Browse Source

Merge pull request #7782 from nupplaphil/bug/7781-compose_acl_expand

Check null for acl-fields
pull/7784/head
Hypolite Petovan 2 years ago
committed by GitHub
parent
commit
36ff665dc2
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 48
      database.sql
  2. 8
      mod/lockview.php
  3. 8
      src/Model/Item.php
  4. 8
      src/Module/Item/Compose.php
  5. 8
      src/Worker/Notifier.php
  6. 50
      static/dbstructure.config.php
  7. 13
      tests/src/Util/ACLFormaterTest.php

48
database.sql

@ -86,10 +86,10 @@ CREATE TABLE IF NOT EXISTS `attach` (
`data` longblob NOT NULL COMMENT 'file data',
`created` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' COMMENT 'creation time',
`edited` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' COMMENT 'last edit time',
`allow_cid` mediumtext COMMENT 'Access Control - list of allowed contact.id \'<19><78>',
`allow_gid` mediumtext COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext COMMENT 'Access Control - list of denied groups',
`allow_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed contact.id \'<19><78>',
`allow_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied groups',
`backend-class` tinytext COMMENT 'Storage backend class',
`backend-ref` text COMMENT 'Storage backend data reference',
PRIMARY KEY(`id`)
@ -312,10 +312,10 @@ CREATE TABLE IF NOT EXISTS `event` (
`nofinish` boolean NOT NULL DEFAULT '0' COMMENT 'if event does have no end this is 1',
`adjust` boolean NOT NULL DEFAULT '1' COMMENT 'adjust to timezone of the recipient (0 or 1)',
`ignore` boolean NOT NULL DEFAULT '0' COMMENT '0 or 1',
`allow_cid` mediumtext COMMENT 'Access Control - list of allowed contact.id \'<19><78>\'',
`allow_gid` mediumtext COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext COMMENT 'Access Control - list of denied groups',
`allow_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed contact.id \'<19><78>\'',
`allow_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied groups',
PRIMARY KEY(`id`),
INDEX `uid_start` (`uid`,`start`)
) DEFAULT COLLATE utf8mb4_general_ci COMMENT='Events';
@ -581,10 +581,10 @@ CREATE TABLE IF NOT EXISTS `item` (
`resource-id` varchar(32) NOT NULL DEFAULT '' COMMENT 'Used to link other tables to items, it identifies the linked resource (e.g. photo) and if set must also set resource_type',
`event-id` int unsigned NOT NULL DEFAULT 0 COMMENT 'Used to link to the event.id',
`attach` mediumtext COMMENT 'JSON structure representing attachments to this item',
`allow_cid` mediumtext COMMENT 'Deprecated',
`allow_gid` mediumtext COMMENT 'Deprecated',
`deny_cid` mediumtext COMMENT 'Deprecated',
`deny_gid` mediumtext COMMENT 'Deprecated',
`allow_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Deprecated',
`allow_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Deprecated',
`deny_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Deprecated',
`deny_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Deprecated',
`postopts` text COMMENT 'Deprecated',
`inform` mediumtext COMMENT 'Deprecated',
`type` varchar(20) COMMENT 'Deprecated',
@ -898,10 +898,10 @@ CREATE TABLE IF NOT EXISTS `pconfig` (
CREATE TABLE IF NOT EXISTS `permissionset` (
`id` int unsigned NOT NULL auto_increment COMMENT 'sequential ID',
`uid` mediumint unsigned NOT NULL DEFAULT 0 COMMENT 'Owner id of this permission set',
`allow_cid` mediumtext COMMENT 'Access Control - list of allowed contact.id \'<19><78>\'',
`allow_gid` mediumtext COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext COMMENT 'Access Control - list of denied groups',
`allow_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed contact.id \'<19><78>\'',
`allow_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied groups',
PRIMARY KEY(`id`),
INDEX `uid_allow_cid_allow_gid_deny_cid_deny_gid` (`allow_cid`(50),`allow_gid`(30),`deny_cid`(50),`deny_gid`(30))
) DEFAULT COLLATE utf8mb4_general_ci COMMENT='';
@ -928,10 +928,10 @@ CREATE TABLE IF NOT EXISTS `photo` (
`data` mediumblob NOT NULL COMMENT '',
`scale` tinyint unsigned NOT NULL DEFAULT 0 COMMENT '',
`profile` boolean NOT NULL DEFAULT '0' COMMENT '',
`allow_cid` mediumtext COMMENT 'Access Control - list of allowed contact.id \'<19><78>\'',
`allow_gid` mediumtext COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext COMMENT 'Access Control - list of denied groups',
`allow_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed contact.id \'<19><78>\'',
`allow_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of allowed groups',
`deny_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied contact.id',
`deny_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'Access Control - list of denied groups',
`backend-class` tinytext COMMENT 'Storage backend class',
`backend-ref` text COMMENT 'Storage backend data reference',
`updated` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' COMMENT '',
@ -1242,10 +1242,10 @@ CREATE TABLE IF NOT EXISTS `user` (
`account_expires_on` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' COMMENT 'timestamp when account expires and will be deleted',
`expire_notification_sent` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' COMMENT 'timestamp of last warning of account expiration',
`def_gid` int unsigned NOT NULL DEFAULT 0 COMMENT '',
`allow_cid` mediumtext COMMENT 'default permission for this user',
`allow_gid` mediumtext COMMENT 'default permission for this user',
`deny_cid` mediumtext COMMENT 'default permission for this user',
`deny_gid` mediumtext COMMENT 'default permission for this user',
`allow_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'default permission for this user',
`allow_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'default permission for this user',
`deny_cid` mediumtext NOT NULL DEFAULT '' COMMENT 'default permission for this user',
`deny_gid` mediumtext NOT NULL DEFAULT '' COMMENT 'default permission for this user',
`openidserver` text COMMENT '',
PRIMARY KEY(`uid`),
INDEX `nickname` (`nickname`(32))

