Add new class/functions

- Create class Core\Acl
- Add Contact::pruneUnavailable
- Add mod_content
This commit is contained in:
Hypolite Petovan 2018-02-25 19:45:04 -05:00
parent 38e5e64532
commit eeafb59c31
3 changed files with 708 additions and 4 deletions

View file

@ -1,12 +1,309 @@
<?php <?php
/* ACL selector json backend */ /* ACL selector json backend */
use Friendica\App; use Friendica\App;
use Friendica\Content\Widget;
use Friendica\Core\Addon;
use Friendica\Database\DBM;
use Friendica\Model\Contact;
require_once 'include/acl_selectors.php'; require_once 'include/acl_selectors.php';
require_once 'include/dba.php';
require_once 'mod/proxy.php';
function acl_init(App $a) { function acl_content(App $a)
acl_lookup($a); {
if (!local_user()) {
return '';
}
$start = defaults($_REQUEST, 'start', 0);
$count = defaults($_REQUEST, 'count', 100);
$search = defaults($_REQUEST, 'search', '');
$type = defaults($_REQUEST, 'type', '');
$conv_id = defaults($_REQUEST, 'conversation', null);
// For use with jquery.textcomplete for private mail completion
if (x($_REQUEST, 'query')) {
if (!$type) {
$type = 'm';
}
$search = $_REQUEST['query'];
}
logger('Searching for ' . $search . ' - type ' . $type, LOGGER_DEBUG);
if ($search != '') {
$sql_extra = "AND `name` LIKE '%%" . dbesc($search) . "%%'";
$sql_extra2 = "AND (`attag` LIKE '%%" . dbesc($search) . "%%' OR `name` LIKE '%%" . dbesc($search) . "%%' OR `nick` LIKE '%%" . dbesc($search) . "%%')";
} else {
/// @TODO Avoid these needless else blocks by putting variable-initialization atop of if()
$sql_extra = $sql_extra2 = '';
}
// count groups and contacts
if ($type == '' || $type == 'g') {
$r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
intval(local_user())
);
$group_count = (int) $r[0]['g'];
} else {
$group_count = 0;
}
$sql_extra2 .= ' ' . Widget::unavailableNetworks();
if ($type == '' || $type == 'c') {
// autocomplete for editor mentions
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND NOT `self`
AND NOT `blocked` AND NOT `pending` AND NOT `archive`
AND `success_update` >= `failure_update`
AND `notify` != '' $sql_extra2",
intval(local_user())
);
$contact_count = (int) $r[0]['c'];
} elseif ($type == 'f') {
// autocomplete for editor mentions of forums
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND NOT `self`
AND NOT `blocked` AND NOT `pending` AND NOT `archive`
AND (`forum` OR `prv`)
AND `success_update` >= `failure_update`
AND `notify` != '' $sql_extra2",
intval(local_user())
);
$contact_count = (int) $r[0]['c'];
} elseif ($type == 'm') {
// autocomplete for Private Messages
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND NOT `self`
AND NOT `blocked` AND NOT `pending` AND NOT `archive`
AND `success_update` >= `failure_update`
AND `network` IN ('%s', '%s') $sql_extra2",
intval(local_user()),
dbesc(NETWORK_DFRN),
dbesc(NETWORK_DIASPORA)
);
$contact_count = (int) $r[0]['c'];
} elseif ($type == 'a') {
// autocomplete for Contacts
$r = q("SELECT COUNT(*) AS c FROM `contact`
WHERE `uid` = %d AND NOT `self`
AND NOT `pending` $sql_extra2",
intval(local_user())
);
$contact_count = (int) $r[0]['c'];
} else {
$contact_count = 0;
}
$tot = $group_count + $contact_count;
$groups = [];
$contacts = [];
if ($type == '' || $type == 'g') {
/// @todo We should cache this query.
