Fix issue 7449: Image permissions are now set like before
This commit is contained in:
		
					parent
					
						
							
								e9f0c4dbfb
							
						
					
				
			
			
				commit
				
					
						d95ef96cca
					
				
			
		
					 2 changed files with 59 additions and 35 deletions
				
			
		
							
								
								
									
										37
									
								
								mod/item.php
									
										
									
									
									
								
							
							
						
						
									
										37
									
								
								mod/item.php
									
										
									
									
									
								
							|  | @ -469,43 +469,10 @@ function item_post(App $a) { | ||||||
| 
 | 
 | ||||||
| 	$match = null; | 	$match = null; | ||||||
| 
 | 
 | ||||||
| 	/// @todo these lines should be moved to Model/Photo
 | 	if (!$preview && Photo::setPermissionFromBody($body, $profile_uid, $original_contact_id, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny)) { | ||||||
| 	if (!$preview && preg_match_all("/\[img([\=0-9x]*?)\](.*?)\[\/img\]/",$body,$match)) { | 		$objecttype = ACTIVITY_OBJ_IMAGE; | ||||||
| 		$images = $match[2]; |  | ||||||
| 		if (count($images)) { |  | ||||||
| 
 |  | ||||||
| 			$objecttype = ACTIVITY_OBJ_IMAGE; |  | ||||||
| 
 |  | ||||||
| 			foreach ($images as $image) { |  | ||||||
| 				if (!stristr($image, System::baseUrl() . '/photo/')) { |  | ||||||
| 					continue; |  | ||||||
| 				} |  | ||||||
| 				$image_uri = substr($image,strrpos($image,'/') + 1); |  | ||||||
| 				$image_uri = substr($image_uri,0, strpos($image_uri,'-')); |  | ||||||
| 				if (!strlen($image_uri)) { |  | ||||||
| 					continue; |  | ||||||
| 				} |  | ||||||
| 
 |  | ||||||
| 				// Ensure to only modify photos that you own
 |  | ||||||
| 				$srch = '<' . intval($original_contact_id) . '>'; |  | ||||||
| 
 |  | ||||||
| 				$condition = [ |  | ||||||
| 					'allow_cid' => $srch, 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', |  | ||||||
| 					'resource-id' => $image_uri, 'uid' => $profile_uid |  | ||||||
| 				]; |  | ||||||
| 				if (!Photo::exists($condition)) { |  | ||||||
| 					continue; |  | ||||||
| 				} |  | ||||||
| 
 |  | ||||||
| 				$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, |  | ||||||
| 						'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny]; |  | ||||||
| 				$condition = ['resource-id' => $image_uri, 'uid' => $profile_uid]; |  | ||||||
| 				Photo::update($fields, $condition); |  | ||||||
| 			} |  | ||||||
| 		} |  | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 
 |  | ||||||
| 	/* | 	/* | ||||||
| 	 * Next link in any attachment references we find in the post. | 	 * Next link in any attachment references we find in the post. | ||||||
| 	 */ | 	 */ | ||||||
|  |  | ||||||
|  | @ -10,6 +10,7 @@ use Friendica\BaseObject; | ||||||
| use Friendica\Core\Cache; | use Friendica\Core\Cache; | ||||||
| use Friendica\Core\Config; | use Friendica\Core\Config; | ||||||
| use Friendica\Core\L10n; | use Friendica\Core\L10n; | ||||||
|  | use Friendica\Core\Logger; | ||||||
| use Friendica\Core\StorageManager; | use Friendica\Core\StorageManager; | ||||||
| use Friendica\Core\System; | use Friendica\Core\System; | ||||||
| use Friendica\Database\DBA; | use Friendica\Database\DBA; | ||||||
|  | @ -607,4 +608,60 @@ class Photo extends BaseObject | ||||||
| 	{ | 	{ | ||||||
| 		return System::createGUID(32, false); | 		return System::createGUID(32, false); | ||||||
| 	} | 	} | ||||||
|  | 
 | ||||||
|  | 	/** | ||||||
|  | 	 * Generate a unique photo ID. | ||||||
|  | 	 * | ||||||
|  | 	 * @todo This function currently does have some flaws: | ||||||
|  | 	 * - Sharing a post with a form will create a photo that only the forum can see. | ||||||
|  | 	 * - Sharing a photo non public that been share non public before doesn't alter the permissions. | ||||||
|  | 	 * | ||||||
|  | 	 * @return string | ||||||
|  | 	 * @throws \Exception | ||||||
|  | 	 */ | ||||||
|  | 	public static function setPermissionFromBody($body, $uid, $original_contact_id, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny) | ||||||
|  | 	{ | ||||||
|  | 		// Simplify image codes
 | ||||||
|  | 		$img_body = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $body); | ||||||
|  | 		$img_body = preg_replace("/\[img\=(.*?)\](.*?)\[\/img\]/ism", '[img]$1[/img]', $img_body); | ||||||
|  | 
 | ||||||
|  | 		// Search for images
 | ||||||
|  | 		if (!preg_match_all("/\[img\](.*?)\[\/img\]/", $img_body, $match)) { | ||||||
|  | 			return false; | ||||||
|  | 		} | ||||||
|  | 		$images = $match[1]; | ||||||
|  | 		if (empty($images)) { | ||||||
|  | 			return false; | ||||||
|  | 		} | ||||||
|  | 
 | ||||||
|  | 		foreach ($images as $image) { | ||||||
|  | 			if (!stristr($image, System::baseUrl() . '/photo/')) { | ||||||
|  | 				continue; | ||||||
|  | 			} | ||||||
|  | 			$image_uri = substr($image,strrpos($image,'/') + 1); | ||||||
|  | 			$image_uri = substr($image_uri,0, strpos($image_uri,'-')); | ||||||
|  | 			if (!strlen($image_uri)) { | ||||||
|  | 				continue; | ||||||
|  | 			} | ||||||
|  | 
 | ||||||
|  | 			// Ensure to only modify photos that you own
 | ||||||
|  | 			$srch = '<' . intval($original_contact_id) . '>'; | ||||||
|  | 
 | ||||||
|  | 			$condition = [ | ||||||
|  | 				'allow_cid' => $srch, 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', | ||||||
|  | 				'resource-id' => $image_uri, 'uid' => $uid | ||||||
|  | 			]; | ||||||
|  | 			if (!Photo::exists($condition)) { | ||||||
|  | 				continue; | ||||||
|  | 			} | ||||||
|  | 
 | ||||||
|  | 			$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, | ||||||
|  | 					'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny]; | ||||||
|  | 			$condition = ['resource-id' => $image_uri, 'uid' => $uid]; | ||||||
|  | 			Logger::info('Set permissions', ['condition' => $condition, 'permissions' => $fields]); | ||||||
|  | 			Photo::update($fields, $condition); | ||||||
|  | 		} | ||||||
|  | 
 | ||||||
|  | 		return true; | ||||||
|  | 	} | ||||||
| } | } | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue