diff options
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Access/Permissions.php | 13 | ||||
-rw-r--r-- | Zotlabs/Daemon/Notifier.php | 14 | ||||
-rw-r--r-- | Zotlabs/Lib/AccessList.php | 411 | ||||
-rw-r--r-- | Zotlabs/Lib/Connect.php | 316 | ||||
-rw-r--r-- | Zotlabs/Lib/Libsync.php | 2 | ||||
-rw-r--r-- | Zotlabs/Lib/Libzot.php | 48 | ||||
-rw-r--r-- | Zotlabs/Module/Fhublocs.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Follow.php | 102 | ||||
-rw-r--r-- | Zotlabs/Update/_1236.php | 115 | ||||
-rw-r--r-- | Zotlabs/Zot6/Zot6Handler.php | 8 |
10 files changed, 976 insertions, 56 deletions
diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php index 20dc22a72..35016ed57 100644 --- a/Zotlabs/Access/Permissions.php +++ b/Zotlabs/Access/Permissions.php @@ -283,4 +283,15 @@ class Permissions { return ( [ 'perms' => $my_perms, 'automatic' => $automatic ] ); } -}
\ No newline at end of file + static public function serialise($p) { + $n = []; + if($p) { + foreach($p as $k => $v) { + if(intval($v)) { + $n[] = $k; + } + } + } + return implode(',',$n); + } +} diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php index 00c6fb077..fdf0148a6 100644 --- a/Zotlabs/Daemon/Notifier.php +++ b/Zotlabs/Daemon/Notifier.php @@ -542,11 +542,10 @@ class Notifier { // Now we have collected recipients (except for external mentions, FIXME) // Let's reduce this to a set of hubs; checking that the site is not dead. - $r = q("select hubloc.*, site.site_crypto, site.site_flags from hubloc left join site on site_url = hubloc_url where hubloc_hash in (" . protect_sprintf(implode(',',$recipients)) . ") + $r = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project from hubloc left join site on site_url = hubloc_url where hubloc_hash in (" . protect_sprintf(implode(',',$recipients)) . ") and hubloc_error = 0 and hubloc_deleted = 0 and ( site_dead = 0 OR site_dead is null ) " - ); + ); - if(! $r) { logger('notifier: no hubs', LOGGER_NORMAL, LOG_NOTICE); return; @@ -735,7 +734,14 @@ class Notifier { $packet = zot_build_packet($channel,'notify',$env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash); } - } + } + + if(stripos($hub['site_project'], 'hubzilla') !== false && version_compare($hub['site_version'], '4.7.3', '<=')) { + $encoded_item['owner']['network'] = 'zot'; + $encoded_item['owner']['guid_sig'] = str_replace('sha256.', '', $encoded_item['owner']['guid_sig']); + $encoded_item['author']['network'] = 'zot'; + $encoded_item['author']['guid_sig'] = str_replace('sha256.', '', $encoded_item['author']['guid_sig']); + } queue_insert( [ diff --git a/Zotlabs/Lib/AccessList.php b/Zotlabs/Lib/AccessList.php new file mode 100644 index 000000000..3c008f8c7 --- /dev/null +++ b/Zotlabs/Lib/AccessList.php @@ -0,0 +1,411 @@ +<?php + +namespace Zotlabs\Lib; + +use Zotlabs\Lib\Libsync; + + +class AccessList { + + static function add($uid,$name,$public = 0) { + + $ret = false; + if ($uid && $name) { + $r = self::byname($uid,$name); // check for dups + if ($r !== false) { + + // This could be a problem. + // Let's assume we've just created a list which we once deleted + // all the old members are gone, but the list remains so we don't break any security + // access lists. What we're doing here is reviving the dead list, but old content which + // was restricted to this list may now be seen by the new list members. + + $z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1", + intval($r) + ); + if(($z) && $z[0]['deleted']) { + q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id'])); + notice( t('A deleted list with this name was revived. Existing item permissions <strong>may</strong> apply to this list and any future members. If this is not what you intended, please create another list with a different name.') . EOL); + } + return true; + } + + $hash = new_uuid(); + + $r = q("INSERT INTO pgrp ( hash, uid, visible, gname ) + VALUES( '%s', %d, %d, '%s' ) ", + dbesc($hash), + intval($uid), + intval($public), + dbesc($name) + ); + $ret = $r; + } + + Libsync::build_sync_packet($uid,null,true); + return $ret; + } + + + static function remove($uid,$name) { + $ret = false; + if ($uid && $name) { + $r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1", + intval($uid), + dbesc($name) + ); + if ($r) { + $group_id = $r[0]['id']; + $group_hash = $r[0]['hash']; + } + else { + return false; + } + + // remove group from default posting lists + $r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1", + intval($uid) + ); + if ($r) { + $user_info = array_shift($r); + $change = false; + + if ($user_info['channel_default_group'] == $group_hash) { + $user_info['channel_default_group'] = ''; + $change = true; + } + if (strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) { + $user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']); + $change = true; + } + if (strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) { + $user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']); + $change = true; + } + + if ($change) { + q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' + WHERE channel_id = %d", + intval($user_info['channel_default_group']), + dbesc($user_info['channel_allow_gid']), + dbesc($user_info['channel_deny_gid']), + intval($uid) + ); + } + } + + // remove all members + $r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ", + intval($uid), + intval($group_id) + ); + + // remove group + $r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'", + intval($uid), + dbesc($name) + ); + + $ret = $r; + + } + + Libsync::build_sync_packet($uid,null,true); + + return $ret; + } + + // returns the integer id of an access group owned by $uid and named $name + // or false. + + static function byname($uid,$name) { + if (! ($uid && $name)) { + return false; + } + $r = q("SELECT id FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1", + intval($uid), + dbesc($name) + ); + if ($r) { + return $r[0]['id']; + } + return false; + } + + static function by_id($uid,$id) { + if (! ($uid && $id)) { + return false; + } + + $r = q("SELECT * FROM pgrp WHERE uid = %d AND id = %d and deleted = 0", + intval($uid), + intval($id) + ); + if ($r) { + return array_shift($r); + } + return false; + } + + + + static function rec_byhash($uid,$hash) { + if (! ( $uid && $hash)) { + return false; + } + $r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1", + intval($uid), + dbesc($hash) + ); + if ($r) { + return array_shift($r); + } + return false; + } + + + static function member_remove($uid,$name,$member) { + $gid = self::byname($uid,$name); + if (! $gid) { + return false; + } + if (! ($uid && $gid && $member)) { + return false; + } + $r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ", + intval($uid), + intval($gid), + dbesc($member) + ); + + Libsync::build_sync_packet($uid,null,true); + + return $r; + } + + + static function member_add($uid,$name,$member,$gid = 0) { + if (! $gid) { + $gid = self::byname($uid,$name); + } + if (! ($gid && $uid && $member)) { + return false; + } + + $r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1", + intval($uid), + intval($gid), + dbesc($member) + ); + if ($r) { + return true; // You might question this, but + // we indicate success because the group member was in fact created + // -- It was just created at another time + } + else { + $r = q("INSERT INTO pgrp_member (uid, gid, xchan) + VALUES( %d, %d, '%s' ) ", + intval($uid), + intval($gid), + dbesc($member) + ); + } + Libsync::build_sync_packet($uid,null,true); + return $r; + } + + + static function members($uid, $gid) { + $ret = []; + if (intval($gid)) { + $r = q("SELECT * FROM pgrp_member + LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan + WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ", + intval($gid), + intval($uid), + intval($uid) + ); + if ($r) { + $ret = $r; + } + } + return $ret; + } + + static function members_xchan($uid,$gid) { + $ret = []; + if (intval($gid)) { + $r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d", + intval($gid), + intval($uid) + ); + if ($r) { + foreach ($r as $rv) { + $ret[] = $rv['xchan']; + } + } + } + return $ret; + } + + static function members_profile_xchan($uid,$gid) { + $ret = []; + if (intval($gid)) { + $r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d", + intval($gid), + intval($uid) + ); + if ($r) { + foreach($r as $rv) { + $ret[] = $rv['xchan']; + } + } + } + return $ret; + } + + + + + static function select($uid,$group = '') { + + $grps = []; + + $r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC", + intval($uid) + ); + $grps[] = [ 'name' => '', 'hash' => '0', 'selected' => '' ]; + if ($r) { + foreach ($r as $rr) { + $grps[] = [ 'name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : '') ]; + } + + } + + return replace_macros(get_markup_template('group_selection.tpl'), [ + '$label' => t('Add new connections to this access list'), + '$groups' => $grps + ]); + } + + + static function widget($every="connections",$each="lists",$edit = false, $group_id = 0, $cid = '',$mode = 1) { + + $o = ''; + + $groups = []; + + $r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC", + intval($_SESSION['uid']) + ); + $member_of = []; + if ($cid) { + $member_of = self::containing(local_channel(),$cid); + } + + if ($r) { + foreach ($r as $rr) { + $selected = (($group_id == $rr['id']) ? ' group-selected' : ''); + + if ($edit) { + $groupedit = [ 'href' => "lists/".$rr['id'], 'title' => t('edit') ]; + } + else { + $groupedit = null; + } + + $groups[] = [ + 'id' => $rr['id'], + 'enc_cid' => base64url_encode($cid), + 'cid' => $cid, + 'text' => $rr['gname'], + 'selected' => $selected, + 'href' => (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''), + 'edit' => $groupedit, + 'ismember' => in_array($rr['id'],$member_of), + ]; + } + } + + return replace_macros(get_markup_template('group_side.tpl'), [ + '$title' => t('Lists'), + '$edittext' => t('Edit list'), + '$createtext' => t('Create new list'), + '$ungrouped' => (($every === 'contacts') ? t('Channels not in any access list') : ''), + '$groups' => $groups, + '$add' => t('add'), + ]); + + } + + + static function expand($g) { + if (! (is_array($g) && count($g))) { + return []; + } + + $ret = []; + $x = []; + + // private profile linked virtual groups + + foreach ($g as $gv) { + if (substr($gv,0,3) === 'vp.') { + $profile_hash = substr($gv,3); + if ($profile_hash) { + $r = q("select abook_xchan from abook where abook_profile = '%s'", + dbesc($profile_hash) + ); + if ($r) { + foreach ($r as $rv) { + $ret[] = $rv['abook_xchan']; + } + } + } + } + else { + $x[] = $gv; + } + } + + if ($x) { + stringify_array_elms($x,true); + $groups = implode(',', $x); + if ($groups) { + $r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))"); + if ($r) { + foreach ($r as $rv) { + $ret[] = $rv['xchan']; + } + } + } + } + return $ret; + } + + + static function member_of($c) { + $r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id + WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname ASC ", + dbesc($c) + ); + + return $r; + } + + static function containing($uid,$c) { + + $r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ", + intval($uid), + dbesc($c) + ); + + $ret = []; + if ($r) { + foreach ($r as $rv) + $ret[] = $rv['gid']; + } + + return $ret; + } +}
\ No newline at end of file diff --git a/Zotlabs/Lib/Connect.php b/Zotlabs/Lib/Connect.php new file mode 100644 index 000000000..5fc0e3fe1 --- /dev/null +++ b/Zotlabs/Lib/Connect.php @@ -0,0 +1,316 @@ +<?php /** @file */ + +namespace Zotlabs\Lib; + +use App; +use Zotlabs\Access\Permissions; +use Zotlabs\Daemon\Master; + + + +class Connect { + + /** + * Takes a $channel and a $url/handle and adds a new connection + * + * Returns array + * $return['success'] boolean true if successful + * $return['abook'] Address book entry joined with xchan if successful + * $return['message'] error text if success is false. + * + * This function does NOT send sync packets to clones. The caller is responsible for doing this + */ + + static function connect($channel, $url, $sub_channel = false) { + + $uid = $channel['channel_id']; + + if (strpos($url,'@') === false && strpos($url,'/') === false) { + $url = $url . '@' . App::get_hostname(); + } + + $result = [ 'success' => false, 'message' => '' ]; + + $my_perms = false; + $protocol = ''; + + if (substr($url,0,1) === '[') { + $x = strpos($url,']'); + if ($x) { + $protocol = substr($url,1,$x-1); + $url = substr($url,$x+1); + } + } + + if (! check_siteallowed($url)) { + $result['message'] = t('Channel is blocked on this site.'); + return $result; + } + + if (! $url) { + $result['message'] = t('Channel location missing.'); + return $result; + } + + // check service class limits + + $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", + intval($uid) + ); + if ($r) { + $total_channels = $r[0]['total']; + } + + if (! service_class_allows($uid,'total_channels',$total_channels)) { + $result['message'] = upgrade_message(); + return $result; + } + + $xchan_hash = ''; + $sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : ''); + + $r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ", + dbesc($url), + dbesc($url), + dbesc($url) + ); + + if ($r) { + + // reset results to the best record or the first if we don't have the best + // note: this is a single record and not an array of results + + $r = Libzot::zot_record_preferred($r,'xchan_network'); + + } + + $singleton = false; + $d = false; + + if (! $r) { + + // not in cache - try discovery + + $wf = discover_by_webbie($url,$protocol); + + if (! $wf) { + $feeds = get_config('system','feed_contacts'); + + if (($feeds) && (in_array($protocol, [ '', 'feed', 'rss' ]))) { + $d = discover_feed($url); + } + else { + $result['message'] = t('Remote channel or protocol unavailable.'); + return $result; + } + } + } + + if ($wf || $d) { + + // something was discovered - find the record which was just created. + + $r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s' ) $sql_options", + dbesc(($wf) ? $wf : $url), + dbesc($url), + dbesc($url) + ); + + // convert to a single record (once again preferring a zot solution in the case of multiples) + + if ($r) { + $r = Libzot::zot_record_preferred($r,'xchan_network'); + } + } + + // if discovery was a success or the channel was already cached we should have an xchan record in $r + + if ($r) { + $xchan = $r; + $xchan_hash = $r['xchan_hash']; + $their_perms = EMPTY_STR; + } + + // failure case + + if (! $xchan_hash) { + $result['message'] = t('Channel discovery failed.'); + logger('follow: ' . $result['message']); + return $result; + } + + if (! check_channelallowed($xchan_hash)) { + $result['message'] = t('Channel is blocked on this site.'); + logger('follow: ' . $result['message']); + return $result; + + } + + $allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0); + + $hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0]; + call_hooks('follow_allow',$hookdata); + + if(! $hookdata['allowed']) { + $result['message'] = t('Protocol disabled.'); + return $result; + } + + $singleton = intval($hookdata['singleton']); + + // Now start processing the new connection + + $aid = $channel['channel_account_id']; + $default_group = $channel['channel_default_group']; + + if (in_array($xchan_hash, [$channel['channel_hash'], $channel['channel_portable_id']])) { + $result['message'] = t('Cannot connect to yourself.'); + return $result; + } + + if ($xchan['xchan_network'] === 'rss') { + + // check service class feed limits + + $t = q("select count(*) as total from abook where abook_account = %d and abook_feed = 1 ", + intval($aid) + ); + if ($t) { + $total_feeds = $t[0]['total']; + } + + if (! service_class_allows($uid,'total_feeds',$total_feeds)) { + $result['message'] = upgrade_message(); + return $result; + } + + // Always set these "remote" permissions for feeds since we cannot interact with them + // to negotiate a suitable permission response + + $p = get_abconfig($uid,$xchan_hash,'system','their_perms',EMPTY_STR); + if ($p) { + $p .= ','; + } + $p .= 'view_stream,republish'; + set_abconfig($uid,$xchan_hash,'system','their_perms',$p); + + } + + + $p = Permissions::connect_perms($uid); + + // parent channels have unencumbered write permission + + if ($sub_channel) { + $p['perms']['post_wall'] = 1; + $p['perms']['post_comments'] = 1; + $p['perms']['write_storage'] = 1; + $p['perms']['post_like'] = 1; + $p['perms']['delegate'] = 0; + $p['perms']['moderated'] = 0; + } + + $my_perms = $p['perms']; + + $profile_assign = get_pconfig($uid,'system','profile_assign',''); + + + // See if we are already connected by virtue of having an abook record + + $r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook + where abook_xchan = '%s' and abook_channel = %d limit 1", + dbesc($xchan_hash), + intval($uid) + ); + + if ($r) { + + $abook_instance = $r[0]['abook_instance']; + + // If they are on a non-nomadic network, add them to this location + + if (($singleton) && strpos($abook_instance,z_root()) === false) { + if ($abook_instance) { + $abook_instance .= ','; + } + $abook_instance .