really nitty permission tweaking
This commit is contained in:
parent
c9cce9873d
commit
38238972b5
|
@ -266,9 +266,15 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
|
|||
* Profile owner - everything is visible
|
||||
*/
|
||||
|
||||
if(($local_user) && ($local_user == $owner_id)) {
|
||||
if($local_user) {
|
||||
if($local_user == $owner_id) {
|
||||
$sql = '';
|
||||
}
|
||||
else {
|
||||
/* logged in user can see hidden walls and feeds that are blocked to unknown users (private == 2) */
|
||||
$sql = " AND private != 1 ";
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Authenticated visitor. Unless pre-verified,
|
||||
|
@ -300,7 +306,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
|
|||
}
|
||||
|
||||
$sql = sprintf(
|
||||
" AND ( private = 0 OR ( private = 1 AND wall = 1 AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
|
||||
" AND ( private = 0 OR ( private in (1,2) AND wall = 1 AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
|
||||
AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
|
||||
AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
|
||||
AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s')))
|
||||
|
|
Loading…
Reference in a new issue