juks (juks) wrote in changelog,
juks
juks
changelog

[livejournal] r17961: LJSUP-7153 Block old entries from being ...

Committer: iaskarov
LJSUP-7153 Block old entries from being viewed in business-sensitive communities
U   trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl
===================================================================
--- trunk/cgi-bin/ljprotocol.pl	2010-12-17 08:25:51 UTC (rev 17960)
+++ trunk/cgi-bin/ljprotocol.pl	2010-12-17 08:29:46 UTC (rev 17961)
@@ -1875,11 +1875,16 @@
     return undef unless check_altusage($req, $err, $flags);
 
     my $u = $flags->{'u'};
+
+    # Ownerid - community/blog id
     my $ownerid = $flags->{'ownerid'};
     my $uowner = $flags->{'u_owner'} || $u;
+    
     # Make sure we have a user object here
     $uowner = LJ::want_user($uowner) unless LJ::isu($uowner);
     my $clusterid = $uowner->{'clusterid'};
+
+    # Posterid - the id of the author of the entry
     my $posterid = $u->{'userid'};
     my $qallowmask = $req->{'allowmask'}+0;
     my $sth;
@@ -1908,6 +1913,12 @@
             ($req->{'security'} eq "private" ||
             ($req->{'security'} eq "usemask" && $qallowmask != 1 )));
 
+    # make sure user can't change post in a certain community without being its member 
+    return fail($err,102)
+        if ($LJ::MEMBERSHIP_SENSITIVE_COMMUNITIES{ $uowner->{user} } &&
+            !LJ::is_friend($uowner, $u));
+        
+
     # make sure the new entry's under the char limit
     # NOTE: as in postevent, this requires $req->{event} to be binary data
     # but we've already removed the utf-8 flag in the XML-RPC path, and it

Tags: juks, livejournal, pl
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments