No more automated posts via mod/item.php

This commit is contained in:
Michael 2022-11-23 06:27:40 +00:00
parent cdbfa34066
commit f600f68907
4 changed files with 34 additions and 65 deletions

View file

@ -77,8 +77,6 @@ function item_post(App $a) {
Logger::debug('postvars', ['_REQUEST' => $_REQUEST]);
$api_source = $_REQUEST['api_source'] ?? false;
$return_path = $_REQUEST['return'] ?? '';
$preview = intval($_REQUEST['preview'] ?? 0);
@ -90,7 +88,7 @@ function item_post(App $a) {
if (!$preview && !empty($_REQUEST['post_id_random'])) {
if (!empty($_SESSION['post-random']) && $_SESSION['post-random'] == $_REQUEST['post_id_random']) {
Logger::warning('duplicate post');
item_post_return(DI::baseUrl(), $api_source, $return_path);
item_post_return(DI::baseUrl(), $return_path);
} else {
$_SESSION['post-random'] = $_REQUEST['post_id_random'];
}
@ -106,7 +104,7 @@ function item_post(App $a) {
$toplevel_user_id = null;
$objecttype = null;
$profile_uid = ($_REQUEST['profile_uid'] ?? 0) ?: DI::userSession()->getLocalUserId();
$profile_uid = DI::userSession()->getLocalUserId();
$posttype = ($_REQUEST['post_type'] ?? '') ?: Item::PT_ARTICLE;
if ($parent_item_id || $thr_parent_uri) {
@ -177,7 +175,7 @@ function item_post(App $a) {
// Now check that valid personal details have been provided
if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
Logger::warning('Permission denied.', ['local' => DI::userSession()->getLocalUserId(), 'profile_uid' => $profile_uid, 'toplevel_item_id' => $toplevel_item_id, 'network' => $toplevel_item['network']]);
Logger::warning('Permission denied.', ['local' => DI::userSession()->getLocalUserId(), 'toplevel_item_id' => $toplevel_item_id, 'network' => $toplevel_item['network']]);
DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
@ -322,13 +320,6 @@ function item_post(App $a) {
$pubmail_enabled = ($_REQUEST['pubmail_enable'] ?? false) && !$private;
// if using the API, we won't see pubmail_enable - figure out if it should be set
if ($api_source && $profile_uid && $profile_uid == DI::userSession()->getLocalUserId() && !$private) {
if (function_exists('imap_open') && !DI::config()->get('system', 'imap_disabled')) {
$pubmail_enabled = DBA::exists('mailacct', ["`uid` = ? AND `server` != ? AND `pubmail`", DI::userSession()->getLocalUserId(), '']);
}
}
if (!strlen($body)) {
if ($preview) {
System::jsonExit(['preview' => '']);
@ -579,7 +570,7 @@ function item_post(App $a) {
'parent' => $toplevel_item_id,
'self' => $self,
// This triggers posts via API and the mirror functions
'api_source' => $api_source,
'api_source' => false,
// This field is for storing the raw conversation data
'protocol' => Conversation::PARCEL_DIRECT,
'direction' => Conversation::PUSH,
@ -634,7 +625,7 @@ function item_post(App $a) {
unset($datarray['api_source']);
Post\Delayed::add($datarray['uri'], $datarray, Worker::PRIORITY_HIGH, Post\Delayed::PREPARED_NO_HOOK, $scheduled_at);
item_post_return(DI::baseUrl(), $api_source, $return_path);
item_post_return(DI::baseUrl(), $return_path);
}
}
@ -755,20 +746,12 @@ function item_post(App $a) {
Logger::debug('post_complete');
if ($api_source) {
return $post_id;
}
item_post_return(DI::baseUrl(), $api_source, $return_path);
item_post_return(DI::baseUrl(), $return_path);
// NOTREACHED
}
function item_post_return($baseurl, $api_source, $return_path)
function item_post_return($baseurl, $return_path)
{
if ($api_source) {
return;
}
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}

View file

@ -119,7 +119,6 @@ function oexchange_content(App $a)
$post = [];
$post['profile_uid'] = DI::userSession()->getLocalUserId();
$post['return'] = '/oexchange/done';
$post['body'] = HTML::toBBCode($s);

