The profile page does now shows reshared items

This commit is contained in:
Michael 2020-11-03 19:24:47 +00:00
parent 5029b992ad
commit 4965d6aa54
4 changed files with 100 additions and 49 deletions

View file

@ -711,13 +711,28 @@ function conversation(App $a, array $items, $mode, $update, $preview = false, $o
*
* @param mixed $thread_items Database statement with thread posts
* @param boolean $pinned Is the item pinned?
* @param integer $causer Contact ID of the resharer
*
* @return array items with parents and comments
*/
function conversation_fetch_comments($thread_items, $pinned) {
function conversation_fetch_comments($thread_items, $pinned, $causer) {
$comments = [];
while ($row = Item::fetch($thread_items)) {
if (!empty($causer)) {
if (($row['gravity'] == GRAVITY_PARENT)) {
$row['post-type'] = Item::PT_ANNOUNCEMENT;
$row['causer-id'] = $causer;
$contact = Contact::getById($causer, ['url', 'name', 'thumb']);
$row['causer-link'] = $contact['url'];
$row['causer-avatar'] = $contact['thumb'];
$row['causer-name'] = $contact['name'];
} elseif (($row['gravity'] == GRAVITY_ACTIVITY) && ($row['verb'] == Activity::ANNOUNCE) &&
($row['author-id'] == $causer)) {
continue;
}
}
$name = $row['causer-contact-type'] == Contact::TYPE_RELAY ? $row['causer-link'] : $row['causer-name'];
switch ($row['post-type']) {
@ -810,9 +825,16 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
$items = [];
foreach ($parents AS $parent) {
if (!empty($parent['thr-parent-id']) && !empty($parent['gravity']) && ($parent['gravity'] == GRAVITY_ACTIVITY)) {
$condition = ["`item`.`parent-uri-id` = ? AND `item`.`uid` IN (0, ?) AND (`vid` != ? OR `vid` IS NULL)",
$parent['thr-parent-id'], $uid, Verb::getID(Activity::FOLLOW)];
$causer = $parent['author-id'] ?? 0;
} else {
$condition = ["`item`.`parent-uri` = ? AND `item`.`uid` IN (0, ?) AND (`vid` != ? OR `vid` IS NULL)",
$parent['uri'], $uid, Verb::getID(Activity::FOLLOW)];
$items = conversation_fetch_items($parent, $items, $condition, $block_authors, $params);
$causer = 0;
}
$items = conversation_fetch_items($parent, $items, $condition, $block_authors, $params, $causer);
}
foreach ($items as $index => $item) {
@ -834,16 +856,17 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
* @param array $condition
* @param boolean $block_authors
* @param array $params
* @param integer $causer
* @return array
*/
function conversation_fetch_items(array $parent, array $items, array $condition, bool $block_authors, array $params) {
function conversation_fetch_items(array $parent, array $items, array $condition, bool $block_authors, array $params, int $causer) {
if ($block_authors) {
$condition[0] .= " AND NOT `author`.`hidden`";
}
$thread_items = Item::selectForUser(local_user(), array_merge(Item::DISPLAY_FIELDLIST, ['contact-uid', 'gravity', 'post-type']), $condition, $params);
$comments = conversation_fetch_comments($thread_items, $parent['pinned'] ?? false);
$comments = conversation_fetch_comments($thread_items, $parent['pinned'] ?? false, $causer);
if (count($comments) != 0) {
$items = array_merge($items, $comments);

View file

@ -74,11 +74,19 @@ class Session
{
$session = DI::session();
if (empty($session->get('remote')[$uid])) {
return 0;
if (!empty($session->get('remote')[$uid])) {
$remote = $session->get('remote')[$uid];
} else {
$remote = 0;
}
return $session->get('remote')[$uid];
$local_user = !empty($session->get('authenticated')) ? $session->get('uid') : 0;
if (empty($remote) && ($local_user != $uid) && !empty($my_address = $session->get('my_address'))) {
$remote = Contact::getIdForURL($my_address, $uid, false);
}
return $remote;
}
/**

