2016-09-07 03:10:56 +00:00
< ? php
2022-02-16 04:08:28 +00:00
namespace Code\Module\Settings ;
2016-09-07 03:10:56 +00:00
2019-04-03 23:22:03 +00:00
use App ;
2022-02-16 04:08:28 +00:00
use Code\Access\Permissions ;
use Code\Access\PermissionLimits ;
use Code\Lib\ServiceClass ;
use Code\Lib\AccessList ;
use Code\Lib\Libsync ;
use Code\Render\Theme ;
2022-02-12 20:43:29 +00:00
2021-04-10 22:32:14 +00:00
require_once ( 'include/security.php' );
2016-09-07 03:10:56 +00:00
2021-12-02 23:02:31 +00:00
class Tokens
{
public function post ()
{
$channel = App :: get_channel ();
check_form_security_token_redirectOnErr ( '/settings/tokens' , 'settings_tokens' );
$token_errs = 0 ;
if ( array_key_exists ( 'token' , $_POST )) {
$atoken_id = (( $_POST [ 'atoken_id' ]) ? intval ( $_POST [ 'atoken_id' ]) : 0 );
if ( ! $atoken_id ) {
$atoken_guid = new_uuid ();
}
$name = trim ( escape_tags ( $_POST [ 'name' ]));
$token = trim ( $_POST [ 'token' ]);
2021-12-03 03:01:39 +00:00
if (( ! $name ) || ( ! $token )) {
2021-12-02 23:02:31 +00:00
$token_errs ++ ;
2021-12-03 03:01:39 +00:00
}
if ( trim ( $_POST [ 'expires' ])) {
2021-12-02 23:02:31 +00:00
$expires = datetime_convert ( date_default_timezone_get (), 'UTC' , $_POST [ 'expires' ]);
2021-12-03 03:01:39 +00:00
} else {
2021-12-02 23:02:31 +00:00
$expires = NULL_DATE ;
2021-12-03 03:01:39 +00:00
}
2022-01-25 04:37:14 +00:00
$max_atokens = ServiceClass :: fetch ( local_channel (), 'access_tokens' );
2021-12-02 23:02:31 +00:00
if ( $max_atokens ) {
2021-12-03 03:01:39 +00:00
$r = q (
" select count(atoken_id) as total where atoken_uid = %d " ,
2021-12-02 23:02:31 +00:00
intval ( local_channel ())
);
2022-09-03 05:23:54 +00:00
if ( $r && intval ( $r [ 0 ][ 'total' ]) >= $max_atokens ) {
notice ( sprintf ( t ( 'This channel is limited to %d tokens' ), $max_atokens ) . EOL );
2021-12-02 23:02:31 +00:00
return ;
}
}
}
if ( $token_errs ) {
notice ( t ( 'Name and Password are required.' ) . EOL );
return ;
}
2021-12-03 03:01:39 +00:00
$old_atok = q (
" select * from atoken where atoken_uid = %d and atoken_name = '%s' " ,
2021-12-02 23:02:31 +00:00
intval ( $channel [ 'channel_id' ]),
dbesc ( $name )
);
if ( $old_atok ) {
$old_atok = array_shift ( $old_atok );
$old_xchan = atoken_xchan ( $old_atok );
}
if ( $atoken_id ) {
2021-12-03 03:01:39 +00:00
$r = q (
" update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s'
2016-09-07 03:10:56 +00:00
where atoken_id = % d and atoken_uid = % d " ,
2021-12-02 23:02:31 +00:00
dbesc ( $name ),
dbesc ( $token ),
dbesc ( $expires ),
intval ( $atoken_id ),
intval ( $channel [ 'channel_id' ])
);
} else {
2021-12-03 03:01:39 +00:00
$r = q (
" insert into atoken ( atoken_guid, atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )
2021-04-10 22:32:14 +00:00
values ( '%s' , % d , % d , '%s' , '%s' , '%s' ) " ,
2021-12-02 23:02:31 +00:00
dbesc ( $atoken_guid ),
intval ( $channel [ 'channel_account_id' ]),
intval ( $channel [ 'channel_id' ]),
dbesc ( $name ),
dbesc ( $token ),
dbesc ( $expires )
);
}
2021-12-03 03:01:39 +00:00
$atok = q (
" select * from atoken where atoken_uid = %d and atoken_name = '%s' " ,
2021-12-02 23:02:31 +00:00
intval ( $channel [ 'channel_id' ]),
dbesc ( $name )
);
if ( $atok ) {
$xchan = atoken_xchan ( $atok [ 0 ]);
atoken_create_xchan ( $xchan );
$atoken_xchan = $xchan [ 'xchan_hash' ];
if ( $old_atok && $old_xchan ) {
2021-12-03 03:01:39 +00:00
$r = q (
" update xchan set xchan_name = '%s' where xchan_hash = '%s' " ,
2021-12-02 23:02:31 +00:00
dbesc ( $xchan [ 'xchan_name' ]),
dbesc ( $old_xchan [ 'xchan_hash' ])
);
}
}
$all_perms = Permissions :: Perms ();
$p = EMPTY_STR ;
if ( $all_perms ) {
foreach ( $all_perms as $perm => $desc ) {
if ( array_key_exists ( 'perms_' . $perm , $_POST )) {
2021-12-03 03:01:39 +00:00
if ( $p ) {
2021-12-02 23:02:31 +00:00
$p .= ',' ;
2021-12-03 03:01:39 +00:00
}
2021-12-02 23:02:31 +00:00
$p .= $perm ;
}
}
set_abconfig ( local_channel (), $atoken_xchan , 'system' , 'my_perms' , $p );
if ( $old_atok ) {
}
}
if ( ! $atoken_id ) {
// If this is a new token, create a new abook record
2022-09-03 05:23:54 +00:00
$closeness = get_pconfig ( $channel [ 'channel_id' ], 'system' , 'new_abook_closeness' , 80 );
$profile_assign = get_pconfig ( $channel [ 'channel_id' ], 'system' , 'profile_assign' , '' );
2021-12-02 23:02:31 +00:00
$r = abook_store_lowlevel (
[
'abook_account' => $channel [ 'channel_account_id' ],
'abook_channel' => $channel [ 'channel_id' ],
'abook_closeness' => intval ( $closeness ),
'abook_xchan' => $atoken_xchan ,
'abook_profile' => $profile_assign ,
'abook_feed' => 0 ,
'abook_created' => datetime_convert (),
'abook_updated' => datetime_convert (),
'abook_instance' => z_root ()
]
);
if ( ! $r ) {
logger ( 'abook creation failed' );
}
/** If there is a default group for this channel, add this connection to it */
if ( $channel [ 'channel_default_group' ]) {
2022-09-03 05:23:54 +00:00
$g = AccessList :: rec_byhash ( $channel [ 'channel_id' ], $channel [ 'channel_default_group' ]);
2021-12-02 23:02:31 +00:00
if ( $g ) {
2022-09-03 05:23:54 +00:00
AccessList :: member_add ( $channel [ 'channel_id' ], '' , $atoken_xchan , $g [ 'id' ]);
2021-12-02 23:02:31 +00:00
}
}
2021-12-03 03:01:39 +00:00
$r = q (
" SELECT abook.*, xchan.*
2021-04-11 01:40:39 +00:00
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = % d and abook_xchan = '%s' LIMIT 1 " ,
2021-12-02 23:02:31 +00:00
intval ( $channel [ 'channel_id' ]),
dbesc ( $atoken_xchan )
);
if ( ! $r ) {
logger ( 'abook or xchan record not saved correctly' );
return ;
}
$clone = array_shift ( $r );
unset ( $clone [ 'abook_id' ]);
unset ( $clone [ 'abook_account' ]);
unset ( $clone [ 'abook_channel' ]);
$abconfig = load_abconfig ( $channel [ 'channel_id' ], $clone [ 'abook_xchan' ]);
if ( $abconfig ) {
$clone [ 'abconfig' ] = $abconfig ;
}
2021-12-03 03:01:39 +00:00
Libsync :: build_sync_packet (
$channel [ 'channel_id' ],
2021-12-02 23:02:31 +00:00
[ 'abook' => [ $clone ], 'atoken' => $atok ],
2021-12-03 03:01:39 +00:00
true
);
2021-12-02 23:02:31 +00:00
}
info ( t ( 'Token saved.' ) . EOL );
return ;
}
public function get ()
{
$channel = App :: get_channel ();
$atoken = null ;
$atoken_xchan = '' ;
if ( argc () > 2 ) {
$id = argv ( 2 );
2021-12-03 03:01:39 +00:00
$atoken = q (
" select * from atoken where atoken_id = %d and atoken_uid = %d " ,
2021-12-02 23:02:31 +00:00
intval ( $id ),
intval ( local_channel ())
);
if ( $atoken ) {
$atoken = $atoken [ 0 ];
$atoken_xchan = substr ( $channel [ 'channel_hash' ], 0 , 16 ) . '.' . $atoken [ 'atoken_guid' ];
}
if ( $atoken && argc () > 3 && argv ( 3 ) === 'drop' ) {
$atoken [ 'deleted' ] = true ;
2021-12-03 03:01:39 +00:00
$r = q (
" SELECT abook.*, xchan.*
2021-04-11 01:40:39 +00:00
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = % d and abook_xchan = '%s' LIMIT 1 " ,
2021-12-02 23:02:31 +00:00
intval ( $channel [ 'channel_id' ]),
dbesc ( $atoken_xchan )
);
if ( ! $r ) {
return ;
}
$clone = array_shift ( $r );
unset ( $clone [ 'abook_id' ]);
unset ( $clone [ 'abook_account' ]);
unset ( $clone [ 'abook_channel' ]);
$clone [ 'entry_deleted' ] = true ;
$abconfig = load_abconfig ( $channel [ 'channel_id' ], $clone [ 'abook_xchan' ]);
if ( $abconfig ) {
$clone [ 'abconfig' ] = $abconfig ;
}
atoken_delete ( $id );
2021-12-03 03:01:39 +00:00
Libsync :: build_sync_packet (
$channel [ 'channel_id' ],
2021-12-02 23:02:31 +00:00
[ 'abook' => [ $clone ], 'atoken' => [ $atoken ]],
2021-12-03 03:01:39 +00:00
true
);
2021-12-02 23:02:31 +00:00
$atoken = null ;
$atoken_xchan = '' ;
}
}
2021-12-03 03:01:39 +00:00
$t = q (
" select * from atoken where atoken_uid = %d " ,
2021-12-02 23:02:31 +00:00
intval ( local_channel ())
);
$desc = t ( 'Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.' );
$desc2 = t ( 'You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:' );
$global_perms = Permissions :: Perms ();
$existing = get_all_perms ( local_channel (), (( $atoken_xchan ) ? $atoken_xchan : EMPTY_STR ));
$theirs = get_abconfig ( local_channel (), $atoken_xchan , 'system' , 'their_perms' , EMPTY_STR );
$their_perms = Permissions :: FilledPerms ( explode ( ',' , $theirs ));
foreach ( $global_perms as $k => $v ) {
2021-12-03 03:01:39 +00:00
if ( ! array_key_exists ( $k , $their_perms )) {
2021-12-02 23:02:31 +00:00
$their_perms [ $k ] = 1 ;
2021-12-03 03:01:39 +00:00
}
2021-12-02 23:02:31 +00:00
}
$my_perms = explode ( ',' , get_abconfig ( local_channel (), $atoken_xchan , 'system' , 'my_perms' , EMPTY_STR ));
foreach ( $global_perms as $k => $v ) {
$thisperm = (( in_array ( $k , $my_perms )) ? 1 : 0 );
$checkinherited = PermissionLimits :: Get ( local_channel (), $k );
2022-09-03 05:23:54 +00:00
if ( $existing [ $k ]) {
2021-12-02 23:02:31 +00:00
$thisperm = " 1 " ;
2021-12-03 03:01:39 +00:00
}
2021-12-02 23:02:31 +00:00
$perms [] = array ( 'perms_' . $k , $v , (( array_key_exists ( $k , $their_perms )) ? intval ( $their_perms [ $k ]) : '' ), $thisperm , 1 , (( $checkinherited & PERMS_SPECIFIC ) ? '' : '1' ), '' , $checkinherited );
}
2022-02-12 20:43:29 +00:00
$tpl = Theme :: get_template ( " settings_tokens.tpl " );
2022-09-03 05:23:54 +00:00
$o = replace_macros ( $tpl , array (
2021-12-02 23:02:31 +00:00
'$form_security_token' => get_form_security_token ( " settings_tokens " ),
'$title' => t ( 'Guest Access Tokens' ),
'$desc' => $desc ,
'$desc2' => $desc2 ,
'$tokens' => $t ,
'$atoken' => $atoken ,
2022-09-03 05:23:54 +00:00
'$atoken_xchan' => $atoken_xchan ,
2021-12-02 23:02:31 +00:00
'$url1' => z_root () . '/channel/' . $channel [ 'channel_address' ],
'$url2' => z_root () . '/photos/' . $channel [ 'channel_address' ],
'$name' => array ( 'name' , t ( 'Login Name' ) . ' <span class="required">*</span>' , (( $atoken ) ? $atoken [ 'atoken_name' ] : '' ), '' ),
'$token' => array ( 'token' , t ( 'Login Password' ) . ' <span class="required">*</span>' , (( $atoken ) ? $atoken [ 'atoken_token' ] : new_token ()), '' ),
'$expires' => array ( 'expires' , t ( 'Expires (yyyy-mm-dd)' ), (( $atoken [ 'atoken_expires' ] && $atoken [ 'atoken_expires' ] > NULL_DATE ) ? datetime_convert ( 'UTC' , date_default_timezone_get (), $atoken [ 'atoken_expires' ]) : '' ), '' ),
'$them' => t ( 'Their Settings' ),
'$me' => t ( 'My Settings' ),
'$perms' => $perms ,
'$inherited' => t ( 'inherited' ),
'$notself' => 1 ,
'$self' => 0 ,
'$permlbl' => t ( 'Individual Permissions' ),
'$permnote' => t ( 'Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.' ),
'$submit' => t ( 'Submit' )
));
return $o ;
}
2018-05-13 12:29:09 +00:00
}