Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

107 lines
2.8KB

  1. <?php
  2. /**
  3. * @file src/Model/PermissionSet.php
  4. */
  5. namespace Friendica\Model;
  6. use Friendica\BaseObject;
  7. use Friendica\Database\DBA;
  8. /**
  9. * @brief functions for interacting with the permission set of an object (item, photo, event, ...)
  10. */
  11. class PermissionSet extends BaseObject
  12. {
  13. /**
  14. * Fetch the id of a given permission set. Generate a new one when needed
  15. *
  16. * @param array $postarray The array from an item, picture or event post
  17. * @return id
  18. */
  19. public static function fetchIDForPost(&$postarray)
  20. {
  21. $condition = ['uid' => $postarray['uid'],
  22. 'allow_cid' => self::sortPermissions(defaults($postarray, 'allow_cid', '')),
  23. 'allow_gid' => self::sortPermissions(defaults($postarray, 'allow_gid', '')),
  24. 'deny_cid' => self::sortPermissions(defaults($postarray, 'deny_cid', '')),
  25. 'deny_gid' => self::sortPermissions(defaults($postarray, 'deny_gid', ''))];
  26. $set = DBA::selectFirst('permissionset', ['id'], $condition);
  27. if (!DBA::isResult($set)) {
  28. DBA::insert('permissionset', $condition, true);
  29. $set = DBA::selectFirst('permissionset', ['id'], $condition);
  30. }
  31. $postarray['allow_cid'] = null;
  32. $postarray['allow_gid'] = null;
  33. $postarray['deny_cid'] = null;
  34. $postarray['deny_gid'] = null;
  35. return $set['id'];
  36. }
  37. private static function sortPermissions($permissionlist)
  38. {
  39. $cleaned_list = trim($permissionlist, '<>');
  40. if (empty($cleaned_list)) {
  41. return $permissionlist;
  42. }
  43. $elements = explode('><', $cleaned_list);
  44. if (count($elements) <= 1) {
  45. return $permissionlist;
  46. }
  47. asort($elements);
  48. return '<' . implode('><', $elements) . '>';
  49. }
  50. /**
  51. * @brief Returns a permission set for a given contact
  52. *
  53. * @param integer $uid User id whom the items belong
  54. * @param integer $contact_id Contact id of the visitor
  55. * @param array $groups Possibly previously fetched group ids for that contact
  56. *
  57. * @return array of permission set ids.
  58. */
  59. static public function get($uid, $contact_id, $groups = null)
  60. {
  61. if (empty($groups) && DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {
  62. $groups = Group::getIdsByContactId($contact_id);
  63. }
  64. if (empty($groups) || !is_array($groups)) {
  65. return [];
  66. }
  67. $group_str = '<<>>'; // should be impossible to match
  68. foreach ($groups as $g) {
  69. $group_str .= '|<' . intval($g) . '>';
  70. }
  71. $contact_str = '<' . $contact_id . '>';
  72. $condition = ["`uid` = ? AND (`allow_cid` = '' OR`allow_cid` REGEXP ?)
  73. AND (`deny_cid` = '' OR NOT `deny_cid` REGEXP ?)
  74. AND (`allow_gid` = '' OR `allow_gid` REGEXP ?)
  75. AND (`deny_gid` = '' OR NOT `deny_gid` REGEXP ?)",
  76. $uid, $contact_str, $contact_str, $group_str, $group_str];
  77. $ret = DBA::select('permissionset', ['id'], $condition);
  78. $set = [];
  79. while ($permission = DBA::fetch($ret)) {
  80. $set[] = $permission['id'];
  81. }
  82. DBA::close($ret);
  83. return $set;
  84. }
  85. }