friendica-github/src/Core/ACL.php

383 lines
12 KiB
PHP
Raw Normal View History

2018-03-24 18:38:05 +00:00
<?php
/**
* @file src/Core/Acl.php
*/
namespace Friendica\Core;
use Friendica\BaseObject;
use Friendica\Content\Feature;
use Friendica\Database\DBA;
2018-03-24 18:38:05 +00:00
use Friendica\Model\Contact;
use Friendica\Model\GContact;
2019-09-28 18:09:11 +00:00
use Friendica\Core\Session;
2018-03-24 18:38:05 +00:00
use Friendica\Util\Network;
use Friendica\Model\Group;
2018-03-24 18:38:05 +00:00
/**
* Handle ACL management and display
*
* @author Hypolite Petovan <hypolite@mrpetovan.com>
2018-03-24 18:38:05 +00:00
*/
class ACL extends BaseObject
{
/**
* Returns a select input tag with all the contact of the local user
*
2019-01-06 21:06:53 +00:00
* @param string $selname Name attribute of the select input tag
* @param string $selclass Class attribute of the select input tag
* @param array $options Available options:
* - size: length of the select box
* - mutual_friends: Only used for the hook
* - single: Only used for the hook
* - exclude: Only used for the hook
* @param array $preselected Contact ID that should be already selected
2018-03-24 18:38:05 +00:00
* @return string
2019-01-06 21:06:53 +00:00
* @throws \Exception
2018-03-24 18:38:05 +00:00
*/
public static function getSuggestContactSelectHTML($selname, $selclass, array $options = [], array $preselected = [])
{
$a = self::getApp();
$networks = null;
$size = ($options['size'] ?? 0) ?: 4;
2018-03-24 18:38:05 +00:00
$mutual = !empty($options['mutual_friends']);
$single = !empty($options['single']) && empty($options['multiple']);
$exclude = $options['exclude'] ?? false;
2018-03-24 18:38:05 +00:00
switch (($options['networks'] ?? '') ?: Protocol::PHANTOM) {
2018-03-24 18:38:05 +00:00
case 'DFRN_ONLY':
$networks = [Protocol::DFRN];
2018-03-24 18:38:05 +00:00
break;
2018-03-24 18:38:05 +00:00
case 'PRIVATE':
2018-10-06 03:17:44 +00:00
$networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA];
2018-03-24 18:38:05 +00:00
break;
2018-03-24 18:38:05 +00:00
case 'TWO_WAY':
if (!empty($a->user['prvnets'])) {
2018-10-06 03:17:44 +00:00
$networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA];
2018-03-24 18:38:05 +00:00
} else {
2018-10-06 03:17:44 +00:00
$networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA, Protocol::OSTATUS];
2018-03-24 18:38:05 +00:00
}
break;
2018-03-24 18:38:05 +00:00
default: /// @TODO Maybe log this call?
break;
}
$x = ['options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks];
Hook::callAll('contact_select_options', $x);
2018-03-24 18:38:05 +00:00
$o = '';
$sql_extra = '';
if (!empty($x['mutual'])) {
$sql_extra .= sprintf(" AND `rel` = %d ", intval(Contact::FRIEND));
2018-03-24 18:38:05 +00:00
}
if (!empty($x['exclude'])) {
$sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
}
if (!empty($x['networks'])) {
/// @TODO rewrite to foreach()
array_walk($x['networks'], function (&$value) {
2018-07-21 13:10:13 +00:00
$value = "'" . DBA::escape($value) . "'";
2018-03-24 18:38:05 +00:00
});
$str_nets = implode(',', $x['networks']);
$sql_extra .= " AND `network` IN ( $str_nets ) ";
}
$tabindex = (!empty($options['tabindex']) ? 'tabindex="' . $options["tabindex"] . '"' : '');
if (!empty($x['single'])) {
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
} else {
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
}
$stmt = DBA::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
WHERE `uid` = ? AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND NOT `deleted` AND `notify` != ''
2018-03-24 18:38:05 +00:00
$sql_extra
ORDER BY `name` ASC ", intval(local_user())
);
2018-07-21 02:03:40 +00:00
$contacts = DBA::toArray($stmt);
2018-03-24 18:38:05 +00:00
$arr = ['contact' => $contacts, 'entry' => $o];
// e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
Hook::callAll($a->module . '_pre_' . $selname, $arr);
2018-03-24 18:38:05 +00:00
2018-07-21 12:46:04 +00:00
if (DBA::isResult($contacts)) {
2018-03-24 18:38:05 +00:00
foreach ($contacts as $contact) {
if (in_array($contact['id'], $preselected)) {
$selected = ' selected="selected" ';
} else {
$selected = '';
}
$trimmed = mb_substr($contact['name'], 0, 20);
$o .= "<option value=\"{$contact['id']}\" $selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
}
}
$o .= '</select>' . PHP_EOL;
Hook::callAll($a->module . '_post_' . $selname, $o);
2018-03-24 18:38:05 +00:00
return $o;
}
/**
* Returns a select input tag with all the contact of the local user
*
* @param string $selname Name attribute of the select input tag
* @param string $selclass Class attribute of the select input tag
* @param array $preselected Contact IDs that should be already selected
* @param int $size Length of the select box
* @param int $tabindex Select input tag tabindex attribute
* @return string
2019-01-06 21:06:53 +00:00
* @throws \Exception
2018-03-24 18:38:05 +00:00
*/
public static function getMessageContactSelectHTML($selname, $selclass, array $preselected = [], $size = 4, $tabindex = null)
{
$a = self::getApp();
$o = '';
// When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
// to one recipient. By default our selector allows multiple selects amongst all contacts.
$sql_extra = sprintf(" AND `rel` = %d ", intval(Contact::FRIEND));
$sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ", Protocol::DFRN, Protocol::DIASPORA);
2018-03-24 18:38:05 +00:00
$tabindex_attr = !empty($tabindex) ? ' tabindex="' . intval($tabindex) . '"' : '';
$hidepreselected = '';
if ($preselected) {
$sql_extra .= " AND `id` IN (" . implode(",", $preselected) . ")";
$hidepreselected = ' style="display: none;"';
}
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\"$tabindex_attr$hidepreselected>\r\n";
$stmt = DBA::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
WHERE `uid` = ? AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND NOT `deleted` AND `notify` != ''
2018-03-24 18:38:05 +00:00
$sql_extra
ORDER BY `name` ASC ", intval(local_user())
);
2018-07-21 02:03:40 +00:00
$contacts = DBA::toArray($stmt);
2018-03-24 18:38:05 +00:00
$arr = ['contact' => $contacts, 'entry' => $o];
// e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
Hook::callAll($a->module . '_pre_' . $selname, $arr);
2018-03-24 18:38:05 +00:00
$receiverlist = [];
2018-07-21 12:46:04 +00:00
if (DBA::isResult($contacts)) {
2018-03-24 18:38:05 +00:00
foreach ($contacts as $contact) {
if (in_array($contact['id'], $preselected)) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$trimmed = Protocol::formatMention($contact['url'], $contact['name']);
$receiverlist[] = $trimmed;
$o .= "<option value=\"{$contact['id']}\"$selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
}
}
$o .= '</select>' . PHP_EOL;
if ($preselected) {
$o .= implode(', ', $receiverlist);
}
Hook::callAll($a->module . '_post_' . $selname, $o);
2018-03-24 18:38:05 +00:00
return $o;
}
2018-03-24 19:40:35 +00:00
private static function fixACL(&$item)
{
2018-03-24 18:38:05 +00:00
$item = intval(str_replace(['<', '>'], ['', ''], $item));
}
/**
* Return the default permission of the provided user array
*
* @param array $user
* @return array Hash of contact id lists
2019-01-06 21:06:53 +00:00
* @throws \Exception
2018-03-24 18:38:05 +00:00
*/
public static function getDefaultUserPermissions(array $user = null)
{
$matches = [];
$acl_regex = '/<([0-9]+)>/i';
preg_match_all($acl_regex, $user['allow_cid'] ?? '', $matches);
2018-03-24 18:38:05 +00:00
$allow_cid = $matches[1];
preg_match_all($acl_regex, $user['allow_gid'] ?? '', $matches);
2018-03-24 18:38:05 +00:00
$allow_gid = $matches[1];
preg_match_all($acl_regex, $user['deny_cid'] ?? '', $matches);
2018-03-24 18:38:05 +00:00
$deny_cid = $matches[1];
preg_match_all($acl_regex, $user['deny_gid'] ?? '', $matches);
2018-03-24 18:38:05 +00:00
$deny_gid = $matches[1];
// Reformats the ACL data so that it is accepted by the JS frontend
2018-03-24 19:40:35 +00:00
array_walk($allow_cid, 'self::fixACL');
array_walk($allow_gid, 'self::fixACL');
array_walk($deny_cid, 'self::fixACL');
array_walk($deny_gid, 'self::fixACL');
2018-03-24 18:38:05 +00:00
Contact::pruneUnavailable($allow_cid);
return [
'allow_cid' => $allow_cid,
'allow_gid' => $allow_gid,
'deny_cid' => $deny_cid,
'deny_gid' => $deny_gid,
];
}
/**
* Returns the ACL list of contacts for a given user id
*
* @param int $user_id
* @return array
* @throws \Exception
*/
public static function getContactListByUserId(int $user_id)
{
$acl_contacts = Contact::selectToArray(
['id', 'name', 'addr', 'micro'],
['uid' => $user_id, 'pending' => false, 'rel' => [Contact::FOLLOWER, Contact::FRIEND]]
);
array_walk($acl_contacts, function (&$value) {
$value['type'] = 'contact';
});
return $acl_contacts;
}
/**
* Returns the ACL list of groups (including meta-groups) for a given user id
*
* @param int $user_id
* @return array
*/
public static function getGroupListByUserId(int $user_id)
{
$acl_groups = [
[
'id' => Group::FOLLOWERS,
'name' => L10n::t('Followers'),
'addr' => '',
'micro' => 'images/twopeople.png',
'type' => 'group',
],
[
'id' => Group::MUTUALS,
'name' => L10n::t('Mutuals'),
'addr' => '',
'micro' => 'images/twopeople.png',
'type' => 'group',
]
];
foreach (Group::getByUserId($user_id) as $group) {
$acl_groups[] = [
'id' => $group['id'],
'name' => $group['name'],
'addr' => '',
'micro' => 'images/twopeople.png',
'type' => 'group',
];
}
return $acl_groups;
}
2018-03-24 18:38:05 +00:00
/**
* Return the full jot ACL selector HTML
*
* @param array $user User array
2018-03-24 18:38:05 +00:00
* @param bool $show_jotnets
2019-01-06 21:06:53 +00:00
* @param array $default_permissions Static defaults permission array: ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '']
2018-03-24 18:38:05 +00:00
* @return string
2019-01-06 21:06:53 +00:00
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
2018-03-24 18:38:05 +00:00
*/
public static function getFullSelectorHTML(array $user = null, $show_jotnets = false, array $default_permissions = [])
2018-03-24 18:38:05 +00:00
{
// Defaults user permissions
if (empty($default_permissions)) {
$default_permissions = self::getDefaultUserPermissions($user);
2018-07-20 18:07:54 +00:00
}
$jotnets_fields = [];
2018-03-24 18:38:05 +00:00
if ($show_jotnets) {
$mail_enabled = false;
$pubmail_enabled = false;
if (function_exists('imap_open') && !Config::get('system', 'imap_disabled')) {
$mailacct = DBA::selectFirst('mailacct', ['pubmail'], ['`uid` = ? AND `server` != ""', local_user()]);
2018-07-21 12:46:04 +00:00
if (DBA::isResult($mailacct)) {
2018-03-24 18:38:05 +00:00
$mail_enabled = true;
$pubmail_enabled = !empty($mailacct['pubmail']);
}
}
if (empty($default_permissions['hidewall'])) {
2018-03-24 18:38:05 +00:00
if ($mail_enabled) {
$jotnets_fields[] = [
'type' => 'checkbox',
'field' => [
'pubmail_enable',
L10n::t('Post to Email'),
$pubmail_enabled
]
];
2018-03-24 18:38:05 +00:00
}
Hook::callAll('jot_networks', $jotnets_fields);
2018-03-24 18:38:05 +00:00
}
}
$tpl = Renderer::getMarkupTemplate('acl_selector.tpl');
$o = Renderer::replaceMacros($tpl, [
2018-03-24 18:38:05 +00:00
'$showall' => L10n::t('Visible to everybody'),
'$show' => L10n::t('show'),
'$hide' => L10n::t('don\'t show'),
'$allowcid' => json_encode(($default_permissions['allow_cid'] ?? '') ?: []), // We need arrays for
'$allowgid' => json_encode(($default_permissions['allow_gid'] ?? '') ?: []), // Javascript since we
'$denycid' => json_encode(($default_permissions['deny_cid'] ?? '') ?: []), // call .remove() and
'$denygid' => json_encode(($default_permissions['deny_gid'] ?? '') ?: []), // .push() on these values
2018-03-24 18:38:05 +00:00
'$networks' => $show_jotnets,
'$emailcc' => L10n::t('CC: email addresses'),
'$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'),
'$jotnets_enabled' => empty($default_permissions['hidewall']),
'$jotnets_summary' => L10n::t('Connectors'),
'$jotnets_fields' => $jotnets_fields,
'$jotnets_disabled_label' => L10n::t('Connectors disabled, since "%s" is enabled.', L10n::t('Hide your profile details from unknown viewers?')),
2018-03-24 18:38:05 +00:00
'$aclModalTitle' => L10n::t('Permissions'),
'$aclModalDismiss' => L10n::t('Close'),
'$features' => [
'aclautomention' => !empty($user['uid']) && Feature::isEnabled($user['uid'], 'aclautomention') ? 'true' : 'false'
2018-03-24 18:38:05 +00:00
],
]);
return $o;
}
}