aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Lib
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Lib')
-rw-r--r--Zotlabs/Lib/AccessList.php411
-rw-r--r--Zotlabs/Lib/Connect.php316
2 files changed, 727 insertions, 0 deletions
diff --git a/Zotlabs/Lib/AccessList.php b/Zotlabs/Lib/AccessList.php
new file mode 100644
index 000000000..3c008f8c7
--- /dev/null
+++ b/Zotlabs/Lib/AccessList.php
@@ -0,0 +1,411 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Lib\Libsync;
+
+
+class AccessList {
+
+ static function add($uid,$name,$public = 0) {
+
+ $ret = false;
+ if ($uid && $name) {
+ $r = self::byname($uid,$name); // check for dups
+ if ($r !== false) {
+
+ // This could be a problem.
+ // Let's assume we've just created a list which we once deleted
+ // all the old members are gone, but the list remains so we don't break any security
+ // access lists. What we're doing here is reviving the dead list, but old content which
+ // was restricted to this list may now be seen by the new list members.
+
+ $z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
+ intval($r)
+ );
+ if(($z) && $z[0]['deleted']) {
+ q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
+ notice( t('A deleted list with this name was revived. Existing item permissions <strong>may</strong> apply to this list and any future members. If this is not what you intended, please create another list with a different name.') . EOL);
+ }
+ return true;
+ }
+
+ $hash = new_uuid();
+
+ $r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
+ VALUES( '%s', %d, %d, '%s' ) ",
+ dbesc($hash),
+ intval($uid),
+ intval($public),
+ dbesc($name)
+ );
+ $ret = $r;
+ }
+
+ Libsync::build_sync_packet($uid,null,true);
+ return $ret;
+ }
+
+
+ static function remove($uid,$name) {
+ $ret = false;
+ if ($uid && $name) {
+ $r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
+ intval($uid),
+ dbesc($name)
+ );
+ if ($r) {
+ $group_id = $r[0]['id'];
+ $group_hash = $r[0]['hash'];
+ }
+ else {
+ return false;
+ }
+
+ // remove group from default posting lists
+ $r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
+ intval($uid)
+ );
+ if ($r) {
+ $user_info = array_shift($r);
+ $change = false;
+
+ if ($user_info['channel_default_group'] == $group_hash) {
+ $user_info['channel_default_group'] = '';
+ $change = true;
+ }
+ if (strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
+ $user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
+ $change = true;
+ }
+ if (strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
+ $user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
+ $change = true;
+ }
+
+ if ($change) {
+ q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s'
+ WHERE channel_id = %d",
+ intval($user_info['channel_default_group']),
+ dbesc($user_info['channel_allow_gid']),
+ dbesc($user_info['channel_deny_gid']),
+ intval($uid)
+ );
+ }
+ }
+
+ // remove all members
+ $r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ",
+ intval($uid),
+ intval($group_id)
+ );
+
+ // remove group
+ $r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'",
+ intval($uid),
+ dbesc($name)
+ );
+
+ $ret = $r;
+
+ }
+
+ Libsync::build_sync_packet($uid,null,true);
+
+ return $ret;
+ }
+
+ // returns the integer id of an access group owned by $uid and named $name
+ // or false.
+
+ static function byname($uid,$name) {
+ if (! ($uid && $name)) {
+ return false;
+ }
+ $r = q("SELECT id FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
+ intval($uid),
+ dbesc($name)
+ );
+ if ($r) {
+ return $r[0]['id'];
+ }
+ return false;
+ }
+
+ static function by_id($uid,$id) {
+ if (! ($uid && $id)) {
+ return false;
+ }
+
+ $r = q("SELECT * FROM pgrp WHERE uid = %d AND id = %d and deleted = 0",
+ intval($uid),
+ intval($id)
+ );
+ if ($r) {
+ return array_shift($r);
+ }
+ return false;
+ }
+
+
+
+ static function rec_byhash($uid,$hash) {
+ if (! ( $uid && $hash)) {
+ return false;
+ }
+ $r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
+ intval($uid),
+ dbesc($hash)
+ );
+ if ($r) {
+ return array_shift($r);
+ }
+ return false;
+ }
+
+
+ static function member_remove($uid,$name,$member) {
+ $gid = self::byname($uid,$name);
+ if (! $gid) {
+ return false;
+ }
+ if (! ($uid && $gid && $member)) {
+ return false;
+ }
+ $r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
+ intval($uid),
+ intval($gid),
+ dbesc($member)
+ );
+
+ Libsync::build_sync_packet($uid,null,true);
+
+ return $r;
+ }
+
+
+ static function member_add($uid,$name,$member,$gid = 0) {
+ if (! $gid) {
+ $gid = self::byname($uid,$name);
+ }
+ if (! ($gid && $uid && $member)) {
+ return false;
+ }
+
+ $r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",
+ intval($uid),
+ intval($gid),
+ dbesc($member)
+ );
+ if ($r) {
+ return true; // You might question this, but
+ // we indicate success because the group member was in fact created
+ // -- It was just created at another time
+ }
+ else {
+ $r = q("INSERT INTO pgrp_member (uid, gid, xchan)
+ VALUES( %d, %d, '%s' ) ",
+ intval($uid),
+ intval($gid),
+ dbesc($member)
+ );
+ }
+ Libsync::build_sync_packet($uid,null,true);
+ return $r;
+ }
+
+
+ static function members($uid, $gid) {
+ $ret = [];
+ if (intval($gid)) {
+ $r = q("SELECT * FROM pgrp_member
+ LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
+ WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
+ intval($gid),
+ intval($uid),
+ intval($uid)
+ );
+ if ($r) {
+ $ret = $r;
+ }
+ }
+ return $ret;
+ }
+
+ static function members_xchan($uid,$gid) {
+ $ret = [];
+ if (intval($gid)) {
+ $r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
+ intval($gid),
+ intval($uid)
+ );
+ if ($r) {
+ foreach ($r as $rv) {
+ $ret[] = $rv['xchan'];
+ }
+ }
+ }
+ return $ret;
+ }
+
+ static function members_profile_xchan($uid,$gid) {
+ $ret = [];
+ if (intval($gid)) {
+ $r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
+ intval($gid),
+ intval($uid)
+ );
+ if ($r) {
+ foreach($r as $rv) {
+ $ret[] = $rv['xchan'];
+ }
+ }
+ }
+ return $ret;
+ }
+
+
+
+
+ static function select($uid,$group = '') {
+
+ $grps = [];
+
+ $r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+ intval($uid)
+ );
+ $grps[] = [ 'name' => '', 'hash' => '0', 'selected' => '' ];
+ if ($r) {
+ foreach ($r as $rr) {
+ $grps[] = [ 'name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : '') ];
+ }
+
+ }
+
+ return replace_macros(get_markup_template('group_selection.tpl'), [
+ '$label' => t('Add new connections to this access list'),
+ '$groups' => $grps
+ ]);
+ }
+
+
+ static function widget($every="connections",$each="lists",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
+
+ $o = '';
+
+ $groups = [];
+
+ $r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+ intval($_SESSION['uid'])
+ );
+ $member_of = [];
+ if ($cid) {
+ $member_of = self::containing(local_channel(),$cid);
+ }
+
+ if ($r) {
+ foreach ($r as $rr) {
+ $selected = (($group_id == $rr['id']) ? ' group-selected' : '');
+
+ if ($edit) {
+ $groupedit = [ 'href' => "lists/".$rr['id'], 'title' => t('edit') ];
+ }
+ else {
+ $groupedit = null;
+ }
+
+ $groups[] = [
+ 'id' => $rr['id'],
+ 'enc_cid' => base64url_encode($cid),
+ 'cid' => $cid,
+ 'text' => $rr['gname'],
+ 'selected' => $selected,
+ 'href' => (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
+ 'edit' => $groupedit,
+ 'ismember' => in_array($rr['id'],$member_of),
+ ];
+ }
+ }
+
+ return replace_macros(get_markup_template('group_side.tpl'), [
+ '$title' => t('Lists'),
+ '$edittext' => t('Edit list'),
+ '$createtext' => t('Create new list'),
+ '$ungrouped' => (($every === 'contacts') ? t('Channels not in any access list') : ''),
+ '$groups' => $groups,
+ '$add' => t('add'),
+ ]);
+
+ }
+
+
+ static function expand($g) {
+ if (! (is_array($g) && count($g))) {
+ return [];
+ }
+
+ $ret = [];
+ $x = [];
+
+ // private profile linked virtual groups
+
+ foreach ($g as $gv) {
+ if (substr($gv,0,3) === 'vp.') {
+ $profile_hash = substr($gv,3);
+ if ($profile_hash) {
+ $r = q("select abook_xchan from abook where abook_profile = '%s'",
+ dbesc($profile_hash)
+ );
+ if ($r) {
+ foreach ($r as $rv) {
+ $ret[] = $rv['abook_xchan'];
+ }
+ }
+ }
+ }
+ else {
+ $x[] = $gv;
+ }
+ }
+
+ if ($x) {
+ stringify_array_elms($x,true);
+ $groups = implode(',', $x);
+ if ($groups) {
+ $r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
+ if ($r) {
+ foreach ($r as $rv) {
+ $ret[] = $rv['xchan'];
+ }
+ }
+ }
+ }
+ return $ret;
+ }
+
+
+ static function member_of($c) {
+ $r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id
+ WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname ASC ",
+ dbesc($c)
+ );
+
+ return $r;
+ }
+
+ static function containing($uid,$c) {
+
+ $r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
+ intval($uid),
+ dbesc($c)
+ );
+
+ $ret = [];
+ if ($r) {
+ foreach ($r as $rv)
+ $ret[] = $rv['gid'];
+ }
+
+ return $ret;
+ }
+} \ No newline at end of file
diff --git a/Zotlabs/Lib/Connect.php b/Zotlabs/Lib/Connect.php
new file mode 100644
index 000000000..5fc0e3fe1
--- /dev/null
+++ b/Zotlabs/Lib/Connect.php
@@ -0,0 +1,316 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+use App;
+use Zotlabs\Access\Permissions;
+use Zotlabs\Daemon\Master;
+
+
+
+class Connect {
+
+ /**
+ * Takes a $channel and a $url/handle and adds a new connection
+ *
+ * Returns array
+ * $return['success'] boolean true if successful
+ * $return['abook'] Address book entry joined with xchan if successful
+ * $return['message'] error text if success is false.
