From a14474a1355bc3c6338ed274f1fb8eac9213d90c Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Wed, 12 Feb 2020 15:21:39 -0800
Subject: [PATCH] support binary content

---
 FEDERATION.md            |  4 ++--
 Zotlabs/Lib/Activity.php | 35 ++++++++++++++++++++++++++---------
 Zotlabs/Lib/Libzot.php   |  6 ++++++
 include/bbcode.php       |  9 ++++++++-
 4 files changed, 42 insertions(+), 12 deletions(-)

diff --git a/FEDERATION.md b/FEDERATION.md
index e34e31464..319d9cd82 100644
--- a/FEDERATION.md
+++ b/FEDERATION.md
@@ -19,7 +19,7 @@ Groups may be public or private. The initial thread starting post to a group is
 
 Comments
 
-Zap provides permission control and moderation of comments. By default comments are only accepted from existing connections. This can be changed by the individual. Other sites MAY use zot:commentPolicy (string) as a guide if they do not wish to provide comment abilities where it is known in advance they will be rejected.
+Zap provides permission control and moderation of comments. By default comments are only accepted from existing connections. This can be changed by the individual. Other sites MAY use zot:commentPolicy (string) as a guide if they do not wish to provide comment abilities where it is known in advance they will be rejected. A Reject/Note activity will be sent if the comment is not permitted. There is currently no response for moderated content, but will likely also be represented by Reject/Note. 
 
 
 Private Media
@@ -29,7 +29,7 @@ Private media MAY be accessed using OCAP or OpenWebAuth.
 
 Permission System
 
-The Zot permission system has years of historical use and is different than and the reverse of the typical ActivityPub project. We consider 'Follow' to be an anti-pattern which encourages pseudo anonymous stalking. A Follow activity by a Zap actor typically means the Zap actor will send activities to the recipient. It may also confer other permissions. Accept/Follow provides permission to receive content from the referenced actor.
+The Zot permission system has years of historical use and is different than and the reverse of the typical ActivityPub project. We consider 'Follow' to be an anti-pattern which encourages pseudo anonymous stalking. A Follow activity by a Zap actor typically means the Zap actor will send activities to the recipient. It may also confer other permissions. Accept/Follow usually provides permission to receive content from the referenced actor, depending on their privacy settings. 
 
 
 Delivery model
diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index d1c84a526..ce024199a 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -849,7 +849,11 @@ class Activity {
 				$ret['source']['summary'] = $i['summary'];
 			}
 		}
-
+		else {
+			$ret['mediaType'] = $i['mimetype'];
+			$ret['content'] = $i['body'];
+		}
+		
 		$actor = self::encode_person($i['author'],false);
 		if ($actor) {
 			$ret['actor'] = $actor;
@@ -1850,7 +1854,13 @@ class Activity {
 		$s = [];
 
 		if (is_array($act->obj)) {
-			$content = self::get_content($act->obj);
+			$binary = false;
+			if (array_key_exists('mediaType',$act->obj) && $act['mediaType'] !== 'text/html') {
+				$s['mimetype'] = escape_tags($act->obj['mediaType']);
+				$binary = true;
+			}
+
+			$content = self::get_content($act->obj,$binary);
 		}
 
 		// These activities should have been handled separately in the Inbox module and should not be turned into posts
@@ -1975,8 +1985,14 @@ class Activity {
 
 		$s['title']    = (($response_activity) ? EMPTY_STR : self::bb_content($content,'name'));
 		$s['summary']  = self::bb_content($content,'summary');
-		$s['body']     = ((self::bb_content($content,'bbcode') && (! $response_activity)) ? self::bb_content($content,'bbcode') : self::bb_content($content,'content'));
 
+		if (array_key_exists('mimetype',$s) && $s['mimetype'] !== 'text/bbcode') {
+			$s['body'] = $content['content'];
+		}
+		else {
+			$s['body']     = ((self::bb_content($content,'bbcode') && (! $response_activity)) ? self::bb_content($content,'bbcode') : self::bb_content($content,'content'));
+		}
+		
 		// handle some of the more widely used of the numerous and varied ways of deleting something
 		
 		if ($act->type === 'Tombstone') {
@@ -2687,7 +2703,7 @@ class Activity {
 	}
 
 
-	static function get_content($act) {
+	static function get_content($act,$binary = false) {
 
 		$content = [];
 		$event = null;
@@ -2696,6 +2712,7 @@ class Activity {
 			return $content;
 		}
 
+
 		if ($act['type'] === 'Event') {
 			$adjust = false;
 			$event = [];
@@ -2718,12 +2735,12 @@ class Activity {
 		}                         
 
 		foreach ([ 'name', 'summary', 'content' ] as $a) {
-			if (($x = self::get_textfield($act,$a)) !== false) {
+			if (($x = self::get_textfield($act,$a,$binary)) !== false) {
 				$content[$a] = $x;
 			}
 		}
 
-		if ($event) {
+		if ($event && ! $binary) {
 			$event['summary'] = html2plain(purify_html($content['summary']),256);
 			if (! $event['summary']) {
 				if ($content['name']) {
@@ -2754,15 +2771,15 @@ class Activity {
 	}
 
 
-	static function get_textfield($act,$field) {
+	static function get_textfield($act,$field,$binary = false) {
 	
 		$content = false;
 
 		if (array_key_exists($field,$act) && $act[$field])
-			$content = purify_html($act[$field]);
+			$content = (($binary) ? $act[$field] : purify_html($act[$field]));
 		elseif (array_key_exists($field . 'Map',$act) && $act[$field . 'Map']) {
 			foreach ($act[$field . 'Map'] as $k => $v) {
-				$content[escape_tags($k)] = purify_html($v);
+				$content[escape_tags($k)] = (($binary) ? $v : purify_html($v));
 			}
 		}
 		return $content;
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index 1264146b4..567dcc58e 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -1730,6 +1730,8 @@ class Libzot {
 			if ((! $tag_delivery) && (! $local_public)) {
 				$allowed = (perm_is_allowed($channel['channel_id'],$sender,$perm));
 				if ((! $allowed) && $perm === 'post_comments') {
+
+
 					$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
 						dbesc($arr['parent_mid']),
 						intval($channel['channel_id'])
@@ -1737,6 +1739,10 @@ class Libzot {
 					if ($parent) {
 						$allowed = can_comment_on_post($sender,$parent[0]);
 					}
+					if ((! $allowed) && PConfig::Get($channel['channel_id'], 'system','permit_all_mentions') && i_am_mentioned($channel,$arr)) {
+						$allowed = true;
+					}
+
 				}
 				if ($request) {
 
diff --git a/include/bbcode.php b/include/bbcode.php
index f6c5c505c..edd4aafe1 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -558,7 +558,7 @@ function bb_ShareAttributes($match) {
 	// Bob Smith wrote the following post 2 hours ago
 
 	$fmt = sprintf( t('%1$s wrote the following %2$s %3$s'),
-		'<a href="' . (($auth) ? zid($profile) : $profile) . '" >' . $author . '</a>',
+		'<a href="' . (($auth) ? zid($profile) : $profile) . '" ><bdi>' . $author . '</bdi></a>',
 		'<a href="' . (($auth) ? zid($link) : $link) . '" >' . $type . '</a>',
 		$reldate
 	);
@@ -1349,6 +1349,13 @@ function bbcode($Text, $options = []) {
 	if (strpos($Text,'[/footer]') !== false) {
 		$Text = preg_replace("(\[footer\](.*?)\[\/footer\])ism", "<div class=\"wall-item-footer\">$1</div>", $Text);
 	}
+
+	// Check for bdi
+	if (strpos($Text,'[/bdi]') !== false) {
+		$Text = preg_replace("(\[bdi\](.*?)\[\/bdi\])ism", "<bdi>$1</bdi>", $Text);
+	}
+
+
 	// Check for list text
 
 	$Text = preg_replace("/<br>\[\*\/\]/ism",'[*/]',$Text);