diff --git a/boot.php b/boot.php index 1a28aa8ce..c71c16b35 100644 --- a/boot.php +++ b/boot.php @@ -379,7 +379,7 @@ function is_site_admin() $adminlist = explode(',', str_replace(' ', '', $admin_email)); - return local_user() && $admin_email && in_array($a->getUserValue('email') ?? '', $adminlist); + return local_user() && $admin_email && DBA::exists('user', ['uid' => $a->getUserId(), 'email' => $adminlist]); } /** diff --git a/include/conversation.php b/include/conversation.php index db2d33b47..b545445e4 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -22,6 +22,7 @@ use Friendica\App; use Friendica\Content\ContactSelector; use Friendica\Content\Feature; +use Friendica\Core\ACL; use Friendica\Core\Hook; use Friendica\Core\Logger; use Friendica\Core\Protocol; @@ -34,6 +35,7 @@ use Friendica\Model\Contact; use Friendica\Model\Item; use Friendica\Model\Post; use Friendica\Model\Tag; +use Friendica\Model\User; use Friendica\Model\Verb; use Friendica\Object\Post as PostObject; use Friendica\Object\Thread; @@ -1064,11 +1066,24 @@ function format_activity(array $links, $verb, $id) { return $o; } -function status_editor(App $a, $x, $notes_cid = 0, $popup = false) +function status_editor(App $a, array $x = [], $notes_cid = 0, $popup = false) { DI::profiler()->startRecording('rendering'); $o = ''; + $user = User::getById($a->getUserId(), ['uid', 'nickname', 'allow_location', 'default-location']); + + $x['allow_location'] = $x['allow_location'] ?? $user['allow_location']; + $x['default_location'] = $x['default_location'] ?? $user['default-location']; + $x['nickname'] = $x['nickname'] ?? $user['nickname']; + $x['lockstate'] = $x['lockstate'] ?? ACL::getLockstateForUserId($user['uid']) ? 'lock' : 'unlock'; + $x['acl'] = $x['acl'] ?? ACL::getFullSelectorHTML(DI::page(), $user['uid'], true); + $x['bang'] = $x['bang'] ?? ''; + $x['visitor'] = $x['visitor'] ?? 'block'; + $x['is_owner'] = $x['is_owner'] ?? true; + $x['profile_uid'] = $x['profile_uid'] ?? local_user(); + + $geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : ''; $tpl = Renderer::getMarkupTemplate('jot-header.tpl'); diff --git a/mod/api.php b/mod/api.php index 0423dd454..0a801a8a1 100644 --- a/mod/api.php +++ b/mod/api.php @@ -26,12 +26,7 @@ require_once __DIR__ . '/../include/api.php'; function api_post(App $a) { - if (!local_user()) { - notice(DI::l10n()->t('Permission denied.')); - return; - } - - if (empty($a->getUserId()) || $a->getUserId() != local_user()) { + if (!$a->isLoggedIn()) { notice(DI::l10n()->t('Permission denied.')); return; } diff --git a/mod/display.php b/mod/display.php index 199c89488..7d7ea08a8 100644 --- a/mod/display.php +++ b/mod/display.php @@ -273,18 +273,7 @@ function display_content(App $a, $update = false, $update_uid = 0) // We need the editor here to be able to reshare an item. if ($is_owner && !$update) { - $x = [ - 'is_owner' => true, - 'allow_location' => $a->getUserValue('allow_location'), - 'default_location' => $a->getUserValue('default-location'), - 'nickname' => $a->getNickname(), - 'lockstate' => ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock', - 'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true), - 'bang' => '', - 'visitor' => 'block', - 'profile_uid' => local_user(), - ]; - $o .= status_editor($a, $x, 0, true); + $o .= status_editor($a, [], 0, true); } $sql_extra = Item::getPermissionsSQLByUserId($page_uid); diff --git a/mod/editpost.php b/mod/editpost.php index 9e7079543..5197708b4 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -27,6 +27,7 @@ use Friendica\Database\DBA; use Friendica\DI; use Friendica\Model\Contact; use Friendica\Model\Post; +use Friendica\Model\User; use Friendica\Util\Crypto; function editpost_content(App $a) @@ -55,6 +56,8 @@ function editpost_content(App $a) return; } + $user = User::getById(local_user()); + $geotag = ''; $o .= Renderer::replaceMacros(Renderer::getMarkupTemplate("section_title.tpl"), [ @@ -107,7 +110,7 @@ function editpost_content(App $a) '$posttype' => $item['post-type'], '$content' => undo_post_tagging($item['body']), '$post_id' => $post_id, - '$defloc' => $a->getUserValue('default-location'), + '$defloc' => $user['default-location'], '$visitor' => 'none', '$pvisit' => 'none', '$emailcc' => DI::l10n()->t('CC: email addresses'), diff --git a/mod/events.php b/mod/events.php index 7409b83a7..71e14fc86 100644 --- a/mod/events.php +++ b/mod/events.php @@ -513,7 +513,7 @@ function events_content(App $a) $fminute = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00'; if (!$cid && in_array($mode, ['new', 'copy'])) { - $acl = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($orig_event)); + $acl = ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), false, ACL::getDefaultUserPermissions($orig_event)); } else { $acl = ''; } diff --git a/mod/follow.php b/mod/follow.php index 86f726712..d655bc2bf 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -175,7 +175,7 @@ function follow_process(App $a, string $url) { $return_path = 'follow?url=' . urlencode($url); - $result = Contact::createFromProbe($a->user, $url, true); + $result = Contact::createFromProbe($a->getUserId(), $url); if ($result['success'] == false) { // Possibly it is a remote item and not an account diff --git a/mod/notes.php b/mod/notes.php index eccbdcc89..fd8763b96 100644 --- a/mod/notes.php +++ b/mod/notes.php @@ -51,15 +51,8 @@ function notes_content(App $a, $update = false) $o .= '
".DI::l10n()->t("Keep this window open until done.")."
"; - Contact::createFromProbe($a->user, $r[0]["url"], true); + Contact::createFromProbe($a->getUserId(), $r[0]["url"]); DI::page()['htmlhead'] = ''; diff --git a/mod/settings.php b/mod/settings.php index 87c56e0df..63ad55fa9 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -53,7 +53,8 @@ function settings_init(App $a) function settings_post(App $a) { - if (!local_user()) { + if (!$a->isLoggedIn()) { + notice(DI::l10n()->t('Permission denied.')); return; } @@ -61,11 +62,6 @@ function settings_post(App $a) return; } - if (empty($a->getUserId()) || $a->getUserId() != local_user()) { - notice(DI::l10n()->t('Permission denied.')); - return; - } - if ((DI::args()->getArgc() > 1) && (DI::args()->getArgv()[1] == 'addon')) { BaseModule::checkFormSecurityTokenRedirectOnError('/settings/addon', 'settings_addon'); @@ -752,7 +748,7 @@ function settings_content(App $a) '$cntunkmail' => ['cntunkmail', DI::l10n()->t('Maximum private messages per day from unknown people:'), $cntunkmail , DI::l10n()->t("\x28to prevent spam abuse\x29")], '$group_select' => Group::displayGroupSelection(local_user(), $user['def_gid']), '$permissions' => DI::l10n()->t('Default Post Permissions'), - '$aclselect' => ACL::getFullSelectorHTML(DI::page(), $a->user), + '$aclselect' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId()), '$expire' => [ 'label' => DI::l10n()->t('Expiration settings'), diff --git a/src/App.php b/src/App.php index 993045ac5..4342e57ec 100644 --- a/src/App.php +++ b/src/App.php @@ -57,8 +57,6 @@ use Psr\Log\LoggerInterface; */ class App { - public $user; - // Allow themes to control internal parameters // by changing App values in theme.php private $theme_info = [ @@ -151,6 +149,11 @@ class App $this->nickname = $nickname; } + public function isLoggedIn() + { + return local_user() && $this->user_id && ($this->user_id == local_user()); + } + /** * Fetch the user id * @return int @@ -169,25 +172,6 @@ class App return $this->nickname; } - /** - * Fetch a specific user field - * - * @param string $index - * @return mixed - */ - public function getUserValue(string $index) - { - if (empty($this->user_id)) { - return null; - } - - if (empty($this->user)) { - $this->user = User::getById($this->user_id); - } - - return $this->user[$index] ?? null; - } - /** * Set the profile owner ID * diff --git a/src/Console/Contact.php b/src/Console/Contact.php index 55fd5024c..7a4299c7b 100644 --- a/src/Console/Contact.php +++ b/src/Console/Contact.php @@ -164,7 +164,7 @@ HELP; $network = CliPrompt::prompt(); } - $result = ContactModel::createFromProbe($user, $url, false, $network); + $result = ContactModel::createFromProbe($user['uid'], $url, $network); if ($result['success']) { $this->out('User ' . $user['nickname'] . ' now connected to ' . $url . ', contact ID ' . $result['cid']); diff --git a/src/Content/Nav.php b/src/Content/Nav.php index dbc6d17a3..2263b1cae 100644 --- a/src/Content/Nav.php +++ b/src/Content/Nav.php @@ -23,6 +23,7 @@ namespace Friendica\Content; use Friendica\App; use Friendica\Core\Hook; +use Friendica\Core\Logger; use Friendica\Core\Renderer; use Friendica\Core\Session; use Friendica\Database\DBA; @@ -185,25 +186,21 @@ class Nav $nav['login'] = ['login', DI::l10n()->t('Login'), (DI::module()->getName() == 'login' ? 