From 2c741bd24d0473012785e05d1eea59f9048c2b9b Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 20 Oct 2021 21:35:42 +0200 Subject: fix for issue #1640 - use item_store() instead of post_activity_item() which is checking for post_comment permission which we might not have in this case. item_store() requires slightly more data but basically does the same. Also some minor improvements and whitespace changes. --- Zotlabs/Lib/NativeWiki.php | 48 +++++++++--------- Zotlabs/Lib/NativeWikiPage.php | 107 +++++++++++++++++++++++------------------ Zotlabs/Module/Wiki.php | 4 +- 3 files changed, 86 insertions(+), 73 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Lib/NativeWiki.php b/Zotlabs/Lib/NativeWiki.php index 9e6a3ac85..bf4ac8e87 100644 --- a/Zotlabs/Lib/NativeWiki.php +++ b/Zotlabs/Lib/NativeWiki.php @@ -12,8 +12,8 @@ class NativeWiki { public static function listwikis($channel, $observer_hash) { $sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash); - $wikis = q("SELECT * FROM item - WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra", + $wikis = q("SELECT * FROM item + WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra", dbesc(NWIKI_ITEM_RESOURCE_TYPE), intval($channel['channel_id']) ); @@ -49,7 +49,7 @@ class NativeWiki { $mid = z_root() . '/item/' . $uuid; $arr = array(); // Initialize the array of parameters for the post - $item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0); + $item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0); $wiki_url = z_root() . '/wiki/' . $channel['channel_address'] . '/' . $wiki['urlName']; $arr['aid'] = $channel['channel_account_id']; $arr['uuid'] = $uuid; @@ -61,8 +61,8 @@ class NativeWiki { $arr['resource_id'] = $resource_id; $arr['owner_xchan'] = $channel['channel_hash']; $arr['author_xchan'] = $observer_hash; - $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']); - $arr['llink'] = $arr['plink']; + $arr['plink'] = $mid; + $arr['llink'] = z_root() . '/display/' . gen_link_id($mid); $arr['title'] = $wiki['htmlName']; // name of new wiki; $arr['allow_cid'] = $ac['allow_cid']; $arr['allow_gid'] = $ac['allow_gid']; @@ -133,13 +133,13 @@ class NativeWiki { // update acl for any existing wiki pages q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where resource_type = 'nwikipage' and resource_id = '%s'", - dbesc($item['allow_cid']), - dbesc($item['allow_gid']), - dbesc($item['deny_cid']), - dbesc($item['deny_gid']), - dbesc($item['item_private']), + dbesc($item['allow_cid']), + dbesc($item['allow_gid']), + dbesc($item['deny_cid']), + dbesc($item['deny_gid']), + dbesc($item['item_private']), dbesc($arr['resource_id']) - ); + ); if($update['item_id']) { @@ -211,12 +211,12 @@ class NativeWiki { public static function get_wiki($channel_id, $observer_hash, $resource_id) { - + $sql_extra = item_permissions_sql($channel_id,$observer_hash); - $item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 + $item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 $sql_extra ORDER BY id LIMIT 1", - intval($channel_id), + intval($channel_id), dbesc(NWIKI_ITEM_RESOURCE_TYPE), dbesc($resource_id) ); @@ -224,7 +224,7 @@ class NativeWiki { return [ 'wiki' => null ]; } else { - + $w = $item[0]; // wiki item table record // Get wiki metadata $rawName = get_iconfig($w, 'wiki', 'rawName'); @@ -246,20 +246,20 @@ class NativeWiki { public static function exists_by_name($uid, $urlName) { - $sql_extra = item_permissions_sql($uid); + $sql_extra = item_permissions_sql($uid); - $item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id - WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d - AND item_deleted = 0 $sql_extra limit 1", - dbesc(NWIKI_ITEM_RESOURCE_TYPE), - //dbesc(urldecode($urlName)), + $item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id + WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d + AND item_deleted = 0 $sql_extra limit 1", + dbesc(NWIKI_ITEM_RESOURCE_TYPE), + //dbesc(urldecode($urlName)), dbesc(self::name_decode($urlName)), intval($uid) ); if($item) { return array('id' => $item[0]['id'], 'resource_id' => $item[0]['resource_id']); - } + } else { return array('id' => null, 'resource_id' => null); } @@ -277,7 +277,7 @@ class NativeWiki { $r = q("SELECT * FROM item WHERE uid = %d and resource_type = '%s' AND resource_id = '%s' $sql_extra LIMIT 1", intval($owner_id), - dbesc(NWIKI_ITEM_RESOURCE_TYPE), + dbesc(NWIKI_ITEM_RESOURCE_TYPE), dbesc($resource_id) ); @@ -285,8 +285,6 @@ class NativeWiki { return array('read' => false, 'write' => false, 'success' => true); } else { - // TODO: Create a new permission setting for wiki analogous to webpages. Until - // then, use webpage permissions $write = perm_is_allowed($owner_id, $observer_hash,'write_wiki'); return array('read' => true, 'write' => $write, 'success' => true); } diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php index 3c61ea800..64320b71c 100644 --- a/Zotlabs/Lib/NativeWikiPage.php +++ b/Zotlabs/Lib/NativeWikiPage.php @@ -20,7 +20,7 @@ class NativeWikiPage { $sql_extra = item_permissions_sql($channel_id,$observer_hash); - $r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0 + $r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0 $sql_extra order by title asc", dbesc($resource_id), intval($channel_id) @@ -56,14 +56,14 @@ class NativeWikiPage { } - static public function create_page($channel_id, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') { + static public function create_page($channel, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') { logger('mimetype: ' . $mimetype); if(! in_array($mimetype,[ 'text/markdown','text/bbcode','text/plain','text/html' ])) $mimetype = 'text/markdown'; - $w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id); + $w = Zlib\NativeWiki::get_wiki($channel['channel_id'], $observer_hash, $resource_id); if (! $w['wiki']) { return array('content' => null, 'message' => 'Error reading wiki', 'success' => false); @@ -72,10 +72,20 @@ class NativeWikiPage { // backslashes won't work well in the javascript functions $name = str_replace('\\','',$name); - // create an empty activity + $uuid = new_uuid(); + $mid = z_root() . '/item/' . $uuid; + // create an empty activity $arr = []; - $arr['uid'] = $channel_id; + $arr['aid'] = $channel['channel_account_id']; + $arr['uid'] = $channel['channel_id']; + $arr['mid'] = $mid; + $arr['parent_mid'] = $w['wiki']['mid']; + $arr['parent'] = $w['wiki']['parent']; + $arr['uuid'] = $uuid; + $arr['item_hidden'] = $w['wiki']['item_hidden']; + $arr['plink'] = $mid; + $arr['llink'] = z_root() . '/display/' . gen_link_id($mid); $arr['author_xchan'] = $observer_hash; $arr['mimetype'] = $mimetype; $arr['title'] = $name; @@ -85,21 +95,26 @@ class NativeWikiPage { $arr['allow_gid'] = $w['wiki']['allow_gid']; $arr['deny_cid'] = $w['wiki']['deny_cid']; $arr['deny_gid'] = $w['wiki']['deny_gid']; - - $arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel_id,'view_wiki'),true); + $arr['item_private'] = $w['wiki']['item_private']; + $arr['item_wall'] = 1; + $arr['item_origin'] = 1; + $arr['item_thread_top'] = 1; + $arr['verb'] = ACTIVITY_CREATE; + $arr['obj_type'] = 'Document'; + // TODO: add an object? + $arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_wiki'),true); // We may wish to change this some day. $arr['item_unpublished'] = 1; set_iconfig($arr,'nwikipage','pagetitle',(($name) ? $name : t('(No Title)')),true); - - $p = post_activity_item($arr, false, false); + $p = item_store($arr, false, false); if($p['item_id']) { - $page = [ + $page = [ 'rawName' => $name, 'htmlName' => escape_tags($name), - //'urlName' => urlencode($name), + //'urlName' => urlencode($name), 'urlName' => Zlib\NativeWiki::name_encode($name) ]; @@ -124,7 +139,7 @@ class NativeWikiPage { } - $ic = q("select * from iconfig left join item on iconfig.iid = item.id + $ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'", intval($channel_id), dbesc($pageNewName) @@ -137,7 +152,7 @@ class NativeWikiPage { $ids = []; - $ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id + $ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'", intval($channel_id), dbesc($pageUrlName) @@ -154,9 +169,9 @@ class NativeWikiPage { dbesc($pageNewName) ); - $page = [ - 'rawName' => $pageNewName, - 'htmlName' => escape_tags($pageNewName), + $page = [ + 'rawName' => $pageNewName, + 'htmlName' => escape_tags($pageNewName), //'urlName' => urlencode(escape_tags($pageNewName)) 'urlName' => Zlib\NativeWiki::name_encode($pageNewName) ]; @@ -165,7 +180,7 @@ class NativeWikiPage { } return [ 'success' => false, 'message' => t('Page not found') ]; - + } @@ -188,15 +203,15 @@ class NativeWikiPage { if($item) { $content = $item['body']; - return [ + return [ 'content' => $content, 'mimeType' => $w['mimeType'], - 'pageMimeType' => $item['mimetype'], - 'message' => '', + 'pageMimeType' => $item['mimetype'], + 'message' => '', 'success' => true ]; } - + return array('content' => null, 'message' => t('Error reading page content'), 'success' => false); } @@ -224,11 +239,11 @@ class NativeWikiPage { if($processed > 1000) break; $processed ++; - $history[] = [ + $history[] = [ 'revision' => $item['revision'], 'date' => datetime_convert('UTC',date_default_timezone_get(),$item['edited']), 'name' => $item['author']['xchan_name'], - 'title' => get_iconfig($item,'nwikipage','commit_msg') + 'title' => get_iconfig($item,'nwikipage','commit_msg') ]; } @@ -239,7 +254,7 @@ class NativeWikiPage { return [ 'success' => false ]; } - + static public function load_page($arr) { @@ -315,7 +330,7 @@ class NativeWikiPage { intval($channel_id), dbesc($pageUrlName) ); - + if($ic) { foreach($ic as $c) { if($ids) @@ -359,8 +374,8 @@ class NativeWikiPage { return array('message' => t('Error reading wiki'), 'success' => false); } - - // fetch the most recently saved revision. + + // fetch the most recently saved revision. $item = self::load_page($arr); @@ -370,7 +385,7 @@ class NativeWikiPage { $mimetype = $item['mimetype']; - // change just the fields we need to change to create a revision; + // change just the fields we need to change to create a revision; unset($item['id']); unset($item['author']); @@ -394,7 +409,7 @@ class NativeWikiPage { return array('message' => '', 'item_id' => $ret['item_id'], 'filename' => $pageUrlName, 'success' => true); else return array('message' => t('Page update failed.'), 'success' => false); - } + } static public function delete_page($arr) { @@ -411,7 +426,7 @@ class NativeWikiPage { $ids = []; - $ic = q("select * from iconfig left join item on iconfig.iid = item.id + $ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'", intval($channel_id), dbesc($pageUrlName) @@ -428,9 +443,9 @@ class NativeWikiPage { return [ 'success' => true ]; } - return [ 'success' => false, 'message' => t('Nothing deleted') ]; + return [ 'success' => false, 'message' => t('Nothing deleted') ]; } - + static public function revert_page($arr) { @@ -463,7 +478,7 @@ class NativeWikiPage { return [ 'success' => false ]; } } - + static public function compare_page($arr) { @@ -501,7 +516,7 @@ class NativeWikiPage { return [ 'success' => false, 'message' => t('Compare: object not found.') ]; } - + static public function commit($arr) { @@ -533,9 +548,9 @@ class NativeWikiPage { return [ 'success' => false, 'message' => t('Page not found.') ]; } - + static public function convert_links($s, $wikiURL) { - + if (strpos($s,'[[') !== false) { preg_match_all("/\[\[(.*?)\]\]/", $s, $match); $pages = $pageURLs = array(); @@ -564,7 +579,7 @@ class NativeWikiPage { $resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : ''); $pageHistory = self::page_history([ - 'channel_id' => \App::$profile_uid, + 'channel_id' => \App::$profile_uid, 'observer_hash' => get_observer_hash(), 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName @@ -597,7 +612,7 @@ class NativeWikiPage { } return $s; } - + /** * Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php @@ -605,9 +620,9 @@ class NativeWikiPage { * @return string */ static public function bbcode($s) { - + $s = str_replace(array('[baseurl]', '[sitename]'), array(z_root(), get_config('system', 'sitename')), $s); - + $s = preg_replace_callback("/\[observer\.language\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_callback', $s); $s = preg_replace_callback("/\[observer\.language\!\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_necallback', $s); @@ -625,7 +640,7 @@ class NativeWikiPage { $s = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s); $s = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s); $s = str_replace('[observer.photo]', '', $s); - } + } else { $s = str_replace('[observer.baseurl]', '', $s); $s = str_replace('[observer.url]', '', $s); @@ -637,7 +652,7 @@ class NativeWikiPage { return $s; } - + static public function get_file_ext($arr) { @@ -649,13 +664,13 @@ class NativeWikiPage { return '.txt'; } - - // This function is derived from + + // This function is derived from // http://stackoverflow.com/questions/32068537/generate-table-of-contents-from-markdown-in-php static public function toc($content) { // ensure using only "\n" as line-break $source = str_replace(["\r\n", "\r"], "\n", $content); - + // look for markdown TOC items preg_match_all( '/^(?:=|-|#).*$/m', @@ -663,7 +678,7 @@ class NativeWikiPage { $matches, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE ); - + // preprocess: iterate matched lines to create an array of items // where each item is an array(level, text) $file_size = strlen($source); diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index a06119506..3d0c07492 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -500,7 +500,7 @@ class Wiki extends Controller { $r = NativeWiki::create_wiki($owner, $observer_hash, $wiki, $acl); if($r['success']) { NativeWiki::sync_a_wiki_item($owner['channel_id'],$r['item_id'],$r['item']['resource_id']); - $homePage = NativeWikiPage::create_page($owner['channel_id'],$observer_hash,'Home', $r['item']['resource_id'], $wiki['mimeType']); + $homePage = NativeWikiPage::create_page($owner, $observer_hash, 'Home', $r['item']['resource_id'], $wiki['mimeType']); if(! $homePage['success']) { notice( t('Wiki created, but error creating Home page.')); goaway(z_root() . '/wiki/' . $nick . '/' . NativeWiki::name_encode($wiki['urlName'])); @@ -606,7 +606,7 @@ class Wiki extends Controller { json_return_and_die(array('message' => 'Error creating page. Invalid name (' . print_r($_POST,true) . ').', 'success' => false)); } - $page = NativeWikiPage::create_page($owner['channel_id'],$observer_hash, $name, $resource_id, $mimetype); + $page = NativeWikiPage::create_page($owner, $observer_hash, $name, $resource_id, $mimetype); if($page['item_id']) { $commit = NativeWikiPage::commit([ -- cgit v1.2.3