View file

@ -3400,6 +3400,36 @@ class Item
}
}
/**
* Fetch the SQL condition for the given user id
*
* @param integer $owner_id User ID for which the permissions should be fetched
* @return array condition
*/
public static function getPermissionsConditionArrayByUserId(int $owner_id)
{
$local_user = local_user();
$remote_user = Session::getRemoteContactID($owner_id);
// default permissions - anonymous user
$condition = ["`private` != ?", self::PRIVATE];
if ($local_user && ($local_user == $owner_id)) {
// Profile owner - everything is visible
$condition = [];
} elseif ($remote_user) {
// Authenticated visitor - fetch the matching permissionsets
$set = PermissionSet::get($owner_id, $remote_user);
if (!empty($set)) {
$condition = ["(`private` != ? OR (`private` = ? AND `wall` AND `psid` IN (?" . str_repeat(",?", count($set) - 1) . ")))",
Item::PRIVATE, Item::PRIVATE];
$condition = array_merge($condition, $set);
}
}
return $condition;
}
public static function getPermissionsSQLByUserId($owner_id)
{
$local_user = local_user();

View file

@ -25,6 +25,7 @@ use Friendica\Content\Nav;
use Friendica\Content\Pager;
use Friendica\Content\Widget;
use Friendica\Core\ACL;
use Friendica\Core\Protocol;
use Friendica\Core\Session;
use Friendica\Database\DBA;
use Friendica\DI;
@ -32,9 +33,11 @@ use Friendica\Model\Item;
use Friendica\Model\Post\Category;
use Friendica\Model\Profile as ProfileModel;
use Friendica\Model\User;
use Friendica\Model\Verb;
use Friendica\Module\BaseProfile;
use Friendica\Module\Security\Login;
use Friendica\Network\HTTPException;
use Friendica\Protocol\Activity;
use Friendica\Util\DateTimeFormat;
use Friendica\Security\Security;
use Friendica\Util\Strings;
@ -139,37 +142,32 @@ class Status extends BaseProfile
}
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid']);
$sql_extra2 = '';
$condition = Item::getPermissionsConditionArrayByUserId($a->profile['uid']);
$last_updated_array = Session::get('last_updated', []);
$sql_post_table = "";
if (!empty($category)) {
$sql_post_table = sprintf("INNER JOIN (SELECT `uri-id` FROM `category-view` WHERE `name` = '%s' AND `type` = %d AND `uid` = %d ORDER BY `uri-id` DESC) AS `category` ON `item`.`uri-id` = `category`.`uri-id` ",
DBA::escape(Strings::protectSprintf($category)), intval(Category::CATEGORY), intval($a->profile['uid']));
$condition = DBA::mergeConditions($condition, ["`uri-id` IN (SELECT `uri-id` FROM `category-view` WHERE `name` = ? AND `type` = ? AND `uid` = ?)",
$category, Category::CATEGORY, $a->profile['uid']]);
}
if (!empty($hashtags)) {
$sql_post_table .= sprintf("INNER JOIN (SELECT `uri-id` FROM `tag-search-view` WHERE `name` = '%s' AND `uid` = %d ORDER BY `uri-id` DESC) AS `tag-search` ON `item`.`uri-id` = `tag-search`.`uri-id` ",
DBA::escape(Strings::protectSprintf($hashtags)), intval($a->profile['uid']));
$condition = DBA::mergeConditions($condition, ["`uri-id` IN (SELECT `uri-id` FROM `tag-search-view` WHERE `name` = ? AND `uid` = ?)",
$hashtags, $a->profile['uid']]);
}
if (!empty($datequery)) {
$sql_extra2 .= Strings::protectSprintf(sprintf(" AND `thread`.`received` <= '%s' ", DBA::escape(DateTimeFormat::convert($datequery, 'UTC', date_default_timezone_get()))));
$condition = DBA::mergeConditions($condition, ["`received` <= ?", DateTimeFormat::convert($datequery, 'UTC', date_default_timezone_get())]);
}
if (!empty($datequery2)) {
