diff options
Diffstat (limited to 'Zotlabs')
32 files changed, 863 insertions, 472 deletions
diff --git a/Zotlabs/Daemon/Cron.php b/Zotlabs/Daemon/Cron.php index 46f4e4071..703d6ce08 100644 --- a/Zotlabs/Daemon/Cron.php +++ b/Zotlabs/Daemon/Cron.php @@ -155,6 +155,11 @@ class Cron { } } + + // check if any connections transitioned to zot6 and upgrade the connections to zot6 at this hub if so. + require_once('include/connections.php'); + z6trans_connections(); + require_once('include/attach.php'); attach_upgrade(); diff --git a/Zotlabs/Daemon/Cron_daily.php b/Zotlabs/Daemon/Cron_daily.php index 2cf0c9119..07533cc6e 100644 --- a/Zotlabs/Daemon/Cron_daily.php +++ b/Zotlabs/Daemon/Cron_daily.php @@ -98,7 +98,6 @@ class Cron_daily { remove_obsolete_hublocs(); z6_discover(); - z6trans_connections(); call_hooks('cron_daily',datetime_convert()); diff --git a/Zotlabs/Daemon/Gprobe.php b/Zotlabs/Daemon/Gprobe.php index f1ffb2d81..6951aa1d4 100644 --- a/Zotlabs/Daemon/Gprobe.php +++ b/Zotlabs/Daemon/Gprobe.php @@ -2,7 +2,9 @@ namespace Zotlabs\Daemon; -require_once('include/zot.php'); +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\Webfinger; +use Zotlabs\Lib\Zotfinger; // performs zot_finger on $argv[1], which is a hex_encoded webbie/reddress @@ -22,12 +24,16 @@ class Gprobe { ); if(! $r) { - $j = \Zotlabs\Zot\Finger::run($url,null); - if($j['success']) { - $y = import_xchan($j); + $href = Webfinger::zot_url(punify($url)); + if($href) { + $zf = Zotfinger::exec($href, null); + } + if(is_array($zf) && array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) { + $xc = Libzot::import_xchan($zf['data']); } } return; + } } diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php index 8993d8aee..97889da34 100644 --- a/Zotlabs/Daemon/Notifier.php +++ b/Zotlabs/Daemon/Notifier.php @@ -45,18 +45,18 @@ require_once('include/bbcode.php'); * * where COMMAND is one of the following: * - * activity (in diaspora.php, dfrn_confirm.php, profiles.php) - * comment-import (in diaspora.php, items.php) - * comment-new (in item.php) - * drop (in diaspora.php, items.php, photos.php) - * edit_post (in item.php) - * event (in events.php) - * expire (in items.php) - * like (in like.php, poke.php) - * mail (in message.php) - * tag (in photos.php, poke.php, tagger.php) - * tgroup (in items.php) - * wall-new (in photos.php, item.php) + * activity (in diaspora.php, dfrn_confirm.php, profiles.php) + * comment-import (in diaspora.php, items.php) + * comment-new (in item.php) + * drop (in diaspora.php, items.php, photos.php) + * edit_post (in item.php) + * event (in events.php) + * expire (in items.php) + * like (in like.php, poke.php) + * mail (in message.php) + * tag (in photos.php, poke.php, tagger.php) + * tgroup (in items.php) + * wall-new (in photos.php, item.php) * * and ITEM_ID is the id of the item in the database that needs to be sent to others. * @@ -66,9 +66,10 @@ require_once('include/bbcode.php'); * permission_reject abook_id * permission_update abook_id * refresh_all channel_id + * purge channel_id xchan_hash * purge_all channel_id * expire channel_id - * relay item_id (item was relayed to owner, we will deliver it as owner) + * relay item_id (item was relayed to owner, we will deliver it as owner) * single_activity item_id (deliver to a singleton network from the appropriate clone) * single_mail mail_id (deliver to a singleton network from the appropriate clone) * location channel_id @@ -240,25 +241,40 @@ class Notifier { $packet_type = 'location'; $location = true; } + elseif($cmd === 'purge') { + $xchan = $argv[3]; + logger('notifier: purge: ' . $item_id . ' => ' . $xchan); + if (! $xchan) { + return; + } + + $channel = channelx_by_n($item_id); + $recipients[] = $xchan; + $private = true; + $packet_type = 'purge'; + $packet_recips[] = ['hash' => $xchan]; + } elseif($cmd === 'purge_all') { + logger('notifier: purge_all: ' . $item_id); - $s = q("select * from channel where channel_id = %d limit 1", - intval($item_id) - ); - if($s) - $channel = $s[0]; - $uid = $item_id; - $recipients = array(); + $channel = channelx_by_n($item_id); + + $recipients = []; $r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0", intval($item_id) ); - if($r) { - foreach($r as $rr) { - $recipients[] = $rr['abook_xchan']; - } + if (! $r) { + return; } + foreach ($r as $rr) { + $recipients[] = $rr['abook_xchan']; + $packet_recips[] = ['hash' => $rr['abook_xchan']]; + } + $private = false; $packet_type = 'purge'; + + } else { @@ -361,8 +377,9 @@ class Notifier { $encoded_item = encode_item($target_item); - // activitystreams version - $m = get_iconfig($target_item,'activitystreams','signed_data'); + // Re-use existing signature unless the activity type changed to a Tombstone, which won't verify. + $m = ((intval($target_item['item_deleted'])) ? '' : get_iconfig($target_item,'activitystreams','signed_data')); + if($m) { $activity = json_decode($m,true); } @@ -378,7 +395,6 @@ class Notifier { logger('target_item: ' . print_r($target_item,true), LOGGER_DEBUG); logger('encoded: ' . print_r($activity,true), LOGGER_DEBUG); - // Send comments to the owner to re-deliver to everybody in the conversation // We only do this if the item in question originated on this site. This prevents looping. // To clarify, a site accepting a new comment is responsible for sending it to the owner for relay. diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index d883eac67..9a31304d1 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -314,17 +314,29 @@ class Activity { else { $objtype = self::activity_obj_mapper($i['obj_type']); } - - if(intval($i['item_deleted'])) { + + if ($i['obj']) { + $ret = Activity::encode_object($i['obj']); + } + + if (intval($i['item_deleted'])) { $ret['type'] = 'Tombstone'; $ret['formerType'] = $objtype; - $ret['id'] = ((strpos($i['mid'],'http') === 0) ? $i['mid'] : z_root() . '/item/' . urlencode($i['mid'])); + $ret['id'] = $i['mid']; + if($i['id'] != $i['parent']) + $ret['inReplyTo'] = $i['thr_parent']; + + $ret['to'] = [ ACTIVITY_PUBLIC_INBOX ]; return $ret; } - if ($i['obj']) { - $ret = Activity::encode_object($i['obj']); + if (is_array($i['obj'])) { + $ret = $i['obj']; + } + else { + $ret = json_decode($i['obj'],true); + } } $ret['type'] = $objtype; @@ -640,7 +652,7 @@ class Activity { - static function encode_activity($i) { + static function encode_activity($i, $dismiss_deleted = false) { $ret = []; $reply = false; @@ -651,20 +663,47 @@ class Activity { $ret['obj'] = []; } - if(intval($i['item_deleted'])) { - $ret['type'] = 'Tombstone'; - $ret['formerType'] = self::activity_obj_mapper($i['obj_type']); - $ret['id'] = ((strpos($i['mid'],'http') === 0) ? $i['mid'] : z_root() . '/item/' . urlencode($i['mid'])); + $ret['type'] = self::activity_mapper($i['verb']); + $fragment = ''; + + if (intval($i['item_deleted']) && !$dismiss_deleted) { + $is_response = false; + + if (in_array($ret['type'], [ 'Like', 'Dislike', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject' ])) { + $ret['type'] = 'Undo'; + $fragment = 'undo'; + $is_response = true; + } + else { + $ret['type'] = 'Delete'; + $fragment = 'delete'; + } + + $ret['id'] = str_replace('/item/','/activity/',$i['mid']) . '#' . $fragment; $actor = self::encode_person($i['author'],false); - if($actor) + if ($actor) $ret['actor'] = $actor; else return []; - return $ret; - } +// $ret['object'] = str_replace('/item/','/activity/',$i['mid']); - $ret['type'] = self::activity_mapper($i['verb']); + $obj = (($is_response) ? self::encode_activity($i,true) : self::encode_item($i,true)); + if ($obj) { + // do not leak private content in deletes + unset($obj['object']); + unset($obj['cc']); + $obj['to'] = [ ACTIVITY_PUBLIC_INBOX ]; + $ret['object'] = $obj; + } + else + return []; + + $ret['to'] = [ ACTIVITY_PUBLIC_INBOX ]; + + return $ret; + + } if($ret['type'] === 'emojiReaction') { // There may not be an object for these items for legacy reasons - it should be the conversation parent. @@ -1060,6 +1099,8 @@ class Activity { 'http://purl.org/zot/activity/attendno' => 'Reject', 'http://purl.org/zot/activity/attendmaybe' => 'TentativeAccept', 'Invite' => 'Invite', + 'Delete' => 'Delete', + 'Undo' => 'Undo' ]; call_hooks('activity_mapper',$acts); @@ -1107,6 +1148,8 @@ class Activity { 'http://purl.org/zot/activity/attendno' => 'Reject', 'http://purl.org/zot/activity/attendmaybe' => 'TentativeAccept', 'Invite' => 'Invite', + 'Delete' => 'Delete', + 'Undo' => 'Undo' ]; call_hooks('activity_decode_mapper',$acts); @@ -1143,7 +1186,9 @@ class Activity { 'Question' => 'Question', 'Document' => 'Document', 'Audio' => 'Audio', - 'Video' => 'Video' + 'Video' => 'Video', + 'Delete' => 'Delete', + 'Undo' => 'Undo' ]; call_hooks('activity_obj_decode_mapper',$objs); @@ -1180,7 +1225,9 @@ class Activity { 'Invite' => 'Invite', 'Question' => 'Question', 'Audio' => 'Audio', - 'Video' => 'Video' + 'Video' => 'Video', + 'Delete' => 'Delete', + 'Undo' => 'Undo' ]; call_hooks('activity_obj_mapper',$objs); @@ -1456,11 +1503,35 @@ class Activity { $icon = $person_obj['icon']; } - if(is_array($person_obj['url']) && array_key_exists('href', $person_obj['url'])) - $profile = $person_obj['url']['href']; - else - $profile = $url; + $links = false; + $profile = false; + if (is_array($person_obj['url'])) { + if (! array_key_exists(0,$person_obj['url'])) { + $links = [ $person_obj['url'] ]; + } + else { + $links = $person_obj['url']; + } + } + + if ($links) { + foreach ($links as $link) { + if (array_key_exists('mediaType',$link) && $link['mediaType'] === 'text/html') { + $profile = $link['href']; + } + } + if (! $profile) { + $profile = $links[0]['href']; + } + } + elseif (isset($person_obj['url']) && is_string($person_obj['url'])) { + $profile = $person_obj['url']; + } + + if (! $profile) { + $profile = $url; + } $inbox = $person_obj['inbox']; @@ -1492,6 +1563,7 @@ class Activity { ); if(! $r) { // create a new record + $r = xchan_store_lowlevel( [ 'xchan_hash' => $url, @@ -1985,8 +2057,8 @@ class Activity { $response_activity = true; $s['mid'] = $act->id; - $s['parent_mid'] = $act->obj['id']; - $s['uuid'] = $act->{'diaspora:guid'}; + // $s['parent_mid'] = $act->obj['id']; + $s['uuid'] = $act->data['diaspora:guid']; // over-ride the object timestamp with the activity @@ -2052,12 +2124,10 @@ class Activity { $s['edited'] = datetime_convert(); } - if($act->type === 'Tombstone' || $act->type === 'Delete' || ($act->type === 'Create' && $act->obj['type'] === 'Tombstone')) { + if(in_array($act->type, [ 'Delete', 'Undo', 'Tombstone' ]) || ($act->type === 'Create' && $act->obj['type'] === 'Tombstone')) { $s['item_deleted'] = 1; } - - $s['obj_type'] = self::activity_obj_decode_mapper($act->obj['type']); if($s['obj_type'] === ACTIVITY_OBJ_NOTE && $s['mid'] !== $s['parent_mid']) { $s['obj_type'] = ACTIVITY_OBJ_COMMENT; @@ -2561,8 +2631,8 @@ class Activity { switch($a->type) { case 'Create': case 'Update': - case 'Like': - case 'Dislike': + //case 'Like': + //case 'Dislike': case 'Announce': $item = self::decode_note($a); break; @@ -3069,5 +3139,29 @@ class Activity { return $content; } + // Find either an Authorization: Bearer token or 'token' request variable + // in the current web request and return it + + static function token_from_request() { + + foreach ( [ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $s ) { + $auth = ((array_key_exists($s,$_SERVER) && strpos($_SERVER[$s],'Bearer ') === 0) + ? str_replace('Bearer ', EMPTY_STR, $_SERVER[$s]) + : EMPTY_STR + ); + if ($auth) { + break; + } + } + + if (! $auth) { + if (array_key_exists('token',$_REQUEST) && $_REQUEST['token']) { + $auth = $_REQUEST['token']; + } + } + + return $auth; + } + } diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index f706b0fb9..03a824b9b 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -856,11 +856,11 @@ class Enotify { 'photo' => $item[$who]['xchan_photo_s'], 'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])), 'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'), - 'b64mid' => 'b64.' . base64url_encode($item['mid']), + 'b64mid' => (($item['mid']) ? 'b64.' . base64url_encode($item['mid']) : ''), //'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])), - 'notify_id' => 'undefined', 'thread_top' => (($item['item_thread_top']) ? true : false), 'message' => bbcode(escape_tags($itemem_text)), + 'body' => htmlentities(html2plain(bbcode($item['body']), 75, true), ENT_COMPAT, 'UTF-8', false), // these are for the superblock addon 'hash' => $item[$who]['xchan_hash'], 'uid' => $item['uid'], @@ -885,7 +885,6 @@ class Enotify { $mid = basename($tt['link']); $b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid)); - $x = [ 'notify_link' => z_root() . '/notify/view/' . $tt['id'], 'name' => $tt['xname'], @@ -893,8 +892,8 @@ class Enotify { 'photo' => $tt['photo'], 'when' => datetime_convert('UTC', date_default_timezone_get(), $tt['created']), 'hclass' => (($tt['seen']) ? 'notify-seen' : 'notify-unseen'), - 'b64mid' => (($tt['otype'] == 'item') ? $b64mid : 'undefined'), - 'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : 'undefined'), + 'b64mid' => (($tt['otype'] == 'item') ? $b64mid : ''), + 'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : ''), 'message' => $message ]; @@ -980,8 +979,7 @@ class Enotify { $x = [ 'notify_link' => z_root() . '/admin/accounts', 'name' => $rr['account_email'], - 'addr' => $rr['account_email'], - 'url' => '', + //'addr' => $rr['account_email'], 'photo' => z_root() . '/' . get_default_profile_photo(48), 'when' => datetime_convert('UTC', date_default_timezone_get(),$rr['account_created']), 'hclass' => ('notify-unseen'), diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php index b7cda1770..cff320e11 100644 --- a/Zotlabs/Lib/Libsync.php +++ b/Zotlabs/Lib/Libsync.php @@ -819,9 +819,9 @@ class Libsync { } if(intval($r[0]['hubloc_primary']) && (! $location['primary'])) { - $m = q("update hubloc set hubloc_primary = 0, hubloc_updated = '%s' where hubloc_id = %d", + $m = q("update hubloc set hubloc_primary = 0, hubloc_updated = '%s' where hubloc_id_url = '%s'", dbesc(datetime_convert()), - intval($r[0]['hubloc_id']) + dbesc($r[0]['hubloc_id_url']) ); $r[0]['hubloc_primary'] = intval($location['primary']); hubloc_change_primary($r[0]); @@ -848,18 +848,18 @@ class Libsync { } } if(intval($r[0]['hubloc_deleted']) && (! intval($location['deleted']))) { - $n = q("update hubloc set hubloc_deleted = 0, hubloc_updated = '%s' where hubloc_id = %d", + $n = q("update hubloc set hubloc_deleted = 0, hubloc_updated = '%s' where hubloc_id_url = '%s'", dbesc(datetime_convert()), - intval($r[0]['hubloc_id']) + dbesc($r[0]['hubloc_id_url']) ); $what .= 'undelete_hub '; $changed = true; } elseif((! intval($r[0]['hubloc_deleted'])) && (intval($location['deleted']))) { logger('deleting hubloc: ' . $r[0]['hubloc_addr']); - $n = q("update hubloc set hubloc_deleted = 1, hubloc_updated = '%s' where hubloc_id = %d", + $n = q("update hubloc set hubloc_deleted = 1, hubloc_updated = '%s' where hubloc_id_url = '%s'", dbesc(datetime_convert()), - intval($r[0]['hubloc_id']) + dbesc($r[0]['hubloc_id_url']) ); $what .= 'delete_hub '; $changed = true; @@ -918,9 +918,9 @@ class Libsync { foreach($xisting as $x) { if(! array_key_exists('updated',$x)) { logger('Deleting unreferenced hub location ' . $x['hubloc_addr']); - $r = q("update hubloc set hubloc_deleted = 1, hubloc_updated = '%s' where hubloc_id = %d", + $r = q("update hubloc set hubloc_deleted = 1, hubloc_updated = '%s' where hubloc_id_url = '%s'", dbesc(datetime_convert()), - intval($x['hubloc_id']) + dbesc($x['hubloc_id_url']) ); $what .= 'removed_hub '; $changed = true; diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index dda6d5d95..f16f5258a 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -316,14 +316,22 @@ class Libzot { $x = self::import_xchan($record['data'], (($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED)); + if(! $x['success']) return false; if($channel && $record['data']['permissions']) { $permissions = explode(',',$record['data']['permissions']); + if($permissions && is_array($permissions)) { $old_read_stream_perm = get_abconfig($channel['channel_id'],$x['hash'],'their_perms','view_stream'); + // We need to reset their_perms prior to setting the new ones. + // Otherwise withdrawn permissions will not take effect locally. + q("DELETE FROM abconfig WHERE chan = %d AND xchan = '%s' AND cat = 'their_perms'", + intval($channel['channel_id']), + dbesc($x['hash']) + ); foreach($permissions as $p) { set_abconfig($channel['channel_id'],$x['hash'],'their_perms',$p,'1'); } @@ -1133,6 +1141,7 @@ class Libzot { } logger($AS->debug(),LOGGER_DATA); + } @@ -1193,10 +1202,6 @@ class Libzot { if(in_array($env['type'],['activity','response'])) { - $arr = Activity::decode_note($AS); - - //logger($AS->debug()); - $r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' ", dbesc($AS->actor['id']) ); @@ -1488,13 +1493,14 @@ class Libzot { // Try again using the delivery channel credentials. // We will also need to re-parse the $item array, // but preserve any values that were set during anonymous parsing. - + $o = Activity::fetch($act->obj,$channel); if($o) { $act->obj = $o; $arr = array_merge(Activity::decode_note($act),$arr); } else { + $DR->update('Incomplete or corrupt activity'); $result[] = $DR->get(); continue; @@ -1717,7 +1723,7 @@ class Libzot { $arr['aid'] = $channel['channel_account_id']; $arr['uid'] = $channel['channel_id']; - $item_id = self::delete_imported_item($sender,$arr,$channel['channel_id'],$relay); + $item_id = self::delete_imported_item($sender,$act,$arr,$channel['channel_id'],$relay); $DR->update(($item_id) ? 'deleted' : 'delete_failed'); $result[] = $DR->get(); @@ -1731,11 +1737,15 @@ class Libzot { continue; } + // reactions such as like and dislike could have an mid with /activity/ in it. + // Check for both forms in order to prevent duplicates. - $r = q("select * from item where mid = '%s' and uid = %d limit 1", + $r = q("select * from item where mid in ('%s','%s') and uid = %d limit 1", dbesc($arr['mid']), + dbesc(str_replace(z_root() . '/activity/', z_root() . '/item/', $arr['mid'])), intval($channel['channel_id']) ); + if($r) { // We already have this post. $item_id = $r[0]['id']; @@ -2096,7 +2106,7 @@ class Libzot { * @return boolean|int post_id */ - static function delete_imported_item($sender, $item, $uid, $relay) { + static function delete_imported_item($sender, $act, $item, $uid, $relay) { logger('invoked', LOGGER_DEBUG); @@ -2104,38 +2114,39 @@ class Libzot { $item_found = false; $post_id = 0; + if ($item['verb'] === 'Tombstone') { + // The id of the deleted thing is the item mid (activity id) + $mid = $item['mid']; + } + else { + // The id is the object id if the type is Undo or Delete + $mid = ((is_array($act->obj)) ? $act->obj['id'] : $act->obj); + } + + // we may have stored either the object id or the activity id if it was a response activity (like, dislike, etc.) + $r = q("select * from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' ) - and mid = '%s' and uid = %d limit 1", + and mid IN ('%s', '%s') and uid = %d limit 1", dbesc($sender), dbesc($sender), dbesc($sender), - dbesc($item['mid']), + dbesc($mid), + dbesc(str_replace('/activity/','/item/',$mid)), intval($uid) ); if($r) { $stored = $r[0]; - if($stored['author_xchan'] === $sender || $stored['owner_xchan'] === $sender || $stored['source_xchan'] === $sender) - $ownership_valid = true; + // we proved ownership in the sql query + $ownership_valid = true; $post_id = $stored['id']; $item_found = true; } else { - - // perhaps the item is still in transit and the delete notification got here before the actual item did. Store it with the deleted flag set. - // item_store() won't try to deliver any notifications or start delivery chains if this flag is set. - // This means we won't end up with potentially even more delivery threads trying to push this delete notification. - // But this will ensure that if the (undeleted) original post comes in at a later date, we'll reject it because it will have an older timestamp. - - logger('delete received for non-existent item - storing item data.'); - - if($item['author_xchan'] === $sender || $item['owner_xchan'] === $sender || $item['source_xchan'] === $sender) { - $ownership_valid = true; - $item_result = item_store($item); - $post_id = $item_result['item_id']; - } + // this will fail with an ownership issue, so explain the real reason + logger('delete received for non-existent item or not owned by sender - ignoring.'); } if($ownership_valid === false) { diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php index fadc38b38..024502d2a 100644 --- a/Zotlabs/Lib/ThreadItem.php +++ b/Zotlabs/Lib/ThreadItem.php @@ -287,12 +287,16 @@ class ThreadItem { $settings = ''; + $tagger = []; + // FIXME - check this permission if($conv->get_profile_owner() == local_channel()) { + /* disable until we agree on how to implemnt this in zot6/activitypub $tagger = array( 'tagit' => t("Add Tag"), 'classtagger' => "", ); + */ $settings = t('Conversation Tools'); } diff --git a/Zotlabs/Lib/ThreadStream.php b/Zotlabs/Lib/ThreadStream.php index 020e8729b..68b2c70dd 100644 --- a/Zotlabs/Lib/ThreadStream.php +++ b/Zotlabs/Lib/ThreadStream.php @@ -23,7 +23,7 @@ class ThreadStream { private $preview = false; private $prepared_item = ''; public $reload = ''; - private $cipher = 'aes256'; + private $cipher = 'AES-128-CCM'; // $prepared_item is for use by alternate conversation structures such as photos // wherein we've already prepared a top level item which doesn't look anything like diff --git a/Zotlabs/Module/Activity.php b/Zotlabs/Module/Activity.php index 9971ee60f..b75f0b245 100644 --- a/Zotlabs/Module/Activity.php +++ b/Zotlabs/Module/Activity.php @@ -21,7 +21,6 @@ class Activity extends Controller { if (Libzot::is_zot_request()) { $item_id = argv(1); - if (! $item_id) http_status_exit(404, 'Not found'); @@ -170,6 +169,99 @@ class Activity extends Controller { } + if(ActivityStreams::is_as_request()) { + + $item_id = argv(1); + + if (! $item_id) { + return; + } + + $ob_authorise = false; + $item_uid = 0; + + $bear = ZlibActivity::token_from_request(); + if ($bear) { + logger('bear: ' . $bear, LOGGER_DEBUG); + $t = q("select item.uid, iconfig.v from iconfig left join item on iid = item.id where cat = 'ocap' and item.uuid = '%s'", + dbesc($item_id) + ); + if ($t) { + foreach ($t as $token) { + if ($token['v'] === $bear) { + $ob_authorize = true; + $item_uid = $token['uid']; + break; + } + } + } + } + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 + and item.item_delayed = 0 and item.item_blocked = 0 "; + + $sigdata = HTTPSig::verify(EMPTY_STR); + if ($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + if (! check_channelallowed($portable_id)) { + http_status_exit(403, 'Permission denied'); + } + if (! check_siteallowed($sigdata['signer'])) { + http_status_exit(403, 'Permission denied'); + } + observer_auth($portable_id); + } + + // if passed an owner_id of 0 to item_permissions_sql(), we force "guest access" or observer checking + // Give ocap tokens priority + + if ($ob_authorize) { + $sql_extra = " and item.uid = " . intval($token['uid']) . " "; + } + else { + $sql_extra = item_permissions_sql(0); + } + + $r = q("select * from item where uuid = '%s' $item_normal $sql_extra limit 1", + dbesc($item_id) + ); + + if (! $r) { + $r = q("select * from item where uuid = '%s' $item_normal limit 1", + dbesc($item_id) + ); + if($r) { + http_status_exit(403, 'Forbidden'); + } + http_status_exit(404, 'Not found'); + } + + xchan_query($r,true); + $items = fetch_post_tags($r,false); + + $channel = channelx_by_n($items[0]['uid']); + + $x = array_merge( ['@context' => [ + ACTIVITYSTREAMS_JSONLD_REV, + 'https://w3id.org/security/v1', + z_root() . ZOT_APSCHEMA_REV + ]], ZlibActivity::encode_activity($items[0],true)); + + $headers = []; + $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ; + $x['signature'] = LDSignatures::sign($x,$channel); + $ret = json_encode($x, JSON_UNESCAPED_SLASHES); + $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T'); + $headers['Digest'] = HTTPSig::generate_digest_header($ret); + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + + $h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel)); + HTTPSig::set_headers($h); + echo $ret; + killme(); + + } + goaway(z_root() . '/item/' . argv(1)); } diff --git a/Zotlabs/Module/Admin/Addons.php b/Zotlabs/Module/Admin/Addons.php index 243eb242f..b67ab7b3a 100644 --- a/Zotlabs/Module/Admin/Addons.php +++ b/Zotlabs/Module/Admin/Addons.php @@ -18,7 +18,7 @@ class Addons { @include_once("addon/" . argv(2) . "/" . argv(2) . ".php"); if(function_exists(argv(2).'_plugin_admin_post')) { $func = argv(2) . '_plugin_admin_post'; - $func($a); + $func(); } goaway(z_root() . '/admin/addons/' . argv(2) ); @@ -332,7 +332,7 @@ class Addons { @require_once("addon/$plugin/$plugin.php"); if(function_exists($plugin.'_plugin_admin')) { $func = $plugin.'_plugin_admin'; - $func($a, $admin_form); + $func($admin_form); } } diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php index ac73b8a5b..d7d57664c 100644 --- a/Zotlabs/Module/Cdav.php +++ b/Zotlabs/Module/Cdav.php @@ -819,7 +819,7 @@ class Cdav extends Controller { return; } - $id = explode(':', $_REQUEST['target'])[0]; + $id = explode(':', $_REQUEST['target']); $ext = 'ics'; $table = 'calendarobjects'; $column = 'calendarid'; diff --git a/Zotlabs/Module/Chanview.php b/Zotlabs/Module/Chanview.php index 20ac41fbe..06ff10f9e 100644 --- a/Zotlabs/Module/Chanview.php +++ b/Zotlabs/Module/Chanview.php @@ -1,13 +1,17 @@ <?php namespace Zotlabs\Module; -require_once('include/zot.php'); +use App; +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\Webfinger; +use Zotlabs\Lib\Zotfinger; + class Chanview extends \Zotlabs\Web\Controller { function get() { - $observer = \App::get_observer(); + $observer = App::get_observer(); $xchan = null; $r = null; @@ -40,7 +44,7 @@ class Chanview extends \Zotlabs\Web\Controller { ); } if($r) { - \App::$poi = $r[0]; + App::$poi = $r[0]; } @@ -49,43 +53,45 @@ class Chanview extends \Zotlabs\Web\Controller { // address, we can and should try to import it. If it's just a hash, we can't continue, but we // probably wouldn't have a hash if we don't already have an xchan for this channel. - if(! \App::$poi) { + if(! App::$poi) { logger('mod_chanview: fallback'); - // This is hackish - construct a zot address from the url - if($_REQUEST['url']) { - if(preg_match('/https?\:\/\/(.*?)(\/channel\/|\/profile\/)(.*?)