Committer: sbelyaev
LJSUP-10090: visible_to is updatedU trunk/cgi-bin/LJ/DelayedEntry.pm
Modified: trunk/cgi-bin/LJ/DelayedEntry.pm
===================================================================
--- trunk/cgi-bin/LJ/DelayedEntry.pm 2011-10-11 03:51:06 UTC (rev 20267)
+++ trunk/cgi-bin/LJ/DelayedEntry.pm 2011-10-11 03:53:02 UTC (rev 20268)
@@ -7,11 +7,11 @@
use Storable;
sub create_from_url {
- my ($class, $url) = @_;
+ my ($class, $url, $opts) = @_;
if ($url =~ m!(.+)/d(\d+)\.html!) {
my $u = LJ::User->new_from_url($1) or return undef;
- return LJ::DelayedEntry->get_entry_by_id($u, $2);
+ return LJ::DelayedEntry->get_entry_by_id($u, $2, $opts);
}
return undef;
@@ -215,7 +215,65 @@
sub visible_to {
my ($self, $remote, $opts) = @_;
- return __delayed_entry_can_see($self->journal, $remote);
+ return 0 unless $self->valid;
+
+ # can see anything with viewall
+ return 1 if $opts->{'viewall'};
+
+ # can't see anything unless the journal is visible
+ # unless you have viewsome. then, other restrictions apply
+ if (!$opts->{'viewsome'}) {
+ return 0 if $self->journal->{statusvis} =~ m/[DSX]/;
+
+ # can't see anything by suspended users
+ my $poster = $self->poster;
+ return 0 if $poster->{statusvis} eq 'S';
+
+ # if poster choosed to delete jouranl and all external content,
+ # then don't show his/her entries, except in some protected journals like 'lj_core'
+ if ($poster->{statusvis} eq 'D') {
+ my ($purge_comments, $purge_community_entries) = split /:/, $poster->prop("purge_external_content");
+ if ($purge_community_entries) {
+ my $journal_name = $self->journal->{user};
+ if (!$LJ::JOURNALS_WITH_PROTECTED_CONTENT{$journal_name}) {
+ return 0;
+ }
+ }
+ }
+
+ # can't see suspended entries
+ return 0 if $self->is_suspended_for($remote);
+ }
+
+ # public is okay
+ return 1 if $self->security eq "public";
+
+ # must be logged in otherwise
+ return 0 unless $remote;
+
+ my $userid = int($self->journalid);
+ my $remoteid = int($remote->userid);
+
+ # owners can always see their own.
+ return 1 if $userid == $remoteid;
+
+ # author in community can always see their post
+ return 1 if $remoteid == $self->posterid and not $LJ::JOURNALS_WITH_PROTECTED_CONTENT{ $self->journal->{user} };
+
+ # other people can't read private
+ return 0 if $self->security eq "private";
+
+ # should be 'usemask' security from here out, otherwise
+ # assume it's something new and return 0
+ return 0 unless $self->security eq "usemask";
+
+ # if it's usemask, we have to refuse non-personal journals,
+ # so we have to load the user
+ return 0 unless $remote->{'journaltype'} eq 'P' || $remote->{'journaltype'} eq 'I';
+
+ my $gmask = LJ::get_groupmask($userid, $remoteid);
+ my $allowed = (int($gmask) & int($self->allowmask));
+ return $allowed ? 1 : 0; # no need to return matching mask
}
# defined by the entry poster
@@ -252,7 +310,8 @@
sub statusvis {
my ($self) = @_;
- return $self->prop("statusvis") eq "S" ? "S" : "V";
+ my $statusvis = $self->prop("statusvis") || '';
+ return $statusvis eq "S" ? "S" : "V";
}
sub is_visible {
@@ -678,12 +737,13 @@
$dateformat = "%Y %m %d %H %i %s %w"; # yyyy mm dd hh mm ss day_of_week
}
+ my $delayed_visibility = $options->{'delayed_visibility'} || 0;
my $userid = $options->{userid} || 0;
my $user = LJ::get_remote() || LJ::want_user($userid);
return undef unless $user;
my $sql_poster = '';
- if (!__delayed_entry_can_see( $journal, $user ))
+ if (!$delayed_visibility && !__delayed_entry_can_see( $journal, $user ))
{
$sql_poster = 'AND posterid = ' . $user->userid . " ";
}
