
 				intval($item_id)
 		);
 
 		// make sure the attach has the same permissions as the photo regardless of any other changes
 		$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
-				dbesc($str_contact_allow),
-				dbesc($str_group_allow),
-				dbesc($str_contact_deny),
-				dbesc($str_group_deny),
+				dbesc($perm['allow_cid']),
+				dbesc($perm['allow_gid']),
+				dbesc($perm['deny_cid']),
+				dbesc($perm['deny_gid']),
 				dbesc($resource_id),
 				intval($page_owner_uid)
 		);
@@ -418,11 +419,11 @@ function photos_post(&$a) {
 	$_REQUEST['source'] = 'photos';
 	require_once('include/attach.php');
 
-	if(!local_channel()) {
+	if(! local_channel()) {
 		$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
-		$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
-		$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
-		$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+		$_REQUEST['group_allow']   = expand_acl($channel['channel_allow_gid']);
+		$_REQUEST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
+		$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
 	}
 
 	$r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
@@ -557,14 +558,10 @@ function photos_content(&$a) {
 		if($_is_owner) {
 			$channel = $a->get_channel();
 
-			$channel_acl = array(
-				'allow_cid' => $channel['channel_allow_cid'], 
-				'allow_gid' => $channel['channel_allow_gid'], 
-				'deny_cid' => $channel['channel_deny_cid'], 
-				'deny_gid' => $channel['channel_deny_gid']
-			);
+			$acl = new AccessList($channel);
+			$channel_acl = $acl->get();
 
-			$lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
+			$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
 		}
 
 		$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');
-- 
cgit v1.2.3