display the fact that a conversation is private without disclosing the details of who can/cannot see it.

include/items.php

@@ -367,6 +367,12 @@ function get_atom_elements($feed,$item) {
 	else
 		$res['last-child'] = 0;
 
+	$private = $item->get_item_tags(NAMESPACE_DFRN,'private');
+	if($private && $private[0]['data'] == 1)
+		$res['private'] = 1;
+	else
+		$res['private'] = 0;
+
 	$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
 	if($rawcreated)
 		$res['created'] = unxmlify($rawcreated[0]['data']);
@@ -549,6 +555,7 @@ function item_store($arr) {
 	$arr['allow_gid']     = ((x($arr,'allow_gid'))     ? trim($arr['allow_gid'])             : '');
 	$arr['deny_cid']      = ((x($arr,'deny_cid'))      ? trim($arr['deny_cid'])              : '');
 	$arr['deny_gid']      = ((x($arr,'deny_gid'))      ? trim($arr['deny_gid'])              : '');
+	$arr['private']       = ((x($arr,'private'))       ? intval($arr['private'])             : 0 );
 	$arr['body']          = ((x($arr,'body'))          ? escape_tags(trim($arr['body']))     : '');
 
 	// The content body has been through a lot of filtering and transport escaping by now. 
@@ -631,15 +638,21 @@ function item_store($arr) {
 	if($arr['parent-uri'] === $arr['uri'])
 		$parent_id = $current_post;
  
+	if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid))
+		$private = 1;
+	else
+		$private = $arr['private']; 
+
 	// Set parent id - and also make sure to inherit the parent's ACL's.
 
 	$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',
-		`deny_cid` = '%s', `deny_gid` = '%s' WHERE `id` = %d LIMIT 1",
+		`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d WHERE `id` = %d LIMIT 1",
 		intval($parent_id),
 		dbesc($allow_cid),
 		dbesc($allow_gid),
 		dbesc($deny_cid),
 		dbesc($deny_gid),
+		intval($private),
 		intval($current_post)
 	);
 
@@ -1256,6 +1269,9 @@ function atom_entry($item,$type,$author,$owner,$comment = false) {
 	if($item['coord'])
 		$o .= '<georss:point>' . xmlify($item['coord']) . '</georss:point>' . "\r\n";
 
+	if(($item['private']) || strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid']))
+		$o .= '<dfrn:private>1</dfrn:private>' . "\r\n";
+
 	$verb = construct_verb($item);
 	$o .= '<as:verb>' . xmlify($verb) . '</as:verb>' . "\r\n";
 	$actobj = construct_activity_object($item);

mod/display.php

@@ -142,8 +142,8 @@ function display_content(&$a) {
 				&& ($item['id'] != $item['parent']))
 				continue;
 
-			$lock = (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
-				|| strlen($item['deny_cid']) || strlen($item['deny_gid']))
+			$lock = ((($item['private']) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
+				|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
 				? '<div class="wall-item-lock"><img src="images/lock_icon.gif" class="lockview" alt="' . t('Private Message') . '" onclick="lockview(event,' . $item['id'] . ');" /></div>'
 				: '<div class="wall-item-lock"></div>');
 

mod/item.php

@@ -53,6 +53,8 @@ function item_post(&$a) {
 	$str_group_deny    = perms2str($_POST['group_deny']);
 	$str_contact_deny  = perms2str($_POST['contact_deny']);
 
+	$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
+
 	$title             = notags(trim($_POST['title']));
 	$body              = escape_tags(trim($_POST['body']));
 	$location          = notags(trim($_POST['location']));
@@ -195,8 +197,8 @@ function item_post(&$a) {
 
 	$r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, 
 		`author-name`, `author-link`, `author-avatar`, `created`, `edited`, `changed`, `uri`, `title`, `body`, `location`, `coord`, 
-		`tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`)
-		VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
+		`tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private` )
+		VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d )",
 		intval($profile_uid),
 		dbesc($post_type),
 		intval($wall),
@@ -222,7 +224,8 @@ function item_post(&$a) {
 		dbesc($str_contact_allow),
 		dbesc($str_group_allow),
 		dbesc($str_contact_deny),
-		dbesc($str_group_deny)
+		dbesc($str_group_deny),
+		intval($private)
 	);
 	$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
 		dbesc($uri));
@@ -241,12 +244,13 @@ function item_post(&$a) {
 			// Inherit ACL's from the parent item.
 			// TODO merge with subsequent UPDATE operation and save a db write 
 
-			$r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
+			$r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d
 				WHERE `id` = %d LIMIT 1",
 				dbesc($parent_item['allow_cid']),
 				dbesc($parent_item['allow_gid']),
 				dbesc($parent_item['deny_cid']),
 				dbesc($parent_item['deny_gid']),
+				intval($parent_item['private']),
 				intval($post_id)
 			);
 

mod/lockview.php

@@ -22,6 +22,13 @@ function lockview_content(&$a) {
 	$deny_users = expand_acl($item['deny_cid']);
 	$deny_groups = expand_acl($item['deny_gid']);
 
+	if(($item['private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) 
+		&& (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) {
+
+		echo t('Remote privacy information not available.') . '<br />';
+		killme();
+	}
+
 	$o = t('Visible to:') . '<br />';
 	$l = array();
 

mod/network.php

@@ -165,11 +165,13 @@ function network_content(&$a, $update = 0) {
 			if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent']))
 				continue;
 
-			$lock = (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
-				|| strlen($item['deny_cid']) || strlen($item['deny_gid']))
+
+			$lock = ((($item['private']) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
+				|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
 				? '<div class="wall-item-lock"><img src="images/lock_icon.gif" class="lockview" alt="' . t('Private Message') . '" onclick="lockview(event,' . $item['id'] . ');" /></div>'
 				: '<div class="wall-item-lock"></div>');
 
+
 			// Top-level wall post not written by the wall owner (wall-to-wall)
 			// First figure out who owns it. 
 

mod/profile.php

@@ -305,8 +305,8 @@ function profile_content(&$a, $update = 0) {
 				&& ($item['id'] != $item['parent']))
 				continue;
 
-			$lock = (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
-				|| strlen($item['deny_cid']) || strlen($item['deny_gid']))
+			$lock = ((($item['private']) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
+				|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
 				? '<div class="wall-item-lock"><img src="images/lock_icon.gif" class="lockview" alt="' . t('Private Message') . '" onclick="lockview(event,' . $item['id'] . ');" /></div>'
 				: '<div class="wall-item-lock"></div>');