// This can be done when we can delete cache entries via wildcard
$r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') AS uids
FROM `group`
INNER JOIN `group_member` ON `group_member`.`gid`=`group`.`id`
WHERE NOT `group`.`deleted` AND `group`.`uid` = %d
$sql_extra
GROUP BY `group`.`name`, `group`.`id`
ORDER BY `group`.`name`
LIMIT %d,%d",
intval(local_user()),
intval($start),
intval($count)
);
foreach ($r as $g) {
$groups[] = [
'type' => 'g',
'photo' => 'images/twopeople.png',
'name' => htmlentities($g['name']),
'id' => intval($g['id']),
'uids' => array_map('intval', explode(',', $g['uids'])),
'link' => '',
'forum' => '0'
];
}
if ((count($groups) > 0) && ($search == '')) {
$groups[] = ['separator' => true];
}
}
if ($type == '') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv`, (`prv` OR `forum`) AS `frm` FROM `contact`
WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s', '%s'))
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user()),
dbesc(NETWORK_OSTATUS),
dbesc(NETWORK_STATUSNET)
);
} elseif ($type == 'c') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s'))
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user()),
dbesc(NETWORK_STATUSNET)
);
} elseif ($type == 'f') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s'))
AND (`forum` OR `prv`)
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user()),
dbesc(NETWORK_STATUSNET)
);
} elseif ($type == 'm') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr` FROM `contact`
WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive`
AND `success_update` >= `failure_update` AND `network` IN ('%s', '%s')
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user()),
dbesc(NETWORK_DFRN),
dbesc(NETWORK_DIASPORA)
);
} elseif ($type == 'a') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
WHERE `uid` = %d AND `pending` = 0 AND `success_update` >= `failure_update`
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user())
);
} elseif ($type == 'x') {
// autocomplete for global contact search (e.g. navbar search)
$r = navbar_complete($a);
$contacts = [];
foreach ($r as $g) {
$contacts[] = [
'photo' => proxy_url($g['photo'], false, PROXY_SIZE_MICRO),
'name' => $g['name'],
'nick' => (x($g['addr']) ? $g['addr'] : $g['url']),
'network' => $g['network'],
'link' => $g['url'],
'forum' => (x($g['community']) ? 1 : 0),
];
}
$o = [
'start' => $start,
'count' => $count,
'items' => $contacts,
];
echo json_encode($o);
killme();
} else {
$r = [];
}
if (DBM::is_result($r)) {
$forums = [];
foreach ($r as $g) {
$entry = [
'type' => 'c',
'photo' => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
'name' => htmlentities($g['name']),
'id' => intval($g['id']),
'network' => $g['network'],
'link' => $g['url'],
'nick' => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
'addr' => htmlentities(($g['addr']) ? $g['addr'] : $g['url']),
'forum' => ((x($g, 'forum') || x($g, 'prv')) ? 1 : 0),
];
if ($entry['forum']) {
$forums[] = $entry;
} else {
$contacts[] = $entry;
}
}
if (count($forums) > 0) {
if ($search == '') {
$forums[] = ['separator' => true];
}
$contacts = array_merge($forums, $contacts);
}
}
$items = array_merge($groups, $contacts);
if ($conv_id) {
/*
* if $conv_id is set, get unknown contacts in thread
* but first get known contacts url to filter them out
*/
$known_contacts = array_map(function ($i) {
return dbesc($i['link']);
}, $contacts);
$unknown_contacts = [];
$r = q("SELECT `author-link`
FROM `item` WHERE `parent` = %d
