Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 06:35:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' into commperms

Browse source
This commit is contained in:
Mike Macgirvin 2022-12-05 05:16:51 +11:00
commit 38e9e2297e
7 changed files with 1262 additions and 1231 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Code/Lib/AccessList.php
View file

@ -229,11 +229,11 @@ class AccessList
}
public static function members($uid, $gid, $total = false, $start = 0, $records = 0): mixed
public static function members($uid, $gid, $total = false, $start = 0, $records = 0, $sqlExtra = ''): mixed
{
$ret = [];
$pager_sql = '';
$sql_extra = '';
$sql_extra = $sqlExtra;
if ($records) {
$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($records), intval($start));
@ -263,7 +263,8 @@ class AccessList
$r = q(
"SELECT * FROM abook left join xchan on xchan_hash = abook_xchan
WHERE abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 $sql_extra ORDER BY xchan_name ASC $pager_sql",
WHERE abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0
and abook_pending = 0 $sql_extra ORDER BY xchan_name ASC $pager_sql",
intval($uid)
);
if ($r) {

17
Code/Module/Followers.php
View file

@ -33,12 +33,18 @@ class Followers extends Controller
$observer_hash = get_observer_hash();
$sqlExtra = '';
if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'view_contacts')) {
http_status_exit(403, 'Forbidden');
$sqlExtra = ($observer_hash) ? " AND xchan_hash = '" . dbesc($observer_hash) . "' " : '';
}
$t = q(
"select count(xchan_hash) as total from xchan left join abconfig on abconfig.xchan = xchan_hash left join abook on abook_xchan = xchan_hash where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'their_perms' and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0 and xchan_deleted = 0 and abook_hidden = 0 and abook_pending = 0 and abook_self = 0 ",
"select count(xchan_hash) as total from xchan
left join abconfig on abconfig.xchan = xchan_hash
left join abook on abook_xchan = xchan_hash
where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'their_perms'
and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0 and xchan_deleted = 0
and abook_hidden = 0 and abook_pending = 0 and abook_self = 0 $sqlExtra ",
intval($channel['channel_id']),
intval($channel['channel_id']),
dbesc($channel['channel_hash'])
@ -54,7 +60,12 @@ class Followers extends Controller
$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
$r = q(
"select * from xchan left join abconfig on abconfig.xchan = xchan_hash left join abook on abook_xchan = xchan_hash where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'their_perms' and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0 and xchan_deleted = 0 and abook_hidden = 0 and abook_pending = 0 and abook_self = 0 $pager_sql",
"select * from xchan left join abconfig on abconfig.xchan = xchan_hash
left join abook on abook_xchan = xchan_hash
where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system'
and abconfig.k = 'their_perms' and abconfig.v like '%%send_stream%%' and xchan_hash != '%s'
and xchan_orphan = 0 and xchan_deleted = 0 and abook_hidden = 0 and abook_pending = 0
and abook_self = 0 $sqlExtra $pager_sql",
intval($channel['channel_id']),
intval($channel['channel_id']),
dbesc($channel['channel_hash'])

17
Code/Module/Following.php
View file

@ -33,12 +33,19 @@ class Following extends Controller
$observer_hash = get_observer_hash();
$sqlExtra = '';
if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'view_contacts')) {
http_status_exit(403, 'Forbidden');
$sqlExtra = ($observer_hash) ? " AND xchan_hash = '" . dbesc($observer_hash) . "' " : '';
}
$t = q(
"select count(xchan_hash) as total from xchan left join abconfig on abconfig.xchan = xchan_hash left join abook on abook_xchan = xchan_hash where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'my_perms' and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0 and xchan_deleted = 0 and abook_hidden = 0 and abook_pending = 0 and abook_self = 0",
"select count(xchan_hash) as total from xchan
left join abconfig on abconfig.xchan = xchan_hash
left join abook on abook_xchan = xchan_hash
where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'my_perms'
and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0 and xchan_deleted = 0
and abook_hidden = 0 and abook_pending = 0 and abook_self = 0 $sqlExtra ",
intval($channel['channel_id']),
intval($channel['channel_id']),
dbesc($channel['channel_hash'])
@ -55,7 +62,11 @@ class Following extends Controller
$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
$r = q(
"select * from xchan left join abconfig on abconfig.xchan = xchan_hash left join abook on abook_xchan = xchan_hash where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'my_perms' and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0 and xchan_deleted = 0 and abook_hidden = 0 and abook_pending = 0 and abook_self = 0 $pager_sql",
"select * from xchan left join abconfig on abconfig.xchan = xchan_hash
left join abook on abook_xchan = xchan_hash
where abook_channel = %d and abconfig.chan = %d and abconfig.cat = 'system' and abconfig.k = 'my_perms'
and abconfig.v like '%%send_stream%%' and xchan_hash != '%s' and xchan_orphan = 0
and xchan_deleted = 0 and abook_hidden = 0 and abook_pending = 0 and abook_self = 0 $sqlExtra $pager_sql",
intval($channel['channel_id']),
intval($channel['channel_id']),
dbesc($channel['channel_hash'])

21
Code/Module/Lists.php
View file

@ -51,9 +51,8 @@ class Lists extends Controller
http_status_exit(403, 'Permission denied');
}
if (!perm_is_allowed($group['uid'], get_observer_hash(), 'view_contacts')) {
http_status_exit(403, 'Permission denied');
}
$observer_hash = get_observer_hash();
$hasPermission = perm_is_allowed($group['uid'], $observer_hash, 'view_contacts');
$channel = Channel::from_id($group['uid']);
@ -61,13 +60,20 @@ class Lists extends Controller
http_status_exit(404, 'Not found');
}
if (!$group['visible']) {
if ($channel['channel_hash'] !== get_observer_hash()) {
$sqlExtra = '';
if (!$group['visible'] || !$hasPermission) {
if ($observer_hash) {
if ($observer_hash !== $channel['channel_hash']) {
$sqlExtra = " AND xchan_hash = '" . dbesc(get_observer_hash()) . "' ";
}
}
else {
http_status_exit(403, 'Permission denied');
}
}
$total = AccessList::members($group['uid'], $group['id'], true);
$total = AccessList::members($group['uid'], $group['id'], true, sqlExtra: $sqlExtra);
if ($total) {
App::set_pager_total($total);
App::set_pager_itemspage(100);
@ -78,7 +84,8 @@ class Lists extends Controller
$ret['name'] = $group['gname'];
$ret['attributedTo'] = Channel::url($channel);
} else {
$members = AccessList::members($group['uid'], $group['id'], false, App::$pager['start'], App::$pager['itemspage']);
$members = AccessList::members($group['uid'], $group['id'], false, App::$pager['start'],
App::$pager['itemspage'], sqlExtra: $sqlExtra);
$ret = Activity::encode_follow_collection($members, App::$query_string, 'OrderedCollection', $total);
$ret['name'] = $group['gname'];
$ret['attributedTo'] = Channel::url($channel);

2425
util/messages.po
View file

File diff suppressed because it is too large Load diff

2
version.php
View file

@ -1,2 +1,2 @@
<?php
define ('STD_VERSION', '22.11.28');
define ('STD_VERSION', '22.12.03');

4
view/theme/redbasic/css/style.css
View file

@ -1327,13 +1327,15 @@ img.mail-conv-sender-photo {
/* widgets */
.widget {
.widget, .dropdown-menu {
background-color: rgb(255,255,255);
border: 1px solid rgba(0,0,0,.2);
border-radius: $radius;
box-shadow: 3px 3px 3px 0 #aaaaaa;
}
#note-text {
border-radius: $radius;
}