From 1712eceaf95e5e57d8f5866cb1f6100a0acd28b6 Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 26 Jan 2020 15:08:55 +0000 Subject: port Lib/Connect and Module/Follow from zap. Connect with new connections via zot6 --- Zotlabs/Access/Permissions.php | 13 +- Zotlabs/Lib/AccessList.php | 411 +++++++++++++++++++++++++++++++++++++++++ Zotlabs/Lib/Connect.php | 315 +++++++++++++++++++++++++++++++ Zotlabs/Module/Follow.php | 102 +++++++--- include/permissions.php | 20 ++ 5 files changed, 838 insertions(+), 23 deletions(-) create mode 100644 Zotlabs/Lib/AccessList.php create mode 100644 Zotlabs/Lib/Connect.php diff --git a/Zotlabs/Access/Permissions.php b/Zotlabs/Access/Permissions.php index 20dc22a72..35016ed57 100644 --- a/Zotlabs/Access/Permissions.php +++ b/Zotlabs/Access/Permissions.php @@ -283,4 +283,15 @@ class Permissions { return ( [ 'perms' => $my_perms, 'automatic' => $automatic ] ); } -} \ No newline at end of file + static public function serialise($p) { + $n = []; + if($p) { + foreach($p as $k => $v) { + if(intval($v)) { + $n[] = $k; + } + } + } + return implode(',',$n); + } +} diff --git a/Zotlabs/Lib/AccessList.php b/Zotlabs/Lib/AccessList.php new file mode 100644 index 000000000..3c008f8c7 --- /dev/null +++ b/Zotlabs/Lib/AccessList.php @@ -0,0 +1,411 @@ +may apply to this list and any future members. If this is not what you intended, please create another list with a different name.') . EOL); + } + return true; + } + + $hash = new_uuid(); + + $r = q("INSERT INTO pgrp ( hash, uid, visible, gname ) + VALUES( '%s', %d, %d, '%s' ) ", + dbesc($hash), + intval($uid), + intval($public), + dbesc($name) + ); + $ret = $r; + } + + Libsync::build_sync_packet($uid,null,true); + return $ret; + } + + + static function remove($uid,$name) { + $ret = false; + if ($uid && $name) { + $r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1", + intval($uid), + dbesc($name) + ); + if ($r) { + $group_id = $r[0]['id']; + $group_hash = $r[0]['hash']; + } + else { + return false; + } + + // remove group from default posting lists + $r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1", + intval($uid) + ); + if ($r) { + $user_info = array_shift($r); + $change = false; + + if ($user_info['channel_default_group'] == $group_hash) { + $user_info['channel_default_group'] = ''; + $change = true; + } + if (strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) { + $user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']); + $change = true; + } + if (strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) { + $user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']); + $change = true; + } + + if ($change) { + q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' + WHERE channel_id = %d", + intval($user_info['channel_default_group']), + dbesc($user_info['channel_allow_gid']), + dbesc($user_info['channel_deny_gid']), + intval($uid) + ); + } + } + + // remove all members + $r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ", + intval($uid), + intval($group_id) + ); + + // remove group + $r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'", + intval($uid), + dbesc($name) + ); + + $ret = $r; + + } + + Libsync::build_sync_packet($uid,null,true); + + return $ret; + } + + // returns the integer id of an access group owned by $uid and named $name + // or false. + + static function byname($uid,$name) { + if (! ($uid && $name)) { + return false; + } + $r = q("SELECT id FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1", + intval($uid), + dbesc($name) + ); + if ($r) { + return $r[0]['id']; + } + return false; + } + + static function by_id($uid,$id) { + if (! ($uid && $id)) { + return false; + } + + $r = q("SELECT * FROM pgrp WHERE uid = %d AND id = %d and deleted = 0", + intval($uid), + intval($id) + ); + if ($r) { + return array_shift($r); + } + return false; + } + + + + static function rec_byhash($uid,$hash) { + if (! ( $uid && $hash)) { + return false; + } + $r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1", + intval($uid), + dbesc($hash) + ); + if ($r) { + return array_shift($r); + } + return false; + } + + + static function member_remove($uid,$name,$member) { + $gid = self::byname($uid,$name); + if (! $gid) { + return false; + } + if (! ($uid && $gid && $member)) { + return false; + } + $r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ", + intval($uid), + intval($gid), + dbesc($member) + ); + + Libsync::build_sync_packet($uid,null,true); + + return $r; + } + + + static function member_add($uid,$name,$member,$gid = 0) { + if (! $gid) { + $gid = self::byname($uid,$name); + } + if (! ($gid && $uid && $member)) { + return false; + } + + $r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1", + intval($uid), + intval($gid), + dbesc($member) + ); + if ($r) { + return true; // You might question this, but + // we indicate success because the group member was in fact created + // -- It was just created at