From d05910a6e5f2605f29c1b5156a9106d42024457c Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 11 Dec 2022 22:48:43 +0000 Subject: [PATCH] API: Allow permissions for status posts --- src/Module/Api/Twitter/Statuses/Update.php | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/src/Module/Api/Twitter/Statuses/Update.php b/src/Module/Api/Twitter/Statuses/Update.php index d071675e8..e1c734038 100644 --- a/src/Module/Api/Twitter/Statuses/Update.php +++ b/src/Module/Api/Twitter/Statuses/Update.php @@ -49,6 +49,8 @@ class Update extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); + $owner = User::getOwnerDataById($uid); + $request = self::getRequest([ 'htmlstatus' => '', 'status' => '', @@ -59,9 +61,11 @@ class Update extends BaseApi 'media_ids' => '', 'source' => '', 'include_entities' => false, - ], $request); - - $owner = User::getOwnerDataById($uid); + 'contact_allow' => $owner['allow_cid'], + 'group_allow' => $owner['allow_gid'], + 'contact_deny' => $owner['deny_cid'], + 'group_deny' => $owner['deny_gid'], + ], $request); if (!empty($request['htmlstatus'])) { $body = HTML::toBBCodeVideo($request['htmlstatus']); @@ -96,10 +100,11 @@ class Update extends BaseApi $item['coord'] = sprintf("%s %s", $request['lat'], $request['long']); } - $item['allow_cid'] = $owner['allow_cid'] ?? ''; - $item['allow_gid'] = $owner['allow_gid'] ?? ''; - $item['deny_cid'] = $owner['deny_cid'] ?? ''; - $item['deny_gid'] = $owner['deny_gid'] ?? ''; + $aclFormatter = DI::aclFormatter(); + $item['allow_cid'] = $aclFormatter->toString($request['contact_allow']); + $item['allow_gid'] = $aclFormatter->toString($request['group_allow']); + $item['deny_cid'] = $aclFormatter->toString($request['contact_deny']); + $item['deny_gid'] = $aclFormatter->toString($request['group_deny']); if (!empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) { $item['private'] = Item::PRIVATE;