Merge pull request #13264 from MrPetovan/task/hide-blocklist

Hide blocklist from anonymous users on closed registration nodes
This commit is contained in:
Michael Vogel 2023-07-09 21:26:59 +02:00 committed by GitHub
commit 66353e6117
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 77 additions and 48 deletions

View file

@ -695,6 +695,9 @@ class App
$module = $router->getModule(); $module = $router->getModule();
} }
// Display can change depending on the requested language, so it shouldn't be cached whole
header('Vary: Accept-Language', false);
// Processes data from GET requests // Processes data from GET requests
$httpinput = $httpInput->process(); $httpinput = $httpInput->process();
$input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST); $input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST);

View file

@ -46,8 +46,6 @@ class Objects extends BaseModule
throw new HTTPException\BadRequestException(); throw new HTTPException\BadRequestException();
} }
header('Vary: Accept', false);
if (!ActivityPub::isRequest()) { if (!ActivityPub::isRequest()) {
DI::baseUrl()->redirect(str_replace('objects/', 'display/', DI::args()->getQueryString())); DI::baseUrl()->redirect(str_replace('objects/', 'display/', DI::args()->getQueryString()));
} }

View file

@ -24,26 +24,44 @@ namespace Friendica\Module;
use Friendica\App; use Friendica\App;
use Friendica\BaseModule; use Friendica\BaseModule;
use Friendica\Core\Addon; use Friendica\Core\Addon;
use Friendica\Core\Config\Capability\IManageConfigValues;
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\KeyValueStorage\Capabilities\IManageKeyValuePairs;
use Friendica\Core\L10n;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Core\Session\Capability\IHandleUserSessions;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Database\PostUpdate; use Friendica\Database\PostUpdate;
use Friendica\DI;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Network\HTTPException; use Friendica\Network\HTTPException;
use Friendica\Protocol\ActivityPub; use Friendica\Protocol\ActivityPub;
use Friendica\Util\Profiler;
use Psr\Log\LoggerInterface;
/** /**
* Prints information about the current node * Prints information about the current node
* Either in human readable form or in JSON * Either in human-readable form or in JSON
*/ */
class Friendica extends BaseModule class Friendica extends BaseModule
{ {
/** @var IManageConfigValues */
private $config;
/** @var IManageKeyValuePairs */
private $keyValue;
/** @var IHandleUserSessions */
private $session;
public function __construct(IHandleUserSessions $session, IManageKeyValuePairs $keyValue, IManageConfigValues $config, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, Response $response, array $server, array $parameters = [])
{
parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
$this->config = $config;
$this->keyValue = $keyValue;
$this->session = $session;
}
protected function content(array $request = []): string protected function content(array $request = []): string
{ {
$config = DI::config();
$keyValue = DI::keyValue();
$visibleAddonList = Addon::getVisibleList(); $visibleAddonList = Addon::getVisibleList();
if (!empty($visibleAddonList)) { if (!empty($visibleAddonList)) {
@ -61,29 +79,30 @@ class Friendica extends BaseModule
} }
} }
$addon = [ $addon = [
'title' => DI::l10n()->t('Installed addons/apps:'), 'title' => $this->t('Installed addons/apps:'),
