clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix bug with ACL and contact network page 

- Require user array parameter in ACL::getFullSelectorHTML
- Change all wrong uses where user array was replaced by default
permissions array
This commit is contained in:
Hypolite Petovan 2018-08-15 00:43:27 +02:00
parent 1283b99c6f
commit ea17370211
4 changed files with 19 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mod/events.php
View File

@ -483,7 +483,7 @@ function events_content(App $a) {
$perms = ACL::getDefaultUserPermissions($orig_event); $perms = ACL::getDefaultUserPermissions($orig_event);
if ($mode === 'new' || $mode === 'copy') { if ($mode === 'new' || $mode === 'copy') {
$acl = ($cid ? '' : ACL::getFullSelectorHTML(x($orig_event) ? $orig_event : $a->user)); $acl = ($cid ? '' : ACL::getFullSelectorHTML($a->user, false, $orig_event));
} }
// If we copy an old event, we need to remove the ID and URI // If we copy an old event, we need to remove the ID and URI

10
mod/network.php
View File

@ -496,6 +496,8 @@ function networkThreadedView(App $a, $update, $parent)
$gid = 0; $gid = 0;
$default_permissions = [];
if ($a->argc > 1) { if ($a->argc > 1) {
for ($x = 1; $x < $a->argc; $x ++) { for ($x = 1; $x < $a->argc; $x ++) {
if (is_a_date_arg($a->argv[$x])) { if (is_a_date_arg($a->argv[$x])) {
@ -507,7 +509,7 @@ function networkThreadedView(App $a, $update, $parent)
} }
} elseif (intval($a->argv[$x])) { } elseif (intval($a->argv[$x])) {
$gid = intval($a->argv[$x]); $gid = intval($a->argv[$x]);
$def_acl = ['allow_gid' => '<' . $gid . '>']; $default_permissions = ['allow_gid' => '<' . $gid . '>'];
} }
} }
} }
@ -522,7 +524,7 @@ function networkThreadedView(App $a, $update, $parent)
$nets = defaults($_GET, 'nets' , ''); $nets = defaults($_GET, 'nets' , '');
if ($cid) { if ($cid) {
$def_acl = ['allow_cid' => '<' . intval($cid) . '>']; $default_permissions = ['allow_cid' => '<' . intval($cid) . '>'];
} }
if ($nets) { if ($nets) {
@ -533,7 +535,7 @@ function networkThreadedView(App $a, $update, $parent)
$str .= '<' . $rr['id'] . '>'; $str .= '<' . $rr['id'] . '>';
} }
if (strlen($str)) { if (strlen($str)) {
$def_acl = ['allow_cid' => $str]; $default_permissions = ['allow_cid' => $str];
} }
} }
@ -576,7 +578,7 @@ function networkThreadedView(App $a, $update, $parent)
((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) ||
(strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'), (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
'default_perms' => ACL::getDefaultUserPermissions($a->user), 'default_perms' => ACL::getDefaultUserPermissions($a->user),
'acl' => ACL::getFullSelectorHTML((($gid || $cid || $nets) ? $def_acl : $a->user), true), 'acl' => ACL::getFullSelectorHTML($a->user, true, $default_permissions),
'bang' => (($gid || $cid || $nets) ? '!' : ''), 'bang' => (($gid || $cid || $nets) ? '!' : ''),
'visitor' => 'block', 'visitor' => 'block',
'profile_uid' => local_user(), 'profile_uid' => local_user(),

2
mod/photos.php
View File

@ -1408,7 +1408,7 @@ function photos_content(App $a)
$album_e = $ph[0]['album']; $album_e = $ph[0]['album'];
$caption_e = $ph[0]['desc']; $caption_e = $ph[0]['desc'];
$aclselect_e = ACL::getFullSelectorHTML($ph[0]); $aclselect_e = ACL::getFullSelectorHTML($a->user, false, $ph[0]);
$edit = replace_macros($edit_tpl, [ $edit = replace_macros($edit_tpl, [
'$id' => $ph[0]['id'], '$id' => $ph[0]['id'],

23
src/Core/ACL.php
View File

@ -251,19 +251,18 @@ class ACL extends BaseObject
/** /**
* Return the full jot ACL selector HTML * Return the full jot ACL selector HTML
* *
* @param array $user * @param array $user User array
* @param array $default_permissions Static defaults permission array: ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '']
* @param bool $show_jotnets * @param bool $show_jotnets
* @return string * @return string
*/ */
public static function getFullSelectorHTML(array $user = null, $show_jotnets = false) public static function getFullSelectorHTML(array $user, $show_jotnets = false, array $default_permissions = [])
{ {
// Defaults user permissions
if (empty($user['uid'])) { if (empty($default_permissions)) {
return ''; $default_permissions = self::getDefaultUserPermissions($user);
} }
$perms = self::getDefaultUserPermissions($user);
$jotnets = ''; $jotnets = '';
if ($show_jotnets) { if ($show_jotnets) {
$imap_disabled = !function_exists('imap_open') || Config::get('system', 'imap_disabled'); $imap_disabled = !function_exists('imap_open') || Config::get('system', 'imap_disabled');
@ -279,7 +278,7 @@ class ACL extends BaseObject
} }
} }
if (empty($user['hidewall'])) { if (empty($default_permissions['hidewall'])) {
if ($mail_enabled) { if ($mail_enabled) {
$selected = $pubmail_enabled ? ' checked="checked"' : ''; $selected = $pubmail_enabled ? ' checked="checked"' : '';
$jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . L10n::t("Post to Email") . '</div>'; $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . L10n::t("Post to Email") . '</div>';
@ -297,10 +296,10 @@ class ACL extends BaseObject
'$showall' => L10n::t('Visible to everybody'), '$showall' => L10n::t('Visible to everybody'),
'$show' => L10n::t('show'), '$show' => L10n::t('show'),
'$hide' => L10n::t('don\'t show'), '$hide' => L10n::t('don\'t show'),
'$allowcid' => json_encode($perms['allow_cid']), '$allowcid' => json_encode($default_permissions['allow_cid']),
'$allowgid' => json_encode($perms['allow_gid']), '$allowgid' => json_encode($default_permissions['allow_gid']),
'$denycid' => json_encode($perms['deny_cid']), '$denycid' => json_encode($default_permissions['deny_cid']),
'$denygid' => json_encode($perms['deny_gid']), '$denygid' => json_encode($default_permissions['deny_gid']),
'$networks' => $show_jotnets, '$networks' => $show_jotnets,
'$emailcc' => L10n::t('CC: email addresses'), '$emailcc' => L10n::t('CC: email addresses'),
'$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'), '$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'),