+ *
+ * This function does NOT send sync packets to clones. The caller is responsible for doing this
+ */
+
+ static function connect($channel, $url, $sub_channel = false) {
+
+ $uid = $channel['channel_id'];
+
+ if (strpos($url,'@') === false && strpos($url,'/') === false) {
+ $url = $url . '@' . App::get_hostname();
+ }
+
+ $result = [ 'success' => false, 'message' => '' ];
+
+ $my_perms = false;
+ $protocol = '';
+
+ if (substr($url,0,1) === '[') {
+ $x = strpos($url,']');
+ if ($x) {
+ $protocol = substr($url,1,$x-1);
+ $url = substr($url,$x+1);
+ }
+ }
+
+ if (! check_siteallowed($url)) {
+ $result['message'] = t('Channel is blocked on this site.');
+ return $result;
+ }
+
+ if (! $url) {
+ $result['message'] = t('Channel location missing.');
+ return $result;
+ }
+
+ // check service class limits
+
+ $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ",
+ intval($uid)
+ );
+ if ($r) {
+ $total_channels = $r[0]['total'];
+ }
+
+ if (! service_class_allows($uid,'total_channels',$total_channels)) {
+ $result['message'] = upgrade_message();
+ return $result;
+ }
+
+ $xchan_hash = '';
+ $sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
+
+ $r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ",
+ dbesc($url),
+ dbesc($url),
+ dbesc($url)
+ );
+
+ if ($r) {
+
+ // reset results to the best record or the first if we don't have the best
+ // note: this is a single record and not an array of results
+
+ $r = Libzot::zot_record_preferred($r,'xchan_network');
+
+ }
+
+ $singleton = false;
+ $d = false;
+
+ if (! $r) {
+
+ // not in cache - try discovery
+
+ $wf = discover_by_webbie($url,$protocol);
+
+ if (! $wf) {
+ $feeds = get_config('system','feed_contacts');
+
+ if (($feeds) && (in_array($protocol, [ '', 'feed', 'rss' ]))) {
+ $d = discover_feed($url);
+ }
+ else {
+ $result['message'] = t('Remote channel or protocol unavailable.');
+ return $result;
+ }
+ }
+ }
+
+ if ($wf || $d) {
+
+ // something was discovered - find the record which was just created.
+
+ $r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s' ) $sql_options",
+ dbesc(($wf) ? $wf : $url),
+ dbesc($url),
+ dbesc($url)
+ );
+
+ // convert to a single record (once again preferring a zot solution in the case of multiples)
+
+ if ($r) {
+ $r = Libzot::zot_record_preferred($r,'xchan_network');
+ }
+ }
+
+ // if discovery was a success or the channel was already cached we should have an xchan record in $r
+
+ if ($r) {
+ $xchan = $r;
+ $xchan_hash = $r['xchan_hash'];
+ $their_perms = EMPTY_STR;
+ }
+
+ // failure case
+
+ if (! $xchan_hash) {
+ $result['message'] = t('Channel discovery failed.');
+ logger('follow: ' . $result['message']);
+ return $result;
+ }
+
+ if (! check_channelallowed($xchan_hash)) {
+ $result['message'] = t('Channel is blocked on this site.');
+ logger('follow: ' . $result['message']);
+ return $result;
+
+ }
+
+ $allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0);
+
+ $hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0];
+ call_hooks('follow_allow',$hookdata);
+
+ if(! $hookdata['allowed']) {
+ $result['message'] = t('Protocol disabled.');
+ return $result;
+ }
+
+ $singleton = intval($hookdata['singleton']);
+
+ // Now start processing the new connection
+
+ $aid = $channel['channel_account_id'];
+ $default_group = $channel['channel_default_group'];
+
+ if (in_array($xchan_hash, [$channel['channel_hash'], $channel['channel_portable_id']])) {
+ $result['message'] = t('Cannot connect to yourself.');
+ return $result;
+ }
+
+ if ($xchan['xchan_network'] === 'rss') {
+
+ // check service class feed limits
+
+ $t = q("select count(*) as total from abook where abook_account = %d and abook_feed = 1 ",
+ intval($aid)
+ );
+ if ($t) {
+ $total_feeds = $t[0]['total'];
+ }
+
+ if (! service_class_allows($uid,'total_feeds',$total_feeds)) {
+ $result['message'] = upgrade_message();
+ return $result;
+ }
+
+ // Always set these "remote" permissions for feeds since we cannot interact with them
+ // to negotiate a suitable permission response
+
+ $p = get_abconfig($uid,$xchan_hash,'system','their_perms',EMPTY_STR);
+ if ($p) {
+ $p .= ',';
+ }
+ $p .= 'view_stream,republish';
+ set_abconfig($uid,$xchan_hash,'system','their_perms',$p);
+
+ }
+
+
+ $p = Permissions::connect_perms($uid);
+
+ // parent channels have unencumbered write permission
+
+ if ($sub_channel) {
+ $p['perms']['post_wall'] = 1;
+ $p['perms']['post_comments'] = 1;
+ $p['perms']['write_storage'] = 1;
+ $p['perms']['post_like'] = 1;
+ $p['perms']['delegate'] = 0;
+ $p['perms']['moderated'] = 0;
+ }
+
+ $my_perms = $p['perms'];
+
+ $profile_assign = get_pconfig($uid,'system','profile_assign','');
+
+
+ // See if we are already connected by virtue of having an abook record
+
+ $r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook
+ where abook_xchan = '%s' and abook_channel = %d limit 1",
+ dbesc($xchan_hash),
+ intval($uid)
+ );
+
+ if ($r) {
+
+ $abook_instance = $r[0]['abook_instance'];
+
+ // If they are on a non-nomadic network, add them to this location
+
+ if (($singleton) && strpos($abook_instance,z_root()) === false) {
+ if ($abook_instance) {
+ $abook_instance .= ',';
+ }
+ $abook_instance .= z_root();
+
+ $x = q("update abook set abook_instance = '%s', abook_not_here = 0 where abook_id = %d",
+ dbesc($abook_instance),
+ intval($r[0]['abook_id'])
+ );
+ }
+
+ // if they have a pending connection, we just followed them so approve the connection request
+
+ if (intval($r[0]['abook_pending'])) {
+ $x = q("update abook set abook_pending = 0 where abook_id = %d",
+ intval($r[0]['abook_id'])
+ );
+ }
+ }
+ else {
+
+ // create a new abook record
+
+ $closeness = get_pconfig($uid,'system','new_abook_closeness',80);
+
+ $r = abook_store_lowlevel(
+ [
+ 'abook_account' => intval($aid),
+ 'abook_channel' => intval($uid),
+ 'abook_closeness' => intval($closeness),
+ 'abook_xchan' => $xchan_hash,
+ 'abook_profile' => $profile_assign,
+ 'abook_feed' => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0),
+ 'abook_created' => datetime_convert(),
+ 'abook_updated' => datetime_convert(),
+ 'abook_instance' => (($singleton) ? z_root() : '')
+ ]
+ );
+ }
+
+ if (! $r) {
+ logger('abook creation failed');
+ $result['message'] = t('error saving data');
+ return $result;
+ }
+
+ // Set suitable permissions to the connection
+
+ if($my_perms) {
+ foreach($my_perms as $k => $v) {
+ set_abconfig($uid,$xchan_hash,'my_perms',$k,$v);
+ }
+ }
+
+ // fetch the entire record
+
+ $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash
+ where abook_xchan = '%s' and abook_channel = %d limit 1",
+ dbesc($xchan_hash),
+ intval($uid)
+ );
+
+ if ($r) {
+ $result['abook'] = array_shift($r);
+ Master::Summon([ 'Notifier', 'permission_create', $result['abook']['abook_id'] ]);
+ }
+
+ $arr = [ 'channel_id' => $uid, 'channel' => $channel, 'abook' => $result['abook'] ];
+
+ call_hooks('follow', $arr);
+
+ /** If there is a default group for this channel, add this connection to it */
+
+ if ($default_group) {
+ $g = AccessList::rec_byhash($uid,$default_group);
+ if ($g) {
+ AccessList::member_add($uid,'',$xchan_hash,$g['id']);
+ }
+ }
+
+ $result['success'] = true;
+ return $result;
+ }
+}