Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 03:35:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

make public lists discoverable

Browse source
This commit is contained in:
zotlabs 2019-10-01 18:29:39 -07:00
parent 4f2302a9eb
commit 5014323812
6 changed files with 81 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Zotlabs/Lib/AccessList.php
View file

@ -206,15 +206,15 @@ class AccessList {
}
static function members($gid) {
static function members($uid, $gid) {
$ret = array();
if(intval($gid)) {
$r = q("SELECT * FROM pgrp_member
LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
intval($gid),
intval(local_channel()),
intval(local_channel())
intval($uid),
intval($uid)
);
if($r)
$ret = $r;
@ -222,12 +222,12 @@ class AccessList {
return $ret;
}
static function members_xchan($gid) {
static function members_xchan($uid,$gid) {
$ret = [];
if(intval($gid)) {
$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
intval($gid),
intval(local_channel())
intval($uid)
);
if($r) {
foreach($r as $rr) {

4
Zotlabs/Module/Acl.php
View file

@ -150,14 +150,14 @@ class Acl extends \Zotlabs\Web\Controller {
if($r) {
foreach($r as $g){
// logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan($g['id']));
// logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan(local_channel(),$g['id']));
$groups[] = array(
"type" => "g",
"photo" => "images/twopeople.png",
"name" => $g['gname'],
"id" => $g['id'],
"xid" => $g['hash'],
"uids" => AccessList::members_xchan($g['id']),
"uids" => AccessList::members_xchan(local_channel(),$g['id']),
"link" => ''
);
}

2
Zotlabs/Module/Contactgroup.php
View file

@ -38,7 +38,7 @@ class Contactgroup extends Controller {
killme();
}
$members = AccessList::members($group['id']);
$members = AccessList::members(local_channel(),$group['id']);
$preselected = ids_to_array($members,'xchan_hash');
if ($change) {

74
Zotlabs/Module/Lists.php
View file

@ -5,11 +5,79 @@ use App;
use Zotlabs\Web\Controller;
use Zotlabs\Lib\Libsync;
use Zotlabs\Lib\AccessList;
use Zotlabs\Lib\ActivityStreams;
use Zotlabs\Lib\Activity;
use Zotlabs\Web\HTTPSig;
use Zotlabs\Lib\Config;
class Lists extends Controller {
function init() {
if (ActivityStreams::is_as_request()) {
$item_id = argv(1);
if( ! $item_id) {
http_status_exit(404, 'Not found');
}
$x = q("select * from pgrp where hash = '%s' limit 1",
dbesc($item_id)
);
if (! $x) {
http_status_exit(404, 'Not found');
}
$group = array_shift($x);
// process an authenticated fetch
$sigdata = HTTPSig::verify(EMPTY_STR);
if ($sigdata['portable_id'] && $sigdata['header_valid']) {
$portable_id = $sigdata['portable_id'];
if (! check_channelallowed($portable_id)) {
http_status_exit(403, 'Permission denied');
}
if (! check_siteallowed($sigdata['signer'])) {
http_status_exit(403, 'Permission denied');
}
observer_auth($portable_id);
}
elseif (! Config::get('system','require_authenticated_fetch',false)) {
http_status_exit(403,'Permission denied');
}
if (! perm_is_allowed($group['uid'],get_observer_hash(),'view_contacts') {
http_status_exit(403,'Permission denied');
}
if (! $group['visible']) {
$controlling_channel = channelx_by_uid($group['uid']);
if (! $controlling_channel() || $controlling_channel['channel_hash'] !== get_observer_hash()) {
http_status_exit(403,'Permission denied');
}
}
$members = AccessList::members($group['uid'],$group['id']);
$x = array_merge(['@context' => [
ACTIVITYSTREAMS_JSONLD_REV,
'https://w3id.org/security/v1',
z_root() . ZOT_APSCHEMA_REV
]], Activity::encode_follow_collection($members, App::$query_string, 'OrderedCollection'));
$headers = [];
$headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
$x['signature'] = LDSignatures::sign($x,$channel);
$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
HTTPSig::set_headers($h);
echo $ret;
killme();
}
if (! local_channel()) {
notice( t('Permission denied.') . EOL);
return;
@ -108,7 +176,7 @@ class Lists extends Controller {
foreach ($groups as $group) {
$entries[$i]['name'] = $group['gname'];
$entries[$i]['id'] = $group['id'];
$entries[$i]['count'] = count(AccessList::members($group['id']));
$entries[$i]['count'] = count(AccessList::members(local_channel(),$group['id']));
$i++;
}
@ -188,7 +256,7 @@ class Lists extends Controller {
$group = $r[0];
$members = AccessList::members($group['id']);
$members = AccessList::members(local_channel(), $group['id']);
$preselected = array();
if(count($members)) {
@ -206,7 +274,7 @@ class Lists extends Controller {
AccessList::member_add(local_channel(),$group['gname'],$change);
}
$members = AccessList::members($group['id']);
$members = AccessList::members(local_channel(), $group['id']);
$preselected = array();
if(count($members)) {

2
Zotlabs/Module/Network.php
View file

@ -229,7 +229,7 @@ class Network extends Controller {
if ($group) {
$contact_str = '';
$contacts = AccessList::members($group);
$contacts = AccessList::members(local_channel(),$group);
if ($contacts) {
$contact_str = ids_to_querystr($contacts,'xchan',true);
}

2
include/items.php
View file

@ -3904,7 +3904,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$contact_str = '';
$contacts = AccessList::members($r[0]['id']);
$contacts = AccessList::members($uid,$r[0]['id']);
if ($contacts) {
foreach($contacts as $c) {
if($contact_str)