2012-10-12 02:27:04 +02:00
< ? php
/**
* Name : Remote Permissions
* Description : Allow the recipients of private posts to see who else can see the post by clicking the lock icon
* Version : 1.0
* Author : Zach < https :// f . shmuz . in / profile / techcity >
2018-08-20 06:24:43 +02:00
* Status : Unsupported
2012-10-12 02:27:04 +02:00
*/
2018-07-21 15:13:02 +02:00
2017-11-07 00:55:24 +01:00
use Friendica\Core\Config ;
2018-12-26 08:28:16 +01:00
use Friendica\Core\Hook ;
2018-01-22 20:03:11 +01:00
use Friendica\Core\L10n ;
2018-10-31 15:55:15 +01:00
use Friendica\Core\Renderer ;
2018-07-21 15:13:02 +02:00
use Friendica\Database\DBA ;
2019-12-15 23:28:00 +01:00
use Friendica\DI ;
2018-11-08 17:45:19 +01:00
use Friendica\Util\Strings ;
2012-10-12 02:27:04 +02:00
function remote_permissions_install () {
2018-12-26 08:28:16 +01:00
Hook :: register ( 'lockview_content' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_content' );
Hook :: register ( 'addon_settings' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings' );
Hook :: register ( 'addon_settings_post' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings_post' );
2012-10-12 02:27:04 +02:00
}
function remote_permissions_uninstall () {
2018-12-26 08:28:16 +01:00
Hook :: unregister ( 'lockview_content' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_content' );
Hook :: unregister ( 'addon_settings' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings' );
Hook :: unregister ( 'addon_settings_post' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings_post' );
2012-10-12 02:27:04 +02:00
}
function remote_permissions_settings ( & $a , & $o ) {
if ( ! local_user ())
return ;
2017-11-07 00:55:24 +01:00
$global = Config :: get ( " remote_perms " , " global " );
2012-10-12 02:27:04 +02:00
if ( $global == 1 )
return ;
/* Add our stylesheet to the page so we can make our settings look nice */
2019-12-30 21:53:43 +01:00
DI :: page ()[ 'htmlhead' ] .= '<link rel="stylesheet" type="text/css" href="' . DI :: baseUrl () -> get () . '/addon/remote_permissions/settings.css' . '" media="all" />' . " \r \n " ;
2012-10-12 02:27:04 +02:00
/* Get the current state of our config variable */
2020-01-18 16:50:56 +01:00
$remote_perms = DI :: pConfig () -> get ( local_user (), 'remote_perms' , 'show' );
2018-01-15 14:15:33 +01:00
2012-10-12 02:27:04 +02:00
/* Add some HTML to the existing form */
2012-12-22 21:36:35 +01:00
// $t = file_get_contents("addon/remote_permissions/settings.tpl" );
2018-10-31 15:55:15 +01:00
$t = Renderer :: getMarkupTemplate ( " settings.tpl " , " addon/remote_permissions/ " );
$o .= Renderer :: replaceMacros ( $t , [
2020-01-18 20:52:33 +01:00
'$remote_perms_title' => DI :: l10n () -> t ( 'Remote Permissions Settings' ),
'$remote_perms_label' => DI :: l10n () -> t ( 'Allow recipients of your private posts to see the other recipients of the posts' ),
2012-10-12 02:27:04 +02:00
'$checked' => (( $remote_perms == 1 ) ? 'checked="checked"' : '' ),
2020-01-18 20:52:33 +01:00
'$submit' => DI :: l10n () -> t ( 'Save Settings' )
2018-01-15 14:15:33 +01:00
]);
2012-10-12 02:27:04 +02:00
}
function remote_permissions_settings_post ( $a , $post ) {
2018-11-30 15:11:56 +01:00
if ( ! local_user () || empty ( $_POST [ 'remote-perms-submit' ]))