AND (`author-name` LIKE '%%%s%%' OR `author-link` LIKE '%%%s%%')
AND `author-link` NOT IN ('%s')
GROUP BY `author-link`, `author-avatar`, `author-name`
ORDER BY `author-name` ASC
",
intval($conv_id),
dbesc($search),
dbesc($search),
implode("', '", $known_contacts)
);
if (DBM::is_result($r)) {
foreach ($r as $row) {
$contact = Contact::getDetailsByURL($row['author-link']);
if (count($contact) > 0) {
$unknown_contacts[] = [
'type' => 'c',
'photo' => proxy_url($contact['micro'], false, PROXY_SIZE_MICRO),
'name' => htmlentities($contact['name']),
'id' => intval($contact['cid']),
'network' => $contact['network'],
'link' => $contact['url'],
'nick' => htmlentities($contact['nick'] ?: $contact['addr']),
'addr' => htmlentities(($contact['addr']) ? $contact['addr'] : $contact['url']),
'forum' => $contact['forum']
];
}
}
}
$items = array_merge($items, $unknown_contacts);
$tot += count($unknown_contacts);
}
$results = [
'tot' => $tot,
'start' => $start,
'count' => $count,
'groups' => $groups,
'contacts' => $contacts,
'items' => $items,
'type' => $type,
'search' => $search,
];
Addon::callHooks('acl_lookup_end', $results);
$o = [
'tot' => $results['tot'],
'start' => $results['start'],
'count' => $results['count'],
'items' => $results['items'],
];
echo json_encode($o);
killme();
} }

384
src/Core/Acl.php Normal file
View file

@ -0,0 +1,384 @@
<?php
/**
* @file src/Core/Acl.php
*/
namespace Friendica\Core;
use dba;
use Friendica\BaseObject;
use Friendica\Content\Feature;
use Friendica\Database\DBM;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
use Friendica\Util\Network;
use const CONTACT_IS_FRIEND;
use const NETWORK_DFRN;
use const NETWORK_DIASPORA;
use const NETWORK_FACEBOOK;
use const NETWORK_MAIL;
use const NETWORK_OSTATUS;
use const PHP_EOL;
use function dbesc;
use function defaults;
use function get_markup_template;
use function get_server;
use function local_user;
use function remote_user;
use function replace_macros;
/**
* Handle ACL management and display
*
* @author Hypolite Petovan <mrpetovan@gmail.com>
*/
class Acl extends BaseObject
{
/**
* Returns a select input tag with all the contact of the local user
*
* @param string $selname Name attribute of the select input tag
* @param string $selclass Class attribute of the select input tag
* @param array $options Available options:
* - size: length of the select box
* - mutual_friends: Only used for the hook
* - single: Only used for the hook
* - exclude: Only used for the hook
* @param array $preselected Contact ID that should be already selected
* @return string
*/
public static function getSuggestContactSelectHTML($selname, $selclass, array $options = [], array $preselected = [])
{
$a = self::getApp();
$networks = null;
$size = defaults($options, 'size', 4);
$mutual = !empty($options['mutual_friends']);
$single = !empty($options['single']) && empty($options['multiple']);
$exclude = defaults($options, 'exclude', false);
switch (defaults($options, 'networks', Protocol::PHANTOM)) {
case 'DFRN_ONLY':
$networks = [NETWORK_DFRN];
break;
case 'PRIVATE':
if (!empty($a->user['prvnets'])) {
$networks = [NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA];
} else {
$networks = [NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA];
}
break;
case 'TWO_WAY':
if (!empty($a->user['prvnets'])) {
$networks = [NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA];
} else {
$networks = [NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA, NETWORK_OSTATUS];
}
break;
default: /// @TODO Maybe log this call?
