From 3ed444b4b4cb1817ab1c780138d4bef0b8909876 Mon Sep 17 00:00:00 2001 From: Charlie Root Date: Mon, 25 Jan 2021 18:35:28 +0200 Subject: Run storageconv from web server user --- util/storageconv | 0 util/storageconv.sh | 6 ++++++ 2 files changed, 6 insertions(+) mode change 100755 => 100644 util/storageconv create mode 100755 util/storageconv.sh diff --git a/util/storageconv b/util/storageconv old mode 100755 new mode 100644 diff --git a/util/storageconv.sh b/util/storageconv.sh new file mode 100755 index 000000000..90abdf0ef --- /dev/null +++ b/util/storageconv.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +WWWUSER=$(ps aux | egrep '([a|A]pache|[h|H]ttpd|lighttpd|[n|N]ginx|h2o)' | awk '{ print $1}' | uniq | grep -v `whoami` | tail -1) + +sudo -u $WWWUSER php util/storageconv $* + -- cgit v1.2.3 From 0e9d99c603d84b76c4774aa39dc782992bd91cdc Mon Sep 17 00:00:00 2001 From: Mario Date: Mon, 25 Jan 2021 20:27:50 +0000 Subject: expose manual public item import from searchbar, set commen_policy in Activity::store() to what we get if we get something otherwise default to authenticated, comments by the owner have the relay flag set and therefor $perm will be not be set to post_comments - always check if we own the parent in lib/libzot (not only if $perm = send_stream) if otherwise not allowed --- Zotlabs/Lib/Activity.php | 24 ++-- Zotlabs/Lib/Libzot.php | 15 ++- Zotlabs/Module/Network.php | 2 +- Zotlabs/Module/Search.php | 285 ++++++++++++++++++++++++--------------------- 4 files changed, 178 insertions(+), 148 deletions(-) diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 46ce075fd..3afc70b28 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -2488,7 +2488,6 @@ class Activity { } static function store($channel, $observer_hash, $act, $item, $fetch_parents = true, $force = false) { - $is_sys_channel = is_sys_channel($channel['channel_id']); $is_child_node = false; @@ -2523,6 +2522,7 @@ class Activity { // $permit_mentions = intval(PConfig::Get($channel['channel_id'], 'system','permit_all_mentions') && i_am_mentioned($channel,$item)); if ($is_child_node) { + $p = q("select * from item where mid = '%s' and uid = %d and item_wall = 1", dbesc($item['parent_mid']), intval($channel['channel_id']) @@ -2560,6 +2560,7 @@ class Activity { }*/ } else { + $allowed = true; // reject public stream comments that weren't sent by the conversation owner if ($is_sys_channel && $pubstream && $item['owner_xchan'] !== $observer_hash) { @@ -2575,6 +2576,7 @@ class Activity { } } else { + // The $item['item_fetched'] flag is set in fetch_and_store_parents(). // In this case we should check against author permissions because sender is not owner. if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || ($is_sys_channel && $pubstream)) { @@ -2694,7 +2696,7 @@ class Activity { } // This isn't perfect but the best we can do for now. - $item['comment_policy'] = 'authenticated'; + $item['comment_policy'] = ((isset($act->data['commentPolicy'])) ? $act->data['commentPolicy'] : 'authenticated'); set_iconfig($item, 'activitypub', 'recips', $act->raw_recips); @@ -2777,9 +2779,9 @@ class Activity { else { $fetch = false; // TODO: debug - // if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true)*/ || $act->type === 'Announce')) { + // if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true) || $act->type === 'Announce')) { if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || ($is_sys_channel && $pubstream)) { - $fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item) : false); + $fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item, $force) : false); } if ($fetch) { $parent = q("select * from item where mid = '%s' and uid = %d limit 1", @@ -2901,7 +2903,7 @@ class Activity { } - static public function fetch_and_store_parents($channel, $observer_hash, $item) { + static public function fetch_and_store_parents($channel, $observer_hash, $item, $force = false) { logger('fetching parents'); $p = []; @@ -2909,18 +2911,19 @@ class Activity { $current_item = $item; while ($current_item['parent_mid'] !== $current_item['mid']) { - $n = self::fetch($current_item['parent_mid']); + $n = self::fetch($current_item['parent_mid'], $channel); + if (!$n) { break; } - // set client flag to convert objects to implied activities - $a = new ActivityStreams($n, null, true); + + $a = new ActivityStreams($n); if ($a->type === 'Announce' && is_array($a->obj) && array_key_exists('object', $a->obj) && array_key_exists('actor', $a->obj)) { // This is a relayed/forwarded Activity (as opposed to a shared/boosted object) // Reparse the encapsulated Activity and use that instead logger('relayed activity', LOGGER_DEBUG); - $a = new ActivityStreams($a->obj, null, true); + $a = new ActivityStreams($a->obj); } logger($a->debug(), LOGGER_DATA); @@ -2933,7 +2936,6 @@ class Activity { Activity::actor_store($a->actor['id'], $a->actor); } - // ActivityPub sourced items are cacheable $item = Activity::decode_note($a); if (!$item) { @@ -2975,7 +2977,7 @@ class Activity { if ($p) { foreach ($p as $pv) { if ($pv[0]->is_valid()) { - Activity::store($channel, $observer_hash, $pv[0], $pv[1], false); + Activity::store($channel, $observer_hash, $pv[0], $pv[1], false, $force); } } return true; diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index ee1f54ec8..13a75bb6c 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -1235,8 +1235,14 @@ class Libzot { if (is_array($AS->obj) && array_key_exists('commentPolicy', $AS->obj)) { $p = strstr($AS->obj['commentPolicy'], 'until='); if ($p !== false) { - $arr['comments_closed'] = datetime_convert('UTC', 'UTC', substr($p, 6)); - $arr['comment_policy'] = trim(str_replace($p, '', $AS->obj['commentPolicy'])); + $comments_closed_at = datetime_convert('UTC', 'UTC', substr($p, 6)); + if ($comments_closed_at === $arr['created']) { + $arr['item_nocomment'] = 1; + } + else { + $arr['comments_closed'] = $comments_closed_at; + $arr['comment_policy'] = trim(str_replace($p, '', $AS->obj['commentPolicy'])); + } } else { $arr['comment_policy'] = $AS->obj['commentPolicy']; @@ -1545,8 +1551,7 @@ class Libzot { } $tag_delivery = tgroup_check($channel['channel_id'], $arr); - - $perm = 'send_stream'; + $perm = 'send_stream'; if (($arr['mid'] !== $arr['parent_mid']) && ($relay)) $perm = 'post_comments'; @@ -1563,7 +1568,7 @@ class Libzot { if ((!$tag_delivery) && (!$local_public)) { $allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm)); - if ((!$allowed) && $perm === 'post_comments') { + if (!$allowed) { $parent = q("select * from item where mid = '%s' and uid = %d limit 1", dbesc($arr['parent_mid']), intval($channel['channel_id']) diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index e9edd8de3..84c2463d6 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -20,7 +20,7 @@ class Network extends \Zotlabs\Web\Controller { return; } - if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?'])) + if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?']) || strpos($_GET['search'], 'https://') === 0) goaway('search' . '?f=&search=' . $_GET['search']); if(count($_GET) < 2) { diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index c22bf2836..95510c349 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -1,85 +1,110 @@ ' . "\r\n"; $o .= '
' . "\r\n"; - + $o .= '