2012-10-12 02:27:04 +02:00
return ;
2020-01-18 16:54:49 +01:00
DI :: pConfig () -> set ( local_user (), 'remote_perms' , 'show' , intval ( $_POST [ 'remote-perms' ]));
2020-01-18 20:52:33 +01:00
info ( DI :: l10n () -> t ( 'Remote Permissions settings updated.' ) . EOL );
2012-10-12 02:27:04 +02:00
}
function remote_permissions_content ( $a , $item_copy ) {
if ( $item_copy [ 'uid' ] != local_user ())
return ;
2017-11-07 00:55:24 +01:00
if ( Config :: get ( 'remote_perms' , 'global' ) == 0 ) {
2012-10-12 02:27:04 +02:00
// Admin has set Individual choice. We need to find
// the original poster. First, get the contact's info
$r = q ( " SELECT nick, url FROM contact WHERE id = %d LIMIT 1 " ,
intval ( $item_copy [ 'contact-id' ])
);
2018-01-15 14:15:33 +01:00
if ( ! $r )
2012-10-12 02:27:04 +02:00
return ;
// Find out if the contact lives here
2019-12-30 03:55:10 +01:00
$baseurl = DI :: baseUrl () -> get ();
2012-10-12 02:27:04 +02:00
$baseurl = substr ( $baseurl , strpos ( $baseurl , '://' ) + 3 );
if ( strpos ( $r [ 0 ][ 'url' ], $baseurl ) === false )
return ;
// The contact lives here. Get his/her user info
$nick = $r [ 0 ][ 'nick' ];
$r = q ( " SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( $nick )
2012-10-12 02:27:04 +02:00
);
if ( ! $r )
return ;
2020-01-18 16:50:56 +01:00
if ( DI :: pConfig () -> get ( $r [ 0 ][ 'uid' ], 'remote_perms' , 'show' ) == 0 )
2012-10-12 02:27:04 +02:00
return ;
}
if (( $item_copy [ 'private' ] == 1 ) && ( ! strlen ( $item_copy [ 'allow_cid' ])) && ( ! strlen ( $item_copy [ 'allow_gid' ]))
&& ( ! strlen ( $item_copy [ 'deny_cid' ])) && ( ! strlen ( $item_copy [ 'deny_gid' ]))) {
2018-01-15 14:15:33 +01:00
$allow_names = [];
2012-10-12 02:27:04 +02:00
// Check for the original post here -- that's the only way
// to definitely get all of the recipients
if ( $item_copy [ 'uri' ] === $item_copy [ 'parent-uri' ]) {
// Lockview for a top-level post
$r = q ( " SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1 " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( $item_copy [ 'uri' ])
2012-10-12 02:27:04 +02:00
);
}
else {
// Lockview for a comment
$r = q ( " SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'
AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1 " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( $item_copy [ 'uri' ]),
DBA :: escape ( $item_copy [ 'parent-uri' ])
2012-10-12 02:27:04 +02:00
);
}
if ( $r ) {
$item = $r [ 0 ];
2019-12-15 23:28:00 +01:00
$aclFormatter = DI :: aclFormatter ();
2019-10-23 00:40:13 +02:00
2019-11-01 14:13:29 +01:00
$allowed_users = $aclFormatter -> expand ( $item [ 'allow_cid' ]);
$allowed_groups = $aclFormatter -> expand ( $item [ 'allow_gid' ]);
$deny_users = $aclFormatter -> expand ( $item [ 'deny_cid' ]);
$deny_groups = $aclFormatter -> expand ( $item [ 'deny_gid' ]);
2012-10-12 02:27:04 +02:00
2020-01-18 20:52:33 +01:00
$o = DI :: l10n () -> t ( 'Visible to:' ) . '<br />' ;
2018-01-15 14:15:33 +01:00
$allow = [];
$deny = [];
2012-10-12 02:27:04 +02:00
if ( count ( $allowed_groups )) {
$r = q ( " SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s ) " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( implode ( ', ' , $allowed_groups ))
2012-10-12 02:27:04 +02:00
);
2018-01-15 14:15:33 +01:00
foreach ( $r as $rr )
