5 files changed, 64 insertions, 26 deletions

diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php
index 790ef4745..3f5271e87 100644
--- a/Zotlabs/Access/AccessList.php
+++ b/Zotlabs/Access/AccessList.php
@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Access;
 
+
 /**
  * @brief AccessList class which represents individual content ACLs.
  *
@@ -17,29 +18,48 @@ class AccessList {
 	 * @brief Allow contacts
 	 * @var string
 	 */
-	private $allow_cid;
+	private ?string $allow_cid;
 	/**
 	 * @brief Allow groups
 	 * @var string
 	 */
-	private $allow_gid;
+	private ?string $allow_gid;
 	/**
 	 * @brief Deny contacts
 	 * @var string
 	 */
-	private $deny_cid;
+	private ?string $deny_cid;
 	/**
 	 * @brief Deny groups
 	 * @var string
 	 */
-	private $deny_gid;
+	private ?string $deny_gid;
 	/**
 	 * @brief Indicates if we are using the default constructor values or
 	 * values that have been set explicitly.
 	 * @var boolean
 	 */
-	private $explicit;
+	private bool $explicit;
+
+	/**
+	 * @brief Keys required by the constructor if the channel array is given.
+	 */
+	private const REQUIRED_KEYS_CONSTRUCTOR = [
+		'channel_allow_cid',
+		'channel_allow_gid',
+		'channel_deny_cid',
+		'channel_deny_gid'
+	];
 
+	/**
+	 * @brief Keys required by the set method.
+	 */
+	private const REQUIRED_KEYS_SET = [
+		'allow_cid',
+		'allow_gid',
+		'deny_cid',
+		'deny_gid'
+	];
 
 	/**
 	 * @brief Constructor for AccessList class.
@@ -53,8 +73,9 @@ class AccessList {
 	 *   * \e string \b channel_deny_cid => string of denied cids
 	 *   * \e string \b channel_deny_gid => string of denied gids
 	 */
-	function __construct($channel) {
+	function __construct(array $channel) {
 		if ($channel) {
+			$this->validate_input_array($channel, self::REQUIRED_KEYS_CONSTRUCTOR);
 			$this->allow_cid = $channel['channel_allow_cid'];
 			$this->allow_gid = $channel['channel_allow_gid'];
 			$this->deny_cid  = $channel['channel_deny_cid'];
@@ -70,13 +91,24 @@ class AccessList {
 		$this->explicit = false;
 	}
 
+	private function validate_input_array(array $arr, array $required_keys) : void {
+		$missing_keys = array_diff($required_keys, array_keys($arr));
+
+		if (!empty($missing_keys)) {
+			throw new \Exception(
+				'Invalid AccessList object: Expected array with keys: '
+				. implode(', ', $missing_keys)
+			);
+		}
+	}
+
 	/**
 	 * @brief Get if we are using the default constructor values
 	 * or values that have been set explicitly.
 	 *
 	 * @return boolean
 	 */
-	function get_explicit() {
+	function get_explicit() : bool {
 		return $this->explicit;
 	}
 
@@ -94,7 +126,9 @@ class AccessList {
 	 *   * \e string \b deny_gid  => string of denied gids
 	 * @param boolean $explicit (optional) default true
 	 */
-	function set($arr, $explicit = true) {
+	function set(array $arr, bool $explicit = true) : void {
+		$this->validate_input_array($arr, self::REQUIRED_KEYS_SET);
+
 		$this->allow_cid = $arr['allow_cid'];
 		$this->allow_gid = $arr['allow_gid'];
 		$this->deny_cid  = $arr['deny_cid'];
@@ -112,7 +146,7 @@ class AccessList {
 	 *   * \e string \b deny_cid  => string of denied cids
 	 *   * \e string \b deny_gid  => string of denied gids
 	 */
-	function get() {
+	function get() : array {
 		return [
 			'allow_cid' => $this->allow_cid,
 			'allow_gid' => $this->allow_gid,
@@ -138,7 +172,7 @@ class AccessList {
 	 *   * \e array|string \b group_deny    => array with gids or comma-seperated string
 	 * @param boolean $explicit (optional) default true
 	 */
-	function set_from_array($arr, $explicit = true) {
+	function set_from_array(array $arr, bool $explicit = true) : void {
 		$arr['contact_allow'] = $arr['contact_allow'] ?? [];
 		$arr['group_allow'] = $arr['group_allow'] ?? [];
 		$arr['contact_deny'] = $arr['contact_deny'] ?? [];
@@ -161,7 +195,7 @@ class AccessList {
 	 *
 	 * @return boolean Return true if any of allow_* deny_* values is set.
 	 */
-	function is_private() {
+	function is_private() : bool {
 		return (($this->allow_cid || $this->allow_gid || $this->deny_cid || $this->deny_gid) ? true : false);
 	}
 
diff --git a/Zotlabs/Lib/ThreadItem.php b/Zotlabs/Lib/ThreadItem.php
index 7fa621470..7d2bcde56 100644
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -101,7 +101,7 @@ class ThreadItem {
  		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();
 
-		$acl = new AccessList(false);
+		$acl = new AccessList([]);
 		$acl->set($item);
 
