Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2024-11-10 07:42:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

Issue 8882: Fixes permissions of pinned posts

Browse source
This commit is contained in:
Michael 2020-09-06 15:05:42 +00:00
parent f3934eb0c2
commit 8d0d6bcd0c
2 changed files with 15 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/Model/Item.php
View file

@ -201,18 +201,10 @@ class Item
return [];
}
if (empty($condition) || !is_array($condition)) {
$condition = ['iid' => $pinned];
if (!empty($condition)) {
$condition = DBA::mergeConditions(['iid' => $pinned], $condition);
} else {
reset($condition);
$first_key = key($condition);
if (!is_int($first_key)) {
$condition['iid'] = $pinned;
} else {
$values_string = substr(str_repeat("?, ", count($pinned)), 0, -2);
$condition[0] = '(' . $condition[0] . ") AND `iid` IN (" . $values_string . ")";
$condition = array_merge($condition, $pinned);
}
$condition = ['iid' => $pinned];
}
return self::selectThreadForUser($uid, $selected, $condition, $params);

13
src/Module/Profile/Status.php
View file

@ -232,7 +232,18 @@ class Status extends BaseProfile
$items = DBA::toArray($items_stmt);
if ($pager->getStart() == 0 && !empty($a->profile['uid'])) {
$pinned_items = Item::selectPinned($a->profile['uid'], ['uri', 'pinned']);
$condition = ['private' => [Item::PUBLIC, Item::UNLISTED]];
if (remote_user()) {
$permissionSets = DI::permissionSet()->selectByContactId(remote_user(), $a->profile['uid']);
if (!empty($permissionSets)) {
$condition = ['psid' => array_merge($permissionSets->column('id'),
[DI::permissionSet()->getIdFromACL($a->profile['uid'], '', '', '', '')])];
}
} elseif ($a->profile['uid'] == local_user()) {
$condition = [];
}
$pinned_items = Item::selectPinned($a->profile['uid'], ['uri', 'pinned'], $condition);
$pinned = Item::inArray($pinned_items);
$items = array_merge($items, $pinned);
}