From 0003e0b8a5841bfc9e845f0b833aa206527826de Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 2 Jan 2022 19:33:10 +0000 Subject: lockview: fix guest links for profile groups and photos, cleanup --- Zotlabs/Module/Lockview.php | 179 +++++++++++++++++++++++++------------------- 1 file changed, 102 insertions(+), 77 deletions(-) (limited to 'Zotlabs/Module') diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index b4ba4caa6..1fab6ff2f 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -1,24 +1,30 @@ 1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); - $type = 'item'; + $type = 'item'; } else { $item_id = ((argc() > 2) ? intval(argv(2)) : 0); } - if(! $item_id) + if (!$item_id) killme(); - if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom'))) + if (!in_array($type, ['item', 'photo', 'attach', 'menu_item', 'chatroom'])) killme(); // we have different naming in in menu_item table and chatroom table - switch($type) { + switch ($type) { case 'menu_item': $id = 'mitem_id'; break; @@ -56,150 +62,169 @@ class Lockview extends \Zotlabs\Web\Controller { intval($item_id) ); - if(! $r) + if (!$r) killme(); $item = $r[0]; - $uid = null; - $url = ''; + $uid = null; + $url = ''; - switch($type) { + switch ($type) { case 'menu_item': $uid = $item['mitem_channel_id']; break; case 'chatroom': - $uid = $item['cr_uid']; + $uid = $item['cr_uid']; $channel = channelx_by_n($uid); - $url = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id']; + $url = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id']; break; case 'item': $uid = $item['uid']; $url = $item['plink']; break; + case 'photo': + $uid = $item['uid']; + $channel = channelx_by_n($uid); + $url = z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $item['resource_id']; + break; case 'attach': - $uid = $item['uid']; + $uid = $item['uid']; $channel = channelx_by_n($uid); - $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path']; + $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path']; break; default: break; } - if($uid != local_channel()) { + if (intval($uid) !== local_channel()) { echo '
' . t('Remote privacy information not available') . '
'; killme(); } - if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) - && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { + if (intval($item['item_private']) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid'])) + && (!strlen($item['deny_cid'])) && (!strlen($item['deny_gid']))) { // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any // specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it // as unknown specific recipients. The sender will have the visibility list and will fall through to the // next section. - echo '
' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '
'; + echo '
' . translate_scope((!$item['public_policy']) ? 'specific' : $item['public_policy']) . '
'; killme(); } - $allowed_users = expand_acl($item['allow_cid']); + $allowed_users = expand_acl($item['allow_cid']); $allowed_groups = expand_acl($item['allow_gid']); - $deny_users = expand_acl($item['deny_cid']); - $deny_groups = expand_acl($item['deny_gid']); - - $o = '
' . t('Access') . '
'; - $l = array(); + $deny_users = expand_acl($item['deny_cid']); + $deny_groups = expand_acl($item['deny_gid']); - stringify_array_elms($allowed_groups,true); - stringify_array_elms($allowed_users,true); - stringify_array_elms($deny_groups,true); - stringify_array_elms($deny_users,true); + stringify_array_elms($allowed_groups, true); + stringify_array_elms($allowed_users, true); + stringify_array_elms($deny_groups, true); + stringify_array_elms($deny_users, true); $allowed_xchans = []; $profile_groups = []; - if($allowed_groups) { - foreach($allowed_groups as $g) { - if(substr($g,0,4) === '\'vp.') { - $profile_groups[] = '\'' . substr($g,4); + if ($allowed_groups) { + foreach ($allowed_groups as $g) { + if (substr($g, 0, 4) === '\'vp.') { + $profile_groups[] = '\'' . substr($g, 4); } } } - if(count($profile_groups)) { - $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); - if($r) { - foreach($r as $rr) { - $l[] = '
' . $rr['profile_name'] . '
'; + if ($profile_groups) { + $r = q("SELECT id, profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); + if ($r) { + foreach ($r as $rr) { + $pgrp_members = AccessList::profile_members_xchan($uid, $rr['id']); + $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); + $access_list[] = '
' . $rr['profile_name'] . '
'; } } } - if(count($allowed_groups)) { - $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); - if($r) { - foreach($r as $rr) { - $gid = AccessList::by_name($uid, $rr['gname']); - $pgrp_members = AccessList::members_xchan($uid, $gid); + if ($allowed_groups) { + $r = q("SELECT id, gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); + if ($r) { + foreach ($r as $rr) { + $pgrp_members = AccessList::members_xchan($uid, $rr['id']); $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); - - $l[] = '
' . $rr['gname'] . '
'; + $access_list[] = '
' . $rr['gname'] . '
'; } } } - if(count($allowed_users)) { - $r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); - if($r) { - foreach($r as $rr) { + if ($allowed_users) { + $r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )"); + if ($r) { + foreach ($r as $rr) { $allowed_xchans[] = $rr['xchan_hash']; - $l[] = '
' . $rr['xchan_name'] . '
'; + if (!in_array($rr['xchan_hash'], $atoken_xchans)) { + $access_list[] = '
' . $rr['xchan_name'] . '
'; + } } } } $profile_groups = []; - if($deny_groups) { - foreach($deny_groups as $g) { - if(substr($g,0,4) === '\'vp.') { - $profile_groups[] = '\'' . substr($g,4); + if ($deny_groups) { + foreach ($deny_groups as $g) { + if (substr($g, 0, 4) === '\'vp.') { + $profile_groups[] = '\'' . substr($g, 4); } } } - if(count($profile_groups)) { + if ($profile_groups) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['profile_name'] . '
'; + if ($r) { + foreach ($r as $rr) { + $access_list[] = '
' . $rr['profile_name'] . '
'; + } + } } - if(count($deny_groups)) { + if ($deny_groups) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['gname'] . '
'; + if ($r) { + foreach ($r as $rr) { + $access_list[] = '
' . $rr['gname'] . '
'; + } + } } - if(count($deny_users)) { + + if ($deny_users) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); - if($r) - foreach($r as $rr) - $l[] = '
' . $rr['xchan_name'] . '
'; + if ($r) { + foreach ($r as $rr) { + $access_list[] = '
' . $rr['xchan_name'] . '
'; + } + } } if ($atokens && $allowed_xchans && $url) { - $l[] = '
'; - $l[] = '
' . t('Guest access') . '
'; + if ($access_list) { + $guest_access_list[] = '
'; + } + + $guest_access_list[] = '
' . t('Guest access') . '
'; $allowed_xchans = array_unique($allowed_xchans); - foreach($atokens as $atoken) { - if(in_array($atoken['xchan_hash'], $allowed_xchans)) { - $l[] = '
' . $atoken['xchan_name'] . '
'; + foreach ($atokens as $atoken) { + if (in_array($atoken['xchan_hash'], $allowed_xchans)) { + $guest_access_list[] = '
' . $atoken['xchan_name'] . '
'; } } } - echo $o . implode($l); + $o = ''; + if ($access_list) { + $o = '
' . t('Access') . '
'; + } + + echo $o . implode($access_list) . implode($guest_access_list); killme(); } -- cgit v1.2.3