mirror of
https://github.com/friendica/friendica
synced 2024-12-22 22:00:16 +00:00
Merge pull request #14139 from MrPetovan/bug/apexrabbit-vulns
Fix a couple of stored XSS vulnerabilities
This commit is contained in:
commit
0be622e049
10 changed files with 698 additions and 557 deletions
|
@ -672,18 +672,14 @@ function photos_content(App $a)
|
|||
|
||||
$selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : '';
|
||||
|
||||
$albumselect = '';
|
||||
$albumselect = ['' => '<current year>'];
|
||||
|
||||
$albumselect .= '<option value="" ' . (!$selname ? ' selected="selected" ' : '') . '><current year></option>';
|
||||
$albums = Photo::getAlbums($owner_uid);
|
||||
if (!empty($albums)) {
|
||||
foreach ($albums as $album) {
|
||||
if ($album['album'] === '') {
|
||||
continue;
|
||||
}
|
||||
$selected = (($selname === $album['album']) ? ' selected="selected" ' : '');
|
||||
$albumselect .= '<option value="' . $album['album'] . '"' . $selected . '>' . $album['album'] . '</option>';
|
||||
foreach (Photo::getAlbums($owner_uid) as $album) {
|
||||
if ($album['album'] === '') {
|
||||
continue;
|
||||
}
|
||||
|
||||
$albumselect[$album['album']] = $album['album'];
|
||||
}
|
||||
|
||||
$uploader = '';
|
||||
|
@ -729,6 +725,7 @@ function photos_content(App $a)
|
|||
'$existalbumtext' => DI::l10n()->t('or select existing album:'),
|
||||
'$nosharetext' => DI::l10n()->t('Do not show a status post for this upload'),
|
||||
'$albumselect' => $albumselect,
|
||||
'$selname' => $selname,
|
||||
'$permissions' => DI::l10n()->t('Permissions'),
|
||||
'$aclselect' => $aclselect_e,
|
||||
'$lockstate' => ACL::getLockstateForUserId($a->getLoggedInUserId()) ? 'lock' : 'unlock',
|
||||
|
|
|
@ -105,14 +105,12 @@ class APContact
|
|||
/**
|
||||
* Fetches a profile from a given url
|
||||
*
|
||||
* @param string $url profile url
|
||||
* @param boolean $update true = always update, false = never update, null = update when not found or outdated
|
||||
* @param string $url profile url
|
||||
* @param ?boolean $update true = always update, false = never update, null = update when not found or outdated
|
||||
* @return array profile array
|
||||
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
|
||||
* @throws \ImagickException
|
||||
* @todo Rewrite parameter $update to avoid true|false|null (boolean is binary, null adds a third case)
|
||||
*/
|
||||
public static function getByURL(string $url, $update = null): array
|
||||
public static function getByURL(string $url, bool $update = null): array
|
||||
{
|
||||
if (empty($url) || Network::isUrlBlocked($url)) {
|
||||
Logger::info('Domain is blocked', ['url' => $url]);
|
||||
|
|
|
@ -1,260 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (C) 2010-2024, the Friendica project
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace Friendica\Module;
|
||||
|
||||
use Friendica\Core\Hook;
|
||||
use Friendica\Core\Protocol;
|
||||
use Friendica\Core\System;
|
||||
use Friendica\Database\DBA;
|
||||
use Friendica\DI;
|
||||
use Friendica\Model\APContact;
|
||||
use Friendica\Model\Circle;
|
||||
use Friendica\Model\Item;
|
||||
use Friendica\Model\Post;
|
||||
use Friendica\Model\Tag;
|
||||
use Friendica\Model\User;
|
||||
use Friendica\Network\HTTPException;
|
||||
|
||||
/**
|
||||
* Outputs the permission tooltip HTML content for the provided item, photo or event id.
|
||||
*/
|
||||
class PermissionTooltip extends \Friendica\BaseModule
|
||||
{
|
||||
protected function rawContent(array $request = [])
|
||||
{
|
||||
$type = $this->parameters['type'];
|
||||
$referenceId = $this->parameters['id'];
|
||||
|
||||
$expectedTypes = ['item', 'photo', 'event'];
|
||||
if (!in_array($type, $expectedTypes)) {
|
||||
throw new HTTPException\BadRequestException(DI::l10n()->t('Wrong type "%s", expected one of: %s', $type, implode(', ', $expectedTypes)));
|
||||
}
|
||||
|
||||
$condition = ['id' => $referenceId, 'uid' => [0, DI::userSession()->getLocalUserId()]];
|
||||
if ($type == 'item') {
|
||||
$fields = ['uid', 'psid', 'private', 'uri-id', 'origin', 'network'];
|
||||
$model = Post::selectFirst($fields, $condition, ['order' => ['uid' => true]]);
|
||||
|
||||
if ($model['origin'] || ($model['network'] != Protocol::ACTIVITYPUB)) {
|
||||
$permissionSet = DI::permissionSet()->selectOneById($model['psid'], $model['uid']);
|
||||
$model['allow_cid'] = $permissionSet->allow_cid;
|
||||
$model['allow_gid'] = $permissionSet->allow_gid;
|
||||
$model['deny_cid'] = $permissionSet->deny_cid;
|
||||
$model['deny_gid'] = $permissionSet->deny_gid;
|
||||
} else {
|
||||
$model['allow_cid'] = [];
|
||||
$model['allow_gid'] = [];
|
||||
$model['deny_cid'] = [];
|
||||
$model['deny_gid'] = [];
|
||||
}
|
||||
} else {
|
||||
$fields = ['uid', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid'];
|
||||
$model = DBA::selectFirst($type, $fields, $condition);
|
||||
$model['allow_cid'] = DI::aclFormatter()->expand($model['allow_cid']);
|
||||
$model['allow_gid'] = DI::aclFormatter()->expand($model['allow_gid']);
|
||||
$model['deny_cid'] = DI::aclFormatter()->expand($model['deny_cid']);
|
||||
$model['deny_gid'] = DI::aclFormatter()->expand($model['deny_gid']);
|
||||
}
|
||||
|
||||
if (!DBA::isResult($model)) {
|
||||
throw new HttpException\NotFoundException(DI::l10n()->t('Model not found'));
|
||||
}
|
||||
|
||||
// Kept for backwards compatibility
|
||||
Hook::callAll('lockview_content', $model);
|
||||
|
||||
if ($type == 'item') {
|
||||
$receivers = $this->fetchReceivers($model['uri-id']);
|
||||
if (empty($receivers)) {
|
||||
switch ($model['private']) {
|
||||
case Item::PUBLIC:
|
||||
$receivers = DI::l10n()->t('Public');
|
||||
break;
|
||||
|
||||
case Item::UNLISTED:
|
||||
$receivers = DI::l10n()->t('Unlisted');
|
||||
break;
|
||||
|
||||
case Item::PRIVATE:
|
||||
$receivers = DI::l10n()->t('Limited/Private');
|
||||
break;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$receivers = '';
|
||||
}
|
||||
|
||||
if (empty($model['allow_cid'])
|
||||
&& empty($model['allow_gid'])
|
||||
&& empty($model['deny_cid'])
|
||||
&& empty($model['deny_gid'])
|
||||
&& empty($receivers))
|
||||
{
|
||||
echo DI::l10n()->t('Remote privacy information not available.');
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!empty($model['allow_cid']) || !empty($model['allow_gid']) || !empty($model['deny_cid']) || !empty($model['deny_gid'])) {
|
||||
$receivers = $this->fetchReceiversFromACL($model);
|
||||
}
|
||||
|
||||
$this->httpExit(DI::l10n()->t('Visible to:') . '<br />' . $receivers);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch a list of receivers based on the ACL data
|
||||
*
|
||||
* @param array $model
|
||||
* @return string
|
||||
*/
|
||||
private function fetchReceiversFromACL(array $model)
|
||||
{
|
||||
$allowed_users = $model['allow_cid'];
|
||||
$allowed_circles = $model['allow_gid'];
|
||||
$deny_users = $model['deny_cid'];
|
||||
$deny_circles = $model['deny_gid'];
|
||||
|
||||
$l = [];
|
||||
|
||||
if (count($allowed_circles)) {
|
||||
$key = array_search(Circle::FOLLOWERS, $allowed_circles);
|
||||
if ($key !== false) {
|
||||
$l[] = '<b>' . DI::l10n()->t('Followers') . '</b>';
|
||||
unset($allowed_circles[$key]);
|
||||
}
|
||||
|
||||
$key = array_search(Circle::MUTUALS, $allowed_circles);
|
||||
if ($key !== false) {
|
||||
$l[] = '<b>' . DI::l10n()->t('Mutuals') . '</b>';
|
||||
unset($allowed_circles[$key]);
|
||||
}
|
||||
|
||||
foreach (DI::dba()->selectToArray('group', ['name'], ['id' => $allowed_circles]) as $circle) {
|
||||
$l[] = '<b>' . $circle['name'] . '</b>';
|
||||
}
|
||||
}
|
||||
|
||||
foreach (DI::dba()->selectToArray('contact', ['name'], ['id' => $allowed_users]) as $contact) {
|
||||
$l[] = $contact['name'];
|
||||
}
|
||||
|
||||
if (count($deny_circles)) {
|
||||
$key = array_search(Circle::FOLLOWERS, $deny_circles);
|
||||
if ($key !== false) {
|
||||
$l[] = '<b><strike>' . DI::l10n()->t('Followers') . '</strike></b>';
|
||||
unset($deny_circles[$key]);
|
||||
}
|
||||
|
||||
$key = array_search(Circle::MUTUALS, $deny_circles);
|
||||
if ($key !== false) {
|
||||
$l[] = '<b><strike>' . DI::l10n()->t('Mutuals') . '</strike></b>';
|
||||
unset($deny_circles[$key]);
|
||||
}
|
||||
|
||||
foreach (DI::dba()->selectToArray('group', ['name'], ['id' => $allowed_circles]) as $circle) {
|
||||
$l[] = '<b><strike>' . $circle['name'] . '</strike></b>';
|
||||
}
|
||||
}
|
||||
|
||||
foreach (DI::dba()->selectToArray('contact', ['name'], ['id' => $deny_users]) as $contact) {
|
||||
$l[] = '<strike>' . $contact['name'] . '</strike>';
|
||||
}
|
||||
|
||||
return implode(', ', $l);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch a list of receivers
|
||||
*
|
||||
* @param int $uriId
|
||||
* @return string
|
||||
*/
|
||||
private function fetchReceivers(int $uriId): string
|
||||
{
|
||||
$own_url = '';
|
||||
$uid = DI::userSession()->getLocalUserId();
|
||||
if ($uid) {
|
||||
$owner = User::getOwnerDataById($uid);
|
||||
if (!empty($owner['url'])) {
|
||||
$own_url = $owner['url'];
|
||||
}
|
||||
}
|
||||
|
||||
$receivers = [];
|
||||
foreach (Tag::getByURIId($uriId, [Tag::TO, Tag::CC, Tag::BCC, Tag::AUDIENCE, Tag::ATTRIBUTED]) as $receiver) {
|
||||
// We only display BCC when it contains the current user
|
||||
if (($receiver['type'] == Tag::BCC) && ($receiver['url'] != $own_url)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
switch (Tag::getTargetType($receiver['url'], false)) {
|
||||
case Tag::PUBLIC_COLLECTION:
|
||||
$receivers[$receiver['type']][] = DI::l10n()->t('Public');
|
||||
break;
|
||||
case Tag::GENERAL_COLLECTION:
|
||||
$receivers[$receiver['type']][] = DI::l10n()->t('Collection (%s)', $receiver['name']);
|
||||
break;
|
||||
case Tag::FOLLOWER_COLLECTION:
|
||||
$apcontact = DBA::selectFirst('apcontact', ['name'], ['followers' => $receiver['url']]);
|
||||
$receivers[$receiver['type']][] = DI::l10n()->t('Followers (%s)', $apcontact['name'] ?? $receiver['name']);
|
||||
break;
|
||||
case Tag::ACCOUNT:
|
||||
$apcontact = APContact::getByURL($receiver['url'], false);
|
||||
$receivers[$receiver['type']][] = $apcontact['name'] ?? $receiver['name'];
|
||||
break;
|
||||
default:
|
||||
$receivers[$receiver['type']][] = $receiver['name'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$output = '';
|
||||
|
||||
foreach ($receivers as $type => $receiver) {
|
||||
$max = DI::config()->get('system', 'max_receivers');
|
||||
$total = count($receiver);
|
||||
if ($total > $max) {
|
||||
$receiver = array_slice($receiver, 0, $max);
|
||||
$receiver[] = DI::l10n()->t('%d more', $total - $max);
|
||||
}
|
||||
switch ($type) {
|
||||
case Tag::TO:
|
||||
$output .= DI::l10n()->t('<b>To:</b> %s<br>', implode(', ', $receiver));
|
||||
break;
|
||||
case Tag::CC:
|
||||
$output .= DI::l10n()->t('<b>CC:</b> %s<br>', implode(', ', $receiver));
|
||||
break;
|
||||
case Tag::BCC:
|
||||
$output .= DI::l10n()->t('<b>BCC:</b> %s<br>', implode(', ', $receiver));
|
||||
break;
|
||||
case Tag::AUDIENCE:
|
||||
$output .= DI::l10n()->t('<b>Audience:</b> %s<br>', implode(', ', $receiver));
|
||||
break;
|
||||
case Tag::ATTRIBUTED:
|
||||
$output .= DI::l10n()->t('<b>Attributed To:</b> %s<br>', implode(', ', $receiver));
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return $output;
|
||||
}
|
||||
}
|
267
src/Module/Privacy/PermissionTooltip.php
Normal file
267
src/Module/Privacy/PermissionTooltip.php
Normal file
|
@ -0,0 +1,267 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (C) 2010-2024, the Friendica project
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace Friendica\Module\Privacy;
|
||||
|
||||
use Friendica\App;
|
||||
use Friendica\Core\Config\Capability\IManageConfigValues;
|
||||
use Friendica\Core\Hook;
|
||||
use Friendica\Core\L10n;
|
||||
use Friendica\Core\Protocol;
|
||||
use Friendica\Core\Renderer;
|
||||
use Friendica\Core\Session\Capability\IHandleUserSessions;
|
||||
use Friendica\Database\Database;
|
||||
use Friendica\Model;
|
||||
use Friendica\Module\Response;
|
||||
use Friendica\Network\HTTPException;
|
||||
use Friendica\Network\HTTPException\InternalServerErrorException;
|
||||
use Friendica\Privacy\Entity;
|
||||
use Friendica\Security\PermissionSet\Repository\PermissionSet;
|
||||
use Friendica\Util\ACLFormatter;
|
||||
use Friendica\Util\Profiler;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
||||
/**
|
||||
* Outputs the permission tooltip HTML content for the provided item, photo or event id.
|
||||
*/
|
||||
class PermissionTooltip extends \Friendica\BaseModule
|
||||
{
|
||||
private Database $dba;
|
||||
private ACLFormatter $aclFormatter;
|
||||
private IHandleUserSessions $session;
|
||||
private IManageConfigValues $config;
|
||||
private PermissionSet $permissionSet;
|
||||
|
||||
public function __construct(PermissionSet $permissionSet, IManageConfigValues $config, IHandleUserSessions $session, ACLFormatter $aclFormatter, Database $dba, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, Response $response, array $server, array $parameters = [])
|
||||
{
|
||||
parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
|
||||
|
||||
$this->dba = $dba;
|
||||
$this->aclFormatter = $aclFormatter;
|
||||
$this->session = $session;
|
||||
$this->config = $config;
|
||||
$this->permissionSet = $permissionSet;
|
||||
}
|
||||
|
||||
protected function rawContent(array $request = [])
|
||||
{
|
||||
$type = $this->parameters['type'];
|
||||
$referenceId = $this->parameters['id'];
|
||||
|
||||
$expectedTypes = ['item', 'photo', 'event'];
|
||||
if (!in_array($type, $expectedTypes)) {
|
||||
throw new HTTPException\BadRequestException($this->t('Wrong type "%s", expected one of: %s', $type, implode(', ', $expectedTypes)));
|
||||
}
|
||||
|
||||
$condition = ['id' => $referenceId, 'uid' => [0, $this->session->getLocalUserId()]];
|
||||
if ($type == 'item') {
|
||||
$fields = ['uid', 'psid', 'private', 'uri-id', 'origin', 'network'];
|
||||
$model = Model\Post::selectFirst($fields, $condition, ['order' => ['uid' => true]]);
|
||||
|
||||
if ($model['origin'] || ($model['network'] != Protocol::ACTIVITYPUB)) {
|
||||
$permissionSet = $this->permissionSet->selectOneById($model['psid'], $model['uid']);
|
||||
$model['allow_cid'] = $permissionSet->allow_cid;
|
||||
$model['allow_gid'] = $permissionSet->allow_gid;
|
||||
$model['deny_cid'] = $permissionSet->deny_cid;
|
||||
$model['deny_gid'] = $permissionSet->deny_gid;
|
||||
} else {
|
||||
$model['allow_cid'] = [];
|
||||
$model['allow_gid'] = [];
|
||||
$model['deny_cid'] = [];
|
||||
$model['deny_gid'] = [];
|
||||
}
|
||||
} else {
|
||||
$fields = ['uid', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid'];
|
||||
$model = $this->dba->selectFirst($type, $fields, $condition);
|
||||
$model['allow_cid'] = $this->aclFormatter->expand($model['allow_cid']);
|
||||
$model['allow_gid'] = $this->aclFormatter->expand($model['allow_gid']);
|
||||
$model['deny_cid'] = $this->aclFormatter->expand($model['deny_cid']);
|
||||
$model['deny_gid'] = $this->aclFormatter->expand($model['deny_gid']);
|
||||
}
|
||||
|
||||
if (!$this->dba->isResult($model)) {
|
||||
throw new HttpException\NotFoundException($this->t('Model not found'));
|
||||
}
|
||||
|
||||
// Kept for backwards compatibility
|
||||
Hook::callAll('lockview_content', $model);
|
||||
|
||||
$aclReceivers = new Entity\AclReceivers();
|
||||
$addressedReceivers = new Entity\AddressedReceivers();
|
||||
if (!empty($model['allow_cid']) || !empty($model['allow_gid']) || !empty($model['deny_cid']) || !empty($model['deny_gid'])) {
|
||||
$aclReceivers = $this->fetchReceiversFromACL($model);
|
||||
} elseif ($type == 'item') {
|
||||
$addressedReceivers = $this->fetchAddressedReceivers($model['uri-id']);
|
||||
}
|
||||
|
||||
$privacy = '';
|
||||
switch ($model['private'] ?? null) {
|
||||
case Model\Item::PUBLIC: $privacy = $this->t('Public'); break;
|
||||
case Model\Item::UNLISTED: $privacy = $this->t('Unlisted'); break;
|
||||
case Model\Item::PRIVATE: $privacy = $this->t('Limited/Private'); break;
|
||||
}
|
||||
|
||||
if ($aclReceivers->isEmpty() && $addressedReceivers->isEmpty() && empty($privacy))
|
||||
{
|
||||
echo $this->t('Remote privacy information not available.');
|
||||
exit;
|
||||
}
|
||||
|
||||
$tpl = Renderer::getMarkupTemplate('privacy/permission_tooltip.tpl');
|
||||
$output = Renderer::replaceMacros($tpl, [
|
||||
'$l10n' => [
|
||||
'visible_to' => $this->t('Visible to:'),
|
||||
'to' => $this->t('To:'),
|
||||
'cc' => $this->t('CC:'),
|
||||
'bcc' => $this->t('BCC:'),
|
||||
'audience' => $this->t('Audience:'),
|
||||
'attributed' => $this->t('Attributed To:'),
|
||||
],
|
||||
'$aclReceivers' => $aclReceivers,
|
||||