 		$lock = ((intval($item['item_private']) || ($item['uid'] == local_channel() && $acl->is_private()))
diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php
index fc74016ab..2d36e022a 100644
--- a/Zotlabs/Module/Chat.php
+++ b/Zotlabs/Module/Chat.php
@@ -181,7 +181,7 @@ class Chat extends Controller {
 			);
 
 			if($x) {
-				$acl = new AccessList(false);
+				$acl = new AccessList([]);
 				$acl->set($x[0]);
 
 				$private = $acl->is_private();
diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php
index 970c482a9..a3a3afd23 100644
--- a/Zotlabs/Module/Sse_bs.php
+++ b/Zotlabs/Module/Sse_bs.php
@@ -169,12 +169,12 @@ class Sse_bs extends Controller {
 
 		$sql_extra2 = '';
 		if(self::$xchans)
-			$sql_extra2 = " AND CASE WHEN verb = '" . ACTIVITY_SHARE . "' THEN owner_xchan ELSE author_xchan END IN (" . self::$xchans . ") ";
+			$sql_extra2 = " AND CASE WHEN verb = '" . dbesc(ACTIVITY_SHARE) . "' THEN owner_xchan ELSE author_xchan END IN (" . self::$xchans . ") ";
 
 		$item_normal = item_normal();
 
-		// FEP-5624 filter approvals for comments
-		$approvals = " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject') ";
+		// Filter FEP-5624 approvals for comments and internal follow activities
+		$item_normal .= " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject', '" . dbesc(ACTIVITY_FOLLOW) . "') ";
 
 		if ($notifications) {
 			$items = q("SELECT * FROM item
@@ -184,7 +184,6 @@ class Sse_bs extends Controller {
 				AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image')
 				AND author_xchan != '%s'
 				$item_normal
-				$approvals
 				$sql_extra
 				$sql_extra2
 				ORDER BY created DESC LIMIT $limit OFFSET $offset",
@@ -258,8 +257,8 @@ class Sse_bs extends Controller {
 
 		$item_normal = item_normal();
 
-		// FEP-5624 filter approvals for comments
-		$approvals = " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject') ";
+		// Filter FEP-5624 approvals for comments and internal follow activities
+		$item_normal .= " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject', '" . dbesc(ACTIVITY_FOLLOW) . "') ";
 
 		if ($notifications) {
 			$items = q("SELECT * FROM item
@@ -269,7 +268,6 @@ class Sse_bs extends Controller {
 				AND obj_type NOT IN ('Document', 'Video', 'Audio', 'Image')
 				AND author_xchan != '%s'
 				$item_normal
-				$approvals
 				$sql_extra
 				$sql_extra2
 				ORDER BY created DESC LIMIT $limit OFFSET $offset",
@@ -343,8 +341,8 @@ class Sse_bs extends Controller {
 
 		$item_normal = item_normal();
 
-		// FEP-5624 filter approvals for comments
-		$approvals = " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject') ";
+		// Filter FEP-5624 approvals for comments and internal follow activities
+		$item_normal .= " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject', '" . dbesc(ACTIVITY_FOLLOW) . "') ";
 
 		if ($notifications) {
 			$items = q("SELECT * FROM item
@@ -445,8 +443,8 @@ class Sse_bs extends Controller {
 
 		$item_normal = item_normal();
 
-		// FEP-5624 filter approvals for comments
-		$approvals = " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject') ";
+		// Filter FEP-5624 approvals for comments and internal follow activities
+		$item_normal .= " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject', '" . dbesc(ACTIVITY_FOLLOW) . "') ";
 
 		if ($notifications) {
 			$items = q("SELECT * FROM item
@@ -641,6 +639,10 @@ class Sse_bs extends Controller {
 
 		$item_normal = item_normal();
 
+		// Filter FEP-5624 approvals for comments and internal follow activities
+		$item_normal .= " AND verb NOT IN ('" . dbesc(ACTIVITY_ATTEND) . "', 'Accept', '" . dbesc(ACTIVITY_ATTENDNO) . "', 'Reject', '" . dbesc(ACTIVITY_FOLLOW) . "') ";
+
+
 		$r = q("SELECT * FROM item
 			WHERE verb = '%s'
 			AND obj_type IN ('Document', 'Video', 'Audio', 'Image')
diff --git a/Zotlabs/Widget/Messages.php b/Zotlabs/Widget/Messages.php
index 0a8900c4f..cdd889121 100644
--- a/Zotlabs/Widget/Messages.php
+++ b/Zotlabs/Widget/Messages.php
@@ -60,8 +60,10 @@ class Messages {
 		}
 
 		$channel = App::get_channel();
-		$item_normal_i = str_replace('item.', 'i.', item_normal());
-		$item_normal_c = str_replace('item.', 'c.', item_normal());
+		$item_normal = item_normal();
+		$item_normal .= " and item.verb != '" . ACTIVITY_FOLLOW . "'";
+		$item_normal_i = str_replace('item.', 'i.', $item_normal);
+		$item_normal_c = str_replace('item.', 'c.', $item_normal);
 		$entries = [];
 		$limit = 30;
 		$dummy_order_sql = '';