' . t('Search') . '

'; - - if(x(\App::$data,'search')) - $search = trim(\App::$data['search']); + + if (x(App::$data, 'search')) + $search = trim(App::$data['search']); else - $search = ((x($_GET,'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); - + $search = ((x($_GET, 'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); + $tag = false; - if(x($_GET,'tag')) { - $tag = true; - $search = ((x($_GET,'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); + if (x($_GET, 'tag')) { + $tag = true; + $search = ((x($_GET, 'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); } - $o .= search($search,'search-box','/search',((local_channel()) ? true : false)); - - if(strpos($search,'#') === 0) { - $tag = true; - $search = substr($search,1); + $o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false)); + + if (local_channel() && strpos($search, 'https://') === 0) { + $j = Activity::fetch($search, App::get_channel()); + if ($j) { + $AS = new ActivityStreams($j); + + if ($AS->is_valid()) { + // check if is_an_actor, otherwise import activity + if (is_array($AS->obj) && !ActivityStreams::is_an_actor($AS->obj)) { + // The boolean flag enables html cache of the item + $item = Activity::decode_note($AS); + if ($item) { + logger('parsed_item: ' . print_r($item, true), LOGGER_DATA); + Activity::store(App::get_channel(), $observer_hash, $AS, $item, true, true); + goaway(z_root() . '/display/' . gen_link_id($item['mid'])); + } + } + } + } } - if(strpos($search,'@') === 0) { - $search = substr($search,1); + + if (strpos($search, '#') === 0) { + $tag = true; + $search = substr($search, 1); + } + if (strpos($search, '@') === 0) { + $search = substr($search, 1); goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - if(strpos($search,'!') === 0) { - $search = substr($search,1); + if (strpos($search, '!') === 0) { + $search = substr($search, 1); goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - if(strpos($search,'?') === 0) { - $search = substr($search,1); + if (strpos($search, '?') === 0) { + $search = substr($search, 1); goaway(z_root() . '/help' . '?f=1&navsearch=1&search=' . $search); } - + // look for a naked webbie - if(strpos($search,'@') !== false) { + if (strpos($search, '@') !== false) { goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search); } - - if(! $search) + + if (!$search) return $o; - - if($tag) { - $wildtag = str_replace('*','%',$search); + + if ($tag) { + $wildtag = str_replace('*', '%', $search); $sql_extra = sprintf(" AND item.id IN (select oid from term where otype = %d and ttype in ( %d , %d) and term like '%s') ", intval(TERM_OBJ_POST), intval(TERM_HASHTAG), @@ -88,80 +113,80 @@ class Search extends \Zotlabs\Web\Controller { ); } else { - $regstr = db_getfunc('REGEXP'); + $regstr = db_getfunc('REGEXP'); $sql_extra = sprintf(" AND (item.title $regstr '%s' OR item.body $regstr '%s') ", dbesc(protect_sprintf(preg_quote($search))), dbesc(protect_sprintf(preg_quote($search)))); } - + // Here is the way permissions work in the search module... // Only public posts can be shown // OR your own posts if you are a logged in member // No items will be shown if the member has a blocked profile wall. - - if((! $update) && (! $load)) { - + + if ((!$update) && (!$load)) { + // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. - + $o .= '' . "\r\n"; $o .= "\r\n"; - - \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + . "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; \r\n"; + + App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [ '$baseurl' => z_root(), - '$pgtype' => 'search', - '$uid' => ((\App::$profile['profile_uid']) ? \App::$profile['profile_uid'] : '0'), - '$gid' => '0', - '$cid' => '0', - '$cmin' => '(-1)', - '$cmax' => '(-1)', - '$star' => '0', - '$liked' => '0', - '$conv' => '0', - '$spam' => '0', - '$fh' => '0', - '$dm' => '0', + '$pgtype' => 