Brian Hatchet · Brian Hatchet · 1559425f · 1559425f · 1559425f · 1559425f
--- a/Api/Exportable.php
+++ b/Api/Exportable.php
@@ -120,9 +120,9 @@ class Exportable implements \JsonSerializable
                ]);
                if ($item instanceof FeedSyncEntity) {
-                    $exported['entity']['permissions'] = $permissions->export();
+                    $exported['entity']['permissions'] = $permissions->exportPermission($entity->getGuid());
                } else {
-                    $exported['permissions'] = $permissions->export();
+                    $exported['permissions'] = $permissions->exportPermission($entity->getGuid());
                }
            }

--- a/Api/Factory.php
+++ b/Api/Factory.php
@@ -209,35 +209,41 @@ class Factory
     * @return array - an array of the entities
     * @deprecated
     */
-    public static function exportable($entities, $exceptions = [], $exportContext = false, $includePermissions = true)
+    public static function exportable($entities = [], $exceptions = [], $exportContext = false, $includePermissions = true)
    {
-        $permissionsManager = Di::_()->get('Permissions\Manager');
+        foreach ($entities as $k => $entity) {
-        if (!$entities) {
+            $entities[$k] = Factory::export($entity, $exceptions, $exportContext, $includePermissions);
-            return [];
        }
+        return $entities;
+    }
-        foreach ($entities as $k => $entity) {
+    /**
-            if ($exportContext && method_exists($entity, 'setExportContext')) {
+     * Exports a single entity, called by exportable for arrays
-                $entity->setExportContext($exportContext);
+     */
-            }
+    public static function export($entity, $exceptions = false, $exportContext=false, $includePermissions = true)
+    {
+        if ($exportContext && method_exists($entity, 'setExportContext')) {
+            $entity->setExportContext($exportContext);
+        }
-            $entities[$k] = $entity->export();
+        $export = $entity->export();
-            //Calculate new permissions object with the entities
+        //Calculate new permissions object with the entities
-            if ($includePermissions && $entity && Di::_()->get('Features\Manager')->has('permissions')) {
+        if ($includePermissions && $entity && Di::_()->get('Features\Manager')->has('permissions')) {
-                $permissions = $permissionsManager->getList([
+            /** @var Manager $permissionsManager */
-                    'user_guid' => Session::getLoggedinUser(),
+            $permissionsManager = Di::_()->get('Permissions\Manager');
-                    'entities' => [$entity],
+            $permissions = $permissionsManager->getList([
-                ]);
+                'user_guid' => Session::getLoggedinUser(),
-                $entities[$k]['permissions'] = $permissions->export();
+                'entities' => [$entity],
-            }
+            ]);
-            $entities[$k]['guid'] = (string) $entities[$k]['guid']; //javascript doesn't like long numbers..
+            $export['permissions'] = $permissions->exportPermission($entity->getGuid());
-            if (isset($entities[$k]['ownerObj']['guid'])) {
-                $entities[$k]['ownerObj']['guid'] = (string) $entity->ownerObj['guid'];
-            }
-            foreach ($exceptions as $exception) {
-                $entities[$k][$exception] = $entity->$exception;
-            }
        }
-        return $entities;
+        $export['guid'] = (string) $export['guid']; //javascript doesn't like long numbers..
+        if (isset($export['ownerObj']['guid'])) {
+            $export['ownerObj']['guid'] = (string) $entity->ownerObj['guid'];
+        }
+        foreach ($exceptions as $exception) {
+            $export[$exception] = $export->$exception;
+        }
+        return $export;
    }
 }
--- a/Controllers/api/v1/newsfeed.php
+++ b/Controllers/api/v1/newsfeed.php
@@ -54,7 +54,7 @@ class newsfeed implements Interfaces\Api
                    return Factory::response(['status' => 'error']);
                }
-                return Factory::response(['activity' => $activity->export()]);
+                return Factory::response(['activity' => Factory::export($activity)]);
                break;
            default:
            case 'personal':

--- a/Core/Permissions/Manager.php
+++ b/Core/Permissions/Manager.php
@@ -44,17 +44,14 @@ class Manager
            throw new \InvalidArgumentException('user_guid is required');
        }
-        $guids = $opts['guids'] ?: array_map(function ($item) {
-            return $item->getGuid();
-        }, $opts['entities']);
        $user = $this->entitiesBuilder->single($opts['user_guid']);
-        $entities = $this->entitiesBuilder->get(['guids' => $guids]);
        if (!$user) {
            throw new \InvalidArgumentException('User does not exist');
        }
+        $entities = empty($opts['entities']) ? $this->entitiesBuilder->get(['guids' => $opts['guids']]) : $opts['entities'];
        if ($user && $user->getType() !== 'user') {
            throw new \InvalidArgumentException('Entity is not a user');
        }

--- a/Core/Permissions/Permissions.php
+++ b/Core/Permissions/Permissions.php
@@ -150,6 +150,19 @@ class Permissions implements \JsonSerializable
        return $export;
    }
+    /**
+     * Export the exact permissions for a calculated entity only
+     *
+     * @return array serialized individual permission for an entity
+     */
+    public function exportPermission($guid): array
+    {
+        if (isset($this->entities[$guid])) {
+            return $this->entities[$guid]->export();
+        }
+        return [];
+    }
    /**
     * @return array channel guids with the user's role
     */

--- a/Core/Permissions/Roles/ChannelOwnerRole.php
+++ b/Core/Permissions/Roles/ChannelOwnerRole.php
@@ -9,6 +9,7 @@ class ChannelOwnerRole extends BaseRole
        parent::__construct(Roles::ROLE_CHANNEL_OWNER);
        $this->addPermission(Flags::FLAG_APPOINT_ADMIN);
        $this->addPermission(Flags::FLAG_CREATE_POST);
+        $this->addPermission(Flags::FLAG_CREATE_GROUP);
        $this->addPermission(Flags::FLAG_EDIT_CHANNEL);
        $this->addPermission(Flags::FLAG_EDIT_POST);
        $this->addPermission(Flags::FLAG_DELETE_CHANNEL);

--- a/Spec/Core/Permissions/ManagerSpec.php
+++ b/Spec/Core/Permissions/ManagerSpec.php
@@ -64,12 +64,10 @@ class ManagerSpec extends ObjectBehavior
        $this->entitiesBuilder->build($this->subscribedChannel)->willReturn($this->subscribedChannel);
        $this->entitiesBuilder->build($this->unsubscribedChannel)->willReturn($this->unsubscribedChannel);
        $this->entitiesBuilder->get([
-            "user_guid" => 1,
+            "guids" => [10, 11, 12, 13]
-            "guids" => [10, 11, 12, 13],
-            "entities" => [],
        ])->willReturn($this->mockEntities());
        $this->entitiesBuilder->get([
-            "guids" => [10, 11, 12, 13]
+            "guids" => [10, 11, 12, 13],
        ])->willReturn($this->mockEntities());
        $this->beConstructedWith($this->entitiesBuilder);
    }
@@ -83,9 +81,9 @@ class ManagerSpec extends ObjectBehavior
    {
        $permissions = $this->getList([
            'user_guid' => 1,
-            'guids'=> [10, 11, 12, 13],
+            'guids' => [10, 11, 12, 13],
-            'entities' => []
+            'entities' => [],
-            ]);
+        ]);
        $entities = $permissions->getEntities();
        $entities->shouldHaveKey(10);
        $entities->shouldHaveKey(11);