break;
}
$x = ['options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks];
Addon::callHooks('contact_select_options', $x);
$o = '';
$sql_extra = '';
if (!empty($x['mutual'])) {
$sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
}
if (!empty($x['exclude'])) {
$sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
}
if (!empty($x['networks'])) {
/// @TODO rewrite to foreach()
array_walk($x['networks'], function (&$value) {
$value = "'" . dbesc($value) . "'";
});
$str_nets = implode(',', $x['networks']);
$sql_extra .= " AND `network` IN ( $str_nets ) ";
}
$tabindex = (!empty($options['tabindex']) ? 'tabindex="' . $options["tabindex"] . '"' : '');
if (!empty($x['single'])) {
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
} else {
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
}
$stmt = dba::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
$sql_extra
ORDER BY `name` ASC ", intval(local_user())
);
$contacts = dba::inArray($stmt);
$arr = ['contact' => $contacts, 'entry' => $o];
// e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
Addon::callHooks($a->module . '_pre_' . $selname, $arr);
if (DBM::is_result($contacts)) {
foreach ($contacts as $contact) {
if (in_array($contact['id'], $preselected)) {
$selected = ' selected="selected" ';
} else {
$selected = '';
}
$trimmed = mb_substr($contact['name'], 0, 20);
$o .= "<option value=\"{$contact['id']}\" $selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
}
}
$o .= '</select>' . PHP_EOL;
Addon::callHooks($a->module . '_post_' . $selname, $o);
return $o;
}
/**
* Returns a select input tag with all the contact of the local user
*
* @param string $selname Name attribute of the select input tag
* @param string $selclass Class attribute of the select input tag
* @param array $preselected Contact ID that should be already selected
* @param int $size Length of the select box
* @param bool $privmail
* @param bool $celeb
* @param bool $privatenet
* @param int $tabindex Select input tag tabindex attribute
* @return string
*/
public static function getMessageContactSelectHTML(
$selname, $selclass, array $preselected = [], $size = 4, $privmail = false, $celeb = false, $privatenet = false,
$tabindex = null)
{
$a = self::getApp();
$o = '';
// When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
// to one recipient. By default our selector allows multiple selects amongst all contacts.
$sql_extra = '';
if ($privmail || $celeb) {
$sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
}
if ($privmail) {
$sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ", NETWORK_DFRN, NETWORK_DIASPORA);
} elseif ($privatenet) {
$sql_extra .= sprintf(" AND `network` IN ('%s' , '%s', '%s', '%s') ", NETWORK_DFRN, NETWORK_MAIL, NETWORK_FACEBOOK,
NETWORK_DIASPORA);
}
$tabindex_attr = !empty($tabindex) ? ' tabindex="' . intval($tabindex) . '"' : '';
if ($privmail && $preselected) {
$sql_extra .= " AND `id` IN (" . implode(",", $preselected) . ")";
$hidepreselected = ' style="display: none;"';
} else {
$hidepreselected = '';
}
if ($privmail) {
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\"$tabindex_attr$hidepreselected>\r\n";
} else {
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\"$tabindex_attr>\r\n";
}
$stmt = dba::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
$sql_extra
ORDER BY `name` ASC ", intval(local_user())
);
$contacts = dba::inArray($stmt);
$arr = ['contact' => $contacts, 'entry' => $o];
// e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
Addon::callHooks($a->module . '_pre_' . $selname, $arr);
$receiverlist = [];
if (DBM::is_result($contacts)) {
foreach ($contacts as $contact) {
if (in_array($contact['id'], $preselected)) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
if ($privmail) {
$trimmed = Protocol::formatMention($contact['url'], $contact['name']);
} else {
$trimmed = mb_substr($contact['name'], 0, 20);
}
$receiverlist[] = $trimmed;
$o .= "<option value=\"{$contact['id']}\"$selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
}
}
$o .= '</select>' . PHP_EOL;
if ($privmail && $preselected) {
$o .= implode(', ', $receiverlist);
}
Addon::callHooks($a->module . '_post_' . $selname, $o);
return $o;
}
/**
* Return the default permission of the provided user array
