friendica
/
friendica
mirror of https://github.com/friendica/friendica.git
5
7
Fork 5
Code Issues Releases 16 Wiki Activity
Browse Source

photos aside widget:permissions cleanup

pull/2223/head
rabuzarus 7 years ago
parent
1ab022f4df
commit
29c671bb22
1 changed files with 28 additions and 35 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 63
      mod/photos.php

63
mod/photos.php
Unescape View File

@ -1013,11 +1013,11 @@ function photos_content(&$a) {
// Setup permissions structures
//
$can_post = false;
$visitor = 0;
$contact = null;
$remote_contact = false;
$contact_id = 0;
$photos_perms['can_post'] = false;
$photos_perms['visitor'] = 0;
$photos_perms['contact'] = null;
$photos_perms['remote_contact'] = false;
$photos_perms['contact_id'] = 0;
$owner_uid = $a->data['user']['uid'];
@ -1026,19 +1026,12 @@ function photos_content(&$a) {
// get the access rights for photos
$photos_perms = photos_permissions($owner_uid, $community_page);
// convert keys of the $photo_persms array into variables
if(count($photos_perms)) {
foreach ($photos_perms as $key => $value) {
${$key} = $value;
}
}
if($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (! $remote_contact)) {
if($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (! $photos_perms['remote_contact'])) {
notice( t('Access to this item is restricted.') . EOL);
return;
}
$sql_extra = permissions_sql($owner_uid, $remote_contact, $groups);
$sql_extra = permissions_sql($owner_uid, $photos_perms['remote_contact'], $photos_perms['groups']);
$o = "";
@ -1051,7 +1044,7 @@ function photos_content(&$a) {
*/
if($datatype === 'upload') {
if(! ($can_post)) {
if(! ($photos_perms['can_post'])) {
notice( t('Permission denied.'));
return;
}
@ -1121,11 +1114,11 @@ function photos_content(&$a) {
if($a->theme['template_engine'] === 'internal') {
$albumselect_e = template_escape($albumselect);
$aclselect_e = (($visitor) ? '' : template_escape(populate_acl($a->user)));
$aclselect_e = (($photos_perms['visitor']) ? '' : template_escape(populate_acl($a->user)));
}
else {
$albumselect_e = $albumselect;
$aclselect_e = (($visitor) ? '' : populate_acl($a->user));
$aclselect_e = (($photos_perms['visitor']) ? '' : populate_acl($a->user));
}
$o .= replace_macros($tpl,array(
@ -1193,7 +1186,7 @@ function photos_content(&$a) {
//edit album name
if($cmd === 'edit') {
if(($album !== t('Profile Photos')) && ($album !== 'Contact Photos') && ($album !== t('Contact Photos'))) {
if($can_post) {
if($photos_perms['can_post']) {
$edit_tpl = get_markup_template('album_edit.tpl');
if($a->theme['template_engine'] === 'internal') {
@ -1216,7 +1209,7 @@ function photos_content(&$a) {
}
else {
if(($album !== t('Profile Photos')) && ($album !== 'Contact Photos') && ($album !== t('Contact Photos'))) {
if($can_post) {
if($photos_perms['can_post']) {
$edit = array(t('Edit Album'), $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '/edit');
}
}
@ -1266,7 +1259,7 @@ function photos_content(&$a) {
$o .= replace_macros($tpl, array(
'$photos' => $photos,
'$album' => $album,
'$can_post' => $can_post,
'$can_post' => $photos_perms['can_post'],
'$upload' => array(t('Upload New Photos'), $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload/' . bin2hex($album)),
'$order' => $order,
'$edit' => $edit
@ -1333,7 +1326,7 @@ function photos_content(&$a) {
break;
}
}
$edit_suffix = ((($cmd === 'edit') && ($can_post)) ? '/edit' : '');
$edit_suffix = ((($cmd === 'edit') && ($photos_perms['can_post'])) ? '/edit' : '');
$prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
$nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
}
@ -1356,7 +1349,7 @@ function photos_content(&$a) {
$tools = Null;
$lock = Null;
if($can_post && ($ph[0]['uid'] == $owner_uid)) {
if($photos_perms['can_post'] && ($ph[0]['uid'] == $owner_uid)) {
$tools = array(
'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . (($cmd === 'edit') ? '' : '/edit'), (($cmd === 'edit') ? t('View photo') : t('Edit photo'))),
'profile'=>array($a->get_baseurl() . '/profile_photo/use/'.$ph[0]['resource-id'], t('Use as profile photo')),
@ -1479,7 +1472,7 @@ function photos_content(&$a) {
$edit = Null;
if(($cmd === 'edit') && ($can_post)) {
if(($cmd === 'edit') && ($photos_perms['can_post'])) {
$edit_tpl = get_markup_template('photo_edit.tpl');
// Private/public post links for the non-JS ACL form
@ -1551,7 +1544,7 @@ function photos_content(&$a) {
$likebuttons = '';
if($can_post || can_write_wall($a,$owner_uid)) {
if($photos_perms['can_post'] || can_write_wall($a,$owner_uid)) {
$likebuttons = replace_macros($like_tpl,array(
'$id' => $link_item['id'],
'$likethis' => t("I like this \x28toggle\x29"),
@ -1564,7 +1557,7 @@ function photos_content(&$a) {
$comments = '';
if(! count($r)) {
if($can_post || can_write_wall($a,$owner_uid)) {
if($photos_perms['can_post'] || can_write_wall($a,$owner_uid)) {
if($link_item['last-child']) {
$comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '',
@ -1573,9 +1566,9 @@ function photos_content(&$a) {
'$id' => $link_item['id'],
'$parent' => $link_item['id'],
'$profile_uid' => $owner_uid,
'$mylink' => $contact['url'],
'$mylink' => $photos_perms['contact']['url'],
'$mytitle' => t('This is you'),
'$myphoto' => $contact['thumb'],
'$myphoto' => $photos_perms['contact']['thumb'],
'$comment' => t('Comment'),
'$submit' => t('Submit'),
'$preview' => t('Preview'),
@ -1612,7 +1605,7 @@ function photos_content(&$a) {
if($can_post || can_write_wall($a,$owner_uid)) {
if($photos_perms['can_post'] || can_write_wall($a,$owner_uid)) {
if($link_item['last-child']) {
$comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '',
@ -1621,9 +1614,9 @@ function photos_content(&$a) {
'$id' => $link_item['id'],
'$parent' => $link_item['id'],
'$profile_uid' => $owner_uid,
'$mylink' => $contact['url'],
'$mylink' => $photos_perms['contact']['url'],
'$mytitle' => t('This is you'),
'$myphoto' => $contact['thumb'],
'$myphoto' => $photos_perms['contact']['thumb'],
'$comment' => t('Comment'),
'$submit' => t('Submit'),
'$preview' => t('Preview'),
@ -1665,7 +1658,7 @@ function photos_content(&$a) {
$dropping = (($item['contact-id'] == $contact_id) || ($item['uid'] == local_user()));
$dropping = (($item['contact-id'] == $photos_perms['contact_id']) || ($item['uid'] == local_user()));
$drop = array(
'dropping' => $dropping,
'pagedrop' => false,
@ -1699,7 +1692,7 @@ function photos_content(&$a) {
'$comment' => $comment
));
if($can_post || can_write_wall($a,$owner_uid)) {
if($photos_perms['can_post'] || can_write_wall($a,$owner_uid)) {
if($item['last-child']) {
$comments .= replace_macros($cmnt_tpl,array(
@ -1709,9 +1702,9 @@ function photos_content(&$a) {
'$id' => $item['item_id'],
'$parent' => $item['parent'],
'$profile_uid' => $owner_uid,
'$mylink' => $contact['url'],
'$mylink' => $photos_perms['contact']['url'],
'$mytitle' => t('This is you'),
'$myphoto' => $contact['thumb'],
'$myphoto' => $photos_perms['contact']['thumb'],
'$comment' => t('Comment'),
'$submit' => t('Submit'),
'$preview' => t('Preview'),
@ -1847,7 +1840,7 @@ function photos_content(&$a) {
$tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array(
'$title' => t('Recent Photos'),
'$can_post' => $can_post,
'$can_post' => $photos_perms['can_post'],
'$upload' => array(t('Upload New Photos'), $a->get_baseurl().'/photos/'.$a->data['user']['nickname'].'/upload'),
'$photos' => $photos,
));

Write Preview
Loading…
Cancel
Save