Committer: amyshkin
LJSUP-9221: allow trusted S2 layers to fetch information about specific entries in particular journalsU trunk/bin/upgrading/proplists.dat U trunk/bin/upgrading/s2layers/core1.s2 U trunk/cgi-bin/LJ/S2.pm U trunk/cgi-bin/ljhooks.pl
Modified: trunk/bin/upgrading/proplists.dat =================================================================== --- trunk/bin/upgrading/proplists.dat 2011-07-06 09:01:33 UTC (rev 19447) +++ trunk/bin/upgrading/proplists.dat 2011-07-07 04:09:46 UTC (rev 19448) @@ -1670,3 +1670,19 @@ indexed: 0 multihomed: 0 cldversion: 8 + +userproplist.get_alien_posts: + datatype: bool + prettyname: Can get other journals post + des: Can get other journals post + indexed: 0 + multihomed: 0 + cldversion: 8 + +userproplist.give_posts_to_alien: + datatype: bool + prettyname: Can give post to others + des: Can give post to others + indexed: 0 + multihomed: 0 + cldversion: 8 Modified: trunk/bin/upgrading/s2layers/core1.s2 =================================================================== --- trunk/bin/upgrading/s2layers/core1.s2 2011-07-06 09:01:33 UTC (rev 19447) +++ trunk/bin/upgrading/s2layers/core1.s2 2011-07-07 04:09:46 UTC (rev 19448) @@ -606,6 +606,9 @@ function builtin get_last_entries( string ljname, int count ) : Entry[] "Returns last 'count' entries from selected journal for LJTimes verticals."; + + function builtin get_alien_post( string url ) : Entry + "Returns any public entry from any journal having give_posts_to_alien prop. Recipient must have get_alien_posts prop"; } class TagsPage extends Page Modified: trunk/cgi-bin/LJ/S2.pm =================================================================== --- trunk/cgi-bin/LJ/S2.pm 2011-07-06 09:01:33 UTC (rev 19447) +++ trunk/cgi-bin/LJ/S2.pm 2011-07-07 04:09:46 UTC (rev 19448) @@ -2356,6 +2356,51 @@ return $s; } +sub Page__get_alien_post { + my ( $ctx, $this, $url ) = @_; + + my $entry = LJ::Entry->new_from_url($url); + return undef unless $entry; + return undef unless $entry->visible_to(undef); + + my $page_user = LJ::load_user($this->{journal}->{username}); + return undef unless $page_user->prop('get_alien_posts'); + + my $post_user = LJ::load_user($entry->{u}->{user}); + return undef unless $post_user->prop('give_posts_to_alien'); + + my $dateparts = $entry->{eventtime}; + $dateparts =~ tr/-:/ /; + my $system_dateparts = $entry->{logtime}; + $system_dateparts =~ tr/-:/ /; + + my $pickw = LJ::Entry->userpic_kw_from_props( $entry->props ); + my $userpic = LJ::S2::Image_userpic( $post_user, 0, $pickw ); + + return LJ::S2::Entry( + $post_user, + { + 'subject' => clear_entry_subject($entry), + 'text' => clear_entry_text($entry), + 'dateparts' => $dateparts, + 'system_dateparts' => $system_dateparts, + 'security' => $entry->security, + 'allowmask' => $entry->allowmask, + 'props' => $entry->{'props'}, + 'itemid' => $entry->ditemid, + 'journal' => LJ::S2::UserLite($post_user), + 'poster' => LJ::S2::UserLite($entry->poster), + 'comments' => get_comments_info($entry), + 'tags' => get_sorted_tags($entry), + 'userpic' => $userpic, + 'permalink_url' => $entry->url, + + # for now, these are not implemented + 'new_day' => 0, + 'end_day' => 0, + }); +} + sub html_get_img_urls { my ( $ctx, $s ) = @_; return LJ::html_get_img_urls( \$s ); Modified: trunk/cgi-bin/ljhooks.pl =================================================================== --- trunk/cgi-bin/ljhooks.pl 2011-07-06 09:01:33 UTC (rev 19447) +++ trunk/cgi-bin/ljhooks.pl 2011-07-07 04:09:46 UTC (rev 19448) @@ -293,6 +293,46 @@ } }); +register_setter('get_alien_posts', sub { + my ($u, $key, $value, $err) = @_; + + unless ($value =~ /^(0|1)$/) { + $$err = "Illegal value. Must be '0' or '1'"; + return 0; + } + + my $remote = LJ::get_remote(); + + if (LJ::check_priv($remote, 'siteadmin', 'propedit') || $LJ::IS_DEV_SERVER) { + $u->set_prop('get_alien_posts', $value); + return 1; + } + else { + $$err = "You don't have permission to change this property"; + return 0; + } +}); + +register_setter('give_posts_to_alien', sub { + my ($u, $key, $value, $err) = @_; + + unless ($value =~ /^(0|1)$/) { + $$err = "Illegal value. Must be '0' or '1'"; + return 0; + } + + my $remote = LJ::get_remote(); + + if (LJ::check_priv($remote, 'siteadmin', 'propedit') || $LJ::IS_DEV_SERVER) { + $u->set_prop('give_posts_to_alien', $value); + return 1; + } + else { + $$err = "You don't have permission to change this property"; + return 0; + } +}); + register_setter('custom_usericon', sub { my ($u, $key, $value, $err) = @_;