Merge pull request #9663 from MrPetovan/bug/9662-deleted-users-still-post

Add item user owner data check in Model\Item::isValid
This commit is contained in:
Michael Vogel 2020-12-15 20:57:10 +01:00 committed by GitHub
commit 4bdeba9d5a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 5 deletions

View file

@ -1385,6 +1385,19 @@ class Item
return false; return false;
} }
if (!empty($item['uid'])) {
$owner = User::getOwnerDataById($item['uid'], false);
if (!$owner) {
Logger::notice('Missing item user owner data', ['uid' => $item['uid']]);
return false;
}
if ($owner['account_expired'] || $owner['account_removed']) {
Logger::notice('Item user has been deleted/expired/removed', ['uid' => $item['uid'], 'deleted' => $owner['deleted'], 'account_expired' => $owner['account_expired'], 'account_removed' => $owner['account_removed']]);
return false;
}
}
if (!empty($item['author-id']) && Contact::isBlocked($item['author-id'])) { if (!empty($item['author-id']) && Contact::isBlocked($item['author-id'])) {
Logger::notice('Author is blocked node-wide', ['author-link' => $item['author-link'], 'item-uri' => $item['uri']]); Logger::notice('Author is blocked node-wide', ['author-link' => $item['author-link'], 'item-uri' => $item['uri']]);
return false; return false;

View file

@ -371,11 +371,11 @@ class User
* Get owner data by user id * Get owner data by user id
* *
* @param int $uid * @param int $uid
* @param boolean $check_valid Test if data is invalid and correct it * @param boolean $repairMissing Repair the owner data if it's missing
* @return boolean|array * @return boolean|array
* @throws Exception * @throws Exception
*/ */
public static function getOwnerDataById(int $uid, bool $check_valid = true) public static function getOwnerDataById(int $uid, bool $repairMissing = true)
{ {
if ($uid == 0) { if ($uid == 0) {
return self::getSystemAccount(); return self::getSystemAccount();
@ -387,7 +387,7 @@ class User
$owner = DBA::selectFirst('owner-view', [], ['uid' => $uid]); $owner = DBA::selectFirst('owner-view', [], ['uid' => $uid]);
if (!DBA::isResult($owner)) { if (!DBA::isResult($owner)) {
if (!DBA::exists('user', ['uid' => $uid]) || !$check_valid) { if (!DBA::exists('user', ['uid' => $uid]) || !$repairMissing) {
return false; return false;
} }
Contact::createSelfFromUserId($uid); Contact::createSelfFromUserId($uid);
@ -398,7 +398,7 @@ class User
return false; return false;
} }
if (!$check_valid) { if (!$repairMissing) {
return $owner; return $owner;
} }