Browse Source

Move perms2str to ACLFormatter::aclToString()

- including new tests
pull/7765/head
Philipp Holzer 2 years ago
parent
commit
5843a80b6c
No known key found for this signature in database GPG Key ID: D8365C3D36B77D90
  1. 41
      include/text.php
  2. 14
      mod/events.php
  3. 16
      mod/item.php
  4. 24
      mod/photos.php
  5. 13
      mod/settings.php
  6. 40
      src/Util/ACLFormatter.php
  7. 36
      tests/src/Util/ACLFormaterTest.php

41
include/text.php

@ -5,47 +5,6 @@
use Friendica\Content\Text\BBCode;
use Friendica\Model\FileTag;
use Friendica\Model\Group;
use Friendica\Util\Strings;
/**
* Wrap ACL elements in angle brackets for storage
* @param string $item
*/
function sanitise_acl(&$item) {
if (intval($item)) {
$item = '<' . intval(Strings::escapeTags(trim($item))) . '>';
} elseif (in_array($item, [Group::FOLLOWERS, Group::MUTUALS])) {
$item = '<' . $item . '>';
} else {
unset($item);
}
}
/**
* Convert an ACL array to a storable string
*
* Normally ACL permissions will be an array.
* We'll also allow a comma-separated string.
*
* @param string|array $p
* @return string
*/
function perms2str($p) {
$ret = '';
if (is_array($p)) {
$tmp = $p;
} else {
$tmp = explode(',', $p);
}
if (is_array($tmp)) {
array_walk($tmp, 'sanitise_acl');
$ret = implode('', $tmp);
}
return $ret;
}
/**
* Compare activity uri. Knows about activity namespace.

14
mod/events.php

@ -5,6 +5,7 @@
*/
use Friendica\App;
use Friendica\BaseObject;
use Friendica\Content\Nav;
use Friendica\Content\Widget\CalendarExport;
use Friendica\Core\ACL;
@ -18,6 +19,7 @@ use Friendica\Model\Event;
use Friendica\Model\Item;
use Friendica\Model\Profile;
use Friendica\Module\Login;
use Friendica\Util\ACLFormatter;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Strings;
use Friendica\Util\Temporal;
@ -146,10 +148,14 @@ function events_post(App $a)
if ($share) {
$str_group_allow = perms2str($_POST['group_allow'] ?? '');
$str_contact_allow = perms2str($_POST['contact_allow'] ?? '');
$str_group_deny = perms2str($_POST['group_deny'] ?? '');
$str_contact_deny = perms2str($_POST['contact_deny'] ?? '');
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$str_group_allow = $aclFormatter->aclToString($_POST['group_allow'] ?? '');
$str_contact_allow = $aclFormatter->aclToString($_POST['contact_allow'] ?? '');
$str_group_deny = $aclFormatter->aclToString($_POST['group_deny'] ?? '');
$str_contact_deny = $aclFormatter->aclToString($_POST['contact_deny'] ?? '');
// Undo the pseudo-contact of self, since there are real contacts now
if (strpos($str_contact_allow, '<' . $self . '>') !== false) {

16
mod/item.php

@ -16,6 +16,7 @@
*/
use Friendica\App;
use Friendica\BaseObject;
use Friendica\Content\Pager;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
@ -37,6 +38,7 @@ use Friendica\Model\Photo;
use Friendica\Model\Term;
use Friendica\Protocol\Diaspora;
use Friendica\Protocol\Email;
use Friendica\Util\ACLFormatter;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Emailer;
use Friendica\Util\Security;
@ -269,10 +271,14 @@ function item_post(App $a) {
$str_contact_deny = $user['deny_cid'];
} else {
// use the posted permissions
$str_group_allow = perms2str($_REQUEST['group_allow'] ?? '');
$str_contact_allow = perms2str($_REQUEST['contact_allow'] ?? '');
$str_group_deny = perms2str($_REQUEST['group_deny'] ?? '');
$str_contact_deny = perms2str($_REQUEST['contact_deny'] ?? '');
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$str_group_allow = $aclFormatter->aclToString($_REQUEST['group_allow'] ?? '');
$str_contact_allow = $aclFormatter->aclToString($_REQUEST['contact_allow'] ?? '');
$str_group_deny = $aclFormatter->aclToString($_REQUEST['group_deny'] ?? '');
$str_contact_deny = $aclFormatter->aclToString($_REQUEST['contact_deny'] ?? '');
}
$title = Strings::escapeTags(trim($_REQUEST['title'] ?? ''));
@ -500,7 +506,7 @@ function item_post(App $a) {
}
/** @var BBCode\Video $bbCodeVideo */
$bbCodeVideo = \Friendica\BaseObject::getClass(BBCode\Video::class);
$bbCodeVideo = BaseObject::getClass(BBCode\Video::class);
$body = $bbCodeVideo->transform($body);
// Fold multi-line [code] sequences

