Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-19 16:15:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' into nomadic

Browse source
This commit is contained in:
Mike Macgirvin 2024-06-17 05:41:04 +10:00
commit 253ee62d2c
22 changed files with 1475 additions and 1373 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
include/items.php
View file

@ -125,7 +125,7 @@ function collect_recipients($item, &$private_envelope) {
// This is a somewhat expensive operation but important.
// Don't send this item to anybody who doesn't have the deliver_stream permission
$recipients = check_deliver_permissions($item['uid'],$recipients);
$recipients = check_deliver_permissions($item,$recipients);
// Add both the author and owner (if different).

43
include/permissions.php
View file

@ -3,6 +3,7 @@
use Code\Access\Permissions;
use Code\Access\PermissionLimits;
use Code\Extend\Hook;
use Code\Lib\Libzot;
require_once('include/security.php');
@ -515,9 +516,11 @@ function check_list_permissions($uid, $arr, $perm)
return($result);
}
function check_deliver_permissions($uid, $arr)
function check_deliver_permissions($item, $arr, $includeMentions = false)
{
$result = [];
$uid = $item['uid'] ?? 0;
$terms = ((isset($item['term'])) ? get_terms_oftype($item['term'], [TERM_MENTION, TERM_GROUP]) : false);
// Find actors we are not delivering to.
$r = q("select * from abconfig where chan = %d and cat = 'system' and k = 'my_perms' and v not like '%%deliver_stream%%'",
intval($uid)
@ -533,27 +536,47 @@ function check_deliver_permissions($uid, $arr)
// Filter the recipient list accordingly.
if ($arr) {
foreach ($arr as $x) {
foreach ($arr as $recipient) {
$accepting = $deliverable = false;
if (in_array($x, $theyAccept)) {
if (in_array($recipient, $theyAccept)) {
$accepting = true;
}
if (!in_array($x, $willNotSend)) {
if (!in_array($recipient,$willNotSend)) {
$deliverable = true;
}
if ($deliverable && !$accepting) {
if ($deliverable || !$accepting) {
// Groups don't generally provide send_stream permission as they aren't really following you,
// but they do allow you to send them group targeted posts.
$r = q("select xchan_hash from xchan where xchan_hash = '%s' and xchan_type = %d ",
dbesc($x),
$r = q("select xchan_hash from xchan where xchan_hash = '%s' and xchan_type = %d",
dbesc($recipient),
intval(XCHAN_TYPE_GROUP)
);
if ($r) {
$result[] = $x;
if ($r && !in_array($recipient, $result)) {
$result[] = $recipient;
continue;
}
}
if ($deliverable && $accepting) {
$result[] = $x;
}
if ($deliverable && $accepting && !in_array($recipient, $result)) {
$result[] = $recipient;
}
}
// Send mentions even if you have no permission to do so. They might allow it.
if ($terms && $includeMentions) {
foreach ($terms as $term) {
$r = q("select * from hubloc where (hubloc_hash = '%s' or hubloc_id_url = '%s') and hubloc_deleted = 0",
dbesc($term['url']),
dbesc($term['url'])
);
$r = Libzot::zot_record_preferred($r);
if ($r && !in_array($r['hubloc_hash'], $result)) {
$result[] = $r['hubloc_hash'];
break;
}
}
}
}

2
install/htconfig.sample.php
View file

@ -65,7 +65,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// In order to perform system administration via the admin panel, admin_email
// must precisely match the email address of the person logged in.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '';

6
src/Daemon/Notifier.php
View file

@ -444,7 +444,7 @@ class Notifier implements DaemonInterface
else {
$sendto = array_merge($sendto, self::getConversationAudience($parent_item));
}
self::$recipients = check_deliver_permissions($target_item['uid'], $sendto);
self::$recipients = check_deliver_permissions($target_item, $sendto);
logger('followup relay (upstream delivery)', LOGGER_DEBUG);
logger('replyto: upstream recipients ' . print_r(self::$recipients, true), LOGGER_DEBUG);
@ -497,7 +497,7 @@ class Notifier implements DaemonInterface
foreach ($r as $rv) {
self::$recipients[] = $rv['abook_xchan'];
}
self::$recipients = check_deliver_permissions($target_item['uid'], self::$recipients);
self::$recipients = check_deliver_permissions($target_item, self::$recipients, true);
}
}
elseif (($audience & AUDIENCE_SENDER) || ($audience & AUDIENCE_FOLLOWERS)
@ -524,7 +524,7 @@ class Notifier implements DaemonInterface
}
}
}
self::$recipients = check_deliver_permissions($target_item['uid'], $sendto);
self::$recipients = check_deliver_permissions($target_item, $sendto, ($audience & AUDIENCE_FOLLOWERS));
}
else {
self::$private = false;