'list' => $sortedAddonList, 'list' => $sortedAddonList,
]; ];
} else { } else {
$addon = [ $addon = [
'title' => DI::l10n()->t('No installed addons/apps'), 'title' => $this->t('No installed addons/apps'),
]; ];
} }
$tos = ($config->get('system', 'tosdisplay')) ? $tos = ($this->config->get('system', 'tosdisplay')) ?
DI::l10n()->t('Read about the <a href="%1$s/tos">Terms of Service</a> of this node.', DI::baseUrl()) : $this->t('Read about the <a href="%1$s/tos">Terms of Service</a> of this node.', $this->baseUrl) :
''; '';
$blockList = $config->get('system', 'blocklist'); $blockList = $this->config->get('system', 'blocklist') ?? [];
if (!empty($blockList)) { $register_policy_int = $this->config->get('config', 'register_policy');
if (!empty($blockList) && ($register_policy_int !== Register::CLOSED || $this->session->isAuthenticated())) {
$blocked = [ $blocked = [
'title' => DI::l10n()->t('On this server the following remote servers are blocked.'), 'title' => $this->t('On this server the following remote servers are blocked.'),
'header' => [ 'header' => [
DI::l10n()->t('Blocked domain'), $this->t('Blocked domain'),
DI::l10n()->t('Reason for the block'), $this->t('Reason for the block'),
], ],
'download' => DI::l10n()->t('Download this list in CSV format'), 'download' => $this->t('Download this list in CSV format'),
'list' => $blockList, 'list' => $blockList,
]; ];
} else { } else {
@ -97,14 +116,14 @@ class Friendica extends BaseModule
$tpl = Renderer::getMarkupTemplate('friendica.tpl'); $tpl = Renderer::getMarkupTemplate('friendica.tpl');
return Renderer::replaceMacros($tpl, [ return Renderer::replaceMacros($tpl, [
'about' => DI::l10n()->t('This is Friendica, version %s that is running at the web location %s. The database version is %s, the post update version is %s.', 'about' => $this->t('This is Friendica, version %s that is running at the web location %s. The database version is %s, the post update version is %s.',
'<strong>' . App::VERSION . '</strong>', '<strong>' . App::VERSION . '</strong>',
DI::baseUrl(), $this->baseUrl,
'<strong>' . $config->get('system', 'build') . '/' . DB_UPDATE_VERSION . '</strong>', '<strong>' . $this->config->get('system', 'build') . '/' . DB_UPDATE_VERSION . '</strong>',
'<strong>' . $keyValue->get('post_update_version') . '/' . PostUpdate::VERSION . '</strong>'), '<strong>' . $this->keyValue->get('post_update_version') . '/' . PostUpdate::VERSION . '</strong>'),
'friendica' => DI::l10n()->t('Please visit <a href="https://friendi.ca">Friendi.ca</a> to learn more about the Friendica project.'), 'friendica' => $this->t('Please visit <a href="https://friendi.ca">Friendi.ca</a> to learn more about the Friendica project.'),
'bugs' => DI::l10n()->t('Bug reports and issues: please visit') . ' ' . '<a href="https://github.com/friendica/friendica/issues?state=open">' . DI::l10n()->t('the bugtracker at github') . '</a>', 'bugs' => $this->t('Bug reports and issues: please visit') . ' ' . '<a href="https://github.com/friendica/friendica/issues?state=open">' . $this->t('the bugtracker at github') . '</a>',
'info' => DI::l10n()->t('Suggestions, praise, etc. - please email "info" at "friendi - dot - ca'), 'info' => $this->t('Suggestions, praise, etc. - please email "info" at "friendi - dot - ca'),
'visible_addons' => $addon, 'visible_addons' => $addon,
'tos' => $tos, 'tos' => $tos,
@ -115,10 +134,7 @@ class Friendica extends BaseModule
protected function rawContent(array $request = []) protected function rawContent(array $request = [])
{ {
header('Vary: Accept', false); if (empty($this->parameters['format']) || $this->parameters['format'] !== 'json') {
// @TODO: Replace with parameter from router
if (DI::args()->getArgc() <= 1 || (DI::args()->getArgv()[1] !== 'json')) {
if (!ActivityPub::isRequest()) { if (!ActivityPub::isRequest()) {
return; return;
} }
@ -133,16 +149,14 @@ class Friendica extends BaseModule
} }
} }
$config = DI::config();
$register_policies = [ $register_policies = [
Register::CLOSED => 'REGISTER_CLOSED', Register::CLOSED => 'REGISTER_CLOSED',
Register::APPROVE => 'REGISTER_APPROVE', Register::APPROVE => 'REGISTER_APPROVE',
Register::OPEN => 'REGISTER_OPEN' Register::OPEN => 'REGISTER_OPEN'
]; ];
$register_policy_int = intval($config->get('config', 'register_policy')); $register_policy_int = $this->config->get('config', 'register_policy');
if ($register_policy_int !== Register::CLOSED && $config->get('config', 'invitation_only')) { if ($register_policy_int !== Register::CLOSED && $this->config->get('config', 'invitation_only')) {
$register_policy = 'REGISTER_INVITATION'; $register_policy = 'REGISTER_INVITATION';
} else { } else {
$register_policy = $register_policies[$register_policy_int]; $register_policy = $register_policies[$register_policy_int];
@ -153,15 +167,15 @@ class Friendica extends BaseModule
if (!empty($administrator)) { if (!empty($administrator)) {
$admin = [ $admin = [
'name' => $administrator['username'], 'name' => $administrator['username'],
'profile' => DI::baseUrl() . '/profile/' . $administrator['nickname'], 'profile' => $this->baseUrl . '/profile/' . $administrator['nickname'],
]; ];
} }
$visible_addons = Addon::getVisibleList(); $visible_addons = Addon::getVisibleList();
$config->reload(); $this->config->reload();
$locked_features = []; $locked_features = [];
$featureLocks = $config->get('config', 'feature_lock'); $featureLocks = $this->config->get('config', 'feature_lock');
if (isset($featureLocks)) { if (isset($featureLocks)) {
foreach ($featureLocks as $feature => $lock) { foreach ($featureLocks as $feature => $lock) {
if ($feature === 'config_loaded') { if ($feature === 'config_loaded') {
@ -174,17 +188,17 @@ class Friendica extends BaseModule
$data = [ $data = [
'version' => App::VERSION, 'version' => App::VERSION,
'url' => (string)DI::baseUrl(), 'url' => (string)$this->baseUrl,
'addons' => $visible_addons, 'addons' => $visible_addons,
'locked_features' => $locked_features, 'locked_features' => $locked_features,
'explicit_content' => intval($config->get('system', 'explicit_content', 0)), 'explicit_content' => intval($this->config->get('system', 'explicit_content', 0)),
'language' => $config->get('system', 'language'), 'language' => $this->config->get('system', 'language'),
'register_policy' => $register_policy, 'register_policy' => $register_policy,
'admin' => $admin, 'admin' => $admin,
'site_name' => $config->get('config', 'sitename'), 'site_name' => $this->config->get('config', 'sitename'),
'platform' => strtolower(App::PLATFORM), 'platform' => strtolower(App::PLATFORM),
'info' => $config->get('config', 'info'), 'info' => $this->config->get('config', 'info'),
'no_scrape_url' => DI::baseUrl() . '/noscrape', 'no_scrape_url' => $this->baseUrl . '/noscrape',
]; ];
System::jsonExit($data); System::jsonExit($data);