'search', + '$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'), + '$gid' => '0', + '$cid' => '0', + '$cmin' => '(-1)', + '$cmax' => '(-1)', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$fh' => '0', + '$dm' => '0', '$nouveau' => '0', - '$wall' => '0', - '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), - '$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1), - '$search' => (($tag) ? urlencode('#') : '') . $search, - '$xchan' => '', - '$order' => '', - '$file' => '', - '$cats' => '', - '$tags' => '', - '$mid' => '', - '$verb' => '', - '$net' => '', - '$dend' => '', - '$dbegin' => '' - )); - - - } - + '$wall' => '0', + '$list' => ((x($_REQUEST, 'list')) ? intval($_REQUEST['list']) : 0), + '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), + '$search' => (($tag) ? urlencode('#') : '') . $search, + '$xchan' => '', + '$order' => '', + '$file' => '', + '$cats' => '', + '$tags' => '', + '$mid' => '', + '$verb' => '', + '$net' => '', + '$dend' => '', + '$dbegin' => '' + ]); + + + } + $item_normal = item_normal_search(); - $pub_sql = public_permissions_sql($observer_hash); - + $pub_sql = public_permissions_sql($observer_hash); + require_once('include/channel.php'); - + $sys = get_sys_channel(); - - if(($update) && ($load)) { - $itemspage = get_pconfig(local_channel(),'system','itemspage'); - \App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); - $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); - + + if (($update) && ($load)) { + $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); + App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10)); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); + // in case somebody turned off public access to sys channel content with permissions - - if(! perm_is_allowed($sys['channel_id'],$observer_hash,'view_stream')) + + if (!perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream')) $sys['xchan_hash'] .= 'disabled'; - - if($load) { + + if ($load) { $r = null; - - if(local_channel()) { + + if (local_channel()) { $r = q("SELECT mid, MAX(id) as item_id from item WHERE ((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) OR ( item.uid = %d )) OR item.owner_xchan = '%s' ) @@ -172,11 +197,11 @@ class Search extends \Zotlabs\Web\Controller { dbesc($sys['xchan_hash']) ); } - if($r === null) { + if ($r === null) { $r = q("SELECT mid, MAX(id) as item_id from item WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) - and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " )) $pub_sql ) OR owner_xchan = '%s') $item_normal $sql_extra @@ -184,51 +209,49 @@ class Search extends \Zotlabs\Web\Controller { dbesc($sys['xchan_hash']) ); } - if($r) { - $str = ids_to_querystr($r,'item_id'); - $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc "); + if ($r) { + $str = ids_to_querystr($r, 'item_id'); + $r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc "); } } else { - $r = array(); + $r = []; } - - } - - if($r) { + + if ($r) { xchan_query($r); - $items = fetch_post_tags($r,true); - } else { - $items = array(); - } - - - if($format == 'json') { - $result = array(); + $items = fetch_post_tags($r, true); + } + else { + $items = []; + } + + if ($format == 'json') { + $result = []; require_once('include/conversation.php'); - foreach($items as $item) { + foreach ($items as $item) { $item['html'] = zidify_links(bbcode($item['body'])); - $x = encode_item($item); - $x['html'] = prepare_text($item['body'],$item['mimetype']); - $result[] = $x; + $x = encode_item($item); + $x['html'] = prepare_text($item['body'], $item['mimetype']); + $result[] = $x; } - json_return_and_die(array('success' => true,'messages' => $result)); + json_return_and_die(['success' => true, 'messages' => $result]); } - - if($tag) - $o .= '

' . sprintf( t('Items tagged with: %s'),$search) . '

'; + + if ($tag) + $o .= '

' . sprintf(t('Items tagged with: %s'), $search) . '

'; else - $o .= '

' . sprintf( t('Search results for: %s'),$search) . '

'; - - $o .= conversation($items,'search',$update,'client'); - + $o .= '

' . sprintf(t('Search results for: %s'), $search) . '

'; + + $o .= conversation($items, 'search', $update, 'client'); + $o .= '
'; - + return $o; } - - + + } -- cgit v1.2.3