Don't set is_local=LOCAL_NONPUBLIC on sandboxed user notices
Let's decide whether they are nonpublic by testing them when the notice is shown instead.
This commit is contained in:
parent
a3b2118906
commit
9534969c05
|
@ -508,11 +508,7 @@ class Notice extends Managed_DataObject
|
||||||
$notice->profile_id = $profile_id;
|
$notice->profile_id = $profile_id;
|
||||||
|
|
||||||
$autosource = common_config('public', 'autosource');
|
$autosource = common_config('public', 'autosource');
|
||||||
|
if ($source && $autosource && in_array($source, $autosource)) {
|
||||||
// Sandboxed are non-false, but not 1, either
|
|
||||||
|
|
||||||
if (!$profile->hasRight(Right::PUBLICNOTICE) ||
|
|
||||||
($source && $autosource && in_array($source, $autosource))) {
|
|
||||||
$notice->is_local = Notice::LOCAL_NONPUBLIC;
|
$notice->is_local = Notice::LOCAL_NONPUBLIC;
|
||||||
} else {
|
} else {
|
||||||
$notice->is_local = $is_local;
|
$notice->is_local = $is_local;
|
||||||
|
@ -822,12 +818,13 @@ class Notice extends Managed_DataObject
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$autosource = common_config('public', 'autosource');
|
// NOTE: Sandboxed users previously got all the notices _during_
|
||||||
|
// sandbox period set to to is_local=Notice::LOCAL_NONPUBLIC here.
|
||||||
|
// Since then we have started just filtering _when_ it gets shown
|
||||||
|
// instead of creating a mixed jumble of differently scoped notices.
|
||||||
|
|
||||||
// Sandboxed are non-false, but not 1, either
|
$autosource = common_config('public', 'autosource');
|
||||||
if (!$actor->hasRight(Right::PUBLICNOTICE) ||
|
if ($source && $autosource && in_array($source, $autosource)) {
|
||||||
($source && $autosource && in_array($source, $autosource))) {
|
|
||||||
// FIXME: ...what about remote nonpublic? Hmmm. That is, if we sandbox remote profiles...
|
|
||||||
$stored->is_local = Notice::LOCAL_NONPUBLIC;
|
$stored->is_local = Notice::LOCAL_NONPUBLIC;
|
||||||
} else {
|
} else {
|
||||||
$stored->is_local = intval($is_local);
|
$stored->is_local = intval($is_local);
|
||||||
|
|
|
@ -54,6 +54,9 @@ abstract class FilteringNoticeStream extends NoticeStream
|
||||||
$this->upstream = $upstream;
|
$this->upstream = $upstream;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return boolean true if we allow it, false if we deny it
|
||||||
|
*/
|
||||||
abstract protected function filter(Notice $notice);
|
abstract protected function filter(Notice $notice);
|
||||||
|
|
||||||
function getNoticeIds($offset, $limit, $since_id, $max_id)
|
function getNoticeIds($offset, $limit, $since_id, $max_id)
|
||||||
|
|
|
@ -28,8 +28,11 @@ class ModeratedNoticeStream extends ScopingNoticeStream
|
||||||
|
|
||||||
// If the notice author is sandboxed
|
// If the notice author is sandboxed
|
||||||
if ($notice->getProfile()->isSandboxed()) {
|
if ($notice->getProfile()->isSandboxed()) {
|
||||||
// and we're either not logged in OR we aren't some kind of privileged user that can see spam etc.
|
if (!$this->scoped instanceof Profile) {
|
||||||
if (!$this->scoped instanceof Profile || !$this->scoped->hasRight(Right::REVIEWSPAM)) {
|
// Non-logged in users don't get to see posts by sandboxed users
|
||||||
|
return false;
|
||||||
|
} elseif (!$notice->getProfile()->sameAs($this->scoped) && !$this->scoped->hasRight(Right::REVIEWSPAM)) {
|
||||||
|
// And if we are logged in, deny if scoped user is neither the author nor has the right to review spam
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue