start sorting the permission debacle

Zotlabs/Daemon/Onepoll.php

@@ -104,7 +104,7 @@ class Onepoll {
 
 			// They haven't given us permission to see their stream
 
-			$can_view_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'their_perms','view_stream'));
+			$can_view_stream = their_perms_contains($importer_uid,$contact['abook_xchan'],'view_stream');
 
 			if(! $can_view_stream)
 				$fetch_feed = false;

Zotlabs/Lib/Webfinger.php

@@ -76,4 +76,20 @@ class Webfinger {
 
 	}
 
+	static function zot_url($arr) {
+
+		if(is_array($arr) && array_key_exists('links',$arr)) {
+			foreach($arr['links'] as $link) {
+				if(array_key_exists('rel',$link) && $link['rel'] === PROTOCOL_ZOT6) {
+					if(array_key_exists('href',$link) && $link['href'] !== EMPTY_STR) {
+						return $link['href'];
+					}
+				}
+			}
+		}
+		return false;
+	}
+
+
+
 }

Zotlabs/Lib/Zotfinger.php

@@ -12,6 +12,7 @@ class Zotfinger {
 			return false;
 		}
 
+
 		$headers = [];
 		$headers['Accept'] = 'Accept: application/x-zot+json'; 
 

Zotlabs/Module/Acl.php

@@ -70,9 +70,9 @@ class Acl extends \Zotlabs\Web\Controller {
 			// These queries require permission checking. We'll create a simple array of xchan_hash for those with
 			// the requisite permissions which we can check against. 
 
-			$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = '1'",
+			$x = q("select xchan from abconfig where chan = %d and cat = system and k = 'their_perms' and v like '%s'",
 				intval(local_channel()),
-				dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
+				dbesc(($type === 'm') ? '%post_mail%' : '%tag_deliver%')
 			);
 
 			$permitted = ids_to_array($x,'xchan');
@@ -206,7 +206,6 @@ class Acl extends \Zotlabs\Web\Controller {
 							'micro' => $x['xchan_photo_m'],
 							'url' => z_root(),
 							'nick' => $x['xchan_addr'],
-							'abook_their_perms' => 0,
 							'abook_flags' => 0,
 							'abook_self' => 0
 						];
@@ -215,7 +214,7 @@ class Acl extends \Zotlabs\Web\Controller {
 
 				// add connections
 	
-				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self 
+				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, xchan_pubforum, abook_flags, abook_self 
 					FROM abook left join xchan on abook_xchan = xchan_hash 
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
@@ -225,7 +224,7 @@ class Acl extends \Zotlabs\Web\Controller {
 
 			}
 			else { // Visitors
-				$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
+				$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_flags, 0 as abook_self
 					FROM xchan left join xlink on xlink_link = xchan_hash
 					WHERE xlink_xchan  = '%s' AND xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					dbesc(get_observer_hash())
@@ -241,7 +240,7 @@ class Acl extends \Zotlabs\Web\Controller {
 							$known_hashes[] = "'".$rr['hash']."'";
 					$known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')';
 	
-					$r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self 
+					$r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_flags, abook_self 
 						FROM abook left join xchan on abook_xchan = xchan_hash 
 						WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc");
 					if($r2)
@@ -269,7 +268,7 @@ class Acl extends \Zotlabs\Web\Controller {
 				}
 			}
 			if((count($r) < 100) && $type == 'c') {
-				$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self 
+				$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_flags, 0 as abook_self 
 					FROM xchan 
 					WHERE xchan_deleted = 0 and not xchan_network  in ('rss','anon','unknown') $sql_extra2 order by $order_extra2 xchan_name asc" 
 				);
@@ -301,7 +300,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 		elseif($type == 'a') {
 	
-			$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
+			$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
 				$sql_extra3

Zotlabs/Module/Connections.php

@@ -263,7 +263,7 @@ class Connections extends \Zotlabs\Web\Controller {
 					);
 
 					$oneway = false;
-					if(! intval(get_abconfig(local_channel(),$rr['xchan_hash'],'their_perms','post_comments'))) {
+					if(! their_perms_contains(local_channel(),$rr['xchan_hash'],'post_comments')) {
 						$oneway = true;
 					}
 	