8
mod/lockview.php

@ -64,10 +64,10 @@ function lockview_content(App $a)
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$allowed_users = $aclFormatter->expand($item['allow_cid']);
$allowed_groups = $aclFormatter->expand($item['allow_gid']);
$deny_users = $aclFormatter->expand($item['deny_cid']);
$deny_groups = $aclFormatter->expand($item['deny_gid']);
$allowed_users = $aclFormatter->expand($item['allow_cid'] ?? '');
$allowed_groups = $aclFormatter->expand($item['allow_gid'] ?? '');
$deny_users = $aclFormatter->expand($item['deny_cid'] ?? '');
$deny_groups = $aclFormatter->expand($item['deny_gid'] ?? '');
$o = L10n::t('Visible to:') . '<br />';
$l = [];

8
src/Model/Item.php

@ -2904,10 +2904,10 @@ class Item extends BaseObject
/** @var ACLFormatter $aclFormater */
$aclFormater = self::getClass(ACLFormatter::class);
$allow_people = $aclFormater->expand($obj['allow_cid']);
$allow_groups = Group::expand($obj['uid'], $aclFormater->expand($obj['allow_gid']), $check_dead);
$deny_people = $aclFormater->expand($obj['deny_cid']);
$deny_groups = Group::expand($obj['uid'], $aclFormater->expand($obj['deny_gid']), $check_dead);
$allow_people = $aclFormater->expand($obj['allow_cid'] ?? '');
$allow_groups = Group::expand($obj['uid'], $aclFormater->expand($obj['allow_gid'] ?? ''), $check_dead);
$deny_people = $aclFormater->expand($obj['deny_cid'] ?? '');
$deny_groups = Group::expand($obj['uid'], $aclFormater->expand($obj['deny_gid'] ?? ''), $check_dead);
$recipients = array_unique(array_merge($allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);

