API: Allow permissions for status posts

author Michael <heluecht@pirati.ca>

Sun, 11 Dec 2022 22:48:43 +0000 (22:48 +0000)

committer Michael <heluecht@pirati.ca>

Sun, 11 Dec 2022 22:48:43 +0000 (22:48 +0000)
author Michael <heluecht@pirati.ca>
Sun, 11 Dec 2022 22:48:43 +0000 (22:48 +0000)
committer Michael <heluecht@pirati.ca>
Sun, 11 Dec 2022 22:48:43 +0000 (22:48 +0000)
diff --git a/src/Module/Api/Twitter/Statuses/Update.php b/src/Module/Api/Twitter/Statuses/Update.php

index d071675e866904e98e38e2cecbb9465a0307eff5..e1c734038ade7f589ca0ef66041e8f251c58586b 100644 (file)
--- a/src/Module/Api/Twitter/Statuses/Update.php
+++ b/src/Module/Api/Twitter/Statuses/Update.php
@@ -49,6 +49,8 @@ class Update extends BaseApi
                 self::checkAllowedScope(self::SCOPE_WRITE);
                 $uid = self::getCurrentUserID();
  
+               $owner = User::getOwnerDataById($uid);
+
                 $request = self::getRequest([
                         'htmlstatus'            => '',
                         'status'                => '',
@@ -59,9 +61,11 @@ class Update extends BaseApi
                         'media_ids'             => '',
                         'source'                => '',
                         'include_entities'      => false,
-               ], $request);
-
-               $owner = User::getOwnerDataById($uid);
+                       'contact_allow'         => $owner['allow_cid'],
+                       'group_allow'           => $owner['allow_gid'],
+                       'contact_deny'          => $owner['deny_cid'],
+                       'group_deny'            => $owner['deny_gid'],
+                       ], $request);
  
                 if (!empty($request['htmlstatus'])) {
                         $body = HTML::toBBCodeVideo($request['htmlstatus']);
@@ -96,10 +100,11 @@ class Update extends BaseApi
                         $item['coord'] = sprintf("%s %s", $request['lat'], $request['long']);
                 }
  
-               $item['allow_cid'] = $owner['allow_cid'] ?? '';
-               $item['allow_gid'] = $owner['allow_gid'] ?? '';
-               $item['deny_cid']  = $owner['deny_cid'] ?? '';
-               $item['deny_gid']  = $owner['deny_gid'] ?? '';
+               $aclFormatter = DI::aclFormatter();
+               $item['allow_cid'] = $aclFormatter->toString($request['contact_allow']);
+               $item['allow_gid'] = $aclFormatter->toString($request['group_allow']);
+               $item['deny_cid']  = $aclFormatter->toString($request['contact_deny']);
+               $item['deny_gid']  = $aclFormatter->toString($request['group_deny']);
  
                 if (!empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) {
                         $item['private'] = Item::PRIVATE;
author	Michael <heluecht@pirati.ca>
	Sun, 11 Dec 2022 22:48:43 +0000 (22:48 +0000)
committer	Michael <heluecht@pirati.ca>
	Sun, 11 Dec 2022 22:48:43 +0000 (22:48 +0000)