![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Respect minimum security on email posts/images
[commit: http://hg.dwscoalition.org/dw-free/rev/34e6dc9eadc4]
Respect minimum security on email posts/images
There were old emailpost_img* userprops. They don't exist anywhere else in
the code outside of these few files, so they weren't available for users to
set or even respected.
They existed separately because of FotoBilder's separate stack. It didn't
have the same security system as LiveJournal. Since Dreamwidth is building
photo hosting in to the core, I've collapsed this.
Security for images posted by email is now the same as the post that
contains the images. There is no option to have public photos with a private
post, for example.
Further, post-by-email security now works like this:
* If you specify a security tag in the message, we use that.
* If not, we will use a specified "post-by-email security". This is the
emailpost_security userprop which is set on /manage/emailpost.
* If not, we will use your account's newpost_minsecurity userprop, which
is the one most people are familiar with.
* If none of the above are present, we default to public.
This should meet with people's expectations. If not, please let me know.
Patch by![[staff profile]](https://www.dreamwidth.org/img/silk/identity/user_staff.png)
mark.
Files modified:
Respect minimum security on email posts/images
There were old emailpost_img* userprops. They don't exist anywhere else in
the code outside of these few files, so they weren't available for users to
set or even respected.
They existed separately because of FotoBilder's separate stack. It didn't
have the same security system as LiveJournal. Since Dreamwidth is building
photo hosting in to the core, I've collapsed this.
Security for images posted by email is now the same as the post that
contains the images. There is no option to have public photos with a private
post, for example.
Further, post-by-email security now works like this:
* If you specify a security tag in the message, we use that.
* If not, we will use a specified "post-by-email security". This is the
emailpost_security userprop which is set on /manage/emailpost.
* If not, we will use your account's newpost_minsecurity userprop, which
is the one most people are familiar with.
* If none of the above are present, we default to public.
This should meet with people's expectations. If not, please let me know.
Patch by
mark.Files modified:
- bin/upgrading/proplists.dat
- cgi-bin/LJ/Emailpost.pm
- cgi-bin/LJ/User.pm
- htdocs/manage/emailpost.bml
--------------------------------------------------------------------------------
diff -r cd2ee2c32b5d -r 34e6dc9eadc4 bin/upgrading/proplists.dat
--- a/bin/upgrading/proplists.dat Sun Jul 22 08:30:54 2012 +0000
+++ b/bin/upgrading/proplists.dat Sun Jul 22 09:10:31 2012 +0000
@@ -246,38 +246,6 @@
multihomed:
prettyname: Gallery name for email imgs
-userproplist.emailpost_imgcut:
- cldversion: 4
- datatype: char
- des: Default image cut type for post-by-email images
- indexed:
- multihomed:
- prettyname: Image cut type for email posting
-
-userproplist.emailpost_imglayout:
- cldversion: 4
- datatype: char
- des: Default image layout for post-by-email images
- indexed:
- multihomed:
- prettyname: Image layout for email posting
-
-userproplist.emailpost_imgsecurity:
- cldversion: 4
- datatype: char
- des: Default security for post-by-email images
- indexed:
- multihomed:
- prettyname: Image security for email posting
-
-userproplist.emailpost_imgsize:
- cldversion: 4
- datatype: char
- des: Default image size for post-by-email images
- indexed:
- multihomed:
- prettyname: Image size for email posting
-
userproplist.emailpost_pin:
cldversion: 4
datatype: char
@@ -289,7 +257,7 @@
userproplist.emailpost_security:
cldversion: 4
datatype: char
- des: Default security for post-by-email entries
+ des: Default security for post-by-email entries (and pictures)
indexed:
multihomed:
prettyname: Entry security for email posting
diff -r cd2ee2c32b5d -r 34e6dc9eadc4 cgi-bin/LJ/Emailpost.pm
--- a/cgi-bin/LJ/Emailpost.pm Sun Jul 22 08:30:54 2012 +0000
+++ b/cgi-bin/LJ/Emailpost.pm Sun Jul 22 09:10:31 2012 +0000
@@ -422,7 +422,7 @@
qw/
emailpost_userpic emailpost_security
emailpost_comments emailpost_gallery
- emailpost_imgsecurity /
+ /
);
# Get post options, using post-headers first, and falling back
@@ -446,7 +446,9 @@
if $post_headers{comments} =~ /noemail/i
|| $u->{'emailpost_comments'} =~ /noemail/i;
- $post_headers{security} = lc($post_headers{security}) || $u->{'emailpost_security'};
+ $post_headers{security} = lc $post_headers{security} ||
+ $u->emailpost_security;
+
if ( $post_headers{security} =~ /^(public|private|friends|access)$/ ) {
if ( $1 eq 'friends' or $1 eq 'access' ) {
$post_headers{security} = 'usemask';
@@ -454,7 +456,7 @@
}
} elsif ($post_headers{security}) { # Assume a friendgroup if unknown security mode.