$/ism',$_REQUEST['url'],$matches)) { - $_REQUEST['address'] = $matches[3] . '@' . $matches[1]; + + if($_REQUEST['address']) { + $href = Webfinger::zot_url(punify($_REQUEST['address'])); + if($href) { + $_REQUEST['url'] = $href; } - logger('mod_chanview: constructed address ' . print_r($matches,true)); } $r = null; - if($_REQUEST['address']) { - $j = \Zotlabs\Zot\Finger::run($_REQUEST['address'],null); - if($j['success']) { - import_xchan($j); - $r = q("select * from xchan where xchan_addr = '%s' limit 1", - dbesc($_REQUEST['address']) + if($_REQUEST['url']) { + + $zf = Zotfinger::exec($_REQUEST['url'], null); + + if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) { + Libzot::import_xchan($j); + $r = q("select * from xchan where xchan_url = '%s' limit 1", + dbesc($_REQUEST['url']) ); if($r) { - \App::$poi = $r[0]; + App::$poi = $r[0]; } } if(! $r) { - if(discover_by_webbie($_REQUEST['address'])) { - $r = q("select * from xchan where xchan_addr = '%s' limit 1", - dbesc($_REQUEST['address']) + if(discover_by_webbie($_REQUEST['url'])) { + $r = q("select * from xchan where xchan_url = '%s' limit 1", + dbesc($_REQUEST['url']) ); if($r) { - \App::$poi = $r[0]; + App::$poi = $r[0]; } } } } } - if(! \App::$poi) { + if(! App::$poi) { notice( t('Channel not found.') . EOL); return; } @@ -93,19 +99,17 @@ class Chanview extends \Zotlabs\Web\Controller { $is_zot = false; $connected = false; - if (\App::$poi) { - $url = \App::$poi['xchan_url']; - if(in_array(\App::$poi['xchan_network'], ['zot', 'zot6'])) { - $is_zot = true; - } - if(local_channel()) { - $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s' limit 1", - intval(local_channel()), - dbesc(\App::$poi['xchan_hash']) - ); - if($c) - $connected = true; - } + $url = App::$poi['xchan_url']; + if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) { + $is_zot = true; + } + if(local_channel()) { + $c = q("select abook_id from abook where abook_channel = %d and abook_xchan = '%s' limit 1", + intval(local_channel()), + dbesc(App::$poi['xchan_hash']) + ); + if($c) + $connected = true; } // We will load the chanview template if it's a foreign network, diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php index 6a46cdace..28e775f9d 100644 --- a/Zotlabs/Module/Chat.php +++ b/Zotlabs/Module/Chat.php @@ -197,7 +197,7 @@ class Chat extends Controller { $cipher = get_pconfig(local_channel(),'system','default_cipher'); if(! $cipher) - $cipher = 'aes256'; + $cipher = 'AES-128-CCM'; $o = replace_macros(get_markup_template('chat.tpl'),array( diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index c0df57390..0fc807d42 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -7,9 +7,16 @@ namespace Zotlabs\Module; * */ +use App; use Zotlabs\Lib\Apps; use Zotlabs\Lib\Libzot; use Zotlabs\Lib\Libsync; +use Zotlabs\Daemon\Master; +use Zotlabs\Web\Controller; +use Zotlabs\Access\Permissions; +use Zotlabs\Access\PermissionLimits; +use Zotlabs\Web\HTTPHeaders; +use Zotlabs\Lib\Permcat; require_once('include/socgraph.php'); require_once('include/selectors.php'); @@ -17,7 +24,7 @@ require_once('include/group.php'); require_once('include/photos.php'); -class Connedit extends \Zotlabs\Web\Controller { +class Connedit extends Controller { /* @brief Initialize the connection-editor * @@ -37,12 +44,12 @@ class Connedit extends \Zotlabs\Web\Controller { intval(argv(1)) ); if($r) { - \App::$poi = array_shift($r); + App::$poi = array_shift($r); } } - $channel = \App::get_channel(); + $channel = App::get_channel(); if($channel) head_set_icon($channel['xchan_photo_s']); @@ -62,7 +69,7 @@ class Connedit extends \Zotlabs\Web\Controller { if(! $contact_id) return; - $channel = \App::get_channel(); + $channel = App::get_channel(); // TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the // connection enable is toggled to a special autopost url and set permissions immediately, leaving @@ -141,7 +148,7 @@ class Connedit extends \Zotlabs\Web\Controller { $rating_text = trim(escape_tags($_REQUEST['rating_text'])); - $all_perms = \Zotlabs\Access\Permissions::Perms(); + $all_perms = Permissions::Perms(); if($all_perms) { foreach($all_perms as $perm => $desc) { @@ -213,7 +220,7 @@ class Connedit extends \Zotlabs\Web\Controller { $record = $z[0]['xlink_id']; } if($record) { - \Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record)); + Master::Summon(array('Ratenotif','rating',$record)); } } @@ -228,7 +235,7 @@ class Connedit extends \Zotlabs\Web\Controller { // request. The workaround is to approve the connection, then go back and // adjust permissions as desired. - $p = \Zotlabs\Access\Permissions::connect_perms(local_channel()); + $p = Permissions::connect_perms(local_channel()); $my_perms = $p['perms']; if($my_perms) { foreach($my_perms as $k => $v) { @@ -258,12 +265,12 @@ class Connedit extends \Zotlabs\Web\Controller { else notice( t('Failed to update connection record.') . EOL); - if(! intval(\App::$poi['abook_self'])) { + if(! intval(App::$poi['abook_self'])) { if($new_friend) { - \Zotlabs\Daemon\Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); + Master::Summon( [ 'Notifier', 'permission_accept', $contact_id ] ); } - \Zotlabs\Daemon\Master::Summon( [ + Master::Summon( [ 'Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id @@ -276,7 +283,7 @@ class Connedit extends \Zotlabs\Web\Controller { require_once('include/group.php'); $g = group_rec_byhash(local_channel(),$default_group); if($g) - group_add_member(local_channel(),'',\App::$poi['abook_xchan'],$g['id']); + group_add_member(local_channel(),'',App::$poi['abook_xchan'],$g['id']); } // Check if settings permit ("post new friend activity" is allowed, and @@ -300,19 +307,19 @@ class Connedit extends \Zotlabs\Web\Controller { $xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0); $obj = array( 'type' => ACTIVITY_OBJ_PERSON, - 'title' => \App::$poi['xchan_name'], - 'id' => \App::$poi['xchan_hash'], + 'title' => App::$poi['xchan_name'], + 'id' => App::$poi['xchan_hash'], 'link' => array( - array('rel' => 'alternate', 'type' => 'text/html', 'href' => \App::$poi['xchan_url']), - array('rel' => 'photo', 'type' => \App::$poi['xchan_photo_mimetype'], 'href' => \App::$poi['xchan_photo_l']) + array('rel' => 'alternate', 'type' => 'text/html', 'href' => App::$poi['xchan_url']), + array('rel' => 'photo', 'type' => App::$poi['xchan_photo_mimetype'], 'href' => App::$poi['xchan_photo_l']) ), ); $xarr['obj'] = json_encode($obj); $xarr['obj_type'] = ACTIVITY_OBJ_PERSON; - $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . \App::$poi['xchan_url'] . ']' . \App::$poi['xchan_name'] . '[/zrl]'; + $xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . App::$poi['xchan_url'] . ']' . App::$poi['xchan_name'] . '[/zrl]'; - $xarr['body'] .= "\n\n\n" . '[zrl=' . \App::$poi['xchan_url'] . '][zmg=80x80]' . \App::$poi['xchan_photo_m'] . '[/zmg][/zrl]'; + $xarr['body'] .= "\n\n\n" . '[zrl=' . App::$poi['xchan_url'] . '][zmg=80x80]' . App::$poi['xchan_photo_m'] . '[/zmg][/zrl]'; post_activity_item($xarr); @@ -320,7 +327,7 @@ class Connedit extends \Zotlabs\Web\Controller { // pull in a bit of content if there is any to pull in - \Zotlabs\Daemon\Master::Summon(array('Onepoll',$contact_id)); + Master::Summon(array('Onepoll',$contact_id)); } @@ -333,11 +340,11 @@ class Connedit extends \Zotlabs\Web\Controller { intval($contact_id) ); if($r) { - \App::$poi = $r[0]; + App::$poi = $r[0]; } if($new_friend) { - $arr = array('channel_id' => local_channel(), 'abook' => \App::$poi); + $arr = array('channel_id' => local_channel(), 'abook' => App::$poi); call_hooks('accept_follow', $arr); } @@ -357,23 +364,23 @@ class Connedit extends \Zotlabs\Web\Controller { function connedit_clone(&$a) { - if(! \App::$poi) + if(! App::$poi) return; - $channel = \App::get_channel(); + $channel = App::get_channel(); $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and abook_id = %d LIMIT 1", intval(local_channel()), - intval(\App::$poi['abook_id']) + intval(App::$poi['abook_id']) ); if($r) { - \App::$poi = array_shift($r); + App::$poi = array_shift($r); } - $clone = \App::$poi; + $clone = App::$poi; unset($clone['abook_id']); unset($clone['abook_account']); @@ -402,11 +409,11 @@ class Connedit extends \Zotlabs\Web\Controller { } $section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : ''); - $channel = \App::get_channel(); + $channel = App::get_channel(); $yes_no = array(t('No'),t('Yes')); - $connect_perms = \Zotlabs\Access\Permissions::connect_perms(local_channel()); + $connect_perms = Permissions::connect_perms(local_channel()); $o .= "<script>function connectDefaultShare() { \$('.abook-edit-me').each(function() { @@ -427,7 +434,7 @@ class Connedit extends \Zotlabs\Web\Controller { return; $cmd = argv(2); - + $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1", intval($contact_id), @@ -441,7 +448,7 @@ class Connedit extends \Zotlabs\Web\Controller { if($cmd === 'update') { // pull feed and consume it, which should subscribe to the hub. - \Zotlabs\Daemon\Master::Summon(array('Poller',$contact_id)); + Master::Summon(array('Poller',$contact_id)); goaway(z_root() . '/connedit/' . $contact_id); } @@ -451,7 +458,7 @@ class Connedit extends \Zotlabs\Web\Controller { $recurse = 0; $x = z_fetch_url(zid($url),false,$recurse,['session' => true]); if($x['success']) { - $h = new \Zotlabs\Web\HTTPHeaders($x['header']); + $h = new HTTPHeaders($x['header']); $fields = $h->fetch(); if($fields) { foreach($fields as $y) { @@ -482,17 +489,17 @@ class Connedit extends \Zotlabs\Web\Controller { if($cmd === 'refresh') { if($orig_record[0]['xchan_network'] === 'zot') { - if(! zot_refresh($orig_record[0],\App::get_channel())) + if(! zot_refresh($orig_record[0],App::get_channel())) notice( t('Refresh failed - channel is currently unavailable.') ); } elseif($orig_record[0]['xchan_network'] === 'zot6') { - if(! Libzot::refresh($orig_record[0],\App::get_channel())) + if(! Libzot::refresh($orig_record[0],App::get_channel())) notice( t('Refresh failed - channel is currently unavailable.') ); } else { // if you are on a different network we'll force a refresh of the connection basic info - \Zotlabs\Daemon\Master::Summon(array('Notifier','permission_update',$contact_id)); + Master::Summon(array('Notifier','permission_update',$contact_id)); } goaway(z_root() . '/connedit/' . $contact_id); } @@ -550,15 +557,10 @@ class Connedit extends \Zotlabs\Web\Controller { if($cmd === 'drop') { - - // @FIXME - // We need to send either a purge or a refresh packet to the other side (the channel being