mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)
Mark Smith ([staff profile] mark) wrote in [site community profile] changelog2010-05-02 04:26 am
  • Add Memory
  • Share This Entry

[dw-free] Custom security filters on reading pages

[commit: http://hg.dwscoalition.org/dw-free/rev/fee374aab2db]

http://bugs.dwscoalition.org/show_bug.cgi?id=2146

Add ability to filter your reading page by security level.

Patch by [personal profile] exor674.

Files modified:
  • cgi-bin/DW/Logic/LogItems.pm
  • cgi-bin/LJ/Entry.pm
  • cgi-bin/LJ/S2/FriendsPage.pm
  • cgi-bin/LJ/User.pm
--------------------------------------------------------------------------------
diff -r 0dafeb52c3e4 -r fee374aab2db cgi-bin/DW/Logic/LogItems.pm
--- a/cgi-bin/DW/Logic/LogItems.pm	Sun May 02 04:18:30 2010 +0000
+++ b/cgi-bin/DW/Logic/LogItems.pm	Sun May 02 04:26:38 2010 +0000
@@ -33,6 +33,7 @@ use Carp qw/ confess /;
 #           - idsbycluster (opt) hashref to set clusterid key to [ [ journalid, itemid ]+ ]
 #           - dateformat:  either "S2" for S2 code, or anything else for S1
 #           - friendsoffriends: load friends of friends, not just friends
+#           - security: (public|access) or a group number
 #           - showtypes: /[PICNYF]/
 #           - events_date: date to load events for ($u must have friendspage_per_day)
 #           - content_filter: object of type DW::User::ContentFilters::Filter
@@ -265,6 +266,7 @@ sub watch_items
             dateformat  => $args{dateformat},
             update      => $LJ::EndOfTime - $fr->[1], # reverse back to normal
             events_date => $events_date,
+            security    => $args{security},
         });
 
         # stamp each with clusterid if from cluster, so ljviews and other
@@ -332,7 +334,7 @@ sub watch_items
 #           -- remote: remote user's $u
 #           -- clusterid: clusterid of userid
 #           -- tagids: arrayref of tagids to return entries with
-#           -- security: (public|friends|private) or a group number
+#           -- security: (public|access|private) or a group number
 #           -- clustersource: if value 'slave', uses replicated databases
 #           -- order: if 'logtime', sorts by logtime, not eventtime
 #           -- friendsview: if true, sorts by logtime, not eventtime
@@ -457,13 +459,13 @@ sub recent_items
     my $securitywhere;
     if ($args{'security'}) {
         my $security = $args{'security'};
-        if (($security eq "public") || ($security eq "private")) {
+        if ( ( $security eq "public" ) || ( $security eq "private" ) ) {
             $securitywhere = " AND security = \"$security\"";
         }
-        elsif ($security eq "friends") {
+        elsif ( $security eq "access" ) {
             $securitywhere = " AND security = \"usemask\" AND allowmask = 1";
         }
-        elsif ($security=~/^\d+$/) {
+        elsif ( $security=~/^\d+$/ ) {
             $securitywhere = " AND security = \"usemask\" AND (allowmask & " . (1 << $security) . ")";
         }
     }
diff -r 0dafeb52c3e4 -r fee374aab2db cgi-bin/LJ/Entry.pm
--- a/cgi-bin/LJ/Entry.pm	Sun May 02 04:18:30 2010 +0000
+++ b/cgi-bin/LJ/Entry.pm	Sun May 02 04:26:38 2010 +0000
@@ -1629,6 +1629,11 @@ sub get_log2_recent_user
         last if $notafter and $item->{'rlogtime'} > $notafter;
         next unless $remote || $item->{'security'} eq 'public';
 