*
* @param array $user
* @return array Hash of contact id lists
*/
public static function getDefaultUserPermissions(array $user = null)
{
$matches = [];
$acl_regex = '/<([0-9]+)>/i';
preg_match_all($acl_regex, defaults($user, 'allow_cid', ''), $matches);
$allow_cid = $matches[1];
preg_match_all($acl_regex, defaults($user, 'allow_gid', ''), $matches);
$allow_gid = $matches[1];
preg_match_all($acl_regex, defaults($user, 'deny_cid', ''), $matches);
$deny_cid = $matches[1];
preg_match_all($acl_regex, defaults($user, 'deny_gid', ''), $matches);
$deny_gid = $matches[1];
Contact::pruneUnavailable($allow_cid);
return [
'allow_cid' => $allow_cid,
'allow_gid' => $allow_gid,
'deny_cid' => $deny_cid,
'deny_gid' => $deny_gid,
];
}
/**
* Return the full jot ACL selector HTML
*
* @param array $user
* @param bool $show_jotnets
* @return string
*/
public static function getFullSelectorHTML(array $user = null, $show_jotnets = false)
{
$perms = self::getDefaultUserPermissions($user);
$jotnets = '';
if ($show_jotnets) {
$imap_disabled = !function_exists('imap_open') || Config::get('system', 'imap_disabled');
$mail_enabled = false;
$pubmail_enabled = false;
if (!$imap_disabled) {
$mailacct = dba::selectFirst('mailacct', ['pubmail'], ['`uid` = ? AND `server` != ""', local_user()]);
if (DBM::is_result($mailacct)) {
$mail_enabled = true;
$pubmail_enabled = !empty($mailacct['pubmail']);
}
}
if (empty($user['hidewall'])) {
if ($mail_enabled) {
$selected = $pubmail_enabled ? ' checked="checked"' : '';
$jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . L10n::t("Post to Email") . '</div>';
}
Addon::callHooks('jot_networks', $jotnets);
} else {
$jotnets .= L10n::t('Connectors disabled, since "%s" is enabled.',
L10n::t('Hide your profile details from unknown viewers?'));
}
}
$tpl = get_markup_template('acl_selector.tpl');
$o = replace_macros($tpl, [
'$showall' => L10n::t('Visible to everybody'),
'$show' => L10n::t('show'),
'$hide' => L10n::t('don\'t show'),
'$allowcid' => json_encode($perms['allow_cid']),
'$allowgid' => json_encode($perms['allow_gid']),
'$denycid' => json_encode($perms['deny_cid']),
'$denygid' => json_encode($perms['deny_gid']),
'$networks' => $show_jotnets,
'$emailcc' => L10n::t('CC: email addresses'),
'$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'),
'$jotnets' => $jotnets,
'$aclModalTitle' => L10n::t('Permissions'),
'$aclModalDismiss' => L10n::t('Close'),
'$features' => [
'aclautomention' => Feature::isEnabled($user['uid'], 'aclautomention') ? 'true' : 'false'
],
]);
return $o;
}
/**
* Searching for global contacts for autocompletion
*
* @brief Searching for global contacts for autocompletion
* @param string $search Name or part of a name or nick
* @param string $mode Search mode (e.g. "community")
* @return array with the search results
*/
public static function contactAutocomplete($search, $mode)
{
if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
return [];
}
// don't search if search term has less than 2 characters
if (!$search || mb_strlen($search) < 2) {
return [];
}
if (substr($search, 0, 1) === '@') {
$search = substr($search, 1);
}
// check if searching in the local global contact table is enabled
if (Config::get('system', 'poco_local_search')) {
$return = GContact::searchByName($search, $mode);
} else {
$a = self::getApp();
$p = $a->pager['page'] != 1 ? '&p=' . $a->pager['page'] : '';
$response = Network::curl(get_server() . '/lsearch?f=' . $p . '&search=' . urlencode($search));
if ($response['success']) {
$lsearch = json_decode($response['body'], true);
if (!empty($lsearch['results'])) {
$return = $lsearch['results'];
}
}
}
return defaults($return, []);
}
}

View file

@ -1517,4 +1517,27 @@ class Contact extends BaseObject
} }
} }
} }
/**
* Remove the unavailable contact ids from the provided list
*
* @param array $contact_ids Contact id list
*/
public static function pruneUnavailable(array &$contact_ids)
{
if (empty($contact_ids)) {
return;
}
$str = dbesc(implode(',', $contact_ids));
$stmt = dba::p("SELECT `id` FROM `contact` WHERE `id` IN ( " . $str . ") AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0");
$return = [];
while($contact = dba::fetch($stmt)) {
$return[] = $contact['id'];
}
$contact_ids = $return;
}
} }