Fix issue 7449: Image permissions are now set like before
This commit is contained in:
parent
e9f0c4dbfb
commit
d95ef96cca
2 changed files with 59 additions and 35 deletions
37
mod/item.php
37
mod/item.php
|
@ -469,43 +469,10 @@ function item_post(App $a) {
|
|||
|
||||
$match = null;
|
||||
|
||||
/// @todo these lines should be moved to Model/Photo
|
||||
if (!$preview && preg_match_all("/\[img([\=0-9x]*?)\](.*?)\[\/img\]/",$body,$match)) {
|
||||
$images = $match[2];
|
||||
if (count($images)) {
|
||||
|
||||
$objecttype = ACTIVITY_OBJ_IMAGE;
|
||||
|
||||
foreach ($images as $image) {
|
||||
if (!stristr($image, System::baseUrl() . '/photo/')) {
|
||||
continue;
|
||||
}
|
||||
$image_uri = substr($image,strrpos($image,'/') + 1);
|
||||
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
||||
if (!strlen($image_uri)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Ensure to only modify photos that you own
|
||||
$srch = '<' . intval($original_contact_id) . '>';
|
||||
|
||||
$condition = [
|
||||
'allow_cid' => $srch, 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '',
|
||||
'resource-id' => $image_uri, 'uid' => $profile_uid
|
||||
];
|
||||
if (!Photo::exists($condition)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
|
||||
'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny];
|
||||
$condition = ['resource-id' => $image_uri, 'uid' => $profile_uid];
|
||||
Photo::update($fields, $condition);
|
||||
}
|
||||
}
|
||||
if (!$preview && Photo::setPermissionFromBody($body, $profile_uid, $original_contact_id, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny)) {
|
||||
$objecttype = ACTIVITY_OBJ_IMAGE;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Next link in any attachment references we find in the post.
|
||||
*/
|
||||
|
|
|
@ -10,6 +10,7 @@ use Friendica\BaseObject;
|
|||
use Friendica\Core\Cache;
|
||||
use Friendica\Core\Config;
|
||||
use Friendica\Core\L10n;
|
||||
use Friendica\Core\Logger;
|
||||
use Friendica\Core\StorageManager;
|
||||
use Friendica\Core\System;
|
||||
use Friendica\Database\DBA;
|
||||
|
@ -607,4 +608,60 @@ class Photo extends BaseObject
|
|||
{
|
||||
return System::createGUID(32, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a unique photo ID.
|
||||
*
|
||||
* @todo This function currently does have some flaws:
|
||||
* - Sharing a post with a form will create a photo that only the forum can see.
|
||||
* - Sharing a photo non public that been share non public before doesn't alter the permissions.
|
||||
*
|
||||
* @return string
|
||||
* @throws \Exception
|
||||
*/
|
||||
public static function setPermissionFromBody($body, $uid, $original_contact_id, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny)
|
||||
{
|
||||
// Simplify image codes
|
||||
$img_body = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $body);
|
||||
$img_body = preg_replace("/\[img\=(.*?)\](.*?)\[\/img\]/ism", '[img]$1[/img]', $img_body);
|
||||
|
||||
// Search for images
|
||||
if (!preg_match_all("/\[img\](.*?)\[\/img\]/", $img_body, $match)) {
|
||||
return false;
|
||||
}
|
||||
$images = $match[1];
|
||||
if (empty($images)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
foreach ($images as $image) {
|
||||
if (!stristr($image, System::baseUrl() . '/photo/')) {
|
||||
continue;
|
||||
}
|
||||
$image_uri = substr($image,strrpos($image,'/') + 1);
|
||||
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
||||
if (!strlen($image_uri)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Ensure to only modify photos that you own
|
||||
$srch = '<' . intval($original_contact_id) . '>';
|
||||
|
||||
$condition = [
|
||||
'allow_cid' => $srch, 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '',
|
||||
'resource-id' => $image_uri, 'uid' => $uid
|
||||
];
|
||||
if (!Photo::exists($condition)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
|
||||
'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny];
|
||||
$condition = ['resource-id' => $image_uri, 'uid' => $uid];
|
||||
Logger::info('Set permissions', ['condition' => $condition, 'permissions' => $fields]);
|
||||
Photo::update($fields, $condition);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue