Enable visibility request parameter to override default user permissions in mod/item
This commit is contained in:
parent
8e8f97cce1
commit
7fabafdce6
1 changed files with 11 additions and 5 deletions
12
mod/item.php
12
mod/item.php
|
@ -262,12 +262,18 @@ function item_post(App $a) {
|
||||||
$guid = $orig_post['guid'];
|
$guid = $orig_post['guid'];
|
||||||
$extid = $orig_post['extid'];
|
$extid = $orig_post['extid'];
|
||||||
} else {
|
} else {
|
||||||
$aclFormatter = DI::aclFormatter();
|
$str_contact_allow = '';
|
||||||
|
$str_group_allow = '';
|
||||||
|
$str_contact_deny = '';
|
||||||
|
$str_group_deny = '';
|
||||||
|
|
||||||
$str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
|
if (($_REQUEST['visibility'] ?? '') !== 'public') {
|
||||||
|
$aclFormatter = DI::aclFormatter();
|
||||||
$str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
|
$str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
|
||||||
$str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
|
$str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
|
||||||
$str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
|
$str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
|
||||||
|
$str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
|
||||||
|
}
|
||||||
|
|
||||||
$title = Strings::escapeTags(trim($_REQUEST['title'] ?? ''));
|
$title = Strings::escapeTags(trim($_REQUEST['title'] ?? ''));
|
||||||
$location = Strings::escapeTags(trim($_REQUEST['location'] ?? ''));
|
$location = Strings::escapeTags(trim($_REQUEST['location'] ?? ''));
|
||||||
|
|
Loading…
Reference in a new issue