2012-10-12 02:27:04 +02:00
$allow [] = $rr [ 'contact-id' ];
}
$allow = array_unique ( $allow + $allowed_users );
if ( count ( $deny_groups )) {
$r = q ( " SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s ) " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( implode ( ', ' , $deny_groups ))
2012-10-12 02:27:04 +02:00
);
2018-01-15 14:15:33 +01:00
foreach ( $r as $rr )
2012-10-12 02:27:04 +02:00
$deny [] = $rr [ 'contact-id' ];
}
$deny = $deny + $deny_users ;
if ( $allow )
{
$r = q ( " SELECT name FROM contact WHERE id IN ( %s ) " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( implode ( ', ' , array_diff ( $allow , $deny )))
2012-10-12 02:27:04 +02:00
);
foreach ( $r as $rr )
$allow_names [] = $rr [ 'name' ];
}
}
else {
// We don't have the original post. Let's try for the next best thing:
// checking who else has the post on our own server. Note that comments
// that were sent to Diaspora and were relayed to others on our server
// will have different URIs than the original. We can match the GUID for
// those
$r = q ( " SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s' " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( $item_copy [ 'uri' ]),
DBA :: escape ( $item_copy [ 'guid' ])
2012-10-12 02:27:04 +02:00
);
if ( ! $r )
return ;
2018-01-15 14:15:33 +01:00
$allow = [];
2012-10-12 02:27:04 +02:00
foreach ( $r as $rr )
$allow [] = $rr [ 'uid' ];
$r = q ( " SELECT username FROM user WHERE uid IN ( %s ) " ,
2018-07-21 15:13:02 +02:00
DBA :: escape ( implode ( ', ' , $allow ))
2012-10-12 02:27:04 +02:00
);
if ( ! $r )
return ;
2020-01-18 20:52:33 +01:00
$o = DI :: l10n () -> t ( 'Visible to' ) . ' (' . DI :: l10n () -> t ( 'may only be a partial list' ) . '):<br />' ;
2012-10-12 02:27:04 +02:00
foreach ( $r as $rr )
$allow_names [] = $rr [ 'username' ];
}
// Sort the names alphabetically, case-insensitive
natcasesort ( $allow_names );
echo $o . implode ( ', ' , $allow_names );
2018-12-26 06:39:53 +01:00
exit ();
2012-10-12 02:27:04 +02:00
}
return ;
}
2018-01-20 14:57:41 +01:00
function remote_permissions_addon_admin ( & $a , & $o ){
2018-10-31 15:55:15 +01:00
$t = Renderer :: getMarkupTemplate ( " admin.tpl " , " addon/remote_permissions/ " );
$o = Renderer :: replaceMacros ( $t , [
2020-01-18 20:52:33 +01:00
'$submit' => DI :: l10n () -> t ( 'Save Settings' ),
'$global' => [ 'remotepermschoice' , DI :: l10n () -> t ( 'Global' ), 1 , DI :: l10n () -> t ( 'The posts of every user on this server show the post recipients' ), Config :: get ( 'remote_perms' , 'global' ) == 1 ],
'$individual' => [ 'remotepermschoice' , DI :: l10n () -> t ( 'Individual' ), 2 , DI :: l10n () -> t ( 'Each user chooses whether his/her posts show the post recipients' ), Config :: get ( 'remote_perms' , 'global' ) == 0 ]
2018-01-15 14:15:33 +01:00
]);
2012-10-12 02:27:04 +02:00
}
2018-01-20 14:57:41 +01:00
function remote_permissions_addon_admin_post ( & $a ){
2018-11-30 15:11:56 +01:00
$choice = ( ! empty ( $_POST [ 'remotepermschoice' ]) ? Strings :: escapeTags ( trim ( $_POST [ 'remotepermschoice' ])) : '' );
2017-11-07 00:55:24 +01:00
Config :: set ( 'remote_perms' , 'global' ,( $choice == 1 ? 1 : 0 ));
2020-01-18 20:52:33 +01:00
info ( DI :: l10n () -> t ( 'Settings updated.' ) . EOL );
2012-10-12 02:27:04 +02:00
}