another time + } + else { + $r = q("INSERT INTO pgrp_member (uid, gid, xchan) + VALUES( %d, %d, '%s' ) ", + intval($uid), + intval($gid), + dbesc($member) + ); + } + Libsync::build_sync_packet($uid,null,true); + return $r; + } + + + static function members($uid, $gid) { + $ret = []; + if (intval($gid)) { + $r = q("SELECT * FROM pgrp_member + LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan + WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ", + intval($gid), + intval($uid), + intval($uid) + ); + if ($r) { + $ret = $r; + } + } + return $ret; + } + + static function members_xchan($uid,$gid) { + $ret = []; + if (intval($gid)) { + $r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d", + intval($gid), + intval($uid) + ); + if ($r) { + foreach ($r as $rv) { + $ret[] = $rv['xchan']; + } + } + } + return $ret; + } + + static function members_profile_xchan($uid,$gid) { + $ret = []; + if (intval($gid)) { + $r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d", + intval($gid), + intval($uid) + ); + if ($r) { + foreach($r as $rv) { + $ret[] = $rv['xchan']; + } + } + } + return $ret; + } + + + + + static function select($uid,$group = '') { + + $grps = []; + + $r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC", + intval($uid) + ); + $grps[] = [ 'name' => '', 'hash' => '0', 'selected' => '' ]; + if ($r) { + foreach ($r as $rr) { + $grps[] = [ 'name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : '') ]; + } + + } + + return replace_macros(get_markup_template('group_selection.tpl'), [ + '$label' => t('Add new connections to this access list'), + '$groups' => $grps + ]); + } + + + static function widget($every="connections",$each="lists",$edit = false, $group_id = 0, $cid = '',$mode = 1) { + + $o = ''; + + $groups = []; + + $r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC", + intval($_SESSION['uid']) + ); + $member_of = []; + if ($cid) { + $member_of = self::containing(local_channel(),$cid); + } + + if ($r) { + foreach ($r as $rr) { + $selected = (($group_id == $rr['id']) ? ' group-selected' : ''); + + if ($edit) { + $groupedit = [ 'href' => "lists/".$rr['id'], 'title' => t('edit') ]; + } + else { + $groupedit = null; + } + + $groups[] = [ + 'id' => $rr['id'], + 'enc_cid' => base64url_encode($cid), + 'cid' => $cid, + 'text' => $rr['gname'], + 'selected' => $selected, + 'href' => (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''), + 'edit' => $groupedit, + 'ismember' => in_array($rr['id'],$member_of), + ]; + } + } + + return replace_macros(get_markup_template('group_side.tpl'), [ + '$title' => t('Lists'), + '$edittext' => t('Edit list'), + '$createtext' => t('Create new list'), + '$ungrouped' => (($every === 'contacts') ? t('Channels not in any access list') : ''), + '$groups' => $groups, + '$add' => t('add'), + ]); + + } + + + static function expand($g) { + if (! (is_array($g) && count($g))) { + return []; + } + + $ret = []; + $x = []; + + // private profile linked virtual groups + + foreach ($g as $gv) { + if (substr($gv,0,3) === 'vp.') { + $profile_hash = substr($gv,3); + if ($profile_hash) { + $r = q("select abook_xchan from abook where abook_profile = '%s'", + dbesc($profile_hash) + ); + if ($r) { + foreach ($r as $rv) { + $ret[] = $rv['abook_xchan']; + } + } + } + } + else { + $x[] = $gv; + } + } + + if ($x) { + stringify_array_elms($x,true); + $groups = implode(',', $x); + if ($groups) { + $r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))"); + if ($r) { + foreach ($r as $rv) { + $ret[] = $rv['xchan']; + } + } + } + } + return $ret; + } + + + static function member_of($c) { + $r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id + WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname ASC ", + dbesc($c) + ); + + return $r; + } + + static function containing($uid,$c) { + + $r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ", + intval($uid), + dbesc($c) + ); + + $ret = []; + if ($r) { + foreach ($r as $rv) + $ret[] = $rv['gid']; + } + + return $ret; + } +} \ No newline at end of file diff --git a/Zotlabs/Lib/Connect.php b/Zotlabs/Lib/Connect.php new file mode 100644 index 000000000..978a4ce39 --- /dev/null +++ b/Zotlabs/Lib/Connect.php @@ -0,0 +1,315 @@ + false, 'message' => '' ]; + + $my_perms = false; + $protocol = ''; + + if (substr($url,0,1) === '[') { + $x = strpos($url,']'); + if ($x) { + $protocol = substr($url,1,$x-1); + $url = substr($url,$x+1); + } + } + + if (! check_siteallowed($url)) { + $result['message'] = t('Channel is blocked on this site.'); + return $result; + } + + if (! $url) { + $result['message'] = t('Channel location missing.'); + return $result; + } + + // check service class limits + + $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", + intval($uid) + ); + if ($r) { + $total_channels = $r[0]['total']; + } + + if (! service_class_allows($uid,'total_channels',$total_channels)) { + $result['message'] = upgrade_message(); + return $result; + } + + $xchan_hash = ''; + $sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : ''); + + $r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ", + dbesc($url), + dbesc($url), + dbesc($url) + ); + + if ($r) { + + // reset results to the best record or the first if we don't have the best + // note: this is a single record and not an array of results + + $r = Libzot::zot_record_preferred($r,'xchan_network'); + + } + + $singleton = false; + $d = false; + + if (! $r) { + + // not in cache - try discovery + + $wf = discover_by_webbie($url,$protocol); + + if (! $wf) { + $feeds = get_config('system','feed_contacts'); + + if (($feeds) && (in_array($protocol, [ '', 'feed', 'rss' ]))) { + $d = discover_feed($url); + } + else { + $result['message'] = t('Remote channel or protocol unavailable.'); + return $result; + } + } + } + + if ($wf || $d) { + + // something was discovered - find the record which was just created. + + $r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s' ) $sql_options", + dbesc(($wf) ? $wf : $url), + dbesc($url), + dbesc($url) + ); + + // convert to a single record (once again preferring a zot solution in the case of multiples) + + if ($r) { + $r = Libzot::zot_record_preferred($r,'xchan_network'); + } + } + + // if discovery was a success or the channel was already cached we should have an xchan record in $r + + if ($r) { + $xchan = $r; + $xchan_hash = $r['xchan_hash']; + $their_perms = EMPTY_STR; + } + + // failure case + + if (! $xchan_hash) { + $result['message'] = t('Channel discovery failed.'); + logger('follow: ' . $result['message']); + return $result; + } + + if (! check_channelallowed($xchan_hash)) { + $result['message'] = t('Channel is blocked on this site.'); + logger('follow: ' . $result['message']); + return $result; + + } + + $allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0); + + $hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0]; + call_hooks('follow_allow',$hookdata); + + if(! $hookdata['allowed']) { + hz_syslog('zesz'); + $result['message'] = t('Protocol disabled.'); + return $result; + } + + $singleton = intval($hookdata['singleton']); + + // Now start processing the new connection + + $aid = $channel['channel_account_id']; + $default_group = $channel['channel_default_group']; + + if (in_array($xchan_hash, [$channel['channel_hash'], $channel['channel_portable_id']])) { + $result['message'] = t('Cannot connect to yourself.'); + return $result; + } + + if ($xchan['xchan_network'] === 'rss') { + + // check service class feed limits + + $t = q("select count(*) as total from abook where abook_account = %d and abook_feed = 1 ", + intval($aid) + ); + if ($t) { + $total_feeds = $t[0]['total']; + } + + if (! service_class_allows($uid,'total_feeds',$total_feeds)) { + $result['message'] = upgrade_message(); + return $result; + } + + // Always set these "remote" permissions for feeds since we cannot interact with them + // to negotiate a suitable permission response + + $p = get_abconfig($uid,$xchan_hash,'system','their_perms',EMPTY_STR); + if ($p) { + $p .= ','; + } + $p .= 'view_stream,republish'; + set_abconfig($uid,$xchan_hash,'system','their_perms',$p); + + } + + + $p = Permissions::connect_perms($uid); + + // parent channels have unencumbered write permission + + if ($sub_channel) { + $p['perms']['post_wall'] = 1; + $p['perms']['post_comments'] = 1; + $p['perms']['write_storage'] = 1; + $p['perms']['post_like'] = 1; + $p['perms']['delegate'] = 0; + $p['perms']['moderated'] = 0; + } + + $my_perms = Permissions::serialise($p['perms']); + + $profile_assign = get_pconfig($uid,'system','profile_assign',''); + + + // See if we are already connected by virtue of having an abook record + + $r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook + where abook_xchan = '%s' and abook_channel = %d limit 1", + dbesc($xchan_hash), + intval($uid) + ); + + if ($r) { + + $abook_instance = $r[0]['abook_instance']; + + // If they are on a non-nomadic network, add them to this location + + if (($singleton) && strpos($abook_instance,z_root()) === false) { + if ($abook_instance) { + $abook_instance .= ','; + } + $abook_instance .= z_root(); + + $x = q("update abook set abook_instance = '%s', abook_not_here = 0 where abook_id = %d", + dbesc($abook_instance), + intval($r[0]['abook_id']) + ); + } + + // if they have a pending connection, we just followed them so approve the connection request + + if (intval($r[0]['abook_pending'])) { + $x = q("update abook set abook_pending = 0 where abook_id = %d", + intval($r[0]['abook_id']) + ); + } + } + else { + + // create a new abook record + + $closeness = get_pconfig($uid,'system','new_abook_closeness',80); + + $r = abook_store_lowlevel( + [ + 'abook_account' => intval($aid), + 'abook_channel' => intval($uid), + 'abook_closeness' => intval($closeness), + 'abook_xchan' => $xchan_hash, + 'abook_profile' => $profile_assign, + 