24
mod/photos.php

@ -4,6 +4,7 @@
*/
use Friendica\App;
use Friendica\BaseObject;
use Friendica\Content\Feature;
use Friendica\Content\Nav;
use Friendica\Content\Pager;
@ -26,6 +27,7 @@ use Friendica\Model\User;
use Friendica\Network\Probe;
use Friendica\Object\Image;
use Friendica\Protocol\DFRN;
use Friendica\Util\ACLFormatter;
use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
@ -296,10 +298,13 @@ function photos_post(App $a)
$albname = !empty($_POST['albname']) ? Strings::escapeTags(trim($_POST['albname'])) : '';
$origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
$str_group_deny = !empty($_POST['group_deny']) ? perms2str($_POST['group_deny']) : '';
$str_contact_deny = !empty($_POST['contact_deny']) ? perms2str($_POST['contact_deny']) : '';
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$str_group_allow = !empty($_POST['group_allow']) ? $aclFormatter->aclToString($_POST['group_allow']) : '';
$str_contact_allow = !empty($_POST['contact_allow']) ? $aclFormatter->aclToString($_POST['contact_allow']) : '';
$str_group_deny = !empty($_POST['group_deny']) ? $aclFormatter->aclToString($_POST['group_deny']) : '';
$str_contact_deny = !empty($_POST['contact_deny']) ? $aclFormatter->aclToString($_POST['contact_deny']) : '';
$resource_id = $a->argv[3];
@ -635,10 +640,13 @@ function photos_post(App $a)
$group_deny = $_REQUEST['group_deny'] ?? [];
$contact_deny = $_REQUEST['contact_deny'] ?? [];
$str_group_allow = perms2str(is_array($group_allow) ? $group_allow : explode(',', $group_allow));
$str_contact_allow = perms2str(is_array($contact_allow) ? $contact_allow : explode(',', $contact_allow));
$str_group_deny = perms2str(is_array($group_deny) ? $group_deny : explode(',', $group_deny));
$str_contact_deny = perms2str(is_array($contact_deny) ? $contact_deny : explode(',', $contact_deny));
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$str_group_allow = $aclFormatter->aclToString(is_array($group_allow) ? $group_allow : explode(',', $group_allow));
$str_contact_allow = $aclFormatter->aclToString(is_array($contact_allow) ? $contact_allow : explode(',', $contact_allow));
$str_group_deny = $aclFormatter->aclToString(is_array($group_deny) ? $group_deny : explode(',', $group_deny));
$str_contact_deny = $aclFormatter->aclToString(is_array($contact_deny) ? $contact_deny : explode(',', $contact_deny));
$ret = ['src' => '', 'filename' => '', 'filesize' => 0, 'type' => ''];

13
mod/settings.php

@ -5,6 +5,7 @@
use Friendica\App;
use Friendica\BaseModule;
use Friendica\BaseObject;
use Friendica\Content\Feature;
use Friendica\Content\Nav;
use Friendica\Core\ACL;
@ -25,6 +26,7 @@ use Friendica\Model\Group;
use Friendica\Model\User;
use Friendica\Module\Login;
use Friendica\Protocol\Email;
use Friendica\Util\ACLFormatter;
use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Util\Temporal;
@ -533,10 +535,13 @@ function settings_post(App $a)
date_default_timezone_set($timezone);
}
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : '';
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : '';
$str_group_deny = !empty($_POST['group_deny']) ? perms2str($_POST['group_deny']) : '';
$str_contact_deny = !empty($_POST['contact_deny']) ? perms2str($_POST['contact_deny']) : '';
/** @var ACLFormatter $aclFormatter */
$aclFormatter = BaseObject::getClass(ACLFormatter::class);
$str_group_allow = !empty($_POST['group_allow']) ? $aclFormatter->aclToString($_POST['group_allow']) : '';
$str_contact_allow = !empty($_POST['contact_allow']) ? $aclFormatter->aclToString($_POST['contact_allow']) : '';
$str_group_deny = !empty($_POST['group_deny']) ? $aclFormatter->aclToString($_POST['group_deny']) : '';
$str_contact_deny = !empty($_POST['contact_deny']) ? $aclFormatter->aclToString($_POST['contact_deny']) : '';
$openidserver = $a->user['openidserver'];
//$openid = Strings::normaliseOpenID($openid);

40
src/Util/ACLFormatter.php

@ -24,4 +24,44 @@ final class ACLFormatter
return $matches[1];
}
/**
* Wrap ACL elements in angle brackets for storage
*
* @param string $item The item to sanitise
*/
private function sanitiseAcl(string &$item) {
if (intval($item)) {
$item = '<' . intval(Strings::escapeTags(trim($item))) . '>';
} elseif (in_array($item, [Group::FOLLOWERS, Group::MUTUALS])) {
$item = '<' . $item . '>';
} else {
$item = '';
}
}
/**
* Convert an ACL array to a storable string
*
* Normally ACL permissions will be an array.
* We'll also allow a comma-separated string.
*
* @param string|array $permissions
*
* @return string
*/
function aclToString($permissions) {
$return = '';
if (is_array($permissions)) {
$item = $permissions;
} else {
$item = explode(',', $permissions);
}
if (is_array($item)) {
array_walk($item, [$this, 'sanitiseAcl']);
$return = implode('', $item);
}
return $return;
}
}

36
tests/src/Util/ACLFormaterTest.php

@ -161,4 +161,40 @@ class ACLFormaterTest extends TestCase
$text="<1><><3>";
$this->assertEquals(array('1', '3'), $aclFormatter->expand($text));
}
public function dataAclToString()
{
return [
'empty' => [
'input' => '',
'assert' => '',
],
'string' => [
'input' => '1,2,3,4',
'assert' => '<1><2><3><4>',
],
'array' => [
'input' => [1, 2, 3, 4],
'assert' => '<1><2><3><4>',
],
'invalid' => [
'input' => [1, 'a', 3, 4],
'assert' => '<1><3><4>',
],
'invalidString' => [
'input' => 'a,bsd23,4',
'assert' => '<4>',
],
];
}
/**
* @dataProvider dataAclToString
*/
public function testAclToString($input, string $assert)
{
$aclFormatter = new ACLFormatter();
$this->assertEquals($assert, $aclFormatter->aclToString($input));
}
}
Loading…
Cancel
Save