Issue 11963: Set Permissions for attachments

This commit is contained in:
Michael 2024-05-10 17:14:05 +00:00
parent ee9510e17d
commit 567292533e
5 changed files with 90 additions and 65 deletions

View file

@ -45,7 +45,8 @@ use Friendica\Model\Post;
use Friendica\Network\HTTPException; use Friendica\Network\HTTPException;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
function item_post(App $a) { function item_post(App $a)
{
$uid = DI::userSession()->getLocalUserId(); $uid = DI::userSession()->getLocalUserId();
if (!$uid) { if (!$uid) {
@ -248,7 +249,7 @@ function item_process(array $post, array $request, bool $preview, string $return
$post['body'] .= DI::contentItem()->storeAttachmentFromRequest($request); $post['body'] .= DI::contentItem()->storeAttachmentFromRequest($request);
} }
$post = DI::contentItem()->finalizePost($post); $post = DI::contentItem()->finalizePost($post, $preview);
if (!strlen($post['body'])) { if (!strlen($post['body'])) {
if ($preview) { if ($preview) {
@ -286,7 +287,7 @@ function item_process(array $post, array $request, bool $preview, string $return
System::jsonExit(['preview' => $o]); System::jsonExit(['preview' => $o]);
} }
Hook::callAll('post_local',$post); Hook::callAll('post_local', $post);
unset($post['edit']); unset($post['edit']);
unset($post['self']); unset($post['self']);

View file

@ -48,7 +48,6 @@ use Friendica\Model\User;
use Friendica\Network\HTTPException; use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail; use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity; use Friendica\Protocol\Activity;
use Friendica\Protocol\ActivityPub;
use Friendica\Util\ACLFormatter; use Friendica\Util\ACLFormatter;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Emailer; use Friendica\Util\Emailer;
@ -912,40 +911,6 @@ class Item
return $post; return $post;
} }
public function moveAttachmentsFromBodyToAttach(array $post): array
{
if (!preg_match_all('/(\[attachment\]([0-9]+)\[\/attachment\])/', $post['body'], $match)) {
return $post;
}
foreach ($match[2] as $attachment_id) {
$attachment = Attach::selectFirst(['id', 'uid', 'filename', 'filesize', 'filetype'], ['id' => $attachment_id, 'uid' => $post['uid']]);
if (empty($attachment)) {
continue;
}
if ($post['attach']) {
$post['attach'] .= ',';
}
$post['attach'] .= Post\Media::getAttachElement(
$this->baseURL . '/attach/' . $attachment['id'],
$attachment['filesize'],
$attachment['filetype'],
$attachment['filename'] ?? ''
);
$fields = [
'allow_cid' => $post['allow_cid'], 'allow_gid' => $post['allow_gid'],
'deny_cid' => $post['deny_cid'], 'deny_gid' => $post['deny_gid']
];
$condition = ['id' => $attachment_id];
Attach::update($fields, $condition);
}
$post['body'] = str_replace($match[1], '', $post['body']);
return $post;
}
private function setObjectType(array $post): array private function setObjectType(array $post): array
{ {
if (empty($post['post-type'])) { if (empty($post['post-type'])) {
@ -1025,8 +990,13 @@ class Item
return $post; return $post;
} }
public function finalizePost(array $post): array public function finalizePost(array $post, bool $preview): array
{ {
if ($preview) {
$post['body'] = Attach::addAttachmentToBody($post['body'], $post['uid']);
} else {
Attach::setPermissionFromBody($post);
}
if (preg_match("/\[attachment\](.*?)\[\/attachment\]/ism", $post['body'], $matches)) { if (preg_match("/\[attachment\](.*?)\[\/attachment\]/ism", $post['body'], $matches)) {
$post['body'] = preg_replace("/\[attachment].*?\[\/attachment\]/ism", PageInfo::getFooterFromUrl($matches[1]), $post['body']); $post['body'] = preg_replace("/\[attachment].*?\[\/attachment\]/ism", PageInfo::getFooterFromUrl($matches[1]), $post['body']);
} }
@ -1080,7 +1050,7 @@ class Item
$to_author = DBA::selectFirst('account-view', ['ap-followers'], ['id' => $to['author-id']]); $to_author = DBA::selectFirst('account-view', ['ap-followers'], ['id' => $to['author-id']]);
$parent = Post::selectFirstPost(['author-id'], ['uri-id' => $parentUriId]); $parent = Post::selectFirstPost(['author-id'], ['uri-id' => $parentUriId]);
$parent_author = DBA::selectFirst('account-view', ['ap-followers'], ['id' => $parent['author-id']]); $parent_author = DBA::selectFirst('account-view', ['ap-followers'], ['id' => $parent['author-id']]);
$followers = ''; $followers = '';
foreach (array_column(Tag::getByURIId($parentUriId, [Tag::TO, Tag::CC, Tag::BCC]), 'url') as $url) { foreach (array_column(Tag::getByURIId($parentUriId, [Tag::TO, Tag::CC, Tag::BCC]), 'url') as $url) {
if ($url == $parent_author['ap-followers']) { if ($url == $parent_author['ap-followers']) {

