mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 23:55:19 +00:00
extensible perms: the really, really hard part - figuring out what to do about people with custom permissions so as to set sane defaults.
This commit is contained in:
parent
47a356ff52
commit
97e70d62bf
3 changed files with 69 additions and 10 deletions
|
@ -160,6 +160,7 @@ class PermissionRoles {
|
|||
$ret['limits'] = PermissionLimits::Std_Limits();
|
||||
break;
|
||||
|
||||
case 'custom':
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
@ -174,7 +175,48 @@ class PermissionRoles {
|
|||
return $ret;
|
||||
}
|
||||
|
||||
static public function new_custom_perms($uid,$perm,$abooks) {
|
||||
|
||||
// set permissionlimits for this permission here, for example:
|
||||
|
||||
// if($perm === 'mynewperm')
|
||||
// \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1);
|
||||
|
||||
|
||||
// set autoperms here if applicable
|
||||
// choices are to set to 0, 1, or the value of an existing perm
|
||||
|
||||
if(get_pconfig($uid,'system','autoperms')) {
|
||||
|
||||
$c = channelx_by_n($uid);
|
||||
$value = 0;
|
||||
|
||||
// if($perm === 'mynewperm')
|
||||
// $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm'));
|
||||
|
||||
if($c) {
|
||||
set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
// now set something for all existing connections.
|
||||
|
||||
if($abooks) {
|
||||
foreach($abooks as $ab) {
|
||||
switch($perm) {
|
||||
// case 'mynewperm':
|
||||
// choices are to set to 1, set to 0, or clone an existing perm
|
||||
// set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
|
||||
// get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm'));
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static public function roles() {
|
||||
|
|
|
@ -10,9 +10,18 @@ class Permissions {
|
|||
/**
|
||||
* Extensible permissions.
|
||||
* To add new permissions, add to the list of $perms below, with a simple description.
|
||||
*
|
||||
* Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
|
||||
* if this permission should be granted to new connections.
|
||||
*
|
||||
* Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom
|
||||
* permission roles. You will want to set a default PermissionLimit for each channel and also
|
||||
* provide a sane default for any existing connections. You may or may not wish to provide a
|
||||
* default auto permission. If in doubt, leave this alone as custom permissions by definition
|
||||
* are the responsbility of the channel owner to manage. You just don't want to create any
|
||||
* suprises or break things so you have an opportunity to provide sane settings.
|
||||
*
|
||||
*
|
||||
* Permissions with 'view' in the name are considered read permissions. Anything
|
||||
* else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
|
||||
* is given PERMS_SPECIFIC.
|
||||
|
|
8
boot.php
8
boot.php
|
@ -2483,6 +2483,12 @@ function check_for_new_perms() {
|
|||
// get the permissions role details
|
||||
$rp = \Zotlabs\Access\PermissionRoles::role_perms($r[0]['v']);
|
||||
if($rp) {
|
||||
|
||||
// for custom permission roles we need to customise how we initiate this new permission
|
||||
if(array_key_exists('role',$rp) && ($rp['role'] === 'custom' || $rp['role'] === '')) {
|
||||
\Zotlabs\Access\PermissionRoles::new_custom_perms($cc['uid'],$p,$x);
|
||||
}
|
||||
else {
|
||||
// set the channel limits if appropriate or 0
|
||||
if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
|
||||
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
|
||||
|
@ -2491,6 +2497,7 @@ function check_for_new_perms() {
|
|||
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
|
||||
}
|
||||
|
||||
|
||||
$set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
|
||||
// foreach connection set to the perms_connect value
|
||||
if($x) {
|
||||
|
@ -2504,6 +2511,7 @@ function check_for_new_perms() {
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency
|
||||
if($found_new_perm)
|
||||
|
|
Loading…
Reference in a new issue