Don't show permissions from permissiongroups on comments

This commit is contained in:
Michael 2023-03-22 21:43:03 +00:00
parent b4cbc6eacc
commit 6a1f7c47b3

View file

@ -22,6 +22,7 @@
namespace Friendica\Module; namespace Friendica\Module;
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\Protocol;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
@ -32,7 +33,6 @@ use Friendica\Model\Post;
use Friendica\Model\Tag; use Friendica\Model\Tag;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Network\HTTPException; use Friendica\Network\HTTPException;
use Friendica\Protocol\ActivityPub;
/** /**
* Outputs the permission tooltip HTML content for the provided item, photo or event id. * Outputs the permission tooltip HTML content for the provided item, photo or event id.
@ -51,8 +51,21 @@ class PermissionTooltip extends \Friendica\BaseModule
$condition = ['id' => $referenceId, 'uid' => [0, DI::userSession()->getLocalUserId()]]; $condition = ['id' => $referenceId, 'uid' => [0, DI::userSession()->getLocalUserId()]];
if ($type == 'item') { if ($type == 'item') {
$fields = ['uid', 'psid', 'private', 'uri-id']; $fields = ['uid', 'psid', 'private', 'uri-id', 'origin', 'network'];
$model = Post::selectFirst($fields, $condition); $model = Post::selectFirst($fields, $condition, ['order' => ['uid' => true]]);
if ($model['origin'] || ($model['network'] != Protocol::ACTIVITYPUB)) {
$permissionSet = DI::permissionSet()->selectOneById($model['psid'], $model['uid']);
$model['allow_cid'] = $permissionSet->allow_cid;
$model['allow_gid'] = $permissionSet->allow_gid;
$model['deny_cid'] = $permissionSet->deny_cid;
$model['deny_gid'] = $permissionSet->deny_gid;
} else {
$model['allow_cid'] = [];
$model['allow_gid'] = [];
$model['deny_cid'] = [];
$model['deny_gid'] = [];
}
} else { } else {
$fields = ['uid', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']; $fields = ['uid', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid'];
$model = DBA::selectFirst($type, $fields, $condition); $model = DBA::selectFirst($type, $fields, $condition);
@ -66,14 +79,6 @@ class PermissionTooltip extends \Friendica\BaseModule
throw new HttpException\NotFoundException(DI::l10n()->t('Model not found')); throw new HttpException\NotFoundException(DI::l10n()->t('Model not found'));
} }
if (isset($model['psid'])) {
$permissionSet = DI::permissionSet()->selectOneById($model['psid'], $model['uid']);
$model['allow_cid'] = $permissionSet->allow_cid;
$model['allow_gid'] = $permissionSet->allow_gid;
$model['deny_cid'] = $permissionSet->deny_cid;
$model['deny_gid'] = $permissionSet->deny_gid;
}
// Kept for backwards compatiblity // Kept for backwards compatiblity
Hook::callAll('lockview_content', $model); Hook::callAll('lockview_content', $model);
@ -161,11 +166,10 @@ class PermissionTooltip extends \Friendica\BaseModule
} }
if (!empty($l)) { if (!empty($l)) {
echo $o . implode(', ', $l); System::httpExit($o . implode(', ', $l));
} else { } else {
echo $o . $receivers; System::httpExit($o . $receivers);;
} }
System::exit();
} }
/** /**