$sql_extra2 .= Strings::protectSprintf(sprintf(" AND `thread`.`received` >= '%s' ", DBA::escape(DateTimeFormat::convert($datequery2, 'UTC', date_default_timezone_get()))));
$condition = DBA::mergeConditions($condition, ["`received` >= ?", DateTimeFormat::convert($datequery2, 'UTC', date_default_timezone_get())]);
}
// Does the profile page belong to a forum?
// If not then we can improve the performance with an additional condition
$condition = ['uid' => $a->profile['uid'], 'page-flags' => [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]];
if (!DBA::exists('user', $condition)) {
$sql_extra3 = sprintf(" AND `thread`.`contact-id` = %d ", intval(intval($a->profile['id'])));
} else {
$sql_extra3 = "";
$condition2 = ['uid' => $a->profile['uid'], 'page-flags' => [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]];
if (!DBA::exists('user', $condition2)) {
$condition = DBA::mergeConditions($condition, ['contact-id' => $a->profile['id']]);
}
if (DI::mode()->isMobile()) {
@ -180,31 +178,22 @@ class Status extends BaseProfile
DI::config()->get('system', 'itemspage_network'));
}
$condition = DBA::mergeConditions($condition, ["((`gravity` = ? AND `wall`) OR
(`gravity` = ? AND `vid` = ? AND `origin` AND `thr-parent-id` IN
(SELECT `uri-id` FROM `item` AS `i`
WHERE `gravity` = ? AND `network` IN (?, ?, ?, ?) AND `uid` IN (?, ?)
AND `i`.`uri-id` = `item`.`thr-parent-id`)))",
GRAVITY_PARENT, GRAVITY_ACTIVITY, Verb::getID(Activity::ANNOUNCE), GRAVITY_PARENT,
Protocol::DFRN, Protocol::ACTIVITYPUB, Protocol::DIASPORA, Protocol::OSTATUS,
0, $a->profile['uid']]);
$condition = DBA::mergeConditions($condition, ['uid' => $a->profile['uid'], 'network' => Protocol::FEDERATED,
'visible' => true, 'deleted' => false, 'moderated' => false]);
$pager = new Pager(DI::l10n(), $args->getQueryString(), $itemspage_network);
$params = ['limit' => [$pager->getStart(), $pager->getItemsPerPage()], 'order' => ['received' => true]];
$pager_sql = sprintf(" LIMIT %d, %d ", $pager->getStart(), $pager->getItemsPerPage());
$items_stmt = DBA::p(
"SELECT `item`.`uri`
FROM `thread`
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
$sql_post_table
STRAIGHT_JOIN `contact`
ON `contact`.`id` = `thread`.`contact-id`
AND NOT `contact`.`blocked`
AND NOT `contact`.`pending`
WHERE `thread`.`uid` = ?
AND `thread`.`visible`
AND NOT `thread`.`deleted`
AND NOT `thread`.`moderated`
AND `thread`.`wall`
$sql_extra3
$sql_extra
$sql_extra2
ORDER BY `thread`.`received` DESC
$pager_sql",
$a->profile['uid']
);
$items_stmt = DBA::select('item', ['uri', 'thr-parent-id', 'gravity', 'author-id'], $condition, $params);
// Set a time stamp for this page. We will make use of it when we
// search for new items (update routine)
@ -227,8 +216,9 @@ class Status extends BaseProfile
if ($pager->getStart() == 0 && !empty($a->profile['uid'])) {
$condition = ['private' => [Item::PUBLIC, Item::UNLISTED]];
if (remote_user()) {
$permissionSets = DI::permissionSet()->selectByContactId(remote_user(), $a->profile['uid']);
$remote_user = Session::getRemoteContactID($a->profile['uid']);
if (!empty($remote_user)) {
$permissionSets = DI::permissionSet()->selectByContactId($remote_user, $a->profile['uid']);
if (!empty($permissionSets)) {
$condition = ['psid' => array_merge($permissionSets->column('id'),
[DI::permissionSet()->getIdFromACL($a->profile['uid'], '', '', '', '')])];