+        next if defined( $opts->{security}) && !(
+                       ( $opts->{security} eq 'access' && $item->{security} eq 'usemask' && $item->{allowmask}+0 != 0 )
+                    || ( $opts->{security} eq 'private' && $item->{security} eq 'usemask' && $item->{allowmask}+0 == 0 )
+                    || ( $opts->{security} eq $item->{security} ) );
+
         if ( $item->{security} eq 'private' and $item->{journalid} != $remote->{userid} ) {
             my $ju = LJ::load_userid( $item->{journalid} );
             next unless $remote->can_manage( $ju );
diff -r 0dafeb52c3e4 -r fee374aab2db cgi-bin/LJ/S2/FriendsPage.pm
--- a/cgi-bin/LJ/S2/FriendsPage.pm	Sun May 02 04:18:30 2010 +0000
+++ b/cgi-bin/LJ/S2/FriendsPage.pm	Sun May 02 04:26:38 2010 +0000
@@ -116,15 +116,17 @@ sub FriendsPage
 
     # but we can't just use a filter, we have to make sure the person is allowed to
     my $filter;
-    if ( ( $get->{filter} ne "0" ) && $cf && ( $u->equals( $remote ) || $cf->public ) ) {
-        $filter = $cf;
+    unless ( $opts->{securityfilter} ) {
+        if ( ( $get->{filter} ne "0" ) && $cf && ( $u->equals( $remote ) || $cf->public ) ) {
+            $filter = $cf;
 
-    # if we couldn't use the group, then we can throw an error, but ONLY IF they specified
-    # a group name manually.  if we tried to load the default on our own, don't toss an
-    # error as that would let a user disable their friends page.
-    } elsif ( $group_name ) {
-        $opts->{badfriendgroup} = 1;  # nobiscuit
-        return 1;
+        # if we couldn't use the group, then we can throw an error, but ONLY IF they specified
+        # a group name manually.  if we tried to load the default on our own, don't toss an
+        # error as that would let a user disable their friends page.
+        } elsif ( $group_name ) {
+            $opts->{badfriendgroup} = 1;  # nobiscuit
+            return 1;
+        }
     }
 
     ## load the itemids
@@ -138,6 +140,7 @@ sub FriendsPage
         idsbycluster      => \%idsbycluster,
         showtypes         => $get->{show},
         friendsoffriends  => $opts->{view} eq 'network',
+        security          => $opts->{securityfilter},
         dateformat        => 'S2',
         events_date       => $events_date,
     );
diff -r 0dafeb52c3e4 -r fee374aab2db cgi-bin/LJ/User.pm
--- a/cgi-bin/LJ/User.pm	Sun May 02 04:18:30 2010 +0000
+++ b/cgi-bin/LJ/User.pm	Sun May 02 04:26:38 2010 +0000
@@ -8509,7 +8509,7 @@ sub make_journal
     }
 
     # do the same for security filtering
-    elsif ($view eq 'lastn' && $opts->{pathextra} && $opts->{pathextra} =~ /^\/security\/(.+)$/) {
+    elsif ( ( $view eq 'lastn' || $view eq 'read' ) && $opts->{pathextra} && $opts->{pathextra} =~ /^\/security\/(.+)$/ ) {
         $opts->{getargs}->{security} = LJ::durl($1);
         $opts->{pathextra} = undef;
     }
@@ -8684,13 +8684,13 @@ sub make_journal
             if $stylesys == 1 && $view ne 'data' && ! $u->is_redirect;
 
         # check the filter itself
-        if ( lc( $securityfilter ) eq 'access' ) {
-            $opts->{securityfilter} = 'friends';
-        } elsif ($securityfilter =~ /^(?:public|friends|private)$/i) {
+        if ( lc( $securityfilter ) eq 'friends' ) {
+            $opts->{securityfilter} = 'access';
+        } elsif ($securityfilter =~ /^(?:public|access|private)$/i) {
             $opts->{securityfilter} = lc($securityfilter);
 
         # see if they want to filter by a custom group
-        } elsif ($securityfilter =~ /^group:(.+)$/i) {
+        } elsif ( $securityfilter =~ /^group:(.+)$/i && $view eq 'lastn' ) {
             my $tf = $u->trust_groups( name => $1 );
             if ( $tf && ( $u->equals( $remote ) ||
                           $u->trustmask( $remote ) & ( 1 << $tf->{groupnum} ) ) ) {
--------------------------------------------------------------------------------