Zotlabs/Module/Mail.php

@@ -67,42 +67,22 @@ class Mail extends \Zotlabs\Web\Controller {
 		if(! $recipient) {
 			$channel = \App::get_channel();
 	
-			$j = \Zotlabs\Zot\Finger::run(punify($rstr),$channel);
-	
-			if(! $j['success']) {
-				notice( t('Unable to lookup recipient.') . EOL);
-				return;
-			} 
-	
-			logger('message_post: lookup: ' . $rstr . ' ' . print_r($j,true));
-	
-			if(! $j['guid']) {
-				notice( t('Unable to communicate with requested channel.'));
-				return;
+			$wf = \Zotlabs\Lib\Webfinger::exec(punify($rstr));
+			if($wf) {
+				$href = \Zotlabs\Lib\Webfinger::zot_url($wf);
+				if($href) {
+					$zf = \Zotlabs\Lib\Zotfinger($href,$channel);
+				}
+				if($zf && is_array('data',$zf) && is_array('permissions',$zf['data']) && strpos($zf['data']['permissions'],'post_mail') !== false) {
+					$xc = import_xchan($zf['data']);
+					if($xc['success']) {
+						$recipient = $xc['hash'];
+					}
+				}
 			}
-	
-			$x = import_xchan($j);
-	
-			if(! $x['success']) {
-				notice( t('Cannot verify requested channel.'));
-				return;
-			}
-	
-			$recipient = $x['hash'];
-	
-			$their_perms = 0;
-	
-			if($j['permissions']['data']) {
-				$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
-				if($permissions)
-					$permissions = json_decode($permissions, true);
-				logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA);
-			}
-			else
-				$permissions = $j['permissions'];
-	
-			if(! ($permissions['post_mail'])) {
+			if(! $recipient) {
 	 			notice( t('Selected channel has private message restrictions. Send failed.'));
+
 				// reported issue: let's still save the message and continue. We'll just tell them
 				// that nothing useful is likely to happen. They might have spent hours on it.  
 				//			return;

include/items.php

@@ -270,7 +270,7 @@ function can_comment_on_post($observer_xchan, $item) {
 		case 'any connections':
 		case 'contacts':
 		case '':
-			if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
+			if(array_key_exists('owner',$item) && their_perms_contains($item['uid'],$item['owner']['abook_xchan'],'post_comments')) {
 					return true;
 			}
 			break;

include/permissions.php

@@ -542,3 +542,13 @@ function site_default_perms() {
 }
 
 
+function their_perms_contains($channel_id,$xchan_hash,$perm) {
+	$x = get_abconfig($channel_id,$xchan_hash,'system','their_perms');
+	if($x) {
+		$y = explode(',',$x);
+		if(in_array($perm,$y)) {
+			return true;
+		}
+	}
+	return false;
+}

include/text.php

@@ -973,7 +973,7 @@ function contact_block() {
 				// Use the ability to post comments as an indication that this relationship is more
 				// than wishful thinking; even though soapbox channels and feeds will disable it. 
 
-				if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) {
+				if(! their_perms_contains(App::$profile['uid'],$rr['xchan_hash'],'post_comments')) {
 					$rr['oneway'] = true;
 				}
 				$micropro[] = micropro($rr,true,'mpfriend');

include/zot.php

@@ -428,14 +428,8 @@ function zot_refresh($them, $channel = null, $force = false) {
 			return false;
 
 		if($channel && $record['data']['permissions']) {
-			$permissions = $record['data']['permissions'];
-
-			if($permissions && is_array($permissions)) {
-				$x = get_abonfig($channel['channel_id'],$x['hash'],'system','their_perms');
-				if(in_array($x,'view_stream'))
-					$old_read_stream_perm = 1;
-				set_abconfig($channel['channel_id'],$x['hash'],'system','their_perms',$permissions);
-			}
+			$old_read_stream_perm = their_perms_contains($channel['channel_id'],$x['hash'],'view_stream');
+			set_abconfig($channel['channel_id'],$x['hash'],'system','their_perms',$record['data']['permissions']);
 
 			if(array_key_exists('profile',$j) && array_key_exists('next_birthday',$j['profile'])) {
 				$next_birthday = datetime_convert('UTC','UTC',$j['profile']['next_birthday']);