48
src/Lib/DataUrl.php Normal file
View file

@ -0,0 +1,48 @@
<?php
namespace Code\Lib;
class DataUrl
{
protected $data = null;
protected $mediaType = null;
protected $encoding = null;
public function __construct($data, $mediaType = '', $encoding = '')
{
$this->data = $data;
$this->mediaType = $mediaType;
$this->encoding = $encoding;
return $this;
}
public function encode()
{
return 'data:' . $this->mediaType . (($this->encoding) ? ';' . $this->encoding : '') . ','
. (($this->encoding) ? base64_encode($this->data) : urlencode($this->data));
}
public function decode()
{
if (str_starts_with($this->data, 'data:')) {
$explode = explode(',', $this->data);
if (count($explode) === 2) {
$this->mediaType = substr($explode[0], strlen('data:'));
if (str_ends_with($this->mediaType, ';base64')) {
$this->encoding = 'base64';
$this->mediaType = substr($this->mediaType, 0, strlen($this->mediaType) - strlen(';base64'));
} else {
$this->encoding = '';
}
return [
'data' => $this->encoding ? base64_decode($this->data) : urldecode($this->data),
'encoding' => $this->encoding,
'mediaType' => $this->mediaType ?: 'text/plain;charset=US-ASCII',
];
}
}
return null;
}
}

7
src/Module/Embedphotos.php
View file

@ -124,7 +124,7 @@ class Embedphotos extends Controller
$alt = ' alt="' . $alt . '"';
$output = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $resource . ']'
. '[zmg width="' . $r[0]['width'] . '" height="' . $r[0]['height'] . '"' . $alt . ']'
. '[zmg width="' . $r[0]['width'] . '" height="' . $r[0]['height'] . '"' . "\n\n" . $alt . "\n\n" . ']'
. z_root() . '/photo/' . $resource . '-' . $resolution . $ext . '[/zmg][/zrl]';
return $output;
@ -158,8 +158,9 @@ class Embedphotos extends Controller
$url = $url . '?token=' . $token;
}
$output .= '[zmg width="' . $image['width'] . '" height="' . $image['height'] . '" ' . "\n\n" . $alt . "\n\n" . ']'
. $url . '[/zmg]' . "\n\n";
$output .= '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $image['resource_id'] . ']'
. '[zmg width="' . $image['width'] . '" height="' . $image['height'] . '" ' . "\n\n" . $alt . "\n\n" . ']'
. $url . '[/zmg][/zrl]' . "\n\n";
}
}
}

41
src/Module/Register.php
View file

@ -85,6 +85,20 @@ class Register extends Controller
$email_verify = get_config('system', 'verify_email');
// If this is the first account to be created, the login email must match the
// admin email. Other attempts will be rejected. If it is the admin email, bypass
// some restrictive policies.
$totalAccounts = Account::account_total();
if ($totalAccounts === 0) {
if (Account::check_admin($_POST)) {
$policy = REGISTER_OPEN;
$email_verify = false;
} else {
notice(t('The first account <strong>must</strong> be registered using the admin email which was supplied during setup.') . EOL);
return;
}
}
switch ($policy) {
case REGISTER_OPEN:
@ -125,8 +139,10 @@ class Register extends Controller
return;
}
require_once('include/security.php');
// At this point the account has been created without error. Purge any error messages from prior failed
// registration attempts which haven't yet been delivered to the browser and start fresh.
$_SESSION['sysmsg'] = [];
if ($_REQUEST['name']) {
set_aconfig($result['account']['account_id'], 'register', 'channel_name', $_REQUEST['name']);
@ -141,12 +157,6 @@ class Register extends Controller
set_aconfig($result['account']['account_id'], 'register', 'reason', substr(trim(escape_tags($_REQUEST['reason'])),0, 500));
}
// At this point the account has been created without error. Purge any error messages from prior failed registration
// attempts which haven't yet been delivered to the browser and start fresh. If you're willing to figure out why they
// weren't delivered to the browser please adopt zap issue 34.
$_SESSION['sysmsg'] = [];
$using_invites = intval(get_config('system', 'invitation_only'));
$num_invites = intval(get_config('system', 'number_invites'));
$invite_code = ((x($_POST, 'invite_code')) ? notags(trim($_POST['invite_code'])) : '');
@ -164,7 +174,7 @@ class Register extends Controller
$res = Account::send_register_success_email($result['email'], $result['password']);
}
if ($res) {
if ($invite_code) {
if ($invite_code || !$email_verify) {
info(t('Registration successful. Continue to create your first channel...') . EOL);
} else {
info(t('Registration successful. Please check your email for validation instructions.') . EOL);
@ -215,13 +225,21 @@ class Register extends Controller
public function get()
{
$registration_is = EMPTY_STR;
$other_sites = false;
$policy = (int)Config::Get('system','register_policy');
$email_verify = get_config('system', 'verify_email');
if ($policy === REGISTER_CLOSED) {
$totalAccounts = Account::account_total();
if($totalAccounts === 0) {
$policy = REGISTER_OPEN;
$email_verify = false;
info( t('Please use the admin email address supplied during setup.') . EOL);
}
if ($policy === REGISTER_CLOSED && !is_site_admin()) {
notice(t('Registration on this website is disabled.') . EOL);
$registration_is = t('Registration on this website is disabled.');
$other_sites = true;
}
@ -298,8 +316,6 @@ class Register extends Controller
$auto_create = (bool)get_config('system', 'auto_channel_create');
$default_role = get_config('system', 'default_permissions_role', 'social_restricted');
$email_verify = get_config('system', 'verify_email');
$o = replace_macros(Theme::get_template('register.tpl'), [
'$form_security_token' => get_form_security_token("register"),
@ -321,6 +337,7 @@ class Register extends Controller
'$pass1' => $password,
'$pass2' => $password2,
'$reason' => $reason,
'$disabled' => $policy === REGISTER_CLOSED && !is_site_admin(),
'$submit' => t('Register'),
'$verify_note' => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''),
]);

2
util/admins
View file

@ -47,7 +47,7 @@ if($argc > 1 && $argv[1] === 'list') {
if($argc > 2 && $argv[1] === 'add' && intval($argv[2])) {
$r = q('update account set account_roles = (account_roles | 4096) where account_id = %d',
$r = q('update account set account_roles = 4096, account_flags = 0 where account_id = %d',
intval($argv[2])
);
}

2671
util/messages.po
View file

File diff suppressed because it is too large Load diff

2
version.php
View file

@ -1,2 +1,2 @@
<?php
define ('STD_VERSION', '24.06.10');
define ('STD_VERSION', '24.06.14');

2
view/de-de/htconfig.tpl
View file

@ -50,7 +50,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/en-au/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/en-gb/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/en/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/fr/htconfig.tpl
View file

@ -50,7 +50,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/it/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/nb-no/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/pl/htconfig.tpl
View file

@ -52,7 +52,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// REGISTER_APPROVE wymaga ustawienia 'admin_email' na adres e-mail już
// zarejestrowanej osoby, która może autoryzować i/lub zatwierdź/odrzuć wniosek.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/pt-br/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/ru/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/sv/htconfig.tpl
View file

@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_policy'] = REGISTER_APPROVE;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '{{$adminmail}}';

2
view/tpl/register.tpl
View file

@ -60,7 +60,7 @@
{{include file="field_input.tpl" field=$phrase}}
{{/if}}
<button class="btn btn-primary" type="submit" name="submit" id="newchannel-submit-button" value="{{$submit}}">{{$submit}}</button>
<button class="btn btn-primary" type="submit" name="submit" id="newchannel-submit-button" {{if $disabled}}disabled="disabled" {{/if}}value="{{$submit}}">{{$submit}}</button>
<div id="register-submit-end" class="register-field-end"></div>
</form>
<br>