'abook_feed' => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0), + 'abook_created' => datetime_convert(), + 'abook_updated' => datetime_convert(), + 'abook_instance' => (($singleton) ? z_root() : '') + ] + ); + } + + if (! $r) { + logger('abook creation failed'); + $result['message'] = t('error saving data'); + return $result; + } + + // Set suitable permissions to the connection + + if ($my_perms) { + set_abconfig($uid,$xchan_hash,'system','my_perms',$my_perms); + } + + // fetch the entire record + + $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash + where abook_xchan = '%s' and abook_channel = %d limit 1", + dbesc($xchan_hash), + intval($uid) + ); + + if ($r) { + $result['abook'] = array_shift($r); + Master::Summon([ 'Notifier', 'permission_create', $result['abook']['abook_id'] ]); + } + + $arr = [ 'channel_id' => $uid, 'channel' => $channel, 'abook' => $result['abook'] ]; + + call_hooks('follow', $arr); + + /** If there is a default group for this channel, add this connection to it */ + + if ($default_group) { + $g = AccessList::rec_byhash($uid,$default_group); + if ($g) { + AccessList::member_add($uid,'',$xchan_hash,$g['id']); + } + } + + $result['success'] = true; + return $result; + } +} diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index cbf9d62c5..11febd8fc 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -1,31 +1,88 @@ [ + ACTIVITYSTREAMS_JSONLD_REV, + 'https://w3id.org/security/v1', + z_root() . ZOT_APSCHEMA_REV + ]], + [ + 'id' => z_root() . '/follow/' . $r[0]['abook_id'], + 'type' => 'Follow', + 'actor' => $actor, + 'object' => $r[0]['xchan_url'] + ]); + + $headers = []; + $headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ; + $x['signature'] = LDSignatures::sign($x,$chan); + $ret = json_encode($x, JSON_UNESCAPED_SLASHES); + $headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T'); + $headers['Digest'] = HTTPSig::generate_digest_header($ret); + $headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; + $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan)); + HTTPSig::set_headers($h); + echo $ret; + killme(); + + } + + if (! local_channel()) { return; } - + $uid = local_channel(); $url = notags(trim(punify($_REQUEST['url']))); $return_url = $_SESSION['return_url']; $confirm = intval($_REQUEST['confirm']); $interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1); - $channel = \App::get_channel(); + $channel = App::get_channel(); - $result = new_contact($uid,$url,$channel,$interactive,$confirm); + $result = Connect::connect($channel,$url); - if($result['success'] == false) { - if($result['message']) + if ($result['success'] == false) { + if ($result['message']) { notice($result['message']); - if($interactive) { + } + if ($interactive) { goaway($return_url); } else { @@ -36,8 +93,8 @@ class Follow extends \Zotlabs\Web\Controller { info( t('Connection added.') . EOL); $clone = array(); - foreach($result['abook'] as $k => $v) { - if(strpos($k,'abook_') === 0) { + foreach ($result['abook'] as $k => $v) { + if (strpos($k,'abook_') === 0) { $clone[$k] = $v; } } @@ -46,20 +103,21 @@ class Follow extends \Zotlabs\Web\Controller { unset($clone['abook_channel']); $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); - if($abconfig) + if ($abconfig) { $clone['abconfig'] = $abconfig; + } + Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true); - build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true); - - $can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream')); + $can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream'); // If we can view their stream, pull in some posts - if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) - \Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id'])); + if (($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) { + Master::Summon([ 'Onepoll', $result['abook']['abook_id'] ]); + } - if($interactive) { - goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); + if ($interactive) { + goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1'); } else { json_return_and_die([ 'success' => true ]); @@ -68,7 +126,7 @@ class Follow extends \Zotlabs\Web\Controller { } function get() { - if(! local_channel()) { + if (! local_channel()) { return login(); } } diff --git a/include/permissions.php b/include/permissions.php index 501b2cc77..ca8ff6e93 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -554,4 +554,24 @@ function site_default_perms() { return $ret; } +function their_perms_contains($channel_id,$xchan_hash,$perm) { + $x = get_abconfig($channel_id,$xchan_hash,'system','their_perms'); + if($x) { + $y = explode(',',$x); + if(in_array($perm,$y)) { + return true; + } + } + return false; +} +function my_perms_contains($channel_id,$xchan_hash,$perm) { + $x = get_abconfig($channel_id,$xchan_hash,'system','my_perms'); + if($x) { + $y = explode(',',$x); + if(in_array($perm,$y)) { + return true; + } + } + return false; +} -- cgit v1.2.3