View file

@ -30,6 +30,7 @@ use Friendica\Object\Image;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Mimetype; use Friendica\Util\Mimetype;
use Friendica\Security\Security; use Friendica\Security\Security;
use Friendica\Util\Network;
/** /**
* Class to handle attach database table * Class to handle attach database table
@ -109,16 +110,17 @@ class Attach
/** /**
* Retrieve a single record given the ID * Retrieve a single record given the ID
* *
* @param int $id Row id of the record * @param int $id Row id of the record
* @param int $uid User-Id
* *
* @return bool|array * @return bool|array
* *
* @throws \Exception * @throws \Exception
* @see \Friendica\Database\DBA::select * @see \Friendica\Database\DBA::select
*/ */
public static function getById(int $id) public static function getById(int $id, int $uid)
{ {
return self::selectFirst([], ['id' => $id]); return self::selectFirst([], ['id' => $id, 'uid' => $uid]);
} }
/** /**
@ -197,7 +199,7 @@ class Attach
* @return boolean|integer Row id on success, False on errors * @return boolean|integer Row id on success, False on errors
* @throws \Friendica\Network\HTTPException\InternalServerErrorException * @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/ */
public static function store(string $data, int $uid, string $filename, string $filetype = '' , int $filesize = null, string $allow_cid = '', string $allow_gid = '', string $deny_cid = '', string $deny_gid = '') public static function store(string $data, int $uid, string $filename, string $filetype = '', int $filesize = null, string $allow_cid = '', string $allow_gid = '', string $deny_cid = '', string $deny_gid = '')
{ {
if ($filetype === '') { if ($filetype === '') {
$filetype = Mimetype::getContentType($filename); $filetype = Mimetype::getContentType($filename);
@ -279,9 +281,9 @@ class Attach
{ {
if (!is_null($img)) { if (!is_null($img)) {
// get items to update // get items to update
$items = self::selectToArray(['backend-class','backend-ref'], $conditions); $items = self::selectToArray(['backend-class', 'backend-ref'], $conditions);
foreach($items as $item) { foreach ($items as $item) {
try { try {
$backend_class = DI::storageManager()->getWritableStorageByName($item['backend-class'] ?? ''); $backend_class = DI::storageManager()->getWritableStorageByName($item['backend-class'] ?? '');
$fields['backend-ref'] = $backend_class->put($img->asString(), $item['backend-ref'] ?? ''); $fields['backend-ref'] = $backend_class->put($img->asString(), $item['backend-ref'] ?? '');
@ -313,9 +315,9 @@ class Attach
public static function delete(array $conditions, array $options = []): bool public static function delete(array $conditions, array $options = []): bool
{ {
// get items to delete data info // get items to delete data info
$items = self::selectToArray(['backend-class','backend-ref'], $conditions); $items = self::selectToArray(['backend-class', 'backend-ref'], $conditions);
foreach($items as $item) { foreach ($items as $item) {
try { try {
$backend_class = DI::storageManager()->getWritableStorageByName($item['backend-class'] ?? ''); $backend_class = DI::storageManager()->getWritableStorageByName($item['backend-class'] ?? '');
$backend_class->delete($item['backend-ref'] ?? ''); $backend_class->delete($item['backend-ref'] ?? '');
@ -328,4 +330,41 @@ class Attach
return DBA::delete('attach', $conditions, $options); return DBA::delete('attach', $conditions, $options);
} }
public static function setPermissionFromBody(array $post)
{
preg_match_all("/\[attachment\](.*?)\[\/attachment\]/ism", $post['body'], $matches, PREG_SET_ORDER);
foreach ($matches as $attachment) {
if (Network::isLocalLink($attachment[1]) && preg_match('|.*?/attach/(\d+)|', $attachment[1], $match)) {
$fields = [
'allow_cid' => $post['allow_cid'], 'allow_gid' => $post['allow_gid'],
'deny_cid' => $post['deny_cid'], 'deny_gid' => $post['deny_gid']
];
self::update($fields, ['id' => $match[1], 'uid' => $post['uid']]);
}
}
}
public static function addAttachmentToBody(string $body, int $uid): string
{
preg_match_all("/\[attachment\](.*?)\[\/attachment\]/ism", $body, $matches, PREG_SET_ORDER);
foreach ($matches as $attachment) {
if (Network::isLocalLink($attachment[1]) && preg_match('|.*?/attach/(\d+)|', $attachment[1], $match)) {
$attach = self::getById($match[1], $uid);
if (empty($attach)) {
return $body;
}
$media = [
'type' => Post\Media::DOCUMENT,
'url' => $attachment[1],
'size' => $attach['filesize'],
'mimetype' => $attach['filetype'],
'description' => $attach['filename']
];
$media = Post\Media::addType($media);
$body = str_replace($attachment[0], Post\Media::addAttachmentToBody($media, ''), $body);
}
}
return $body;
}
} }

View file

@ -848,7 +848,7 @@ class Item
private static function prepareOriginPost(array $item): array private static function prepareOriginPost(array $item): array
{ {
$item = DI::contentItem()->initializePost($item); $item = DI::contentItem()->initializePost($item);
$item = DI::contentItem()->finalizePost($item); $item = DI::contentItem()->finalizePost($item, false);
return $item; return $item;
} }
@ -1044,7 +1044,7 @@ class Item
$item['deny_gid'] = $store_permissions ? $toplevel_parent['deny_gid'] : ''; $item['deny_gid'] = $store_permissions ? $toplevel_parent['deny_gid'] : '';
} }
$parent_origin = $toplevel_parent['origin']; $parent_origin = $toplevel_parent['origin'];
// Don't federate received participation messages // Don't federate received participation messages
if ($item['verb'] != Activity::FOLLOW) { if ($item['verb'] != Activity::FOLLOW) {
@ -1088,8 +1088,6 @@ class Item
) { ) {
$item['object-type'] = Activity\ObjectType::IMAGE; $item['object-type'] = Activity\ObjectType::IMAGE;
} }
$item = DI::contentItem()->moveAttachmentsFromBodyToAttach($item);
} }
$item['parent-uri-id'] = ItemURI::getIdByURI($item['parent-uri']); $item['parent-uri-id'] = ItemURI::getIdByURI($item['parent-uri']);

View file

@ -28,6 +28,7 @@ use Friendica\Core\Protocol;
use Friendica\Database\Database; use Friendica\Database\Database;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Model\Attach;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Item; use Friendica\Model\Item;
use Friendica\Model\ItemURI; use Friendica\Model\ItemURI;
@ -389,6 +390,16 @@ class Media
*/ */
private static function fetchLocalData(array $media): array private static function fetchLocalData(array $media): array
{ {
if (preg_match('|.*?/attach/(\d+)|', $media['url'] ?? '', $matches)) {
$attachment = Attach::selectFirst(['filename', 'filetype', 'filesize'], ['id' => $matches[1]]);
if (!empty($attachment)) {
$media['name'] = $attachment['filename'];
$media['mimetype'] = $attachment['filetype'];
$media['size'] = $attachment['filesize'];
}
return $media;
}
if (!preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $media['url'] ?? '', $matches)) { if (!preg_match('|.*?/photo/(.*[a-fA-F0-9])\-(.*[0-9])\..*[\w]|', $media['url'] ?? '', $matches)) {
return $media; return $media;
} }
@ -902,19 +913,7 @@ class Media
$body = BBCode::removeAttachment($body); $body = BBCode::removeAttachment($body);
foreach (self::getByURIId($uriid, $types) as $media) { foreach (self::getByURIId($uriid, $types) as $media) {
if (Item::containsLink($body, $media['preview'] ?? $media['url'], $media['type'])) { $body = self::addAttachmentToBody($media, $body);
continue;
}
if ($media['type'] == self::IMAGE) {
$body .= "\n" . Images::getBBCodeByUrl($media['url'], $media['preview'], $media['description'] ?? '');
} elseif ($media['type'] == self::AUDIO) {
$body .= "\n[audio]" . $media['url'] . "[/audio]\n";
} elseif ($media['type'] == self::VIDEO) {
$body .= "\n[video]" . $media['url'] . "[/video]\n";
} else {
$body .= "\n[url]" . $media['url'] . "[/url]\n";
}
} }
if (preg_match("/.*(\[attachment.*?\].*?\[\/attachment\]).*/ism", $original_body, $match)) { if (preg_match("/.*(\[attachment.*?\].*?\[\/attachment\]).*/ism", $original_body, $match)) {
@ -924,6 +923,24 @@ class Media
return $body; return $body;
} }
public static function addAttachmentToBody(array $media, string $body): string
{
if (Item::containsLink($body, $media['preview'] ?? $media['url'], $media['type'])) {
return $body;
}
if ($media['type'] == self::IMAGE) {
$body .= "\n" . Images::getBBCodeByUrl($media['url'], $media['preview'], $media['description'] ?? '');
} elseif ($media['type'] == self::AUDIO) {
$body .= "\n[audio]" . $media['url'] . "[/audio]\n";
} elseif ($media['type'] == self::VIDEO) {
$body .= "\n[video]" . $media['url'] . "[/video]\n";
} else {
$body .= "\n[url]" . $media['url'] . "[/url]\n";
}
return $body;
}
/** /**
* Add an [attachment] element to the body for a given uri-id with a HTML media element * Add an [attachment] element to the body for a given uri-id with a HTML media element
* *