View file

@ -88,8 +88,6 @@ class Display extends BaseModule
protected function content(array $request = []): string protected function content(array $request = []): string
{ {
header('Vary: Accept', false);
if (ActivityPub::isRequest()) { if (ActivityPub::isRequest()) {
$this->baseUrl->redirect(str_replace('display/', 'objects/', $this->args->getQueryString())); $this->baseUrl->redirect(str_replace('display/', 'objects/', $this->args->getQueryString()));
} }

View file

@ -80,8 +80,6 @@ class Profile extends BaseProfile
protected function rawContent(array $request = []) protected function rawContent(array $request = [])
{ {
header('Vary: Accept', false);
if (ActivityPub::isRequest()) { if (ActivityPub::isRequest()) {
$user = $this->database->selectFirst('user', ['uid'], ['nickname' => $this->parameters['nickname'] ?? '', 'account_removed' => false]); $user = $this->database->selectFirst('user', ['uid'], ['nickname' => $this->parameters['nickname'] ?? '', 'account_removed' => false]);
if ($user) { if ($user) {

View file

@ -38,6 +38,8 @@ class Xrd extends BaseModule
{ {
protected function rawContent(array $request = []) protected function rawContent(array $request = [])
{ {
header('Vary: Accept', false);
// @TODO: Replace with parameter from router // @TODO: Replace with parameter from router
if (DI::args()->getArgv()[0] == 'xrd') { if (DI::args()->getArgv()[0] == 'xrd') {
if (empty($_GET['uri'])) { if (empty($_GET['uri'])) {

View file

@ -87,6 +87,8 @@ class ActivityPub
*/ */
public static function isRequest(): bool public static function isRequest(): bool
{ {
header('Vary: Accept', false);
$isrequest = stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/activity+json') || $isrequest = stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/activity+json') ||
stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/json') || stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/json') ||
stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/ld+json'); stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/ld+json');

View file

@ -449,7 +449,7 @@ return [
'/follow_confirm' => [Module\FollowConfirm::class, [R::GET, R::POST]], '/follow_confirm' => [Module\FollowConfirm::class, [R::GET, R::POST]],
'/followers/{nickname}' => [Module\ActivityPub\Followers::class, [R::GET]], '/followers/{nickname}' => [Module\ActivityPub\Followers::class, [R::GET]],
'/following/{nickname}' => [Module\ActivityPub\Following::class, [R::GET]], '/following/{nickname}' => [Module\ActivityPub\Following::class, [R::GET]],
'/friendica[/json]' => [Module\Friendica::class, [R::GET]], '/friendica[/{format:json}]' => [Module\Friendica::class, [R::GET]],
'/friendica/inbox' => [Module\ActivityPub\Inbox::class, [R::GET, R::POST]], '/friendica/inbox' => [Module\ActivityPub\Inbox::class, [R::GET, R::POST]],
'/fsuggest/{contact:\d+}' => [Module\FriendSuggest::class, [R::GET, R::POST]], '/fsuggest/{contact:\d+}' => [Module\FriendSuggest::class, [R::GET, R::POST]],

View file

@ -274,8 +274,14 @@
</a> </a>
</li> </li>
{{/if}} {{/if}}
{{if $nav.tos}}
<li role="presentation" class="divider"></li> <li role="presentation" class="divider"></li>
<li role="presentation">
<a role="menuitem" id="nav-about-link" class="nav-link {{$nav.about.2}}"
href="{{$nav.about.0}}" title="{{$nav.about.3}}">
<i class="fa fa-info" aria-hidden="true"></i> {{$nav.about.1}}
</a>
</li>
{{if $nav.tos}}
<li role="presentation"> <li role="presentation">
<a role="menuitem" id="nav-tos-link" class="nav-link {{$nav.tos.2}}" <a role="menuitem" id="nav-tos-link" class="nav-link {{$nav.tos.2}}"
href="{{$nav.tos.0}}" title="{{$nav.tos.3}}"><i class="fa fa-file-text" href="{{$nav.tos.0}}" title="{{$nav.tos.3}}"><i class="fa fa-file-text"
@ -401,6 +407,14 @@
</a> </a>
</li> </li>
{{/if}} {{/if}}
<li role="presentation" class="divider"></li>
<li role="presentation" class="list-group-item">
<a role="menuitem" class="nav-link {{$nav.about.2}}"
href="{{$nav.about.0}}" title="{{$nav.about.3}}">
<i class="fa fa-info" aria-hidden="true"></i> {{$nav.about.1}}
</a>
</li>
<li role="presentation" class="divider"></li>
{{if $nav.logout}} {{if $nav.logout}}
<li role="presentation" class="list-group-item"> <li role="presentation" class="list-group-item">
<a role="menuitem" <a role="menuitem"