'selected' : ''), DI::l10n()->t('Sign in')]; } - if (local_user()) { - if (!empty($a->user)) { - // user menu - $nav['usermenu'][] = ['profile/' . $a->getNickname(), DI::l10n()->t('Status'), '', DI::l10n()->t('Your posts and conversations')]; - $nav['usermenu'][] = ['profile/' . $a->getNickname() . '/profile', DI::l10n()->t('Profile'), '', DI::l10n()->t('Your profile page')]; - $nav['usermenu'][] = ['photos/' . $a->getNickname(), DI::l10n()->t('Photos'), '', DI::l10n()->t('Your photos')]; - $nav['usermenu'][] = ['videos/' . $a->getNickname(), DI::l10n()->t('Videos'), '', DI::l10n()->t('Your videos')]; - $nav['usermenu'][] = ['events/', DI::l10n()->t('Events'), '', DI::l10n()->t('Your events')]; - $nav['usermenu'][] = ['notes/', DI::l10n()->t('Personal notes'), '', DI::l10n()->t('Your personal notes')]; + if ($a->isLoggedIn()) { + // user menu + $nav['usermenu'][] = ['profile/' . $a->getNickname(), DI::l10n()->t('Status'), '', DI::l10n()->t('Your posts and conversations')]; + $nav['usermenu'][] = ['profile/' . $a->getNickname() . '/profile', DI::l10n()->t('Profile'), '', DI::l10n()->t('Your profile page')]; + $nav['usermenu'][] = ['photos/' . $a->getNickname(), DI::l10n()->t('Photos'), '', DI::l10n()->t('Your photos')]; + $nav['usermenu'][] = ['videos/' . $a->getNickname(), DI::l10n()->t('Videos'), '', DI::l10n()->t('Your videos')]; + $nav['usermenu'][] = ['events/', DI::l10n()->t('Events'), '', DI::l10n()->t('Your events')]; + $nav['usermenu'][] = ['notes/', DI::l10n()->t('Personal notes'), '', DI::l10n()->t('Your personal notes')]; - // user info - $contact = DBA::selectFirst('contact', ['micro'], ['uid' => $a->getUserId(), 'self' => true]); - $userinfo = [ - 'icon' => (DBA::isResult($contact) ? DI::baseUrl()->remove($contact['micro']) : Contact::DEFAULT_AVATAR_MICRO), - 'name' => $a->getUserValue('username'), - ]; - } else { - DI::logger()->warning('Empty $a->user for local user', ['local_user' => local_user(), '$a' => $a]); - } + // user info + $contact = DBA::selectFirst('contact', ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl', 'updated'], ['uid' => $a->getUserId(), 'self' => true]); + $userinfo = [ + 'icon' => Contact::getMicro($contact), + 'name' => $contact['name'], + ]; } // "Home" should also take you home from an authenticated remote profile connection @@ -271,7 +268,7 @@ class Nav } // The following nav links are only show to logged in users - if (local_user() && !empty($a->user)) { + if (local_user() && !empty($a->getNickname())) { $nav['network'] = ['network', DI::l10n()->t('Network'), '', DI::l10n()->t('Conversations from your friends')]; $nav['home'] = ['profile/' . $a->getNickname(), DI::l10n()->t('Home'), '', DI::l10n()->t('Your posts and conversations')]; diff --git a/src/Core/ACL.php b/src/Core/ACL.php index 48f87b7be..9453dc659 100644 --- a/src/Core/ACL.php +++ b/src/Core/ACL.php @@ -222,7 +222,7 @@ class ACL * Return the full jot ACL selector HTML * * @param Page $page - * @param array $user User array + * @param int $uid User ID * @param bool $for_federation * @param array $default_permissions Static defaults permission array: * [ @@ -238,18 +238,20 @@ class ACL */ public static function getFullSelectorHTML( Page $page, - array $user = null, + int $uid = null, bool $for_federation = false, array $default_permissions = [], array $condition = [], $form_prefix = '' ) { - if (empty($user['uid'])) { + if (empty($uid)) { return ''; } static $input_group_id = 0; + $user = User::getById($uid); + $input_group_id++; $page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js')); diff --git a/src/Model/Contact.php b/src/Model/Contact.php index 45a3d424e..9e870d505 100644 --- a/src/Model/Contact.php +++ b/src/Model/Contact.php @@ -2311,16 +2311,15 @@ class Contact * * Takes a $uid and a url/handle and adds a new contact * - * @param array $user The user the contact should be created for + * @param int $uid The user id the contact should be created for * @param string $url The profile URL of the contact - * @param bool $interactive * @param string $network * @return array * @throws HTTPException\InternalServerErrorException * @throws HTTPException\NotFoundException * @throws \ImagickException */ - public static function createFromProbe(array $user, $url, $interactive = false, $network = '') + public static function createFromProbe(int $uid, $url, $network = '') { $result = ['cid' => -1, 'success' => false, 'message' => '']; @@ -2356,7 +2355,7 @@ class Contact $ret = $arr['contact']; } else { $probed = true; - $ret = Probe::uri($url, $network, $user['uid']); + $ret = Probe::uri($url, $network, $uid); } if (($network != '') && ($ret['network'] != $network)) { @@ -2368,10 +2367,10 @@ class Contact // the poll url is more reliable than the profile url, as we may have // indirect links or webfinger links - $condition = ['uid' => $user['uid'], 'poll' => [$ret['poll'], Strings::normaliseLink($ret['poll'])], 'network' => $ret['network'], 'pending' => false]; + $condition = ['uid' => $uid, 'poll' => [$ret['poll'], Strings::normaliseLink($ret['poll'])], 'network' => $ret['network'], 'pending' => false]; $contact = DBA::selectFirst('contact', ['id', 'rel'], $condition); if (!DBA::isResult($contact)) { - $condition = ['uid' => $user['uid'], 'nurl' => Strings::normaliseLink($ret['url']), 'network' => $ret['network'], 'pending' => false]; + $condition = ['uid' => $uid, 'nurl' => Strings::normaliseLink($ret['url']), 'network' => $ret['network'], 'pending' => false]; $contact = DBA::selectFirst('contact', ['id', 'rel'], $condition); } @@ -2436,7 +2435,7 @@ class Contact // create contact record self::insert([ - 'uid' => $user['uid'], + 'uid' => $uid, 'created' => DateTimeFormat::utcNow(), 'url' => $ret['url'], 'nurl' => Strings::normaliseLink($ret['url']), @@ -2464,7 +2463,7 @@ class Contact ]); } - $contact = DBA::selectFirst('contact', [], ['url' => $ret['url'], 'network' => $ret['network'], 'uid' => $user['uid']]); + $contact = DBA::selectFirst('contact', [], ['url' => $ret['url'], 'network' => $ret['network'], 'uid' => $uid]); if (!DBA::isResult($contact)) { $result['message'] .= DI::l10n()->t('Unable to retrieve contact information.') . EOL; return $result; @@ -2473,7 +2472,7 @@ class Contact $contact_id = $contact['id']; $result['cid'] = $contact_id; - Group::addMember(User::getDefaultGroup($user['uid'], $contact["network"]), $contact_id); + Group::addMember(User::getDefaultGroup($uid, $contact["network"]), $contact_id); // Update the avatar self::updateAvatar($contact_id, $ret['photo']); @@ -2489,7 +2488,7 @@ class Contact Worker::add(PRIORITY_HIGH, 'UpdateContact', $contact_id); } - $owner = User::getOwnerDataById($user['uid']); + $owner = User::getOwnerDataById($uid); if (DBA::isResult($owner)) { if (in_array($protocol, [Protocol::OSTATUS, Protocol::DFRN])) { @@ -2518,7 +2517,7 @@ class Contact return false; } - $ret = ActivityPub\Transmitter::sendActivity('Follow', $contact['url'], $user['uid'], $activity_id); + $ret = ActivityPub\Transmitter::sendActivity('Follow', $contact['url'], $uid, $activity_id); Logger::log('Follow returns: ' . $ret); } } @@ -2579,14 +2578,9 @@ class Contact */ public static function follow(int $cid, int $uid) { - $user = User::getById($uid); - if (empty($user)) { - return false; - } - $contact = self::getById($cid, ['url']); - $result = self::createFromProbe($user, $contact['url'], false); + $result = self::createFromProbe($uid, $contact['url']); return $result['cid']; } @@ -2744,7 +2738,7 @@ class Contact } } elseif (DBA::isResult($user) && in_array($user['page-flags'], [User::PAGE_FLAGS_SOAPBOX, User::PAGE_FLAGS_FREELOVE, User::PAGE_FLAGS_COMMUNITY])) { if (($user['page-flags'] == User::PAGE_FLAGS_FREELOVE) && ($network != Protocol::DIASPORA)) { - self::createFromProbe($importer, $url, false, $network); + self::createFromProbe($importer['uid'], $url, $network); } $condition = ['uid' => $importer['uid'], 'url' => $url, 'pending' => true]; diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index 3e6f8a2a2..5b44073f3 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -75,9 +75,7 @@ class BaseApi extends BaseModule { self::checkAllowedScope(self::SCOPE_WRITE); - $a = DI::app(); - - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } } @@ -86,9 +84,7 @@ class BaseApi extends BaseModule { self::checkAllowedScope(self::SCOPE_WRITE); - $a = DI::app(); - - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } } @@ -97,9 +93,7 @@ class BaseApi extends BaseModule { self::checkAllowedScope(self::SCOPE_WRITE); - $a = DI::app(); - - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } } @@ -108,9 +102,7 @@ class BaseApi extends BaseModule { self::checkAllowedScope(self::SCOPE_WRITE); - $a = DI::app(); - - if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } } diff --git a/src/Module/Bookmarklet.php b/src/Module/Bookmarklet.php index 9db1cc138..2d882e0fa 100644 --- a/src/Module/Bookmarklet.php +++ b/src/Module/Bookmarklet.php @@ -59,16 +59,6 @@ class Bookmarklet extends BaseModule $content = "\n" . PageInfo::getFooterFromUrl($_REQUEST['url']); $x = [ - 'is_owner' => true, - 'allow_location' => $app->getUserValue('allow_location'), - 'default_location' => $app->getUserValue('default-location'), - 'nickname' => $app->getNickname(), - 'lockstate' => ACL::getLockstateForUserId($app->getUserId()) ? 'lock' : 'unlock', - 'default_perms' => ACL::getDefaultUserPermissions($app->user), - 'acl' => ACL::getFullSelectorHTML(DI::page(), $app->user, true), - 'bang' => '', - 'visitor' => 'block', - 'profile_uid' => local_user(), 'title' => trim($_REQUEST['title'] ?? '', '*'), 'content' => $content ]; diff --git a/src/Module/Contact.php b/src/Module/Contact.php index 1ca681a1e..2a68262a5 100644 --- a/src/Module/Contact.php +++ b/src/Module/Contact.php @@ -169,8 +169,7 @@ class Contact extends BaseModule } if ($contact['network'] == Protocol::OSTATUS) { - $user = Model\User::getById($contact['uid']); - $result = Model\Contact::createFromProbe($user, $contact['url'], false, $contact['network']); + $result = Model\Contact::createFromProbe($contact['uid'], $contact['url'], $contact['network']); if ($result['success']) { DBA::update('contact', ['subhub' => 1], ['id' => $contact_id]); @@ -935,18 +934,7 @@ class Contact extends BaseModule if (!$update) { // We need the editor here to be able to reshare an item. if (local_user()) { - $x = [ - 'is_owner' => true, - 'allow_location' => $a->user['allow_location'], - 'default_location' => $a->user['default-location'], - 'nickname' => $a->user['nickname'], - 'lockstate' => (is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock'), - 'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true), - 'bang' => '', - 'visitor' => 'block', - 'profile_uid' => local_user(), - ]; - $o = status_editor($a, $x, 0, true); + $o = status_editor($a, [], 0, true); } } diff --git a/src/Module/Conversation/Community.php b/src/Module/Conversation/Community.php index 8482bd3c7..c236778cb 100644 --- a/src/Module/Conversation/Community.php +++ b/src/Module/Conversation/Community.php @@ -128,18 +128,7 @@ class Community extends BaseModule // We need the editor here to be able to reshare an item. if (Session::isAuthenticated()) { - $x = [ - 'is_owner' => true, - 'allow_location' => DI::app()->getUserValue('allow_location'), - 'default_location' => DI::app()->getUserValue('default-location'), - 'nickname' => DI::app()->getNickname(), - 'lockstate' => ACL::getLockstateForUserId(DI::app()->getUserId()) ? 'lock' : 'unlock', - 'acl' => ACL::getFullSelectorHTML(DI::page(), DI::app()->user, true), - 'bang' => '', - 'visitor' => 'block', - 'profile_uid' => local_user(), - ]; - $o .= status_editor(DI::app(), $x, 0, true); + $o .= status_editor(DI::app(), [], 0, true); } } diff --git a/src/Module/Conversation/Network.php b/src/Module/Conversation/Network.php index 6d758ca50..1e97894cb 100644 --- a/src/Module/Conversation/Network.php +++ b/src/Module/Conversation/Network.php @@ -139,16 +139,9 @@ class Network extends BaseModule } $x = [ - 'is_owner' => true, - 'allow_location' => $a->getUserValue('allow_location'), - 'default_location' => $a->getUserValue('default-location'), - 'nickname' => $a->getNickname(), 'lockstate' => self::$groupId || self::$forumContactId || self::$network || ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock', - 'default_perms' => ACL::getDefaultUserPermissions($a->user), - 'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true, $default_permissions), + 'acl' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), true, $default_permissions), 'bang' => ((self::$groupId || self::$forumContactId || self::$network) ? '!' : ''), - 'visitor' => 'block', - 'profile_uid' => local_user(), 