2012-10-11 20:27:04 -04:00
< ? php
/**
* Name : Remote Permissions
* Description : Allow the recipients of private posts to see who else can see the post by clicking the lock icon
* Version : 1.0
* Author : Zach < https :// f . shmuz . in / profile / techcity >
2018-08-20 00:24:43 -04:00
* Status : Unsupported
2012-10-11 20:27:04 -04:00
*/
2018-07-21 09:13:02 -04:00
2018-01-16 19:51:12 -05:00
use Friendica\Core\Addon ;
2017-11-06 18:55:24 -05:00
use Friendica\Core\Config ;
2018-01-22 14:03:11 -05:00
use Friendica\Core\L10n ;
2017-11-06 18:55:24 -05:00
use Friendica\Core\PConfig ;
2018-10-31 10:55:15 -04:00
use Friendica\Core\Renderer ;
2018-07-21 09:13:02 -04:00
use Friendica\Database\DBA ;
2012-10-11 20:27:04 -04:00
function remote_permissions_install () {
2018-01-16 19:51:12 -05:00
Addon :: registerHook ( 'lockview_content' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_content' );
2018-01-20 08:57:41 -05:00
Addon :: registerHook ( 'addon_settings' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings' );
Addon :: registerHook ( 'addon_settings_post' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings_post' );
2012-10-11 20:27:04 -04:00
}
function remote_permissions_uninstall () {
2018-01-16 19:51:12 -05:00
Addon :: unregisterHook ( 'lockview_content' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_content' );
2018-01-20 08:57:41 -05:00
Addon :: unregisterHook ( 'addon_settings' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings' );
Addon :: unregisterHook ( 'addon_settings_post' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings_post' );
2012-10-11 20:27:04 -04:00
}
function remote_permissions_settings ( & $a , & $o ) {
if ( ! local_user ())
return ;
2017-11-06 18:55:24 -05:00
$global = Config :: get ( " remote_perms " , " global " );
2012-10-11 20:27:04 -04:00
if ( $global == 1 )
return ;
/* Add our stylesheet to the page so we can make our settings look nice */
2018-10-09 14:13:22 -04:00
$a -> page [ 'htmlhead' ] .= '<link rel="stylesheet" type="text/css" href="' . $a -> getBaseURL () . '/addon/remote_permissions/settings.css' . '" media="all" />' . " \r \n " ;
2012-10-11 20:27:04 -04:00
/* Get the current state of our config variable */
2017-11-06 18:55:24 -05:00
$remote_perms = PConfig :: get ( local_user (), 'remote_perms' , 'show' );
2018-01-15 08:15:33 -05:00
2012-10-11 20:27:04 -04:00
/* Add some HTML to the existing form */
2012-12-22 15:36:35 -05:00
// $t = file_get_contents("addon/remote_permissions/settings.tpl" );
2018-10-31 10:55:15 -04:00
$t = Renderer :: getMarkupTemplate ( " settings.tpl " , " addon/remote_permissions/ " );
$o .= Renderer :: replaceMacros ( $t , [
2018-01-22 14:03:11 -05:00
'$remote_perms_title' => L10n :: t ( 'Remote Permissions Settings' ),
'$remote_perms_label' => L10n :: t ( 'Allow recipients of your private posts to see the other recipients of the posts' ),
2012-10-11 20:27:04 -04:00
'$checked' => (( $remote_perms == 1 ) ? 'checked="checked"' : '' ),
2018-01-22 14:03:11 -05:00
'$submit' => L10n :: t ( 'Save Settings' )
2018-01-15 08:15:33 -05:00
]);
2012-10-11 20:27:04 -04:00
}
function remote_permissions_settings_post ( $a , $post ) {
if ( ! local_user () || ( ! x ( $_POST , 'remote-perms-submit' )))
return ;
2017-11-06 18:55:24 -05:00
PConfig :: set ( local_user (), 'remote_perms' , 'show' , intval ( $_POST [ 'remote-perms' ]));
2018-01-22 14:03:11 -05:00
info ( L10n :: t ( 'Remote Permissions settings updated.' ) . EOL );
2012-10-11 20:27:04 -04:00
}
function remote_permissions_content ( $a , $item_copy ) {
if ( $item_copy [ 'uid' ] != local_user ())
return ;
2017-11-06 18:55:24 -05:00
if ( Config :: get ( 'remote_perms' , 'global' ) == 0 ) {
2012-10-11 20:27:04 -04:00
// Admin has set Individual choice. We need to find
// the original poster. First, get the contact's info
$r = q ( " SELECT nick, url FROM contact WHERE id = %d LIMIT 1 " ,
intval ( $item_copy [ 'contact-id' ])
);
2018-01-15 08:15:33 -05:00
if ( ! $r )
2012-10-11 20:27:04 -04:00
return ;
// Find out if the contact lives here
2018-10-09 14:13:22 -04:00
$baseurl = $a -> getBaseURL ();
2012-10-11 20:27:04 -04:00
$baseurl = substr ( $baseurl , strpos ( $baseurl , '://' ) + 3 );
if ( strpos ( $r [ 0 ][ 'url' ], $baseurl ) === false )
return ;
// The contact lives here. Get his/her user info
$nick = $r [ 0 ][ 'nick' ];
$r = q ( " SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $nick )
2012-10-11 20:27:04 -04:00
);
if ( ! $r )
return ;
2017-11-06 18:55:24 -05:00
if ( PConfig :: get ( $r [ 0 ][ 'uid' ], 'remote_perms' , 'show' ) == 0 )
2012-10-11 20:27:04 -04:00