8
src/Module/Item/Compose.php

@ -74,8 +74,8 @@ class Compose extends BaseModule
$compose_title = L10n::t('Compose new post');
$type = 'post';
$doesFederate = true;
$contact_allow = implode(',', $aclFormatter->expand($user['allow_cid']));
$group_allow = implode(',', $aclFormatter->expand($user['allow_gid'])) ?: Group::FOLLOWERS;
$contact_allow = implode(',', $aclFormatter->expand($user['allow_cid'] ?? ''));
$group_allow = implode(',', $aclFormatter->expand($user['allow_gid'] ?? '')) ?: Group::FOLLOWERS;
break;
}
@ -86,8 +86,8 @@ class Compose extends BaseModule
$wall = $_REQUEST['wall'] ?? $type == 'post';
$contact_allow = $_REQUEST['contact_allow'] ?? $contact_allow;
$group_allow = $_REQUEST['group_allow'] ?? $group_allow;
$contact_deny = $_REQUEST['contact_deny'] ?? implode(',', $aclFormatter->expand($user['deny_cid']));
$group_deny = $_REQUEST['group_deny'] ?? implode(',', $aclFormatter->expand($user['deny_gid']));
$contact_deny = $_REQUEST['contact_deny'] ?? implode(',', $aclFormatter->expand($user['deny_cid'] ?? ''));
$group_deny = $_REQUEST['group_deny'] ?? implode(',', $aclFormatter->expand($user['deny_gid'] ?? ''));
$visibility = ($contact_allow . $user['allow_gid'] . $user['deny_cid'] . $user['deny_gid']) ? 'custom' : 'public';
$acl_contacts = Contact::selectToArray(['id', 'name', 'addr', 'micro'], ['uid' => local_user(), 'pending' => false, 'rel' => [Contact::FOLLOWER, Contact::FRIEND]]);

8
src/Worker/Notifier.php

@ -276,10 +276,10 @@ class Notifier
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$allow_people = $aclFormatter->expand($parent['allow_cid']);
$allow_groups = Group::expand($uid, $aclFormatter->expand($parent['allow_gid']),true);
$deny_people = $aclFormatter->expand($parent['deny_cid']);
$deny_groups = Group::expand($uid, $aclFormatter->expand($parent['deny_gid']));
$allow_people = $aclFormatter->expand($parent['allow_cid'] ?? '');
$allow_groups = Group::expand($uid, $aclFormatter->expand($parent['allow_gid'] ?? ''),true);
$deny_people = $aclFormatter->expand($parent['deny_cid'] ?? '');
$deny_groups = Group::expand($uid, $aclFormatter->expand($parent['deny_gid'] ?? ''));
// if our parent is a public forum (forum_mode == 1), uplink to the origional author causing
// a delivery fork. private groups (forum_mode == 2) do not uplink