# Get the mask for the requested friends group, or default to private.
- my $group = $u->trust_groups( 'name' => $post_headers{security} );
+ my $group = $u->trust_groups( name => $post_headers{security} );
if ($group) {
$amask = (1 << $group->{groupnum});
$post_headers{security} = 'usemask';
@@ -465,22 +467,14 @@
}
}
- # if they specified a imgsecurity header but it isn't valid, default
- # to private. Otherwise, set to what they specified.
- $post_headers{'imgsecurity'} = lc($post_headers{'imgsecurity'}) ||
- $u->{'emailpost_imgsecurity'} || 'public';
- $post_headers{'imgsecurity'} = 'private'
- unless $post_headers{'imgsecurity'} =~ /^(private|access|public)$/;
-
- # FIXME: translate security into usemask/allowmask combo
-
# upload picture attachments to fotobilder.
# undef return value? retry posting for later.
$fb_upload = upload_images(
$entity, $u,
\$fb_upload_errstr,
{
- security => $post_headers{'imgsecurity'},
+ security => $post_headers{security},
+ allowmask => $post_headers{amask},
}
) || return $err->( $fb_upload_errstr, { retry => 1 } );
@@ -497,7 +491,7 @@
## from Latin-1 to UTF-8.
##
$fb_html = Encode::encode("utf8", $fb_html) if Encode::is_utf8($fb_html);
- $body .= $fb_html;
+ $body .= '<br />' . $fb_html;
}
# at this point, there are either no images in the message ($fb_upload == 1)
@@ -720,7 +714,11 @@
my @images;
foreach my $img_entity ( @imgs ) {
- my $obj = DW::Media->upload_media( user => $u, data => $img_entity->bodyhandle->as_string, %$opts );
+ my $obj = DW::Media->upload_media(
+ user => $u,
+ data => $img_entity->bodyhandle->as_string,
+ %$opts, # Should contain security.
+ );
push @images, $obj if $obj;
}
diff -r cd2ee2c32b5d -r 34e6dc9eadc4 cgi-bin/LJ/User.pm
--- a/cgi-bin/LJ/User.pm Sun Jul 22 08:30:54 2012 +0000
+++ b/cgi-bin/LJ/User.pm Sun Jul 22 09:10:31 2012 +0000
@@ -5024,11 +5024,18 @@
return $LJ::DEFAULT_EDITOR; # Use config default
}
-
+# What security level to use for new posts. This magic flag is used to give
+# user's the ability to specify that "if I try to post public, don't let me".
+# To override this, you have to go back and edit your post.
sub newpost_minsecurity {
- my $u = shift;
-
- return $u->prop('newpost_minsecurity') || 'public';
+ return $_[0]->prop( 'newpost_minsecurity' ) || 'public';
+}
+
+# This loads the user's specified post-by-email security. If they haven't
+# set that up, then we fall back to the standard new post minimum security.
+sub emailpost_security {
+ return $_[0]->prop( 'emailpost_security' ) ||
+ $_[0]->newpost_minsecurity;
}
diff -r cd2ee2c32b5d -r 34e6dc9eadc4 htdocs/manage/emailpost.bml
--- a/htdocs/manage/emailpost.bml Sun Jul 22 08:30:54 2012 +0000
+++ b/htdocs/manage/emailpost.bml Sun Jul 22 09:10:31 2012 +0000
@@ -56,8 +56,6 @@
emailpost_pin emailpost_allowfrom
emailpost_userpic emailpost_security
emailpost_comments emailpost_gallery
- emailpost_imgsecurity emailpost_imgsize
- emailpost_imglayout emailpost_imgcut
/;
my ($mode, $type) = ($GET{mode}, $GET{type});
--------------------------------------------------------------------------------