return false;
}
+ // Is it OK to repeat that notice (general enough scope)?
+
+ if ($this->original->scope != Notice::SITE_SCOPE &&
+ $this->original->scope != Notice::PUBLIC_SCOPE) {
+ $this->clientError(_('You may not repeat a private notice.'),
+ 403,
+ $this->format);
+ return false;
+ }
+
$profile = $this->user->getProfile();
+ // Can the profile actually see that notice?
+
+ if (!$this->original->inScope($profile)) {
+ $this->clientError(_('No access to that notice.'),
+ 403,
+ $this->format);
+ return false;
+ }
+
if ($profile->hasRepeated($id)) {
// TRANS: Client error displayed trying to re-repeat a notice through the API.
$this->clientError(_('Already repeated that notice.'),
return false;
}
+
return true;
}
return false;
}
+ // Is it OK to repeat that notice (general enough scope)?
+
+ if ($this->notice->scope != Notice::SITE_SCOPE &&
+ $this->notice->scope != Notice::PUBLIC_SCOPE) {
+ $this->clientError(_('You may not repeat a private notice.'),
+ 403);
+ }
+
if ($this->user->id == $this->notice->profile_id) {
// TRANS: Client error displayed when trying to repeat an own notice.
$this->clientError(_('You cannot repeat your own notice.'));
$profile = $this->user->getProfile();
+ // Can the profile actually see that notice?
+
+ if (!$this->notice->inScope($profile)) {
+ $this->clientError(_('No access to that notice.'), 403);
+ }
+
+
if ($profile->hasRepeated($id)) {
// TRANS: Client error displayed when trying to repeat an already repeated notice.
$this->clientError(_('You already repeated that notice.'));
const LOCAL_NONPUBLIC = -1;
const GATEWAY = -2;
+ const PUBLIC_SCOPE = 0; // Useful fake constant
const SITE_SCOPE = 1;
const ADDRESSEE_SCOPE = 2;
const GROUP_SCOPE = 4;
// Handle repeat case
if (isset($repeat_of)) {
+
+ // Check for a private one
+
+ $repeat = Notice::staticGet('id', $repeat_of);
+
+ if (!empty($repeat) &&
+ $repeat->scope != Notice::SITE_SCOPE &&
+ $repeat->scope != Notice::PUBLIC_SCOPE) {
+ throw new ClientException(_('Cannot repeat a private notice.'), 403);
+ }
+
+ // XXX: Check for access...?
+
$notice->repeat_of = $repeat_of;
} else {
$notice->reply_to = self::getReplyTo($reply_to, $profile_id, $source, $final);
return;
}
- if ($this->user->getProfile()->hasRepeated($notice->id)) {
+ // Is it OK to repeat that notice (general enough scope)?
+
+ if ($notice->scope != Notice::SITE_SCOPE &&
+ $notice->scope != Notice::PUBLIC_SCOPE) {
+ $channel->error($this->user, _('You may not repeat a private notice.'));
+ }
+
+ $profile = $this->user->getProfile();
+
+ // Can the profile actually see that notice?
+
+ if (!$notice->inScope($profile)) {
+ $channel->error($this->user, _('You have no access to that notice.'));
+ }
+
+ if ($profile->hasRepeated($notice->id)) {
// TRANS: Error text shown when trying to repeat an notice that was already repeated by the user.
$channel->error($this->user, _('Already repeated that notice.'));
return;
function showRepeatForm()
{
- $user = common_current_user();
- if ($user && $user->id != $this->notice->profile_id) {
- $this->out->text(' ');
- $profile = $user->getProfile();
- if ($profile->hasRepeated($this->notice->id)) {
- $this->out->element('span', array('class' => 'repeated',
- 'title' => _('Notice repeated')),
- _('Repeated'));
- } else {
- $rf = new RepeatForm($this->out, $this->notice);
- $rf->show();
+ if ($this->notice->scope == Notice::PUBLIC_SCOPE ||
+ $this->notice->scope == Notice::SITE_SCOPE) {
+ $user = common_current_user();
+ if (!empty($user) &&
+ $user->id != $this->notice->profile_id) {
+ $this->out->text(' ');
+ $profile = $user->getProfile();
+ if ($profile->hasRepeated($this->notice->id)) {
+ $this->out->element('span', array('class' => 'repeated',
+ 'title' => _('Notice repeated')),
+ _('Repeated'));
+ } else {
+ $rf = new RepeatForm($this->out, $this->notice);
+ $rf->show();
+ }
}
}
}
projects / quix0rs-gnu-social.git / commitdiff