= z_root(); + + $x = q("update abook set abook_instance = '%s', abook_not_here = 0 where abook_id = %d", + dbesc($abook_instance), + intval($r[0]['abook_id']) + ); + } + + // if they have a pending connection, we just followed them so approve the connection request + + if (intval($r[0]['abook_pending'])) { + $x = q("update abook set abook_pending = 0 where abook_id = %d", + intval($r[0]['abook_id']) + ); + } + } + else { + + // create a new abook record + + $closeness = get_pconfig($uid,'system','new_abook_closeness',80); + + $r = abook_store_lowlevel( + [ + 'abook_account' => intval($aid), + 'abook_channel' => intval($uid), + 'abook_closeness' => intval($closeness), + 'abook_xchan' => $xchan_hash, + 'abook_profile' => $profile_assign, + 'abook_feed' => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0), + 'abook_created' => datetime_convert(), + 'abook_updated' => datetime_convert(), + 'abook_instance' => (($singleton) ? z_root() : '') + ] + ); + } + + if (! $r) { + logger('abook creation failed'); + $result['message'] = t('error saving data'); + return $result; + } + + // Set suitable permissions to the connection + + if($my_perms) { + foreach($my_perms as $k => $v) { + set_abconfig($uid,$xchan_hash,'my_perms',$k,$v); + } + } + + // fetch the entire record + + $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash + where abook_xchan = '%s' and abook_channel = %d limit 1", + dbesc($xchan_hash), + intval($uid) + ); + + if ($r) { + $result['abook'] = array_shift($r); + Master::Summon([ 'Notifier', 'permission_create', $result['abook']['abook_id'] ]); + } + + $arr = [ 'channel_id' => $uid, 'channel' => $channel, 'abook' => $result['abook'] ]; + + call_hooks('follow', $arr); + + /** If there is a default group for this channel, add this connection to it */ + + if ($default_group) { + $g = AccessList::rec_byhash($uid,$default_group); + if ($g) { + AccessList::member_add($uid,'',$xchan_hash,$g['id']); + } + } + + $result['success'] = true; + return $result; + } +} diff --git a/Zotlabs/Lib/Libsync.php b/Zotlabs/Lib/Libsync.php index c39720735..de389c0a9 100644 --- a/Zotlabs/Lib/Libsync.php +++ b/Zotlabs/Lib/Libsync.php @@ -1022,4 +1022,4 @@ class Libsync { } -}
\ No newline at end of file +} diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 42e706754..5e212ad70 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -105,7 +105,7 @@ class Libzot { $data = [ 'type' => $type, 'encoding' => $encoding, - 'sender' => $channel['channel_portable_id'], + 'sender' => $channel['channel_hash'], 'site_id' => self::make_xchan_hash(z_root(), get_config('system','pubkey')), 'version' => System::get_zot_revision(), ]; @@ -422,7 +422,7 @@ class Libzot { [ 'type' => NOTIFY_INTRO, 'from_xchan' => $x['hash'], - 'to_xchan' => $channel['channel_portable_id'], + 'to_xchan' => $channel['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'] ] ); @@ -788,7 +788,7 @@ class Libzot { // see if this is a channel clone that's hosted locally - which we treat different from other xchans/connections - $local = q("select channel_account_id, channel_id from channel where channel_portable_id = '%s' limit 1", + $local = q("select channel_account_id, channel_id from channel where channel_hash = '%s' limit 1", dbesc($xchan_hash) ); if($local) { @@ -1151,7 +1151,7 @@ class Libzot { if($recip_arr) { stringify_array_elms($recip_arr,true); $recips = implode(',',$recip_arr); - $r = q("select channel_portable_id as hash from channel where channel_portable_id in ( " . $recips . " ) and channel_removed = 0 "); + $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and channel_removed = 0 "); } if(! $r) { @@ -1368,12 +1368,12 @@ class Libzot { $r = []; - $c = q("select channel_id, channel_portable_id from channel where channel_removed = 0"); + $c = q("select channel_id, channel_hash from channel where channel_removed = 0"); if($c) { foreach($c as $cc) { if(perm_is_allowed($cc['channel_id'],$msg['sender'],$perm)) { - $r[] = $cc['channel_portable_id']; + $r[] = $cc['channel_hash']; } } } @@ -1381,7 +1381,7 @@ class Libzot { if($include_sys) { $sys = get_sys_channel(); if($sys) - $r[] = $sys['channel_portable_id']; + $r[] = $sys['channel_hash']; } @@ -1397,7 +1397,7 @@ class Libzot { if($tag['type'] === 'Mention' && (strpos($tag['href'],z_root()) !