View file

@ -815,6 +815,30 @@ class Item
return self::GRAVITY_UNKNOWN; // Should not happen
}
private static function prepareOriginPost(array $item): array
{
$item['wall'] = 1;
$item['origin'] = 1;
$item['network'] = Protocol::DFRN;
$item['protocol'] = Conversation::PARCEL_DIRECT;
$item['direction'] = Conversation::PUSH;
if (!empty($item['author-link']) && !empty($item['author-id'])) {
$owner = User::getOwnerDataById($item['uid']);
$item['author-link'] = $owner['url'];
$item['author-name'] = $owner['name'];
$item['author-avatar'] = $owner['thumb'];
}
if (!empty($item['owner-link']) && !empty($item['owner-id'])) {
$item['owner-link'] = $item['author-link'];
$item['owner-name'] = $item['author-name'];
$item['owner-avatar'] = $item['author-avatar'];
}
return $item;
}
/**
* Inserts item record
*
@ -831,11 +855,7 @@ class Item
// If it is a posting where users should get notifications, then define it as wall posting
if ($notify) {
$item['wall'] = 1;
$item['origin'] = 1;
$item['network'] = Protocol::DFRN;
$item['protocol'] = Conversation::PARCEL_DIRECT;
$item['direction'] = Conversation::PUSH;
$item = self::prepareOriginPost($item);
if (is_int($notify) && in_array($notify, Worker::PRIORITIES)) {
$priority = $notify;
@ -993,6 +1013,7 @@ class Item
$item['parent-uri'] = $toplevel_parent['uri'];
$item['parent-uri-id'] = $toplevel_parent['uri-id'];
$item['deleted'] = $toplevel_parent['deleted'];
$item['wall'] = $toplevel_parent['wall'];
// Reshares have to keep their permissions to allow forums to work
if (!$item['origin'] || ($item['verb'] != Activity::ANNOUNCE)) {
@ -2974,7 +2995,7 @@ class Item
$quote_uri_id = $shared['post']['uri-id'];
$shared_links[] = strtolower($shared['post']['uri']);
$item['body'] = BBCode::removeSharedData($item['body']);
} elseif (empty($shared_item['uri-id']) && empty($item['quote-uri-id'])) {
} elseif (empty($shared_item['uri-id']) && empty($item['quote-uri-id']) && ($item['network'] != Protocol::DIASPORA)) {
$media = Post\Media::getByURIId($item['uri-id'], [Post\Media::ACTIVITY]);
if (!empty($media)) {
$shared_item = Post::selectFirst($fields, ['plink' => $media[0]['url'], 'uid' => [$item['uid'], 0]]);

View file

@ -38,12 +38,6 @@ class Delayed
* This is used for automated scheduled posts via feeds or from the API.
*/
const PREPARED = 0;
/**
* The content is posted like a manual post. Means some processing of body will be done.
* Also it is posted with default permissions and default connector settings.
* This is used for mirrored connector posts.
*/
const UNPREPARED = 1;
/**
* Like PREPARED, but additionally the connector settings can differ.
* This is used when manually publishing scheduled posts.
@ -199,34 +193,6 @@ class Delayed
$item['attachments'] = $attachments;
}
if ($preparation_mode == self::UNPREPARED) {
$_SESSION['authenticated'] = true;
$_SESSION['uid'] = $item['uid'];
$_REQUEST = $item;
$_REQUEST['api_source'] = true;
$_REQUEST['profile_uid'] = $item['uid'];
$_REQUEST['title'] = $item['title'] ?? '';
if (!empty($item['app'])) {
$_REQUEST['source'] = $item['app'];
}
require_once 'mod/item.php';
$id = item_post(DI::app());
if (empty($uri) && !empty($item['extid'])) {
$uri = $item['extid'];
}
Logger::notice('Unprepared post stored', ['id' => $id, 'uid' => $item['uid'], 'uri' => $uri]);
if (self::exists($uri, $item['uid'])) {
self::delete($uri, $item['uid']);
}
return $id;
}
$id = Item::insert($item, $notify, $preparation_mode == self::PREPARED);
Logger::notice('Post stored', ['id' => $id, 'uid' => $item['uid'], 'cid' => $item['contact-id']]);