move scope check to Notice so we can have a null profile
This commit is contained in:
Evan Prodromou
parent
7fc5679e7e
commit
26a4bd7dbf
@ -92,7 +92,8 @@ class Notice extends Memcached_DataObject
|
||||
|
||||
const SITE_SCOPE = 1;
|
||||
const ADDRESSEE_SCOPE = 2;
|
||||
const FOLLOWER_SCOPE = 4;
|
||||
const GROUP_SCOPE = 4;
|
||||
const FOLLOWER_SCOPE = 8;
|
||||
|
||||
function getProfile()
|
||||
{
|
||||
@ -2186,4 +2187,84 @@ class Notice extends Memcached_DataObject
|
||||
($this->is_local != Notice::GATEWAY));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check that the given profile is allowed to read, respond to, or otherwise
|
||||
* act on this notice.
|
||||
*
|
||||
* The $scope member is a bitmask of scopes, representing a logical AND of the
|
||||
* scope requirement. So, 0x03 (Notice::ADDRESSEE_SCOPE | Notice::SITE_SCOPE) means
|
||||
* "only visible to people who are mentioned in the notice AND are users on this site."
|
||||
* Users on the site who are not mentioned in the notice will not be able to see the
|
||||
* notice.
|
||||
*
|
||||
* @param Profile $profile The profile to check
|
||||
*
|
||||
* @return boolean whether the profile is in the notice's scope
|
||||
*/
|
||||
|
||||
function inScope($profile)
|
||||
{
|
||||
// If there's any scope, and there's no logged-in user,
|
||||
// not allowed.
|
||||
|
||||
if ($this->scope > 0 && empty($profile)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Only for users on this site
|
||||
|
||||
if ($this->scope & Notice::SITE_SCOPE) {
|
||||
$user = $profile->getUser();
|
||||
if (empty($user)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// Only for users mentioned in the notice
|
||||
|
||||
if ($this->scope & Notice::ADDRESSEE_SCOPE) {
|
||||
|
||||
// XXX: just query for the single reply
|
||||
|
||||
$replies = $this->getReplies();
|
||||
|
||||
if (!in_array($profile->id, $replies)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// Only for members of the given group
|
||||
|
||||
if ($this->scope & Notice::GROUP_SCOPE) {
|
||||
|
||||
// XXX: just query for the single membership
|
||||
|
||||
$groups = $this->getGroups();
|
||||
|
||||
$foundOne = false;
|
||||
|
||||
foreach ($groups as $group) {
|
||||
if ($profile->isMember($group)) {
|
||||
$foundOne = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$foundOne) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// Only for followers of the author
|
||||
|
||||
if ($this->scope & Notice::FOLLOWER_SCOPE) {
|
||||
$author = $this->getProfile();
|
||||
if (!Subscription::exists($profile, $author)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1156,44 +1156,4 @@ class Profile extends Memcached_DataObject
|
||||
|
||||
return $profile;
|
||||
}
|
||||
|
||||
function canRead(Notice $notice)
|
||||
{
|
||||
if ($notice->scope & Notice::SITE_SCOPE) {
|
||||
$user = $this->getUser();
|
||||
if (empty($user)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($notice->scope & Notice::ADDRESSEE_SCOPE) {
|
||||
$replies = $notice->getReplies();
|
||||
|
||||
if (!in_array($this->id, $replies)) {
|
||||
$groups = $notice->getGroups();
|
||||
|
||||
$foundOne = false;
|
||||
|
||||
foreach ($groups as $group) {
|
||||
if ($this->isMember($group)) {
|
||||
$foundOne = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$foundOne) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($notice->scope & Notice::FOLLOWER_SCOPE) {
|
||||
$author = $notice->getProfile();
|
||||
if (!Subscription::exists($this, $author)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user