mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 00:55:19 +00:00
make public lists discoverable
This commit is contained in:
parent
4f2302a9eb
commit
5014323812
6 changed files with 81 additions and 13 deletions
|
@ -206,15 +206,15 @@ class AccessList {
|
|||
}
|
||||
|
||||
|
||||
static function members($gid) {
|
||||
static function members($uid, $gid) {
|
||||
$ret = array();
|
||||
if(intval($gid)) {
|
||||
$r = q("SELECT * FROM pgrp_member
|
||||
LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
|
||||
WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
|
||||
intval($gid),
|
||||
intval(local_channel()),
|
||||
intval(local_channel())
|
||||
intval($uid),
|
||||
intval($uid)
|
||||
);
|
||||
if($r)
|
||||
$ret = $r;
|
||||
|
@ -222,12 +222,12 @@ class AccessList {
|
|||
return $ret;
|
||||
}
|
||||
|
||||
static function members_xchan($gid) {
|
||||
static function members_xchan($uid,$gid) {
|
||||
$ret = [];
|
||||
if(intval($gid)) {
|
||||
$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
|
||||
intval($gid),
|
||||
intval(local_channel())
|
||||
intval($uid)
|
||||
);
|
||||
if($r) {
|
||||
foreach($r as $rr) {
|
||||
|
|
|
@ -150,14 +150,14 @@ class Acl extends \Zotlabs\Web\Controller {
|
|||
|
||||
if($r) {
|
||||
foreach($r as $g){
|
||||
// logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan($g['id']));
|
||||
// logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan(local_channel(),$g['id']));
|
||||
$groups[] = array(
|
||||
"type" => "g",
|
||||
"photo" => "images/twopeople.png",
|
||||
"name" => $g['gname'],
|
||||
"id" => $g['id'],
|
||||
"xid" => $g['hash'],
|
||||
"uids" => AccessList::members_xchan($g['id']),
|
||||
"uids" => AccessList::members_xchan(local_channel(),$g['id']),
|
||||
"link" => ''
|
||||
);
|
||||
}
|
||||
|
|
|
@ -38,7 +38,7 @@ class Contactgroup extends Controller {
|
|||
killme();
|
||||
}
|
||||
|
||||
$members = AccessList::members($group['id']);
|
||||
$members = AccessList::members(local_channel(),$group['id']);
|
||||
$preselected = ids_to_array($members,'xchan_hash');
|
||||
|
||||
if ($change) {
|
||||
|
|
|
@ -5,11 +5,79 @@ use App;
|
|||
use Zotlabs\Web\Controller;
|
||||
use Zotlabs\Lib\Libsync;
|
||||
use Zotlabs\Lib\AccessList;
|
||||
use Zotlabs\Lib\ActivityStreams;
|
||||
use Zotlabs\Lib\Activity;
|
||||
use Zotlabs\Web\HTTPSig;
|
||||
use Zotlabs\Lib\Config;
|
||||
|
||||
|
||||
class Lists extends Controller {
|
||||
|
||||
function init() {
|
||||
if (ActivityStreams::is_as_request()) {
|
||||
$item_id = argv(1);
|
||||
if( ! $item_id) {
|
||||
http_status_exit(404, 'Not found');
|
||||
}
|
||||
$x = q("select * from pgrp where hash = '%s' limit 1",
|
||||
dbesc($item_id)
|
||||
);
|
||||
if (! $x) {
|
||||
http_status_exit(404, 'Not found');
|
||||
}
|
||||
|
||||
$group = array_shift($x);
|
||||
|
||||
// process an authenticated fetch
|
||||
|
||||
$sigdata = HTTPSig::verify(EMPTY_STR);
|
||||
if ($sigdata['portable_id'] && $sigdata['header_valid']) {
|
||||
$portable_id = $sigdata['portable_id'];
|
||||
if (! check_channelallowed($portable_id)) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
if (! check_siteallowed($sigdata['signer'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
observer_auth($portable_id);
|
||||
}
|
||||
elseif (! Config::get('system','require_authenticated_fetch',false)) {
|
||||
http_status_exit(403,'Permission denied');
|
||||
}
|
||||
|
||||
if (! perm_is_allowed($group['uid'],get_observer_hash(),'view_contacts') {
|
||||
http_status_exit(403,'Permission denied');
|
||||
}
|
||||
|
||||
if (! $group['visible']) {
|
||||
$controlling_channel = channelx_by_uid($group['uid']);
|
||||
if (! $controlling_channel() || $controlling_channel['channel_hash'] !== get_observer_hash()) {
|
||||
http_status_exit(403,'Permission denied');
|
||||
}
|
||||
}
|
||||
|
||||
$members = AccessList::members($group['uid'],$group['id']);
|
||||
|
||||
$x = array_merge(['@context' => [
|
||||
ACTIVITYSTREAMS_JSONLD_REV,
|
||||
'https://w3id.org/security/v1',
|
||||
z_root() . ZOT_APSCHEMA_REV
|
||||
]], Activity::encode_follow_collection($members, App::$query_string, 'OrderedCollection'));
|
||||
|
||||
|
||||
$headers = [];
|
||||
$headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
|
||||
$x['signature'] = LDSignatures::sign($x,$channel);
|
||||
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
|
||||
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
|
||||
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
|
||||
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
|
||||
HTTPSig::set_headers($h);
|
||||
echo $ret;
|
||||
killme();
|
||||
|
||||
}
|
||||
|
||||
if (! local_channel()) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
|
@ -108,7 +176,7 @@ class Lists extends Controller {
|
|||
foreach ($groups as $group) {
|
||||
$entries[$i]['name'] = $group['gname'];
|
||||
$entries[$i]['id'] = $group['id'];
|
||||
$entries[$i]['count'] = count(AccessList::members($group['id']));
|
||||
$entries[$i]['count'] = count(AccessList::members(local_channel(),$group['id']));
|
||||
$i++;
|
||||
}
|
||||
|
||||
|
@ -188,7 +256,7 @@ class Lists extends Controller {
|
|||
$group = $r[0];
|
||||
|
||||
|
||||
$members = AccessList::members($group['id']);
|
||||
$members = AccessList::members(local_channel(), $group['id']);
|
||||
|
||||
$preselected = array();
|
||||
if(count($members)) {
|
||||
|
@ -206,7 +274,7 @@ class Lists extends Controller {
|
|||
AccessList::member_add(local_channel(),$group['gname'],$change);
|
||||
}
|
||||
|
||||
$members = AccessList::members($group['id']);
|
||||
$members = AccessList::members(local_channel(), $group['id']);
|
||||
|
||||
$preselected = array();
|
||||
if(count($members)) {
|
||||
|
|
|
@ -229,7 +229,7 @@ class Network extends Controller {
|
|||
|
||||
if ($group) {
|
||||
$contact_str = '';
|
||||
$contacts = AccessList::members($group);
|
||||
$contacts = AccessList::members(local_channel(),$group);
|
||||
if ($contacts) {
|
||||
$contact_str = ids_to_querystr($contacts,'xchan',true);
|
||||
}
|
||||
|
|
|
@ -3904,7 +3904,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
|
|||
|
||||
$contact_str = '';
|
||||
|
||||
$contacts = AccessList::members($r[0]['id']);
|
||||
$contacts = AccessList::members($uid,$r[0]['id']);
|
||||
if ($contacts) {
|
||||
foreach($contacts as $c) {
|
||||
if($contact_str)
|
||||
|
|
Loading…
Reference in a new issue