$item['allow_cid'] = '';
$item['allow_gid'] = '';
}
- } elseif ($setPermissions && ($item['gravity'] == ItemModel::GRAVITY_PARENT)) {
+ } elseif ($setPermissions) {
if (empty($receivers)) {
// For security reasons direct posts without any receiver will be posts to yourself
$self = Contact::selectFirst(['id'], ['uid' => $item['uid'], 'self' => true]);
$item['post-type'] = empty($item['title']) ? self::PT_NOTE : self::PT_ARTICLE;
}
+ $defined_permissions = isset($item['allow_cid']) && isset($item['allow_gid']) && isset($item['deny_cid']) && isset($item['deny_gid']) && isset($item['private']);
+
$item['wall'] = intval($item['wall'] ?? 0);
$item['extid'] = trim($item['extid'] ?? '');
$item['author-name'] = trim($item['author-name'] ?? '');
$item['wall'] = $toplevel_parent['wall'];
// Reshares have to keep their permissions to allow forums to work
- if (!$item['origin'] || ($item['verb'] != Activity::ANNOUNCE)) {
+ if (!$defined_permissions && (!$item['origin'] || ($item['verb'] != Activity::ANNOUNCE))) {
$item['allow_cid'] = $toplevel_parent['allow_cid'];
$item['allow_gid'] = $toplevel_parent['allow_gid'];
$item['deny_cid'] = $toplevel_parent['deny_cid'];
* This differs from the above settings as it subtly allows comments from
* email correspondents to be private even if the overall thread is not.
*/
- if ($toplevel_parent['private']) {
+ if (!$defined_permissions && $toplevel_parent['private']) {
$item['private'] = $toplevel_parent['private'];
}
}
// ACL settings
- if (!empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) {
+ if (!$defined_permissions && !empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) {
$item['private'] = self::PRIVATE;
}
}
if ($request['in_reply_to_id']) {
- $parent = Post::selectFirst(['uri', 'private'], ['uri-id' => $request['in_reply_to_id'], 'uid' => [0, $uid]]);
+ $parent = Post::selectFirst(['uri'], ['uri-id' => $request['in_reply_to_id'], 'uid' => [0, $uid]]);
+ if (empty($parent)) {
+ throw new HTTPException\NotFoundException('Item with URI ID ' . $request['in_reply_to_id'] . ' not found for user ' . $uid . '.');
+ }
$item['thr-parent'] = $parent['uri'];
$item['gravity'] = Item::GRAVITY_COMMENT;
$item['object-type'] = Activity\ObjectType::COMMENT;
-
- if (in_array($parent['private'], [Item::UNLISTED, Item::PUBLIC]) && ($item['private'] == Item::PRIVATE)) {
- throw new HTTPException\NotImplementedException('Private replies for public posts are not implemented.');
- }
} else {
self::checkThrottleLimit();
projects / friendica.git / commitdiff