use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity;
-use Friendica\Protocol\Diaspora;
use Friendica\Security\Security;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\ParseUrl;
}
// Allow commenting if it is an answer to a public post
- $allow_comment = local_user() && ($profile_uid == 0) && $toplevel_item_id && in_array($toplevel_item['network'], Protocol::FEDERATED);
+ $allow_comment = local_user() && $toplevel_item_id && in_array($toplevel_item['private'], [Item::PUBLIC, Item::UNLISTED]) && in_array($toplevel_item['network'], Protocol::FEDERATED);
// Now check that valid personal details have been provided
if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
+ Logger::notice('Permission denied.', ['local' => local_user(), 'profile_uid' => $profile_uid, 'toplevel_item_id' => $toplevel_item_id, 'network' => $toplevel_item['network']]);
notice(DI::l10n()->t('Permission denied.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
$original_contact_id = $contact_id;
if (!$toplevel_item_id && !empty($forum_contact) && ($private_forum || $only_to_forum)) {
- // we tagged a forum in a top level post. Now we change the post
+ // we tagged a forum in a top level post. Now we change the post
$private = $private_forum ? Item::PRIVATE : Item::UNLISTED;
if ($only_to_forum) {
$postopts = '';
}
+ if (!$private_forum) {
+ $str_contact_allow = '';
+ $str_group_allow = '';
+ $str_contact_deny = '';
+ $str_group_deny = '';
+ }
+
if ($private_forum || !APContact::getByURL($forum_contact['url'])) {
$str_group_allow = '';
$str_contact_deny = '';
$datarray['origin'] = $origin;
$datarray['object'] = $object;
- $datarray['uri-id'] = ItemURI::getIdByURI($datarray['uri']);
$datarray['attachments'] = $_REQUEST['attachments'] ?? [];
/*
$datarray["uri-id"] = -1;
$datarray["author-network"] = Protocol::DFRN;
- $o = conversation($a, [array_merge($contact_record, $datarray)], 'search', false, true);
+ $o = DI::conversation()->create([array_merge($contact_record, $datarray)], 'search', false, true);
System::jsonExit(['preview' => $o]);
}
Hook::callAll('post_local',$datarray);
+ if (!empty($_REQUEST['scheduled_at'])) {
+ $scheduled_at = DateTimeFormat::convert($_REQUEST['scheduled_at'], 'UTC', $a->getTimeZone());
+ if ($scheduled_at > DateTimeFormat::utcNow()) {
+ unset($datarray['created']);
+ unset($datarray['edited']);
+ unset($datarray['commented']);
+ unset($datarray['received']);
+ unset($datarray['changed']);
+ unset($datarray['edit']);
+ unset($datarray['self']);
+ unset($datarray['api_source']);
+
+ Post\Delayed::add($datarray['uri'], $datarray, PRIORITY_HIGH, Post\Delayed::PREPARED_NO_HOOK, $scheduled_at);
+ item_post_return(DI::baseUrl(), $api_source, $return_path);
+ }
+ }
+
if (!empty($datarray['cancel'])) {
Logger::info('mod_item: post cancelled by addon.');
if ($return_path) {
System::jsonExit($json);
}
+ $datarray['uri-id'] = ItemURI::getIdByURI($datarray['uri']);
+
if ($orig_post) {
// Fill the cache field
// This could be done in Item::update as well - but we have to check for the existance of some fields.
item_redirect_after_action($item, $return);
} else {
+ Logger::notice('Permission denied.', ['local' => local_user(), 'uid' => $item['uid'], 'cid' => $contact_id]);
notice(DI::l10n()->t('Permission denied.'));
DI::baseUrl()->redirect('display/' . $item['guid']);
//NOTREACHED