'content' => $content, ]; diff --git a/src/Module/Delegation.php b/src/Module/Delegation.php index 788b40268..7ee9b4972 100644 --- a/src/Module/Delegation.php +++ b/src/Module/Delegation.php @@ -45,7 +45,7 @@ class Delegation extends BaseModule } $uid = local_user(); - $orig_record = DI::app()->user; + $orig_record = User::getById(DI::app()->getUserId()); if (Session::get('submanage')) { $user = User::getById(Session::get('submanage')); diff --git a/src/Module/Invite.php b/src/Module/Invite.php index d68fd053c..3b3e56eb4 100644 --- a/src/Module/Invite.php +++ b/src/Module/Invite.php @@ -25,6 +25,7 @@ use Friendica\BaseModule; use Friendica\Core\Renderer; use Friendica\DI; use Friendica\Model; +use Friendica\Model\User; use Friendica\Network\HTTPException; use Friendica\Protocol\Email; use Friendica\Util\Strings; @@ -71,6 +72,8 @@ class Invite extends BaseModule } } + $user = User::getById(local_user()); + foreach ($recipients as $recipient) { $recipient = trim($recipient); @@ -95,7 +98,7 @@ class Invite extends BaseModule $nmessage = $message; } - $additional_headers = 'From: "' . $app->getUserValue('email') . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n" + $additional_headers = 'From: "' . $user['email'] . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit'; diff --git a/src/Module/Item/Compose.php b/src/Module/Item/Compose.php index db59bfb48..b7e6bce7d 100644 --- a/src/Module/Item/Compose.php +++ b/src/Module/Item/Compose.php @@ -186,7 +186,7 @@ class Compose extends BaseModule '$jotplugins' => $jotplugins, '$rand_num' => Crypto::randomDigits(12), - '$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->user, $doesFederate, [ + '$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), $doesFederate, [ 'allow_cid' => $contact_allow_list, 'allow_gid' => $group_allow_list, 'deny_cid' => $contact_deny_list, diff --git a/src/Module/Magic.php b/src/Module/Magic.php index cbd629fd3..45fde43f6 100644 --- a/src/Module/Magic.php +++ b/src/Module/Magic.php @@ -27,6 +27,7 @@ use Friendica\Core\System; use Friendica\Database\DBA; use Friendica\DI; use Friendica\Model\Contact; +use Friendica\Model\User; use Friendica\Util\HTTPSignature; use Friendica\Util\Strings; @@ -76,52 +77,50 @@ class Magic extends BaseModule System::externalRedirect($dest); } - if (local_user()) { - $user = $a->user; + // OpenWebAuth + if (local_user() && $owa) { + $user = User::getById(local_user()); - // OpenWebAuth - if ($owa) { - // Extract the basepath - // NOTE: we need another solution because this does only work - // for friendica contacts :-/ . We should have the basepath - // of a contact also in the contact table. - $exp = explode('/profile/', $contact['url']); - $basepath = $exp[0]; + // Extract the basepath + // NOTE: we need another solution because this does only work + // for friendica contacts :-/ . We should have the basepath + // of a contact also in the contact table. + $exp = explode('/profile/', $contact['url']); + $basepath = $exp[0]; - $header = []; - $header['Accept'] = 'application/x-dfrn+json, application/x-zot+json'; - $header['X-Open-Web-Auth'] = Strings::getRandomHex(); + $header = []; + $header['Accept'] = 'application/x-dfrn+json, application/x-zot+json'; + $header['X-Open-Web-Auth'] = Strings::getRandomHex(); - // Create a header that is signed with the local users private key. - $header = HTTPSignature::createSig( - $header, - $user['prvkey'], - 'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '') - ); + // Create a header that is signed with the local users private key. + $header = HTTPSignature::createSig( + $header, + $user['prvkey'], + 'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '') + ); - // Try to get an authentication token from the other instance. - $curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]); + // Try to get an authentication token from the other instance. + $curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]); - if ($curlResult->isSuccess()) { - $j = json_decode($curlResult->getBody(), true); + if ($curlResult->isSuccess()) { + $j = json_decode($curlResult->getBody(), true); - if ($j['success']) { - $token = ''; - if ($j['encrypted_token']) { - // The token is encrypted. If the local user is really the one the other instance - // thinks