unfriended). - // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier - // runs in the background there could be a race condition preventing this packet from being sent in all - // cases. - // PLACEHOLDER - contact_remove(local_channel(), $orig_record[0]['abook_id']); + + Master::Summon( [ 'Notifier', 'purge', local_channel(), $orig_record[0]['xchan_hash'] ] ); + Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array(array( 'abook_xchan' => $orig_record[0]['abook_xchan'], @@ -574,13 +576,13 @@ class Connedit extends \Zotlabs\Web\Controller { } } - if(\App::$poi) { + if(App::$poi) { $abook_prev = 0; $abook_next = 0; - $contact_id = \App::$poi['abook_id']; - $contact = \App::$poi; + $contact_id = App::$poi['abook_id']; + $contact = App::$poi; $cn = q("SELECT abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 order by xchan_name", intval(local_channel()) @@ -788,9 +790,9 @@ class Connedit extends \Zotlabs\Web\Controller { $perms = array(); - $channel = \App::get_channel(); + $channel = App::get_channel(); - $global_perms = \Zotlabs\Access\Permissions::Perms(); + $global_perms = Permissions::Perms(); $existing = get_all_perms(local_channel(),$contact['abook_xchan'],false); @@ -822,7 +824,7 @@ class Connedit extends \Zotlabs\Web\Controller { $thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k); //fixme - $checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k); + $checkinherited = PermissionLimits::Get(local_channel(),$k); // For auto permissions (when $self is true) we don't want to look at existing // permissions because they are enabled for the channel owner @@ -835,7 +837,7 @@ class Connedit extends \Zotlabs\Web\Controller { $perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited); } - $pcat = new \Zotlabs\Lib\Permcat(local_channel()); + $pcat = new Permcat(local_channel()); $pcatlist = $pcat->listing(); $permcats = []; if($pcatlist) { diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index 615ca6fe0..dff645f2b 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -293,14 +293,6 @@ class Cover_photo extends \Zotlabs\Web\Controller { $arr['item_thread_top'] = 1; $arr['item_origin'] = 1; $arr['item_wall'] = 1; - $arr['obj_type'] = ACTIVITY_OBJ_PHOTO; - $arr['verb'] = ACTIVITY_UPDATE; - - $arr['obj'] = json_encode(array( - 'type' => $arr['obj_type'], - 'id' => z_root() . '/photo/' . $photo['resource_id'] . '-7', - 'link' => array('rel' => 'photo', 'type' => $photo['mimetype'], 'href' => z_root() . '/photo/' . $photo['resource_id'] . '-7') - )); if($profile && stripos($profile['gender'],t('female')) !== false) $t = t('%1$s updated her %2$s'); diff --git a/Zotlabs/Module/Feed.php b/Zotlabs/Module/Feed.php index 36869abbe..b5e7b28fa 100644 --- a/Zotlabs/Module/Feed.php +++ b/Zotlabs/Module/Feed.php @@ -17,7 +17,7 @@ class Feed extends \Zotlabs\Web\Controller { $params['pages'] = ((x($_REQUEST,'pages')) ? intval($_REQUEST['pages']) : 0); $params['top'] = ((x($_REQUEST,'top')) ? intval($_REQUEST['top']) : 0); $params['start'] = ((x($_REQUEST,'start')) ? intval($_REQUEST['start']) : 0); - $params['records'] = ((x($_REQUEST,'records')) ? intval($_REQUEST['records']) : 40); + $params['records'] = ((x($_REQUEST,'records')) ? intval($_REQUEST['records']) : 10); $params['direction'] = ((x($_REQUEST,'direction')) ? dbesc($_REQUEST['direction']) : 'desc'); $params['cat'] = ((x($_REQUEST,'cat')) ? escape_tags($_REQUEST['cat']) : ''); $params['compat'] = ((x($_REQUEST,'compat')) ? intval($_REQUEST['compat']) : 0); diff --git a/Zotlabs/Module/Fhubloc_id_url.php b/Zotlabs/Module/Fhubloc_id_url.php new file mode 100644 index 000000000..a5627a33d --- /dev/null +++ b/Zotlabs/Module/Fhubloc_id_url.php @@ -0,0 +1,79 @@ +<?php +namespace Zotlabs\Module; + +/* fix missing or hubloc_id_url entries */ + +class Fhubloc_id_url extends \Zotlabs\Web\Controller { + + function get() { + + if(! is_site_admin()) + return; + + q("START TRANSACTION"); + + // remove broken xchan entries + $r0 = dbq("DELETE FROM xchan WHERE xchan_hash = ''"); + + // remove broken hubloc entries + $r1 = dbq("DELETE FROM hubloc WHERE hubloc_hash = ''"); + + // fix legacy zot hubloc_id_url + $r2 = dbq("UPDATE hubloc + SET hubloc_id_url = CONCAT(hubloc_url, '/channel/', SUBSTRING(hubloc_addr FROM 1 FOR POSITION('@' IN hubloc_addr) -1)) + WHERE hubloc_network = 'zot' + AND hubloc_id_url = ''" + ); + + // fix singleton networks hubloc_id_url + if(ACTIVE_DBTYPE == DBTYPE_MYSQL) { + // fix entries for activitypub which miss the xchan_url due to an earlier bug + $r3 = dbq("UPDATE xchan + SET xchan_url = xchan_hash + WHERE xchan_network = 'activitypub' + AND xchan_url = ''" + ); + + $r4 = dbq("UPDATE hubloc + LEFT JOIN xchan ON hubloc.hubloc_hash = xchan.xchan_hash + SET hubloc.hubloc_id_url = xchan.xchan_url + WHERE hubloc.hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc') + AND hubloc.hubloc_id_url = '' + AND xchan.xchan_url IS NOT NULL" + ); + + } + if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { + // fix entries for activitypub which miss the xchan_url due to an earlier bug + $r3 = dbq("UPDATE xchan + SET xchan_url = xchan_hash + WHERE xchan_network = 'activitypub' + AND xchan_url = ''" + ); + + $r4 = dbq("UPDATE hubloc + SET hubloc_id_url = xchan_url + FROM xchan + WHERE hubloc_hash = xchan_hash + AND hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc') + AND hubloc_id_url = '' + AND xchan_url IS NOT NULL" + ); + + + } + + if($r0 && $r1 && $r2 && $r3 && $r4) { + // remove hubloc entries where hubloc_id_url could not be fixed + $r5 = dbq("DELETE FROM hubloc WHERE hubloc_id_url = ''"); + } + + if($r0 && $r1 && $r2 && $r3 && $r4 && $r5) { + q("COMMIT"); + return 'Completed'; + } + + q("ROLLBACK"); + return 'Failed'; + } +} diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index d8c837522..922a2ef06 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -157,6 +157,106 @@ class Item extends Controller { } + if(ActivityStreams::is_as_request()) { + + $item_id = argv(1); + if(! $item_id) + http_status_exit(404, 'Not found'); + + $portable_id = EMPTY_STR; + + $item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 "; + + $i = null; + + // do we have the item (at all)? + // add preferential bias to item owners (item_wall = 1) + + $r = q("select * from item where mid = '%s' or uuid = '%s' $item_normal order by item_wall desc limit 1", + dbesc(z_root() . '/item/' . $item_id), + dbesc($item_id) + ); + + if (! $r) { + http_status_exit(404,'Not found'); + } + + // process an authenticated fetch + + $sigdata = HTTPSig::verify(EMPTY_STR); + if ($sigdata['portable_id'] && $sigdata['header_valid']) { + $portable_id = $sigdata['portable_id']; + if (! check_channelallowed($portable_id)) { + http_status_exit(403, 'Permission denied'); + } + if (! check_siteallowed($sigdata['signer'])) { + http_status_exit(403, 'Permission denied'); + } + observer_auth($portable_id); + + $i = q("select id as item_id from item where mid = '%s' $item_normal and owner_xchan = '%s' limit 1 ", + dbesc($r[0]['parent_mid']), + dbesc($portable_id) + ); + } + elseif (Config::get('system','require_authenticated_fetch',false)) { + http_status_exit(403,'Permission denied'); + } + + // if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access + // with a bias towards those items owned by channels on this site (item_wall = 1) + + $sql_extra = item_permissions_sql(0); + + if (! $i) { + $i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1", + dbesc($r[0]['parent_mid']) + ); + } + + if(! $i) { + http_status_exit(403,'Forbidden'); + } + + // If we get to this point we have determined we can access the original in $r (fetched much further above), so use it. + + xchan_query($r,true); + $items = fetch_post_tags($r,false); + + $chan = channelx_by_n($items[0]['uid']); + + if(! $chan) + http_status_exit(404, 'Not found'); + + if(! perm_is_allowed($chan['channel_id'],get_observer_hash(),'view_stream')) + http_status_exit(403, 'Forbidden'); + + $i = Activity::encode_item($items[0],true); + + if(! $i) + http_status_exit(404, 'Not found'); + + $x = array_merge(['@context' => [ + ACTIVITYSTREAMS_JSONLD_REV, + 'https://w3id.org/security/v1', + z_root() . ZOT_APSCHEMA_REV + ]], $i); + + $headers = []; + $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ; + $x['signature'] = LDSignatures::sign($x,$chan); + $ret = json_encode($x, JSON_UNESCAPED_SLASHES); + $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T'); + $headers['Digest'] = HTTPSig::generate_digest_header($ret); + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan)); + HTTPSig::set_headers($h); + echo $ret; + killme(); + + } + + if(argc() > 1 && argv(1) !