50
static/dbstructure.config.php

@ -34,7 +34,7 @@
use Friendica\Database\DBA;
if (!defined('DB_UPDATE_VERSION')) {
define('DB_UPDATE_VERSION', 1323);
define('DB_UPDATE_VERSION', 1324);
}
return [
@ -123,10 +123,10 @@ return [
"data" => ["type" => "longblob", "not null" => "1", "comment" => "file data"],
"created" => ["type" => "datetime", "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => "creation time"],
"edited" => ["type" => "datetime", "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => "last edit time"],
"allow_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed contact.id '<19><78>"],
"allow_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied groups"],
"allow_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed contact.id '<19><78>"],
"allow_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied groups"],
"backend-class" => ["type" => "tinytext", "comment" => "Storage backend class"],
"backend-ref" => ["type" => "text", "comment" => "Storage backend data reference"],
],
@ -360,10 +360,10 @@ return [
"nofinish" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => "if event does have no end this is 1"],
"adjust" => ["type" => "boolean", "not null" => "1", "default" => "1", "comment" => "adjust to timezone of the recipient (0 or 1)"],
"ignore" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => "0 or 1"],
"allow_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed contact.id '<19><78>'"],
"allow_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied groups"],
"allow_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed contact.id '<19><78>'"],
"allow_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied groups"],
],
"indexes" => [
"PRIMARY" => ["id"],
@ -647,10 +647,10 @@ return [
// Could possibly be replaced by the "attach" table?
"attach" => ["type" => "mediumtext", "comment" => "JSON structure representing attachments to this item"],
// Deprecated fields. Will be removed in upcoming versions
"allow_cid" => ["type" => "mediumtext", "comment" => "Deprecated"],
"allow_gid" => ["type" => "mediumtext", "comment" => "Deprecated"],
"deny_cid" => ["type" => "mediumtext", "comment" => "Deprecated"],
"deny_gid" => ["type" => "mediumtext", "comment" => "Deprecated"],
"allow_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Deprecated"],
"allow_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Deprecated"],
"deny_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Deprecated"],
"deny_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Deprecated"],
"postopts" => ["type" => "text", "comment" => "Deprecated"],
"inform" => ["type" => "mediumtext", "comment" => "Deprecated"],
"type" => ["type" => "varchar(20)", "comment" => "Deprecated"],
@ -982,10 +982,10 @@ return [
"fields" => [
"id" => ["type" => "int unsigned", "not null" => "1", "extra" => "auto_increment", "primary" => "1", "comment" => "sequential ID"],
"uid" => ["type" => "mediumint unsigned", "not null" => "1", "default" => "0", "relation" => ["user" => "uid"], "comment" => "Owner id of this permission set"],
"allow_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed contact.id '<19><78>'"],
"allow_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied groups"],
"allow_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed contact.id '<19><78>'"],
"allow_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied groups"],
],
"indexes" => [
"PRIMARY" => ["id"],
@ -1013,10 +1013,10 @@ return [
"data" => ["type" => "mediumblob", "not null" => "1", "comment" => ""],
"scale" => ["type" => "tinyint unsigned", "not null" => "1", "default" => "0", "comment" => ""],
"profile" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => ""],
"allow_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed contact.id '<19><78>'"],
"allow_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "comment" => "Access Control - list of denied groups"],
"allow_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed contact.id '<19><78>'"],
"allow_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of allowed groups"],
"deny_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied contact.id"],
"deny_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "Access Control - list of denied groups"],
"backend-class" => ["type" => "tinytext", "comment" => "Storage backend class"],
"backend-ref" => ["type" => "text", "comment" => "Storage backend data reference"],
"updated" => ["type" => "datetime", "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => ""]
@ -1343,10 +1343,10 @@ return [
"account_expires_on" => ["type" => "datetime", "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => "timestamp when account expires and will be deleted"],
"expire_notification_sent" => ["type" => "datetime", "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => "timestamp of last warning of account expiration"],
"def_gid" => ["type" => "int unsigned", "not null" => "1", "default" => "0", "comment" => ""],
"allow_cid" => ["type" => "mediumtext", "comment" => "default permission for this user"],
"allow_gid" => ["type" => "mediumtext", "comment" => "default permission for this user"],
"deny_cid" => ["type" => "mediumtext", "comment" => "default permission for this user"],
"deny_gid" => ["type" => "mediumtext", "comment" => "default permission for this user"],
"allow_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "default permission for this user"],
"allow_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "default permission for this user"],
"deny_cid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "default permission for this user"],
"deny_gid" => ["type" => "mediumtext", "not null" => "1", "default" => "", "comment" => "default permission for this user"],
"openidserver" => ["type" => "text", "comment" => ""],
],
"indexes" => [

13
tests/src/Util/ACLFormaterTest.php

@ -2,6 +2,7 @@
namespace Friendica\Test\src\Util;
use Error;
use Friendica\Model\Group;
use Friendica\Util\ACLFormatter;
use PHPUnit\Framework\TestCase;
@ -162,6 +163,18 @@ class ACLFormaterTest extends TestCase
$this->assertEquals(array('1', '3'), $aclFormatter->expand($text));
}
/**
* Test expected exception in case of wrong typehint
*
* @expectedException Error
*/
public function testExpandNull()
{
$aclFormatter = new ACLFormatter();
$aclFormatter->expand(null);
}
public function dataAclToString()
{
return [

Loading…
Cancel
Save