he/she is, the token can be decrypted with the local users public key. - openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']); - } else { - $token = $j['token']; - } - $args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token; - - Logger::info('Redirecting', ['path' => $dest . $args]); - System::externalRedirect($dest . $args); + if ($j['success']) { + $token = ''; + if ($j['encrypted_token']) { + // The token is encrypted. If the local user is really the one the other instance + // thinks he/she is, the token can be decrypted with the local users public key. + openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']); + } else { + $token = $j['token']; } + $args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token; + + Logger::info('Redirecting', ['path' => $dest . $args]); + System::externalRedirect($dest . $args); } - System::externalRedirect($dest); } + System::externalRedirect($dest); } if ($test) { diff --git a/src/Module/Profile/Status.php b/src/Module/Profile/Status.php index 94e93209e..b60fb2cdb 100644 --- a/src/Module/Profile/Status.php +++ b/src/Module/Profile/Status.php @@ -125,11 +125,9 @@ class Status extends BaseProfile $x = [ 'is_owner' => $is_owner, 'allow_location' => ($is_owner || $commvisitor) && $profile['allow_location'], - 'default_location' => $is_owner ? $a->getUserValue('default-location') : '', + 'default_location' => $is_owner ? $profile['default-location'] : '', 'nickname' => $profile['nickname'], - 'lockstate' => ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock', - 'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->user, true) : '', - 'bang' => '', + 'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), true) : '', 'visitor' => $is_owner || $commvisitor ? 'block' : 'none', 'profile_uid' => $profile['uid'], ]; diff --git a/src/Module/Security/TwoFactor/Recovery.php b/src/Module/Security/TwoFactor/Recovery.php index 46eb383b2..9faab4070 100644 --- a/src/Module/Security/TwoFactor/Recovery.php +++ b/src/Module/Security/TwoFactor/Recovery.php @@ -25,6 +25,7 @@ use Friendica\BaseModule; use Friendica\Core\Renderer; use Friendica\Core\Session; use Friendica\DI; +use Friendica\Model\User; use Friendica\Security\TwoFactor\Model\RecoveryCode; /** @@ -59,7 +60,7 @@ class Recovery extends BaseModule Session::set('2fa', true); info(DI::l10n()->t('Remaining recovery codes: %d', RecoveryCode::countValidForUser(local_user()))); - DI::auth()->setForUser($a, $a->user, true, true); + DI::auth()->setForUser($a, User::getById($a->getUserId()), true, true); } else { notice(DI::l10n()->t('Invalid code, please retry.')); } diff --git a/src/Module/Security/TwoFactor/Verify.php b/src/Module/Security/TwoFactor/Verify.php index 645aae9e2..bb3e444a9 100644 --- a/src/Module/Security/TwoFactor/Verify.php +++ b/src/Module/Security/TwoFactor/Verify.php @@ -25,6 +25,7 @@ use Friendica\BaseModule; use Friendica\Core\Renderer; use Friendica\Core\Session; use Friendica\DI; +use Friendica\Model\User; use PragmaRX\Google2FA\Google2FA; use Friendica\Security\TwoFactor; @@ -70,7 +71,7 @@ class Verify extends BaseModule } // Resume normal login workflow - DI::auth()->setForUser($a, $a->user, true, true); + DI::auth()->setForUser($a, User::getById($a->getUserId()), true, true); } else { self::$errors[] = DI::l10n()->t('Invalid code, please retry.'); } diff --git a/src/Module/Settings/Delegation.php b/src/Module/Settings/Delegation.php index 89bc78b32..067304ee8 100644 --- a/src/Module/Settings/Delegation.php +++ b/src/Module/Settings/Delegation.php @@ -38,7 +38,7 @@ class Delegation extends BaseSettings { public static function post(array $parameters = []) { - if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } diff --git a/src/Module/Settings/Display.php b/src/Module/Settings/Display.php index a82c992c4..dd97ffc90 100644 --- a/src/Module/Settings/Display.php +++ b/src/Module/Settings/Display.php @@ -27,6 +27,7 @@ use Friendica\Core\Session; use Friendica\Core\Theme; use Friendica\Database\DBA; use Friendica\DI; +use Friendica\Model\User; use Friendica\Module\BaseSettings; use Friendica\Network\HTTPException; use Friendica\Util\Strings; @@ -38,13 +39,15 @@ class Display extends BaseSettings { public static function post(array $parameters = []) { - if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } self::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display'); - $theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : DI::app()->getUserValue('theme'); + $user = User::getById(local_user()); + + $theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme']; $mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : ''; $nosmile = !empty($_POST['nosmile']) ? intval($_POST['nosmile']) : 0; $first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0; @@ -92,7 +95,7 @@ class Display extends BaseSettings DI::pConfig()->set(local_user(), 'system', 'first_day_of_week' , $first_day_of_week); if (in_array($theme, Theme::getAllowedList())) { - if ($theme == DI::app()->getUserValue('theme')) { + if ($theme == $user['theme']) { // call theme_post only if theme has not been changed if (($themeconfigfile = Theme::getConfigFile($theme)) !== null) { require_once $themeconfigfile; @@ -128,6 +131,8 @@ class Display extends BaseSettings $default_mobile_theme = 'none'; } + $user = User::getById(local_user()); + $allowed_themes = Theme::getAllowedList(); $themes = []; @@ -152,7 +157,7 @@ class Display extends BaseSettings } } - $theme_selected = DI::app()->getUserValue('theme') ?: $default_theme; + $theme_selected = $user['theme'] ?: $default_theme; $mobile_theme_selected = Session::get('mobile-theme', $default_mobile_theme); $itemspage_network = intval(DI::pConfig()->get(local_user(), 'system', 'itemspage_network')); diff --git a/src/Module/Settings/Profile/Index.php b/src/Module/Settings/Profile/Index.php index 86e23234d..6faa899ba 100644 --- a/src/Module/Settings/Profile/Index.php +++ b/src/Module/Settings/Profile/Index.php @@ -172,7 +172,7 @@ class Index extends BaseSettings 'value' => ['profile_field[' . $profileField->id . '][value]', DI::l10n()->t('Value:'), $profileField->value], 'acl' => ACL::getFullSelectorHTML( DI::page(), - $a->user, + $a->getUserId(), false, $defaultPermissions, ['network' => Protocol::DFRN], @@ -192,7 +192,7 @@ class Index extends BaseSettings 'value' => ['profile_field[new][value]', DI::l10n()->t('Value:')], 'acl' => ACL::getFullSelectorHTML( DI::page(), - $a->user, + $a->getUserId(), false, ['allow_cid' => []], ['network' => Protocol::DFRN], diff --git a/src/Module/Settings/UserExport.php b/src/Module/Settings/UserExport.php index e9f999536..cffa3b99e 100644 --- a/src/Module/Settings/UserExport.php +++ b/src/Module/Settings/UserExport.php @@ -90,7 +90,7 @@ class UserExport extends BaseSettings */ public static function rawContent(array $parameters = []) { - if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) { + if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); } @@ -98,21 +98,20 @@ class UserExport extends BaseSettings if ($args->getArgc() == 3) { // @TODO Replace with router-provided arguments $action = $args->get(2); - $user = DI::app()->user; switch ($action) { case "backup": header("Content-type: application/json"); - header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"'); + header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '.' . $action . '"'); self::exportAll(local_user()); break; case "account": header("Content-type: application/json"); - header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"'); + header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '.' . $action . '"'); self::exportAccount(local_user()); break; case "contact": header("Content-type: application/csv"); - header('Content-Disposition: attachment; filename="' . $user['nickname'] . '-contacts.csv' . '"'); + header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '-contacts.csv' . '"'); self::exportContactsAsCSV(local_user()); break; } diff --git a/src/Object/EMail/ItemCCEMail.php b/src/Object/EMail/ItemCCEMail.php index 7c3c3271a..e70625bb9 100644 --- a/src/Object/EMail/ItemCCEMail.php +++ b/src/Object/EMail/ItemCCEMail.php @@ -26,6 +26,7 @@ use Friendica\App\BaseURL; use Friendica\Content\Text\HTML; use Friendica\Core\L10n; use Friendica\Model\Item; +use Friendica\Model\User; use Friendica\Object\Email; use Friendica\Protocol\Email as EmailProtocol; @@ -36,20 +37,22 @@ class ItemCCEMail extends Email { public function __construct(App $a, L10n $l10n, BaseURL $baseUrl, array $item, string $toAddress, string $authorThumb) { - $disclaimer = '