Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 10:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Corrected resubmit of fixes to Authors unable to comment on posts they authored when owned by others.

Browse source
This commit is contained in:
M.Dent 2018-09-04 07:54:24 -04:00
parent 41ccb61c2e
commit 9446e0348e
2 changed files with 28 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Zotlabs/Module/Item.php
View file

@ -29,7 +29,7 @@ use \Zotlabs\Lib as Zlib;
class Item extends \Zotlabs\Web\Controller { class Item extends \Zotlabs\Web\Controller {
function post() { function post() {
// This will change. Figure out who the observer is and whether or not // This will change. Figure out who the observer is and whether or not
// they have permission to post here. Else ignore the post. // they have permission to post here. Else ignore the post.
@ -237,10 +237,12 @@ class Item extends \Zotlabs\Web\Controller {
if($parent) { if($parent) {
logger('mod_item: item_post parent=' . $parent); logger('mod_item: item_post parent=' . $parent);
$can_comment = false; $can_comment = false;
if((array_key_exists('owner',$parent_item)) && intval($parent_item['owner']['abook_self']))
$can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments'); $can_comment = can_comment_on_post($observer['xchan_hash'],$parent_item);
else if (!$can_comment) {
$can_comment = can_comment_on_post($observer['xchan_hash'],$parent_item); if((array_key_exists('owner',$parent_item)) && intval($parent_item['owner']['abook_self'])==1 )
$can_comment = perm_is_allowed($profile_uid,$observer['xchan_hash'],'post_comments');
}
if(! $can_comment) { if(! $can_comment) {
notice( t('Permission denied.') . EOL) ; notice( t('Permission denied.') . EOL) ;

27
include/zot.php
View file

@ -1808,13 +1808,28 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
else { else {
$arr['item_wall'] = 0; $arr['item_wall'] = 0;
} }
if((! perm_is_allowed($channel['channel_id'],$sender['hash'],$perm)) && (! $tag_delivery) && (! $local_public)) { if ((! $tag_delivery) && (! $local_public)) {
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}"); $allowed = (perm_is_allowed($channel['channel_id'],$sender['hash'],$perm));
$DR->update('permission denied');
$result[] = $DR->get(); if((! $allowed) && $perm == 'post_comments') {
continue; $parent = q("select * from item where mid = '%s' and uid = %d limit 1",
} dbesc($arr['parent_mid']),
intval($channel['channel_id'])
);
if ($parent) {
$allowed = can_comment_on_post($d['hash'],$parent[0]);
}
}
if (! $allowed) {
logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
$DR->update('permission denied');
$result[] = $DR->get();
continue;
}
}
if($arr['mid'] != $arr['parent_mid']) { if($arr['mid'] != $arr['parent_mid']) {