== 'drop') { $x = q("select uid, item_wall, llink, mid from item where mid = '%s' or mid = '%s' ", dbesc(z_root() . '/item/' . argv(1)), diff --git a/Zotlabs/Module/Locs.php b/Zotlabs/Module/Locs.php index 47ece8041..4c935a6a2 100644 --- a/Zotlabs/Module/Locs.php +++ b/Zotlabs/Module/Locs.php @@ -1,22 +1,24 @@ <?php namespace Zotlabs\Module; /** @file */ +use App; +use Zotlabs\Web\Controller; +use Zotlabs\Daemon\Master; - -class Locs extends \Zotlabs\Web\Controller { +class Locs extends Controller { function post() { if(! local_channel()) return; - $channel = \App::get_channel(); + $channel = App::get_channel(); if($_REQUEST['primary']) { $hubloc_id = intval($_REQUEST['primary']); if($hubloc_id) { - $r = q("select hubloc_id from hubloc where hubloc_id = %d and hubloc_hash = '%s' limit 1", + $r = q("select * from hubloc where hubloc_id = %d and hubloc_hash = '%s' limit 1", intval($hubloc_id), dbesc($channel['channel_hash']) ); @@ -26,15 +28,16 @@ class Locs extends \Zotlabs\Web\Controller { return; } - $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' ", - dbesc($channel['channel_hash']) + q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND (hubloc_hash = '%s' OR hubloc_hash = '%s')", + dbesc($channel['channel_hash']), + dbesc($channel['channel_portable_id']) ); - $r = q("update hubloc set hubloc_primary = 1 where hubloc_id = %d and hubloc_hash = '%s'", + q("UPDATE hubloc SET hubloc_primary = 1 WHERE hubloc_id = %d AND hubloc_hash = '%s'", intval($hubloc_id), dbesc($channel['channel_hash']) ); - - \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id'])); + + Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] ); return; } } @@ -68,11 +71,12 @@ class Locs extends \Zotlabs\Web\Controller { } } - $r = q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d and hubloc_hash = '%s'", - intval($hubloc_id), - dbesc($channel['channel_hash']) + q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND (hubloc_hash = '%s' OR hubloc_hash = '%s')", + dbesc($r[0]['hubloc_id_url']), + dbesc($channel['channel_hash']), + dbesc($channel['channel_portable_id']) ); - \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id'])); + Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] ); return; } } @@ -88,10 +92,10 @@ class Locs extends \Zotlabs\Web\Controller { return; } - $channel = \App::get_channel(); + $channel = App::get_channel(); if($_REQUEST['sync']) { - \Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id'])); + Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] ); info( t('Syncing locations') . EOL); goaway(z_root() . '/locs'); } diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 6ac656a04..b4372e26d 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -1,214 +1,133 @@ <?php namespace Zotlabs\Module; +use App; +use Zotlabs\Web\Controller; use Zotlabs\Web\HTTPSig; +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\SConfig; -@require_once('include/zot.php'); - - -class Magic extends \Zotlabs\Web\Controller { +class Magic extends Controller { function init() { + + $ret = [ + 'success' => false, + 'url' => '', + 'message' => '' + ]; - $ret = array('success' => false, 'url' => '', 'message' => ''); logger('mod_magic: invoked', LOGGER_DEBUG); - - logger('mod_magic: args: ' . print_r($_REQUEST,true),LOGGER_DATA); - - $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : ''); - $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : ''); - $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : ''); - $test = ((x($_REQUEST,'test')) ? intval($_REQUEST['test']) : 0); - $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); - $owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0); - $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : ''); - - if($bdest) + + logger('args: ' . print_r($_REQUEST,true),LOGGER_DATA); + + $addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : ''); + $bdest = ((x($_REQUEST,'bdest')) ? $_REQUEST['bdest'] : ''); + $dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : ''); + $rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0); + $owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0); + $delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : ''); + + // bdest is preferred as it is hex-encoded and can survive url rewrite and argument parsing + + if ($bdest) { $dest = hex2bin($bdest); + } $parsed = parse_url($dest); - if(! $parsed) { - if($test) { - $ret['message'] .= 'could not parse ' . $dest . EOL; - return($ret); - } + + if (! $parsed) { goaway($dest); } - + $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); - - $x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1", - dbesc($basepath) - ); - - if(! $x) { - - /* - * We have no records for, or prior communications with this hub. - * If an address was supplied, let's finger them to create a hub record. - * Otherwise we'll use the special address '[system]' which will return - * either a system channel or the first available normal channel. We don't - * really care about what channel is returned - we need the hub information - * from that response so that we can create signed auth packets destined - * for that hub. - * - */ - - $j = \Zotlabs\Zot\Finger::run((($addr) ? $addr : '[system]@' . $parsed['host']),null); - if($j['success']) { - import_xchan($j); - - // Now try again - - $x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1", - dbesc($basepath) - ); - } - } - - if(! $x) { - if($rev) - goaway($dest); - else { - logger('mod_magic: no channels found for requested hub.' . print_r($_REQUEST,true)); - if($test) { - $ret['message'] .= 'This site has no previous connections with ' . $basepath . EOL; - return $ret; - } - notice( t('Hub not found.') . EOL); - return; - } - } - + $owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa'); + // This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. // By default, we'll proceed without asking. - - $arr = array( - 'channel_id' => local_channel(), - 'xchan' => $x[0], + + $arr = [ + 'channel_id' => local_channel(), 'destination' => $dest, - 'proceed' => true - ); - + 'proceed' => true + ]; + call_hooks('magic_auth',$arr); $dest = $arr['destination']; - if(! $arr['proceed']) { - if($test) { - $ret['message'] .= 'cancelled by plugin.' . EOL; - return $ret; - } + if (! $arr['proceed']) { goaway($dest); } - - if((get_observer_hash()) && ($x[0]['hubloc_url'] === z_root())) { + + if((get_observer_hash()) && (stripos($dest,z_root()) === 0)) { + // We are already authenticated on this site and a registered observer. - // Just redirect. - if($test) { - $ret['success'] = true; - $ret['message'] .= 'Local site - you are already authenticated.' . EOL; - return $ret; - } - - $delegation_success = false; - if($delegate) { + // First check if this is a delegate request on the local system and process accordingly. + // Otherwise redirect. + + if ($delegate) { + $r = q("select * from channel left join hubloc on channel_hash = hubloc_hash where hubloc_addr = '%s' limit 1", dbesc($delegate) ); - - if($r && intval($r[0]['channel_id'])) { - $allowed = perm_is_allowed($r[0]['channel_id'],get_observer_hash(),'delegate'); - if($allowed) { + + if ($r) { + $c = array_shift($r); + if (perm_is_allowed($c['channel_id'],get_observer_hash(),'delegate')) { $tmp = $_SESSION; - $_SESSION['delegate_push'] = $tmp; - $_SESSION['delegate_channel'] = $r[0]['channel_id']; - $_SESSION['delegate'] = get_observer_hash(); - $_SESSION['account_id'] = intval($r[0]['channel_account_id']); - change_channel($r[0]['channel_id']); - - $delegation_success = true; + $_SESSION['delegate_push'] = $tmp; + $_SESSION['delegate_channel'] = $c['channel_id']; + $_SESSION['delegate'] = get_observer_hash(); + $_SESSION['account_id'] = intval($c['channel_account_id']); + + change_channel($c['channel_id']); } } } - - - - // FIXME: check and honour local delegation - - + goaway($dest); } - - if(local_channel()) { - $channel = \App::get_channel(); - + + if (local_channel()) { + $channel = App::get_channel(); + // OpenWebAuth - if($owa) { + if ($owa) { $dest = strip_zids($dest); $dest = strip_query_param($dest,'f'); + // We now post to the OWA endpoint. This improves security by providing a signed digest + $data = json_encode([ 'OpenWebAuth' => random_string() ]); $headers = []; $headers['Accept'] = 'application/x-zot+json' ; + $headers['Content-Type'] = 'application/x-zot+json' ; $headers['X-Open-Web-Auth'] = random_string(); - $headers['Host'] = $parsed['host']; $headers['Digest'] = HTTPSig::generate_digest_header($data); + $headers['Host'] = $parsed['host']; + $headers['(request-target)'] = 'post ' . '/owa'; - $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], 'acct:' . channel_reddress($channel),true,'sha512'); - $x = z_post_url($basepath . '/owa',$data,$redirects,[ 'headers' => $headers ]); - - if($x['success']) { + $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512'); + $x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]); + logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA); + if ($x['success']) { $j = json_decode($x['body'],true); - if($j['success']) { + if ($j['success'] && $j['encrypted_token']) { + // decrypt the token using our private key $token = ''; - if($j['encrypted_token']) { - openssl_private_decrypt(base64url_decode($j['encrypted_token']),$token,$channel['channel_prvkey']); - } - else { - $token = $j['token']; - } - - $strp = strpbrk($dest,'?&'); - $args = (($strp) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : ''); + openssl_private_decrypt(base64url_decode($j['encrypted_token']),$token,$channel['channel_prvkey']); + $x = strpbrk($dest,'?&'); + // redirect using the encrypted token which will be exchanged for an authenticated session + $args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : ''); goaway($dest . $args); } } - goaway($dest); - } - - - $token = random_string(); - - \Zotlabs\Lib\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']); - - $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel)) - . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION; - - if($delegate) - $target_url .= '&delegate=' . urlencode($delegate); - - logger('mod_magic: redirecting to: ' . $target_url, LOGGER_DEBUG); - - if($test) { - $ret['success'] = true; - $ret['url'] = $target_url; - $ret['message'] = 'token ' . $token . ' created for channel ' . $channel['channel_id'] . ' for url ' . $x[0]['hubloc_url'] . EOL; - return $ret; } - - goaway($target_url); - } - - if($test) { - $ret['message'] = 'Not authenticated or invalid arguments to mod_magic' . EOL; - return $ret; - } - + goaway($dest); - } - + } diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 4c6fd6216..561e35754 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -3,10 +3,12 @@ namespace Zotlabs\Module; use Zotlabs\Web\HTTPSig; +use Zotlabs\Lib\Verify; +use Zotlabs\Web\Controller; /** * OpenWebAuth verifier and token generator - * See https://macgirvin.com/wiki/mike/OpenWebAuth/Home + * See spec/OpenWebAuth/Home.md * Requests to this endpoint should be signed using HTTP Signatures * using the 'Authorization: Signature' authentication method * If the signature verifies a token is returned. @@ -14,74 +16,51 @@ use Zotlabs\Web\HTTPSig; * This token may be exchanged for an authenticated cookie. */ -class Owa extends \Zotlabs\Web\Controller { +class Owa extends Controller { function init() { $ret = [ 'success' => false ]; - foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { - if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') { - if($head !== 'HTTP_AUTHORIZATION') { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head]; - continue; - } - - $sigblock = HTTPSig::parse_sigheader($_SERVER[$head]); - if($sigblock) { - $keyId = $sigblock['keyId']; - - if($keyId) { - - // Hubzilla connections can have both zot6 and zot hublocs - // The connections will usually be zot6 so match those first - - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) and hubloc_network = 'zot6' ", - dbesc(str_replace('acct:','',$keyId)), - dbesc($keyId) - ); + if (array_key_exists('REDIRECT_REMOTE_USER',$_SERVER) && (! array_key_exists('HTTP_AUTHORIZATION',$_SERVER))) { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_REMOTE_USER']; + } - // If nothing was found, try searching on any network - - if (! $r) { + if (array_key_exists('HTTP_AUTHORIZATION',$_SERVER) && substr(trim($_SERVER['HTTP_AUTHORIZATION']),0,9) === 'Signature') { + $sigblock = HTTPSig::parse_sigheader($_SERVER['HTTP_AUTHORIZATION']); + if ($sigblock) { + $keyId = $sigblock['keyId']; + if ($keyId) { + $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash + where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", + dbesc(str_replace('acct:','',$keyId)), + dbesc($keyId) + ); + if (! $r) { + $found = discover_by_webbie(str_replace('acct:','',$keyId)); + if ($found) { $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' )", + where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", dbesc(str_replace('acct:','',$keyId)), dbesc($keyId) ); } - - // If nothing was found on any network, use network discovery and create a new record - - if (! $r) { - $found = discover_by_webbie(str_replace('acct:','',$keyId)); - if($found) { - $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash - where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ", - dbesc(str_replace('acct:','',$keyId)), - dbesc($keyId) - ); - } - } - - if ($r) { - foreach($r as $hubloc) { - $verified = HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']); - if($verified && $verified['header_signed'] && $verified['header_valid']) { - logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); - logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); - $ret['success'] = true; - $token = random_string(32); - \Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_network'] . ',' . $hubloc['hubloc_addr']); - $result = ''; - openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); - $ret['encrypted_token'] = base64url_encode($result); - break; - } - else { - logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']); - } + } + if ($r) { + foreach ($r as $hubloc) { + $verified = HTTPSig::verify(file_get_contents('php://input')); + if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) { + logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); + logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); + $ret['success'] = true; + $token = random_string(32); + Verify::create('owt',0,$token,$hubloc['hubloc_addr']); + $result = ''; + openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); + $ret['encrypted_token'] = base64url_encode($result); + break; + } else { + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']); } } } diff --git a/Zotlabs/Module/Profiles.php b/Zotlabs/Module/Profiles.php index 7deceabab..9ac0e725e 100644 --- a/Zotlabs/Module/Profiles.php +++ b/Zotlabs/Module/Profiles.php @@ -607,10 +607,10 @@ class Profiles extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); if($namechanged && $is_default) { - $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'", + $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_url = '%s'", dbesc($name), dbesc(datetime_convert()), - dbesc($channel['xchan_hash']) + dbesc(z_root() . '/channel/' . $channel['channel_address']) ); $r = q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'", dbesc($name), diff --git a/Zotlabs/Module/Regdir.php b/Zotlabs/Module/Regdir.php index f4d16c562..e49f89231 100644 --- a/Zotlabs/Module/Regdir.php +++ b/Zotlabs/Module/Regdir.php @@ -1,6 +1,9 @@ <?php namespace Zotlabs\Module; +use Zotlabs\Lib\Zotfinger; +use Zotlabs\Web\Controller; + /** * With args, register a directory server for this realm. * With no args, return a JSON array of directory servers for this realm. @@ -14,7 +17,7 @@ namespace Zotlabs\Module; * @param App &$a */ -class Regdir extends \Zotlabs\Web\Controller { +class Regdir extends Controller { function init() { @@ -25,7 +28,7 @@ class Regdir extends \Zotlabs\Web\Controller { $valid = 0; // we probably don't need the realm as we will find out in the probe. - // What we may want to die is throw an error if you're trying to register in a different realm + // What we may want to do is throw an error if you're trying to register in a different realm // so this configuration issue can be discovered. $realm = $_REQUEST['realm']; @@ -59,34 +62,28 @@ class Regdir extends \Zotlabs\Web\Controller { json_return_and_die($result); } - $j = \Zotlabs\Zot\Finger::run('[system]@' . $m['host']); - if($j['success'] && $j['guid']) { - $x = import_xchan($j); - if($x['success']) { - $result['success'] = true; - } + $j = Zotfinger::exec($url); + if($j) { + $result['success'] = true; } - - if(! $result['success']) + else { $valid = 0; - + } + q("update site set site_valid = %d where site_url = '%s'", intval($valid), strtolower($url) ); - + json_return_and_die($result); - } else { - - // We can put this in the sql without the condition after 31 august 2015 assuming - // most directory servers will have updated by then - // This just makes sure it happens if I forget + + } + else { - $sql_extra = ((datetime_convert() > datetime_convert('UTC','UTC','2015-08-31')) ? ' and site_valid = 1 ' : '' ); if ($dirmode == DIRECTORY_MODE_STANDALONE) { $r = array(array('site_url' => z_root())); } else { - $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' and site_type = %d $sql_extra ", + $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' and site_type = %d and site_valid = 1 ", dbesc(get_directory_realm()), intval(SITE_TYPE_ZOT) ); diff --git a/Zotlabs/Module/Removeaccount.php b/Zotlabs/Module/Removeaccount.php index 9d2bbd0de..cd18b79c0 100644 --- a/Zotlabs/Module/Removeaccount.php +++ b/Zotlabs/Module/Removeaccount.php @@ -37,7 +37,7 @@ class Removeaccount extends \Zotlabs\Web\Controller { } } - $global_remove = intval($_POST['global']); + $global_remove = 0; //intval($_POST['global']); account_remove($account_id, 1 - $global_remove); } @@ -57,7 +57,7 @@ class Removeaccount extends \Zotlabs\Web\Controller { '$title' => t('Remove This Account'), '$desc' => array(t('WARNING: '), t('This account and all its channels will be completely removed from the network. '), t('This action is permanent and can not be undone!')), '$passwd' => t('Please enter your password for verification:'), - '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')), + // '$global' => array('global', t('Remove this account, all its channels and all its channel clones from the network'), false, t('By default only the instances of the channels located on this hub will be removed from the network')), '$submit' => t('Remove Account') )); diff --git a/Zotlabs/Module/Removeme.php b/Zotlabs/Module/Removeme.php index 451e280c3..876d61ca6 100644 --- a/Zotlabs/Module/Removeme.php +++ b/Zotlabs/Module/Removeme.php @@ -37,7 +37,7 @@ class Removeme extends \Zotlabs\Web\Controller { } } - $global_remove = intval($_POST['global']); + $global_remove = 0; //intval($_POST['global']); channel_remove(local_channel(),1 - $global_remove,true); @@ -60,7 +60,7 @@ class Removeme extends \Zotlabs\Web\Controller { '$title' => t('Remove This Channel'), '$desc' => [ t('WARNING: '), t('This channel will be completely removed from the network. '), t('This action is permanent and can not be undone!') ], '$passwd' => t('Please enter your password for verification:'), - '$global' => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), [ t('No'),t('Yes') ] ], + // '$global' => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'), [ t('No'),t('Yes') ] ], '$submit' => t('Remove Channel') )); diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php index ab9b72490..2eed1efc9 100644 --- a/Zotlabs/Module/Settings/Channel.php +++ b/Zotlabs/Module/Settings/Channel.php @@ -274,10 +274,11 @@ class Channel { } if($name_change) { - $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", + // change name on all associated xchans by matching the url + $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_url = '%s'", dbesc($username), dbesc(datetime_convert()), - dbesc($channel['channel_hash']) + dbesc(z_root() . '/channel/' . $channel['channel_address']) ); $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", dbesc($username), diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php index 2f3567e70..6d5acf276 100644 --- a/Zotlabs/Module/Sse_bs.php +++ b/Zotlabs/Module/Sse_bs.php @@ -34,7 +34,7 @@ class Sse_bs extends Controller { } } - self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify'); + self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify', -1); self::$evdays = intval(get_pconfig(self::$uid, 'system', 'evdays')); self::$limit = 100; self::$offset = 0; @@ -116,6 +116,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_NETWORK)) + return $result; + $limit = intval(self::$limit); $offset = self::$offset; @@ -181,6 +184,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_MAIL)) + return $result; + $limit = intval(self::$limit); $offset = self::$offset; @@ -246,6 +252,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_CHANNEL)) + return $result; + $limit = intval(self::$limit); $offset = self::$offset; @@ -309,6 +318,9 @@ class Sse_bs extends Controller { $result['pubs']['notifications'] = []; $result['pubs']['count'] = 0; + if(! (self::$vnotify & VNOTIFY_PUBS)) + return $result; + if((observer_prohibited(true))) { return $result; } @@ -395,6 +407,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_SYSTEM)) + return $result; + $r = q("SELECT * FROM notify WHERE uid = %d AND seen = 0 ORDER BY created DESC", intval(self::$uid) ); @@ -419,6 +434,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_INTRO)) + return $result; + $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50", intval(self::$uid) ); @@ -443,6 +461,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_FORUMS)) + return $result; + $forums = get_forum_channels(self::$uid); if($forums) { @@ -521,6 +542,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_FILES)) + return $result; + $item_normal = item_normal(); $r = q("SELECT * FROM item @@ -556,6 +580,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_MAIL)) + return $result; + $r = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan where channel_id = %d and mail_seen = 0 and mail_deleted = 0 and from_xchan != '%s' order by created desc", @@ -583,6 +610,9 @@ class Sse_bs extends Controller { if(! self::$uid) return $result; + if(! (self::$vnotify & VNOTIFY_EVENT)) + return $result; + $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 and etype in ( 'event', 'birthday' ) @@ -611,6 +641,9 @@ class Sse_bs extends Controller { if(! self::$uid && ! is_site_admin()) return $result; + if(! (self::$vnotify & VNOTIFY_REGISTER)) + return $result; + $r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0", intval(ACCOUNT_PENDING) ); diff --git a/Zotlabs/Module/Z6trans.php b/Zotlabs/Module/Z6trans.php index 58dc09a51..72667316f 100644 --- a/Zotlabs/Module/Z6trans.php +++ b/Zotlabs/Module/Z6trans.php @@ -14,7 +14,19 @@ class Z6trans extends Controller { function get() { if(!is_site_admin()) - return 'Not Allowed'; + return '<h1>Not Allowed</h1>'; + + $o = '<h2>' . t('Update to Hubzilla 5.0 step 2') . '</h2><br>'; + + $o .= '<h3>' . t('To complete the update please run') . '</h3>'; + + $o .= '<code>' . t('php util/z6convert.php') . '</code>'; + + $o .= '<h3>' . t('from the terminal.') . '</h3>'; + + return $o; + +/* this code is outdated use util/z6convert.php instead $path = 'store/z6trans.sql'; @@ -71,13 +83,31 @@ class Z6trans extends Controller { } } + + $zot = dbesc($zot_xchan); + $zot6 = dbesc($zot6_xchan); + + // Item table + foreach(['owner_xchan', 'author_xchan'] as $x) { + $q .= sprintf("UPDATE item SET $x = '%s' WHERE $x = '%s';\r\n", + $zot6, + $zot + ); + } + $q .= "UPDATE item SET source_xchan = replace(source_xchan, '$zot', '$zot6'), route = replace(route, '$zot', '$zot6'), allow_cid = replace(allow_cid, '$zot', '$zot6'), deny_cid = replace(deny_cid, '$zot', '$zot6');\r\n"; + + // photo table + $q .= "UPDATE photo SET xchan = replace(xchan, '$zot', '$zot6'), allow_cid = replace(allow_cid, '$zot', '$zot6'), deny_cid = replace(deny_cid, '$zot', '$zot6');\r\n"; + // dreport table + $q .= "UPDATE dreport SET dreport_recip = '$zot6' WHERE dreport_recip = '$zot';\r\n"; + $q .= "UPDATE dreport SET dreport_xchan = '$zot6' WHERE dreport_xchan = '$zot';\r\n"; } if($q) file_put_contents($path, $q); - $o = '<h2>' . t('Update to Hubzilla 5.0 setp 2') . '</h2><br>'; + $o = '<h2>' . t('Update to Hubzilla 5.0 step 2') . '</h2><br>'; $o .= '<h3>' . t('To complete the update please run') . '</h3>'; if(ACTIVE_DBTYPE == DBTYPE_MYSQL) @@ -88,6 +118,7 @@ class Z6trans extends Controller { $o .= '<br><h3>' . t('INFO: this command can take a very long time depending on your DB size.') . '</h3>'; return $o; +*/ } @@ -103,16 +134,16 @@ class Z6trans extends Controller { 'chatpresence' => ['cp_xchan'], 'chatroom' => ['allow_cid', 'deny_cid'], 'config' => ['v'], - 'dreport' => ['dreport_recip', 'dreport_xchan'], +// 'dreport' => ['dreport_recip', 'dreport_xchan'], 'event' => ['event_xchan', 'allow_cid', 'deny_cid'], 'iconfig' => ['v'], - 'item' => ['owner_xchan', 'author_xchan', 'source_xchan', 'route', 'allow_cid', 'deny_cid'], +// 'item' => ['owner_xchan', 'author_xchan', 'source_xchan', 'route', 'allow_cid', 'deny_cid'], 'mail' => ['from_xchan', 'to_xchan'], 'menu_item' => ['allow_cid', 'deny_cid'], 'obj' => ['allow_cid', 'deny_cid'], 'pconfig' => ['v'], 'pgrp_member' => ['xchan'], - 'photo' => ['xchan', 'allow_cid', 'deny_cid'], +// 'photo' => ['xchan', 'allow_cid', 'deny_cid'], 'source' => ['src_channel_xchan', 'src_xchan'], 'updates' => ['ud_hash'], 'xchat' => ['xchat_xchan'], diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php index ee96363c4..76295d922 100644 --- a/Zotlabs/Storage/File.php +++ b/Zotlabs/Storage/File.php @@ -27,7 +27,7 @@ class File extends DAV\Node implements DAV\IFile { * * filename (string) * * filetype (string) */ - private $data; + public $data; /** * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface * @var \\Zotlabs\\Storage\\BasicAuth $auth diff --git a/Zotlabs/Update/_1238.php b/Zotlabs/Update/_1238.php index 77a14c3fa..1c79cc36e 100644 --- a/Zotlabs/Update/_1238.php +++ b/Zotlabs/Update/_1238.php @@ -12,8 +12,14 @@ class _1238 { dbesc('Premium Channel') ); + // remove broken xchan entries + $r0 = dbq("DELETE FROM xchan WHERE xchan_hash = ''"); + + // remove broken hubloc entries + $r1 = dbq("DELETE FROM hubloc WHERE hubloc_hash = ''"); + // fix legacy zot hubloc_id_url - $r1 = dbq("UPDATE hubloc + $r2 = dbq("UPDATE hubloc SET hubloc_id_url = CONCAT(hubloc_url, '/channel/', SUBSTRING(hubloc_addr FROM 1 FOR POSITION('@' IN hubloc_addr) -1)) WHERE hubloc_network = 'zot' AND hubloc_id_url = ''" @@ -21,26 +27,45 @@ class _1238 { // fix singleton networks hubloc_id_url if(ACTIVE_DBTYPE == DBTYPE_MYSQL) { - $r2 = dbq("UPDATE hubloc - LEFT JOIN xchan ON hubloc_hash = xchan_hash - SET hubloc_id_url = xchan_url - WHERE hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc') - AND hubloc_id_url = '' - AND xchan_url != ''" + // fix entries for activitypub which miss the xchan_url due to an earlier bug + $r3 = dbq("UPDATE xchan + SET xchan_url = xchan_hash + WHERE xchan_network = 'activitypub' + AND xchan_url = ''" + ); + + $r4 = dbq("UPDATE hubloc + LEFT JOIN xchan ON hubloc.hubloc_hash = xchan.xchan_hash + SET hubloc.hubloc_id_url = xchan.xchan_url + WHERE hubloc.hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc') + AND hubloc.hubloc_id_url = '' + AND xchan.xchan_url IS NOT NULL" ); } if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) { - $r2 = dbq("UPDATE hubloc + // fix entries for activitypub which miss the xchan_url due to an earlier bug + $r3 = dbq("UPDATE xchan + SET xchan_url = xchan_hash + WHERE xchan_network = 'activitypub' + AND xchan_url = ''" + ); + + $r4 = dbq("UPDATE hubloc SET hubloc_id_url = xchan_url FROM xchan WHERE hubloc_hash = xchan_hash AND hubloc_network IN ('activitypub', 'diaspora', 'friendica-over-diaspora', 'gnusoc') AND hubloc_id_url = '' - AND xchan_url != ''" + AND xchan_url IS NOT NULL" ); } - if($r1 && $r2) { + if($r0 && $r1 && $r2 && $r3 && $r4) { + // remove hubloc entries where hubloc_id_url could not be fixed + $r5 = dbq("DELETE FROM hubloc WHERE hubloc_id_url = ''"); + } + + if($r0 && $r1 && $r2 && $r3 && $r4 && $r5) { q("COMMIT"); return UPDATE_SUCCESS; } |