mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 10:15:12 +00:00
Corrected resubmit of fixes to Authors unable to comment on posts they authored when owned by others.
This commit is contained in:
parent
41ccb61c2e
commit
9446e0348e
2 changed files with 28 additions and 11 deletions
|
@ -29,7 +29,7 @@ use \Zotlabs\Lib as Zlib;
|
||||||
class Item extends \Zotlabs\Web\Controller {
|
class Item extends \Zotlabs\Web\Controller {
|
||||||
|
|
||||||
function post() {
|
function post() {
|
||||||
|
|
||||||
// This will change. Figure out who the observer is and whether or not
|
// This will change. Figure out who the observer is and whether or not
|
||||||
// they have permission to post here. Else ignore the post.
|
// they have permission to post here. Else ignore the post.
|
||||||
|
|
||||||
|
@ -237,10 +237,12 @@ class Item extends \Zotlabs\Web\Controller {
|
||||||
if($parent) {
|
if($parent) {
|
||||||
logger('mod_item: item_post parent=' . $parent);
|
logger('mod_item: item_post parent=' . $parent);
|
||||||
$can_comment = false;
|
$can_comment = false;
|
||||||
if((array_key_exists('owner',$parent_item)) && intval($parent_item['owner']['abook_self']))
|
|
||||||
$can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments');
|
$can_comment = can_comment_on_post($observer['xchan_hash'],$parent_item);
|
||||||
else
|
if (!$can_comment) {
|
||||||
$can_comment = can_comment_on_post($observer['xchan_hash'],$parent_item);
|
if((array_key_exists('owner',$parent_item)) && intval($parent_item['owner']['abook_self'])==1 )
|
||||||
|
$can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments');
|
||||||
|
}
|
||||||
|
|
||||||
if(! $can_comment) {
|
if(! $can_comment) {
|
||||||
notice( t('Permission denied.') . EOL) ;
|
notice( t('Permission denied.') . EOL) ;
|
||||||
|
|
|
@ -1808,13 +1808,28 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
|
||||||
else {
|
else {
|
||||||
$arr['item_wall'] = 0;
|
$arr['item_wall'] = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if((! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) && (! $tag_delivery) && (! $local_public)) {
|
if ((! $tag_delivery) && (! $local_public)) {
|
||||||
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
|
$allowed = (perm_is_allowed($channel['channel_id'],$sender['hash'],$perm));
|
||||||
$DR->update('permission denied');
|
|
||||||
$result[] = $DR->get();
|
if((! $allowed) && $perm == 'post_comments') {
|
||||||
continue;
|
$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
|
||||||
}
|
dbesc($arr['parent_mid']),
|
||||||
|
intval($channel['channel_id'])
|
||||||
|
);
|
||||||
|
if ($parent) {
|
||||||
|
$allowed = can_comment_on_post($d['hash'],$parent[0]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (! $allowed) {
|
||||||
|
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
|
||||||
|
$DR->update('permission denied');
|
||||||
|
$result[] = $DR->get();
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if($arr['mid'] != $arr['parent_mid']) {
|
if($arr['mid'] != $arr['parent_mid']) {
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue