Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-23 00:30:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

Get rid of App->user completely

Browse source
This commit is contained in:
Michael 2021-08-08 19:30:21 +00:00
parent fc283ab928
commit 28090bd793
39 changed files with 158 additions and 234 deletions
Download patch file Download diff file Expand all files Collapse all files

16
src/Module/BaseApi.php
View file

@ -75,9 +75,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -86,9 +84,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -97,9 +93,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -108,9 +102,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}

10
src/Module/Bookmarklet.php
View file

@ -59,16 +59,6 @@ class Bookmarklet extends BaseModule
$content = "\n" . PageInfo::getFooterFromUrl($_REQUEST['url']);
$x = [
'is_owner' => true,
'allow_location' => $app->getUserValue('allow_location'),
'default_location' => $app->getUserValue('default-location'),
'nickname' => $app->getNickname(),
'lockstate' => ACL::getLockstateForUserId($app->getUserId()) ? 'lock' : 'unlock',
'default_perms' => ACL::getDefaultUserPermissions($app->user),
'acl' => ACL::getFullSelectorHTML(DI::page(), $app->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
'title' => trim($_REQUEST['title'] ?? '', '*'),
'content' => $content
];

16
src/Module/Contact.php
View file

@ -169,8 +169,7 @@ class Contact extends BaseModule
}
if ($contact['network'] == Protocol::OSTATUS) {
$user = Model\User::getById($contact['uid']);
$result = Model\Contact::createFromProbe($user, $contact['url'], false, $contact['network']);
$result = Model\Contact::createFromProbe($contact['uid'], $contact['url'], $contact['network']);
if ($result['success']) {
DBA::update('contact', ['subhub' => 1], ['id' => $contact_id]);
@ -935,18 +934,7 @@ class Contact extends BaseModule
if (!$update) {
// We need the editor here to be able to reshare an item.
if (local_user()) {
$x = [
'is_owner' => true,
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => (is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock'),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o = status_editor($a, $x, 0, true);
$o = status_editor($a, [], 0, true);
}
}

13
src/Module/Conversation/Community.php
View file

@ -128,18 +128,7 @@ class Community extends BaseModule
// We need the editor here to be able to reshare an item.
if (Session::isAuthenticated()) {
$x = [
'is_owner' => true,
'allow_location' => DI::app()->getUserValue('allow_location'),
'default_location' => DI::app()->getUserValue('default-location'),
'nickname' => DI::app()->getNickname(),
'lockstate' => ACL::getLockstateForUserId(DI::app()->getUserId()) ? 'lock' : 'unlock',
'acl' => ACL::getFullSelectorHTML(DI::page(), DI::app()->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o .= status_editor(DI::app(), $x, 0, true);
$o .= status_editor(DI::app(), [], 0, true);
}
}

9
src/Module/Conversation/Network.php
View file

@ -139,16 +139,9 @@ class Network extends BaseModule
}
$x = [
'is_owner' => true,
'allow_location' => $a->getUserValue('allow_location'),
'default_location' => $a->getUserValue('default-location'),
'nickname' => $a->getNickname(),
'lockstate' => self::$groupId || self::$forumContactId || self::$network || ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock',
'default_perms' => ACL::getDefaultUserPermissions($a->user),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true, $default_permissions),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), true, $default_permissions),
'bang' => ((self::$groupId || self::$forumContactId || self::$network) ? '!' : ''),
'visitor' => 'block',
'profile_uid' => local_user(),
'content' => $content,
];

2
src/Module/Delegation.php
View file

@ -45,7 +45,7 @@ class Delegation extends BaseModule
}
$uid = local_user();
$orig_record = DI::app()->user;
$orig_record = User::getById(DI::app()->getUserId());
if (Session::get('submanage')) {
$user = User::getById(Session::get('submanage'));

5
src/Module/Invite.php
View file

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\DI;
use Friendica\Model;
use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Protocol\Email;
use Friendica\Util\Strings;
@ -71,6 +72,8 @@ class Invite extends BaseModule
}
}
$user = User::getById(local_user());
foreach ($recipients as $recipient) {
$recipient = trim($recipient);
@ -95,7 +98,7 @@ class Invite extends BaseModule
$nmessage = $message;
}
$additional_headers = 'From: "' . $app->getUserValue('email') . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n"
$additional_headers = 'From: "' . $user['email'] . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit';

2
src/Module/Item/Compose.php
View file

@ -186,7 +186,7 @@ class Compose extends BaseModule
'$jotplugins' => $jotplugins,
'$rand_num' => Crypto::randomDigits(12),
'$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->user, $doesFederate, [
'$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), $doesFederate, [
'allow_cid' => $contact_allow_list,
'allow_gid' => $group_allow_list,
'deny_cid' => $contact_deny_list,

73
src/Module/Magic.php
View file

@ -27,6 +27,7 @@ use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Util\HTTPSignature;
use Friendica\Util\Strings;
@ -76,52 +77,50 @@ class Magic extends BaseModule
System::externalRedirect($dest);
}
if (local_user()) {
$user = $a->user;
// OpenWebAuth
if (local_user() && $owa) {
$user = User::getById(local_user());
// OpenWebAuth
if ($owa) {
// Extract the basepath
// NOTE: we need another solution because this does only work
// for friendica contacts :-/ . We should have the basepath
// of a contact also in the contact table.
$exp = explode('/profile/', $contact['url']);
$basepath = $exp[0];
// Extract the basepath
// NOTE: we need another solution because this does only work
// for friendica contacts :-/ . We should have the basepath
// of a contact also in the contact table.
$exp = explode('/profile/', $contact['url']);
$basepath = $exp[0];
$header = [];
$header['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
$header['X-Open-Web-Auth'] = Strings::getRandomHex();
$header = [];
$header['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
$header['X-Open-Web-Auth'] = Strings::getRandomHex();
// Create a header that is signed with the local users private key.
$header = HTTPSignature::createSig(
$header,
$user['prvkey'],
'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '')
);
// Create a header that is signed with the local users private key.
$header = HTTPSignature::createSig(
$header,
$user['prvkey'],
'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '')
);
// Try to get an authentication token from the other instance.
$curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]);
// Try to get an authentication token from the other instance.
$curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]);
if ($curlResult->isSuccess()) {
$j = json_decode($curlResult->getBody(), true);
if ($curlResult->isSuccess()) {
$j = json_decode($curlResult->getBody(), true);
if ($j['success']) {
$token = '';
if ($j['encrypted_token']) {
// The token is encrypted. If the local user is really the one the other instance
// thinks he/she is, the token can be decrypted with the local users public key.
openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
} else {
$token = $j['token'];
}
$args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token;
Logger::info('Redirecting', ['path' => $dest . $args]);
System::externalRedirect($dest . $args);
if ($j['success']) {
$token = '';
if ($j['encrypted_token']) {
// The token is encrypted. If the local user is really the one the other instance
// thinks he/she is, the token can be decrypted with the local users public key.
openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
} else {
$token = $j['token'];
}
$args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token;
Logger::info('Redirecting', ['path' => $dest . $args]);
System::externalRedirect($dest . $args);
}
System::externalRedirect($dest);
}
System::externalRedirect($dest);
}
if ($test) {

6
src/Module/Profile/Status.php
View file

@ -125,11 +125,9 @@ class Status extends BaseProfile
$x = [
'is_owner' => $is_owner,
'allow_location' => ($is_owner || $commvisitor) && $profile['allow_location'],
'default_location' => $is_owner ? $a->getUserValue('default-location') : '',
'default_location' => $is_owner ? $profile['default-location'] : '',
'nickname' => $profile['nickname'],
'lockstate' => ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock',
'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->user, true) : '',
'bang' => '',
'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), true) : '',
'visitor' => $is_owner || $commvisitor ? 'block' : 'none',
'profile_uid' => $profile['uid'],
];

3
src/Module/Security/TwoFactor/Recovery.php
View file

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Security\TwoFactor\Model\RecoveryCode;
/**
@ -59,7 +60,7 @@ class Recovery extends BaseModule
Session::set('2fa', true);
info(DI::l10n()->t('Remaining recovery codes: %d', RecoveryCode::countValidForUser(local_user())));
DI::auth()->setForUser($a, $a->user, true, true);
DI::auth()->setForUser($a, User::getById($a->getUserId()), true, true);
} else {
notice(DI::l10n()->t('Invalid code, please retry.'));
}

3
src/Module/Security/TwoFactor/Verify.php
View file

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Model\User;
use PragmaRX\Google2FA\Google2FA;
use Friendica\Security\TwoFactor;
@ -70,7 +71,7 @@ class Verify extends BaseModule
}
// Resume normal login workflow
DI::auth()->setForUser($a, $a->user, true, true);
DI::auth()->setForUser($a, User::getById($a->getUserId()), true, true);
} else {
self::$errors[] = DI::l10n()->t('Invalid code, please retry.');
}

2
src/Module/Settings/Delegation.php
View file

@ -38,7 +38,7 @@ class Delegation extends BaseSettings
{
public static function post(array $parameters = [])
{
if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}

13
src/Module/Settings/Display.php
View file

@ -27,6 +27,7 @@ use Friendica\Core\Session;
use Friendica\Core\Theme;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Module\BaseSettings;
use Friendica\Network\HTTPException;
use Friendica\Util\Strings;
@ -38,13 +39,15 @@ class Display extends BaseSettings
{
public static function post(array $parameters = [])
{
if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
self::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : DI::app()->getUserValue('theme');
$user = User::getById(local_user());
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme'];
$mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$nosmile = !empty($_POST['nosmile']) ? intval($_POST['nosmile']) : 0;
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
@ -92,7 +95,7 @@ class Display extends BaseSettings
DI::pConfig()->set(local_user(), 'system', 'first_day_of_week' , $first_day_of_week);
if (in_array($theme, Theme::getAllowedList())) {
if ($theme == DI::app()->getUserValue('theme')) {
if ($theme == $user['theme']) {
// call theme_post only if theme has not been changed
if (($themeconfigfile = Theme::getConfigFile($theme)) !== null) {
require_once $themeconfigfile;
@ -128,6 +131,8 @@ class Display extends BaseSettings
$default_mobile_theme = 'none';
}
$user = User::getById(local_user());
$allowed_themes = Theme::getAllowedList();
$themes = [];
@ -152,7 +157,7 @@ class Display extends BaseSettings
}
}
$theme_selected = DI::app()->getUserValue('theme') ?: $default_theme;
$theme_selected = $user['theme'] ?: $default_theme;
$mobile_theme_selected = Session::get('mobile-theme', $default_mobile_theme);
$itemspage_network = intval(DI::pConfig()->get(local_user(), 'system', 'itemspage_network'));

4
src/Module/Settings/Profile/Index.php
View file

@ -172,7 +172,7 @@ class Index extends BaseSettings
'value' => ['profile_field[' . $profileField->id . '][value]', DI::l10n()->t('Value:'), $profileField->value],
'acl' => ACL::getFullSelectorHTML(
DI::page(),
$a->user,
$a->getUserId(),
false,
$defaultPermissions,
['network' => Protocol::DFRN],
@ -192,7 +192,7 @@ class Index extends BaseSettings
'value' => ['profile_field[new][value]', DI::l10n()->t('Value:')],
'acl' => ACL::getFullSelectorHTML(
DI::page(),
$a->user,
$a->getUserId(),
false,
['allow_cid' => []],
['network' => Protocol::DFRN],

9
src/Module/Settings/UserExport.php
View file

@ -90,7 +90,7 @@ class UserExport extends BaseSettings
*/
public static function rawContent(array $parameters = [])
{
if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
@ -98,21 +98,20 @@ class UserExport extends BaseSettings
if ($args->getArgc() == 3) {
// @TODO Replace with router-provided arguments
$action = $args->get(2);
$user = DI::app()->user;
switch ($action) {
case "backup":
header("Content-type: application/json");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '.' . $action . '"');
self::exportAll(local_user());
break;
case "account":
header("Content-type: application/json");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '.' . $action . '"');
self::exportAccount(local_user());
break;
case "contact":
header("Content-type: application/csv");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '-contacts.csv' . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '-contacts.csv' . '"');
self::exportContactsAsCSV(local_user());
break;
}