return ;
}
if (( $item_copy [ 'private' ] == 1 ) && ( ! strlen ( $item_copy [ 'allow_cid' ])) && ( ! strlen ( $item_copy [ 'allow_gid' ]))
&& ( ! strlen ( $item_copy [ 'deny_cid' ])) && ( ! strlen ( $item_copy [ 'deny_gid' ]))) {
2018-01-15 08:15:33 -05:00
$allow_names = [];
2012-10-11 20:27:04 -04:00
// Check for the original post here -- that's the only way
// to definitely get all of the recipients
if ( $item_copy [ 'uri' ] === $item_copy [ 'parent-uri' ]) {
// Lockview for a top-level post
$r = q ( " SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1 " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $item_copy [ 'uri' ])
2012-10-11 20:27:04 -04:00
);
}
else {
// Lockview for a comment
$r = q ( " SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'
AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1 " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $item_copy [ 'uri' ]),
DBA :: escape ( $item_copy [ 'parent-uri' ])
2012-10-11 20:27:04 -04:00
);
}
if ( $r ) {
$item = $r [ 0 ];
$allowed_users = expand_acl ( $item [ 'allow_cid' ]);
$allowed_groups = expand_acl ( $item [ 'allow_gid' ]);
$deny_users = expand_acl ( $item [ 'deny_cid' ]);
$deny_groups = expand_acl ( $item [ 'deny_gid' ]);
2018-01-22 14:03:11 -05:00
$o = L10n :: t ( 'Visible to:' ) . '<br />' ;
2018-01-15 08:15:33 -05:00
$allow = [];
$deny = [];
2012-10-11 20:27:04 -04:00
if ( count ( $allowed_groups )) {
$r = q ( " SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , $allowed_groups ))
2012-10-11 20:27:04 -04:00
);
2018-01-15 08:15:33 -05:00
foreach ( $r as $rr )
2012-10-11 20:27:04 -04:00
$allow [] = $rr [ 'contact-id' ];
}
$allow = array_unique ( $allow + $allowed_users );
if ( count ( $deny_groups )) {
$r = q ( " SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , $deny_groups ))
2012-10-11 20:27:04 -04:00
);
2018-01-15 08:15:33 -05:00
foreach ( $r as $rr )
2012-10-11 20:27:04 -04:00
$deny [] = $rr [ 'contact-id' ];
}
$deny = $deny + $deny_users ;
if ( $allow )
{
$r = q ( " SELECT name FROM contact WHERE id IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , array_diff ( $allow , $deny )))
2012-10-11 20:27:04 -04:00
);
foreach ( $r as $rr )
$allow_names [] = $rr [ 'name' ];
}
}
else {
// We don't have the original post. Let's try for the next best thing:
// checking who else has the post on our own server. Note that comments
// that were sent to Diaspora and were relayed to others on our server
// will have different URIs than the original. We can match the GUID for
// those
$r = q ( " SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s' " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $item_copy [ 'uri' ]),
DBA :: escape ( $item_copy [ 'guid' ])
2012-10-11 20:27:04 -04:00
);
if ( ! $r )
return ;
2018-01-15 08:15:33 -05:00
$allow = [];
2012-10-11 20:27:04 -04:00
foreach ( $r as $rr )
$allow [] = $rr [ 'uid' ];
$r = q ( " SELECT username FROM user WHERE uid IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , $allow ))
2012-10-11 20:27:04 -04:00
);
if ( ! $r )
return ;
2018-01-22 14:03:11 -05:00
$o = L10n :: t ( 'Visible to' ) . ' (' . L10n :: t ( 'may only be a partial list' ) . '):<br />' ;
2012-10-11 20:27:04 -04:00
foreach ( $r as $rr )
$allow_names [] = $rr [ 'username' ];
}
// Sort the names alphabetically, case-insensitive
natcasesort ( $allow_names );
echo $o . implode ( ', ' , $allow_names );
killme ();
}
return ;
}
2018-01-20 08:57:41 -05:00
function remote_permissions_addon_admin ( & $a , & $o ){
2018-10-31 10:55:15 -04:00
$t = Renderer :: getMarkupTemplate ( " admin.tpl " , " addon/remote_permissions/ " );
$o = Renderer :: replaceMacros ( $t , [
2018-01-22 14:03:11 -05:00
'$submit' => L10n :: t ( 'Save Settings' ),
'$global' => [ 'remotepermschoice' , L10n :: t ( 'Global' ), 1 , L10n :: t ( 'The posts of every user on this server show the post recipients' ), Config :: get ( 'remote_perms' , 'global' ) == 1 ],
'$individual' => [ 'remotepermschoice' , L10n :: t ( 'Individual' ), 2 , L10n :: t ( 'Each user chooses whether his/her posts show the post recipients' ), Config :: get ( 'remote_perms' , 'global' ) == 0 ]
2018-01-15 08:15:33 -05:00
]);
2012-10-11 20:27:04 -04:00
}
2018-01-20 08:57:41 -05:00
function remote_permissions_addon_admin_post ( & $a ){
2012-10-11 20:27:04 -04:00
$choice = (( x ( $_POST , 'remotepermschoice' )) ? notags ( trim ( $_POST [ 'remotepermschoice' ])) : '' );
2017-11-06 18:55:24 -05:00
Config :: set ( 'remote_perms' , 'global' ,( $choice == 1 ? 1 : 0 ));
2018-01-22 14:03:11 -05:00
info ( L10n :: t ( 'Settings updated.' ) . EOL );
2012-10-11 20:27:04 -04:00
}