== false)) { $address = basename($tag['href']); if($address) { - $z = q("select channel_portable_id as hash from channel where channel_address = '%s' + $z = q("select channel_hash as hash from channel where channel_address = '%s' and channel_removed = 0 limit 1", dbesc($address) ); @@ -1418,7 +1418,7 @@ class Libzot { $thread_parent = self::find_parent($msg,$act); if($thread_parent) { - $z = q("select channel_portable_id as hash from channel left join item on channel.channel_id = item.uid where ( item.thr_parent = '%s' OR item.parent_mid = '%s' ) ", + $z = q("select channel_hash as hash from channel left join item on channel.channel_id = item.uid where ( item.thr_parent = '%s' OR item.parent_mid = '%s' ) ", dbesc($thread_parent), dbesc($thread_parent) ); @@ -1473,7 +1473,7 @@ class Libzot { $DR = new DReport(z_root(),$sender,$d,$arr['mid']); - $channel = channelx_by_portid($d); + $channel = channelx_by_hash($d); if (! $channel) { $DR->update('recipient not found'); @@ -1510,7 +1510,7 @@ class Libzot { * access checks. */ - if($sender === $channel['channel_portable_id'] && $arr['author_xchan'] === $channel['channel_portable_id'] && $arr['mid'] === $arr['parent_mid']) { + if($sender === $channel['channel_hash'] && $arr['author_xchan'] === $channel['channel_hash'] && $arr['mid'] === $arr['parent_mid']) { $DR->update('self delivery ignored'); $result[] = $DR->get(); continue; @@ -1827,7 +1827,7 @@ class Libzot { $stored = (($item_result && $item_result['item']) ? $item_result['item'] : false); if((is_array($stored)) && ($stored['id'] != $stored['parent']) - && ($stored['author_xchan'] === $channel['channel_hash'] || $stored['author_xchan'] === $channel['channel_portable_id'])) { + && ($stored['author_xchan'] === $channel['channel_hash'] || $stored['author_xchan'] === $channel['channel_hash'])) { retain_item($stored['item']['parent']); } @@ -1949,9 +1949,9 @@ class Libzot { } logger('FOF Activity received: ' . print_r($arr,true), LOGGER_DATA, LOG_DEBUG); - logger('FOF Activity recipient: ' . $channel['channel_portable_id'], LOGGER_DATA, LOG_DEBUG); + logger('FOF Activity recipient: ' . $channel['channel_hash'], LOGGER_DATA, LOG_DEBUG); - $result = self::process_delivery($arr['owner_xchan'],$AS, $arr, [ $channel['channel_portable_id'] ],false,false,true); + $result = self::process_delivery($arr['owner_xchan'],$AS, $arr, [ $channel['channel_hash'] ],false,false,true); if ($result) { $ret = array_merge($ret, $result); } @@ -2207,7 +2207,7 @@ class Libzot { $DR = new DReport(z_root(),$sender,$d,$arr['mid']); - $r = q("select * from channel where channel_portable_id = '%s' limit 1", + $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']) ); @@ -2362,7 +2362,7 @@ class Libzot { $loc = $locations[0]; - $r = q("select * from channel where channel_portable_id = '%s' limit 1", + $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($sender_hash) ); @@ -2370,7 +2370,7 @@ class Libzot { return; if($loc['url'] !== z_root()) { - $x = q("update channel set channel_moved = '%s' where channel_portable_id = '%s' limit 1", + $x = q("update channel set channel_moved = '%s' where channel_hash = '%s' limit 1", dbesc($loc['url']), dbesc($sender_hash) ); @@ -2404,7 +2404,7 @@ class Libzot { static function encode_locations($channel) { $ret = []; - $x = self::get_hublocs($channel['channel_portable_id']); + $x = self::get_hublocs($channel['channel_hash']); if($x && count($x)) { foreach($x as $hub) { @@ -2752,13 +2752,13 @@ class Libzot { $r = null; if(strlen($zhash)) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel_portable_id = xchan_hash - where channel_portable_id = '%s' limit 1", + $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash + where channel_hash = '%s' limit 1", dbesc($zhash) ); } elseif(strlen($zguid) && strlen($zguid_sig)) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel_portable_id = xchan_hash + $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash where channel_guid = '%s' and channel_guid_sig = '%s' limit 1", dbesc($zguid), dbesc($zguid_sig) @@ -2766,7 +2766,7 @@ class Libzot { } elseif(strlen($zaddr)) { if(strpos($zaddr,'[system]') === false) { /* normal address lookup */ - $r = q("select channel.*, xchan.* from channel left join xchan on channel_portable_id = xchan_hash + $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash where ( channel_address = '%s' or xchan_addr = '%s' ) limit 1", dbesc($zaddr), dbesc($zaddr) @@ -2786,10 +2786,10 @@ class Libzot { * */ - $r = q("select channel.*, xchan.* from channel left join xchan on channel_portable_id = xchan_hash + $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash where channel_system = 1 order by channel_id limit 1"); if(! $r) { - $r = q("select channel.