'$addressedReceivers' => $addressedReceivers,
|
||||
'$privacy' => $privacy,
|
||||
]);
|
||||
|
||||
$this->httpExit($output);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws \Exception
|
||||
*/
|
||||
private function fetchReceiversFromACL(array $model): Entity\AclReceivers
|
||||
{
|
||||
$allow_cid = $model['allow_cid'];
|
||||
$allow_gid = $model['allow_gid'];
|
||||
$deny_cid = $model['deny_cid'];
|
||||
$deny_gid = $model['deny_gid'];
|
||||
|
||||
$allowContacts = [];
|
||||
$allowCircles = [];
|
||||
$denyContacts = [];
|
||||
$denyCircles = [];
|
||||
|
||||
if (count($allow_gid)) {
|
||||
$key = array_search(Model\Circle::FOLLOWERS, $allow_gid);
|
||||
if ($key !== false) {
|
||||
$allowCircles[] = $this->t('Followers');
|
||||
unset($allow_gid[$key]);
|
||||
}
|
||||
|
||||
$key = array_search(Model\Circle::MUTUALS, $allow_gid);
|
||||
if ($key !== false) {
|
||||
$allowCircles[] = $this->t('Mutuals');
|
||||
unset($allow_gid[$key]);
|
||||
}
|
||||
|
||||
foreach ($this->dba->selectToArray('group', ['name'], ['id' => $allow_gid]) as $circle) {
|
||||
$allowCircles[] = $circle['name'];
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($this->dba->selectToArray('contact', ['name'], ['id' => $allow_cid]) as $contact) {
|
||||
$allowContacts[] = $contact['name'];
|
||||
}
|
||||
|
||||
if (count($deny_gid)) {
|
||||
$key = array_search(Model\Circle::FOLLOWERS, $deny_gid);
|
||||
if ($key !== false) {
|
||||
$denyCircles[] = $this->t('Followers');
|
||||
unset($deny_gid[$key]);
|
||||
}
|
||||
|
||||
$key = array_search(Model\Circle::MUTUALS, $deny_gid);
|
||||
if ($key !== false) {
|
||||
$denyCircles[] = $this->t('Mutuals');
|
||||
unset($deny_gid[$key]);
|
||||
}
|
||||
|
||||
foreach ($this->dba->selectToArray('group', ['name'], ['id' => $allow_gid]) as $circle) {
|
||||
$denyCircles[] = $circle['name'];
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($this->dba->selectToArray('contact', ['name'], ['id' => $deny_cid]) as $contact) {
|
||||
$denyContacts[] = $contact['name'];
|
||||
}
|
||||
|
||||
return new Entity\AclReceivers($allowContacts, $allowCircles, $denyContacts, $denyCircles);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws InternalServerErrorException
|
||||
*/
|
||||
private function fetchAddressedReceivers(int $uriId): Entity\AddressedReceivers
|
||||
{
|
||||
$own_url = '';
|
||||
$uid = $this->session->getLocalUserId();
|
||||
if ($uid) {
|
||||
$owner = Model\User::getOwnerDataById($uid);
|
||||
if (!empty($owner['url'])) {
|
||||
$own_url = $owner['url'];
|
||||
}
|
||||
}
|
||||
|
||||
$receivers = [];
|
||||
foreach (Model\Tag::getByURIId($uriId, [Model\Tag::TO, Model\Tag::CC, Model\Tag::BCC, Model\Tag::AUDIENCE, Model\Tag::ATTRIBUTED]) as $receiver) {
|
||||
// We only display BCC when it contains the current user
|
||||
if (($receiver['type'] == Model\Tag::BCC) && ($receiver['url'] != $own_url)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
switch (Model\Tag::getTargetType($receiver['url'], false)) {
|
||||
case Model\Tag::PUBLIC_COLLECTION:
|
||||
$receivers[$receiver['type']][] = $this->t('Public');
|
||||
break;
|
||||
case Model\Tag::GENERAL_COLLECTION:
|
||||
$receivers[$receiver['type']][] = $this->t('Collection (%s)', $receiver['name']);
|
||||
break;
|
||||
case Model\Tag::FOLLOWER_COLLECTION:
|
||||
$apcontact = $this->dba->selectFirst('apcontact', ['name'], ['followers' => $receiver['url']]);
|
||||
$receivers[$receiver['type']][] = $this->t('Followers (%s)', $apcontact['name'] ?? $receiver['name']);
|
||||
break;
|
||||
case Model\Tag::ACCOUNT:
|
||||
$apcontact = Model\APContact::getByURL($receiver['url'], false);
|
||||
$receivers[$receiver['type']][] = $apcontact['name'] ?? $receiver['name'];
|
||||
break;
|
||||
default:
|
||||
$receivers[$receiver['type']][] = $receiver['name'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($receivers as $type => $receiver) {
|
||||
$max = $this->config->get('system', 'max_receivers');
|
||||
$total = count($receiver);
|
||||
if ($total > $max) {
|
||||
$receivers[$type] = array_slice($receiver, 0, $max);
|
||||
$receivers[$type][] = $this->t('%d more', $total - $max);
|
||||
}
|
||||
}
|
||||
|
||||
return new Entity\AddressedReceivers(
|
||||
$receivers[Model\Tag::TO] ?? [],
|
||||
$receivers[Model\Tag::CC] ?? [],
|
||||
$receivers[Model\Tag::BCC] ?? [],
|
||||
$receivers[Model\Tag::AUDIENCE] ?? [],
|
||||
$receivers[Model\Tag::ATTRIBUTED] ?? [],
|
||||
);
|
||||
}
|
||||
}
|
45
src/Privacy/Entity/AclReceivers.php
Normal file
45
src/Privacy/Entity/AclReceivers.php
Normal file
|
@ -0,0 +1,45 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (C) 2010-2024, the Friendica project
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace Friendica\Privacy\Entity;
|
||||
|
||||
use Friendica\BaseEntity;
|
||||
|
||||
class AclReceivers extends BaseEntity
|
||||
{
|
||||
protected array $allowContacts = [];
|
||||
protected array $allowCircles = [];
|
||||
protected array $denyContacts = [];
|
||||
protected array $denyCircles = [];
|
||||
|
||||
public function __construct(array $allowContacts = [], array $allowCircles = [], array $denyContacts = [], array $denyCircles = [])
|
||||
{
|
||||
$this->allowContacts = $allowContacts;
|
||||
$this->allowCircles = $allowCircles;
|
||||
$this->denyContacts = $denyContacts;
|
||||
$this->denyCircles = $denyCircles;
|
||||
}
|
||||
|
||||
public function isEmpty(): bool
|
||||
{
|
||||
return empty($this->allowContacts) && empty($this->allowCircles) && empty($this->denyContacts) && empty($this->denyCircles);
|
||||
}
|
||||
}
|
47
src/Privacy/Entity/AddressedReceivers.php
Normal file
47
src/Privacy/Entity/AddressedReceivers.php
Normal file
|
@ -0,0 +1,47 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (C) 2010-2024, the Friendica project
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace Friendica\Privacy\Entity;
|
||||
|
||||
use Friendica\BaseEntity;
|
||||
|
||||
class AddressedReceivers extends BaseEntity
|
||||
{
|
||||
protected array $to = [];
|
||||
protected array $cc = [];
|
||||
protected array $bcc = [];
|
||||
protected array $audience = [];
|
||||
protected array $attributed = [];
|
||||
|
||||
public function __construct(array $to = [], array $cc = [], array $bcc = [], array $audience = [], array $attributed = [])
|
||||
{
|
||||
$this->to = $to;
|
||||
$this->cc = $cc;
|
||||
$this->bcc = $bcc;
|
||||
$this->audience = $audience;
|
||||
$this->attributed = $attributed;
|
||||
}
|
||||
|
||||
public function isEmpty(): bool
|
||||
{
|
||||
return empty($this->to) && empty($this->cc) && empty($this->bcc) && empty($this->audience) && empty($this->attributed);
|
||||
}
|
||||
}
|
|
@ -565,7 +565,7 @@ return [
|
|||
'/opensearch' => [Module\OpenSearch::class, [R::GET]],
|
||||
|
||||
'/parseurl' => [Module\ParseUrl::class, [R::GET]],
|
||||
'/permission/tooltip/{type}/{id:\d+}' => [Module\PermissionTooltip::class, [R::GET]],
|
||||
'/permission/tooltip/{type}/{id:\d+}' => [Module\Privacy\PermissionTooltip::class, [R::GET]],
|
||||
|
||||
'/photo' => [
|
||||
'/{size:thumb_small|scaled_full}_{name}' => [Module\Photo::class, [R::GET]],
|
||||
|
|
File diff suppressed because it is too large
Load diff
50
view/templates/privacy/permission_tooltip.tpl
Normal file
50
view/templates/privacy/permission_tooltip.tpl
Normal file
|
@ -0,0 +1,50 @@
|
|||
{{$l10n.visible_to}}<br>
|
||||
{{if !$aclReceivers->isEmpty()}}
|
||||
{{foreach from=$aclReceivers->allowCircles item=circle name=allowCircles}}
|
||||
<b>{{$circle}}</b>
|
||||
{{if !$smarty.foreach.allowCircles.last}}, {{/if}}
|
||||
{{/foreach}}
|
||||
{{if $aclReceivers->allowContacts && $aclReceivers->allowCircles}}, {{/if}}
|
||||
{{foreach from=$aclReceivers->allowContacts item=contact name=allowContacts}}
|
||||
{{$contact}}
|
||||
{{if !$smarty.foreach.allowContacts.last}}, {{/if}}
|
||||
{{/foreach}}
|
||||
{{if $aclReceivers->denyCircles && ($aclReceivers->allowContacts || $aclReceivers->allowCircles)}}, {{/if}}
|
||||
{{foreach from=$aclReceivers->denyCircles item=circle name=denyCircles}}
|
||||
<b><s>{{$circle}}</s></b>
|
||||
{{if !$smarty.foreach.denyCircles.last}}, {{/if}}
|
||||
{{/foreach}}
|
||||
{{if $aclReceivers->denyContacts && ($aclReceivers->denyCircles || $aclReceivers->allowContacts || $aclReceivers->allowCircles)}}, {{/if}}
|
||||
{{foreach from=$aclReceivers->denyContacts item=contact name=denyContacts}}
|
||||
<s>{{$contact}}</s>
|
||||
{{if !$smarty.foreach.denyContacts.last}}, {{/if}}
|
||||
{{/foreach}}
|
||||
{{elseif !$addressedReceivers->isEmpty()}}
|
||||
{{if $addressedReceivers->to}}
|
||||
<b>{{$l10n.to}}</b>
|
||||
{{', '|join:$addressedReceivers->to}}
|
||||
<br>
|
||||
{{/if}}
|
||||
{{if $addressedReceivers->cc}}
|
||||
<b>{{$l10n.cc}}</b>
|
||||
{{', '|join:$addressedReceivers->cc}}
|
||||
<br>
|
||||
{{/if}}
|
||||
{{if $addressedReceivers->bcc}}
|
||||
<b>{{$l10n.bcc}}</b>
|
||||
{{', '|join:$addressedReceivers->bcc}}
|
||||
<br>
|
||||
{{/if}}
|
||||
{{if $addressedReceivers->audience}}
|
||||
<b>{{$l10n.audience}}</b>
|
||||
{{', '|join:$addressedReceivers->audience}}
|
||||
<br>
|
||||
{{/if}}
|
||||
{{if $addressedReceivers->attributed}}
|
||||
<b>{{$l10n.attributed}}</b>
|
||||
{{', '|join:$addressedReceivers->attributed}}
|
||||
<br>
|
||||
{{/if}}
|
||||
{{else}}
|
||||
{{$privacy}}
|
||||
{{/if}}
|
|
@ -9,7 +9,11 @@
|
|||
<label id="photos-upload-text" for="photos-upload-newalbum">{{$newalbum}}</label>
|
||||
|
||||
<input id="photos-upload-album-select" class="form-control" placeholder="{{$existalbumtext}}" list="dl-photo-upload" type="text" name="album" size="4">
|
||||
<datalist id="dl-photo-upload">{{$albumselect nofilter}}</datalist>
|
||||
<datalist id="dl-photo-upload">
|
||||
{{foreach $albumselect as $value => $name}}
|
||||
<option value="{{$value}}"{{if $selname == $value}} selected{{/if}}>{{$name}}</option>
|
||||
{{/foreach}}
|
||||
</datalist>
|
||||
</div>
|
||||
<div id="photos-upload-end" class="clearfix"></div>
|
||||
|
||||
|
|
Loading…
Reference in a new issue