Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-19 16:55:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

dm issue

Browse source
This commit is contained in:
Mike Macgirvin 2024-08-11 09:04:04 +10:00
parent 81db331045
commit 8def2331c9
5 changed files with 25 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
include/items.php
View file

@ -122,10 +122,6 @@ function collect_recipients($item, &$private_envelope) {
}
// This is a somewhat expensive operation but important.
// Don't send this item to anybody who doesn't have the deliver_stream permission
$recipients = check_deliver_permissions($item,$recipients);
// Add both the author and owner (if different).

12
include/permissions.php
View file

@ -518,10 +518,8 @@ function check_list_permissions($uid, $arr, $perm)
function check_deliver_permissions($item, $arr, $includeMentions = false)
{
xdebug_break();
$result = [];
$uid = $item['uid'] ?? 0;
$terms = ((isset($item['term'])) ? get_terms_oftype($item['term'], [TERM_MENTION, TERM_GROUP]) : false);
// Find actors we are not delivering to.
$r = q("select * from abconfig where chan = %d and cat = 'system' and k = 'my_perms' and v not like '%%deliver_stream%%'",
intval($uid)
@ -566,7 +564,14 @@ function check_deliver_permissions($item, $arr, $includeMentions = false)
}
}
// Send mentions even if you have no permission to do so. They might allow it.
if ($terms && $includeMentions) {
if ($includeMentions) {
$terms = ((isset($item['term'])) ? get_terms_oftype($item['term'], [TERM_MENTION, TERM_GROUP]) : false);
if ($terms === false) {
$items = fetch_post_tags(['item']);
$item = array_shift($items);
$terms = ((isset($item['term'])) ? get_terms_oftype($item['term'], [TERM_MENTION, TERM_GROUP]) : false);
}
if ($terms) {
foreach ($terms as $term) {
$r = q("select * from hubloc where (hubloc_hash = '%s' or hubloc_id_url = '%s') and hubloc_deleted = 0",
dbesc($term['url']),
@ -580,6 +585,7 @@ function check_deliver_permissions($item, $arr, $includeMentions = false)
}
}
}
}
return($result);
}

1
src/Daemon/Notifier.php
View file

@ -529,6 +529,7 @@ class Notifier implements DaemonInterface
else {
self::$private = false;
self::$recipients = collect_recipients($parent_item, self::$private);
self::$recipients = check_deliver_permissions($parent_item, self::$recipients, true);
}
if ($top_level_post && intval($target_item['item_wall'])) {

3
src/Lib/Activity.php
View file

@ -5210,7 +5210,8 @@ class Activity
->setDenyGid($sourceItem['deny_gid'])
->setPrivate($sourceItem['item_private'])
->setNocomment($sourceItem['item_nocomment'])
->setCommentPolicy($sourceItem['comment_policy']);
->setCommentPolicy($sourceItem['comment_policy'])
->setPostopts($sourceItem['postopts']);
}
$result = post_activity_item($item->toArray(), deliver: $deliver, channel: $channel, observer: $channel, addAndSync: false);
logger('addToCollection: ' . print_r($result, true));

10
src/Lib/Libzot.php
View file

@ -1815,8 +1815,7 @@ class Libzot
$isMail = (bool) (intval($arr['item_private']) === 2);
if ((!$tag_delivery) && (!$local_public)) {
$allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm));
$allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm))
$blocked = LibBlock::fetch($channel['channel_id'], BLOCKTYPE_SERVER);
if ($blocked) {
$h = q(
@ -1854,6 +1853,7 @@ class Libzot
$allowed = true;
}
}
if ($request) {
// Conversation fetches (e.g. $request == true) take place for
// a) new comments on expired posts
@ -1876,10 +1876,8 @@ class Libzot
}
}
if ($isMail) {
if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
$allowed = false;
}
if ($isMail && !$allowed) {
$allowed = perm_is_allowed($channel['channel_id'], $sender, 'post_mail');
}
if (get_abconfig($channel['channel_id'], $sender, 'system', 'block_announce', false)) {