Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-26 04:30:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

Item storage: Permissions aren't stored in the items anymore (#5495)

Browse source 
* The permission set is now used for item permissions

* Check for allow_cid, ... is superfluous. Checking for "private" is enough

* We query the permissionset

* Permissions are displayed correctly

* Changed index

* We don't store the permissions in the item table anymore

* Permission fields are now deprecated

* Reversed ...
This commit is contained in:
Michael Vogel 2018-07-26 01:14:55 +02:00 committed by Hypolite Petovan
parent 830b2edc35
commit 986106a8f7
9 changed files with 117 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

33
src/Protocol/DFRN.php
View file

@ -25,6 +25,7 @@ use Friendica\Model\GContact;
use Friendica\Model\Group;
use Friendica\Model\Item;
use Friendica\Model\Profile;
use Friendica\Model\PermissionSet;
use Friendica\Model\User;
use Friendica\Object\Image;
use Friendica\Util\Crypto;
@ -123,7 +124,7 @@ class DFRN
// default permissions - anonymous user
$sql_extra = " AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' ";
$sql_extra = " AND NOT `item`.`private` ";
$r = q(
"SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`, `user`.`account-type`
@ -175,30 +176,14 @@ class DFRN
$contact = $r[0];
include_once 'include/security.php';
$groups = Group::getIdsByContactId($contact['id']);
if (count($groups)) {
for ($x = 0; $x < count($groups); $x ++) {
$groups[$x] = '<' . intval($groups[$x]) . '>' ;
}
$set = PermissionSet::get($owner_id, $contact['id']);
$gs = implode('|', $groups);
if (!empty($set)) {
$sql_extra = " AND `item`.`psid` IN (" . implode(',', $set) .")";
} else {
$gs = '<<>>' ; // Impossible to match
$sql_extra = " AND NOT `item`.`private`";
}
$sql_extra = sprintf(
"
AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s')
",
intval($contact['id']),
intval($contact['id']),
DBA::escape($gs),
DBA::escape($gs)
);
}
if ($public_feed) {
@ -911,7 +896,7 @@ class DFRN
$entry->setAttribute("xmlns:statusnet", NAMESPACE_STATUSNET);
}
if ($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) {
if ($item['private']) {
$body = Item::fixPrivatePhotos($item['body'], $owner['uid'], $item, $cid);
} else {
$body = $item['body'];
@ -1005,8 +990,8 @@ class DFRN
XML::addElement($doc, $entry, "georss:point", $item['coord']);
}
if (($item['private']) || strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
XML::addElement($doc, $entry, "dfrn:private", (($item['private']) ? $item['private'] : 1));
if ($item['private']) {
XML::addElement($doc, $entry, "dfrn:private", ($item['private'] ? $item['private'] : 1));
}
if ($item['extid']) {