*, xchan.* from channel left join xchan on channel_portable_id = xchan_hash + $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash where channel_removed = 0 order by channel_id limit 1"); } } diff --git a/Zotlabs/Module/Fhublocs.php b/Zotlabs/Module/Fhublocs.php index 42c119da3..8393d26d6 100644 --- a/Zotlabs/Module/Fhublocs.php +++ b/Zotlabs/Module/Fhublocs.php @@ -10,6 +10,9 @@ require_once('include/crypto.php'); class Fhublocs extends \Zotlabs\Web\Controller { function get() { + + //TODO: this needs updating to zot6!!! + return; if(! is_site_admin()) return; diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index cbf9d62c5..11febd8fc 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -1,31 +1,88 @@ <?php namespace Zotlabs\Module; +use App; +use Zotlabs\Web\Controller; +use Zotlabs\Lib\Libsync; +use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Activity; +use Zotlabs\Web\HTTPSig; +use Zotlabs\Lib\LDSignatures; +use Zotlabs\Lib\Connect; +use Zotlabs\Daemon\Master; -require_once('include/follow.php'); - - -class Follow extends \Zotlabs\Web\Controller { +class Follow extends Controller { function init() { - if(! local_channel()) { + if (ActivityStreams::is_as_request() && argc() == 2) { + + $abook_id = intval(argv(1)); + if(! $abook_id) + return; + + $r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d", + intval($abook_id) + ); + if (! $r) { + return; + } + + $chan = channelx_by_n($r[0]['abook_channel']); + + if (! $chan) { + http_status_exit(404, 'Not found'); + } + + $actor = Activity::encode_person($chan,true,true); + if (! $actor) { + http_status_exit(404, 'Not found'); + } + + $x = array_merge(['@context' => [ + ACTIVITYSTREAMS_JSONLD_REV, + 'https://w3id.org/security/v1', + z_root() . ZOT_APSCHEMA_REV + ]], + [ + 'id' => z_root() . '/follow/' . $r[0]['abook_id'], + 'type' => 'Follow', + 'actor' => $actor, + 'object' => $r[0]['xchan_url'] + ]); + + $headers = []; + $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ; + $x['signature'] = LDSignatures::sign($x,$chan); + $ret = json_encode($x, JSON_UNESCAPED_SLASHES); + $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T'); + $headers['Digest'] = HTTPSig::generate_digest_header($ret); + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan)); + HTTPSig::set_headers($h); + echo $ret; + killme(); + + } + + if (! local_channel()) { return; } - + $uid = local_channel(); $url = notags(trim(punify($_REQUEST['url']))); $return_url = $_SESSION['return_url']; $confirm = intval($_REQUEST['confirm']); $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); - $channel = \App::get_channel(); + $channel = App::get_channel(); - $result = new_contact($uid,$url,$channel,$interactive,$confirm); + $result = Connect::connect($channel,$url); - if($result['success'] == false) { - if($result['message']) + if ($result['success'] == false) { + if ($result['message']) { notice($result['message']); - if($interactive) { + } + if ($interactive) { goaway($return_url); } else { @@ -36,8 +93,8 @@ class Follow extends \Zotlabs\Web\Controller { info( t('Connection added.') . EOL); $clone = array(); - foreach($result['abook'] as $k => $v) { - if(strpos($k,'abook_') === 0) { + foreach ($result['abook'] as $k => $v) { + if (strpos($k,'abook_') === 0) { $clone[$k] = $v; } } @@ -46,20 +103,21 @@ class Follow extends \Zotlabs\Web\Controller { unset($clone['abook_channel']); $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); - if($abconfig) + if ($abconfig) { $clone['abconfig'] = $abconfig; + } + Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true); - build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true); - - $can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream')); + $can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream'); // If we can view their stream, pull in some posts - if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) - \Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id'])); + if (($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) { + Master::Summon([ 'Onepoll', $result['abook']['abook_id'] ]); + } - if($interactive) { - goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); + if ($interactive) { + goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1'); } else { json_return_and_die([ 'success' => true ]); @@ -68,7 +126,7 @@ class Follow extends \Zotlabs\Web\Controller { } function get() { - if(! local_channel()) { + if (! local_channel()) { return login(); } } diff --git a/Zotlabs/Update/_1236.php b/Zotlabs/Update/_1236.php new file mode 100644 index 000000000..d40cc9e25 --- /dev/null +++ b/Zotlabs/Update/_1236.php @@ -0,0 +1,115 @@ +<?php + +namespace Zotlabs\Update; + +use Zotlabs\Lib\Libzot; + +class _1236 { + + function run() { + + $r = q("SELECT channel.channel_address, channel.channel_hash, xchan.xchan_guid, channel.channel_pubkey, channel.channel_portable_id FROM channel + LEFT JOIN xchan ON channel_hash = xchan_hash + WHERE xchan.xchan_network = 'zot' + AND channel.channel_removed = 0" + ); + + $i = 0; + + foreach($r as $rr) { + + $zot_xchan = $rr['channel_hash']; + $guid = $rr['xchan_guid']; + + $xchan = q("SELECT xchan_hash, xchan_guid_sig FROM xchan WHERE xchan_guid = '%s' AND xchan_network = 'zot6'", + dbesc($guid) + ); + + if(!$xchan) { + // This should not actually happen. + // A zot6 xchan for every channel should have been + // created in update _1226. + + // In case this failed, we will try to fix it here. + logger('No zot6 xchan found for: ' . $rr['channel_hash']); + + $zhash = $rr['channel_portable_id']; + + if(!$zhash) { + $zhash = Libzot::make_xchan_hash($rr['xchan_guid'], $rr['channel_pubkey']); + + q("UPDATE channel SET channel_portable_id = '%s' WHERE channel_hash = '%s'", + dbesc($zhash), + dbesc($zot_xchan) + ); + } + + if(!$zhash) { + logger('Could not create zot6 xchan_hash for: ' . $rr['channel_hash']); + continue; + } + + $x = q("SELECT * FROM xchan WHERE xchan_hash = '%s' LIMIT 1", + dbesc($rr['channel_hash']) + ); + + if($x) { + $rec = $x[0]; + $rec['xchan_hash'] = $zhash; + $rec['xchan_guid_sig'] = 'sha256.' . $rec['xchan_guid_sig']; + $rec['xchan_network'] = 'zot6'; + xchan_store_lowlevel($rec); + } + + $h = q("SELECT * FROM hubloc WHERE hubloc_hash = '%s' AND hubloc_url = '%s' LIMIT 1", + dbesc($zot_xchan), + dbesc(z_root()) + ); + + if($h) { + $rec = $h[0]; + $rec['hubloc_hash'] = $zhash; + $rec['hubloc_guid_sig'] = 'sha256.' . $rec['hubloc_guid_sig']; + $rec['hubloc_network'] = 'zot6'; + $rec['hubloc_url_sig'] = 'sha256.' . $rec['hubloc_url_sig']; + $rec['hubloc_callback'] = z_root() . '/zot'; + $rec['hubloc_id_url'] = channel_url($rr); + $rec['hubloc_site_id'] = Libzot::make_xchan_hash(z_root(),get_config('system','pubkey')); + hubloc_store_lowlevel($rec); + } + + // Now try again + $xchan = q("SELECT xchan_hash, xchan_guid_sig FROM xchan WHERE xchan_guid = '%s' AND xchan_network = 'zot6'", + dbesc($guid) + ); + + if(!$xchan) { + logger('Could not create zot6 xchan record for: ' . $zot_xchan); + continue; + } + + } + + $zot6_xchan = $xchan[0]['xchan_hash']; + $zot6_xchan_guid_sig = $xchan[0]['xchan_guid_sig']; + + logger('Transforming channel: ' . $zot_xchan); + q("UPDATE channel SET channel_hash = '%s', channel_portable_id = '%s', channel_guid_sig = '%s' WHERE channel_hash = '%s'", + dbesc($zot6_xchan), + dbesc($zot_xchan), + dbesc($zot6_xchan_guid_sig), + dbesc($zot_xchan) + ); + + $i++; + + } + + if(count($r) == $i) + return UPDATE_SUCCESS; + else + return UPDATE_FAILED; + + } + +} diff --git a/Zotlabs/Zot6/Zot6Handler.php b/Zotlabs/Zot6/Zot6Handler.php index 37ce11980..d717b147b 100644 --- a/Zotlabs/Zot6/Zot6Handler.php +++ b/Zotlabs/Zot6/Zot6Handler.php @@ -71,7 +71,7 @@ class Zot6Handler implements IHandler { foreach ($recipients as $recip) { $r = q("select channel.*,xchan.* from channel - left join xchan on channel_portable_id = xchan_hash + left join xchan on channel_hash = xchan_hash where xchan_hash ='%s' limit 1", dbesc($recip) ); @@ -139,7 +139,7 @@ class Zot6Handler implements IHandler { $arr = $data['recipients'][0]; - $c = q("select * from channel left join xchan on channel_portable_id = xchan_hash where channel_portable_id = '%s' limit 1", + $c = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_hash = '%s' limit 1", dbesc($arr['portable_id']) ); if (! $c) { @@ -227,8 +227,8 @@ class Zot6Handler implements IHandler { // basically this means "unfriend" foreach ($recipients as $recip) { $r = q("select channel.*,xchan.* from channel - left join xchan on channel_portable_id = xchan_hash - where channel_portable_id = '%s' limit 1", + left join xchan on channel_hash = xchan_hash + where channel_hash = '%s' limit 1", dbesc($recip) ); if ($r) { |