2012-10-11 20:27:04 -04:00
< ? php
/**
* Name : Remote Permissions
* Description : Allow the recipients of private posts to see who else can see the post by clicking the lock icon
* Version : 1.0
* Author : Zach < https :// f . shmuz . in / profile / techcity >
2018-08-20 00:24:43 -04:00
* Status : Unsupported
2012-10-11 20:27:04 -04:00
*/
2018-07-21 09:13:02 -04:00
2018-12-26 02:28:16 -05:00
use Friendica\Core\Hook ;
2018-10-31 10:55:15 -04:00
use Friendica\Core\Renderer ;
2018-07-21 09:13:02 -04:00
use Friendica\Database\DBA ;
2019-12-15 17:28:00 -05:00
use Friendica\DI ;
2018-11-08 11:45:19 -05:00
use Friendica\Util\Strings ;
2012-10-11 20:27:04 -04:00
function remote_permissions_install () {
2018-12-26 02:28:16 -05:00
Hook :: register ( 'lockview_content' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_content' );
Hook :: register ( 'addon_settings' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings' );
Hook :: register ( 'addon_settings_post' , 'addon/remote_permissions/remote_permissions.php' , 'remote_permissions_settings_post' );
2012-10-11 20:27:04 -04:00
}
function remote_permissions_settings ( & $a , & $o ) {
if ( ! local_user ())
return ;
2020-01-19 15:21:12 -05:00
$global = DI :: config () -> get ( " remote_perms " , " global " );
2012-10-11 20:27:04 -04:00
if ( $global == 1 )
return ;
/* Add our stylesheet to the page so we can make our settings look nice */
2019-12-30 15:53:43 -05:00
DI :: page ()[ 'htmlhead' ] .= '<link rel="stylesheet" type="text/css" href="' . DI :: baseUrl () -> get () . '/addon/remote_permissions/settings.css' . '" media="all" />' . " \r \n " ;
2012-10-11 20:27:04 -04:00
/* Get the current state of our config variable */
2020-01-18 10:50:56 -05:00
$remote_perms = DI :: pConfig () -> get ( local_user (), 'remote_perms' , 'show' );
2018-01-15 08:15:33 -05:00
2012-10-11 20:27:04 -04:00
/* Add some HTML to the existing form */
2012-12-22 15:36:35 -05:00
// $t = file_get_contents("addon/remote_permissions/settings.tpl" );
2018-10-31 10:55:15 -04:00
$t = Renderer :: getMarkupTemplate ( " settings.tpl " , " addon/remote_permissions/ " );
$o .= Renderer :: replaceMacros ( $t , [
2020-01-18 14:52:33 -05:00
'$remote_perms_title' => DI :: l10n () -> t ( 'Remote Permissions Settings' ),
'$remote_perms_label' => DI :: l10n () -> t ( 'Allow recipients of your private posts to see the other recipients of the posts' ),
2012-10-11 20:27:04 -04:00
'$checked' => (( $remote_perms == 1 ) ? 'checked="checked"' : '' ),
2020-01-18 14:52:33 -05:00
'$submit' => DI :: l10n () -> t ( 'Save Settings' )
2018-01-15 08:15:33 -05:00
]);
2012-10-11 20:27:04 -04:00
}
function remote_permissions_settings_post ( $a , $post ) {
2018-11-30 09:11:56 -05:00
if ( ! local_user () || empty ( $_POST [ 'remote-perms-submit' ]))
2012-10-11 20:27:04 -04:00
return ;
2020-01-18 10:54:49 -05:00
DI :: pConfig () -> set ( local_user (), 'remote_perms' , 'show' , intval ( $_POST [ 'remote-perms' ]));
2012-10-11 20:27:04 -04:00
}
function remote_permissions_content ( $a , $item_copy ) {
if ( $item_copy [ 'uid' ] != local_user ())
return ;
2020-01-19 15:21:12 -05:00
if ( DI :: config () -> get ( 'remote_perms' , 'global' ) == 0 ) {
2012-10-11 20:27:04 -04:00
// Admin has set Individual choice. We need to find
// the original poster. First, get the contact's info
$r = q ( " SELECT nick, url FROM contact WHERE id = %d LIMIT 1 " ,
intval ( $item_copy [ 'contact-id' ])
);
2018-01-15 08:15:33 -05:00
if ( ! $r )
2012-10-11 20:27:04 -04:00
return ;
// Find out if the contact lives here
2019-12-29 21:55:10 -05:00
$baseurl = DI :: baseUrl () -> get ();
2012-10-11 20:27:04 -04:00
$baseurl = substr ( $baseurl , strpos ( $baseurl , '://' ) + 3 );
if ( strpos ( $r [ 0 ][ 'url' ], $baseurl ) === false )
return ;
// The contact lives here. Get his/her user info
$nick = $r [ 0 ][ 'nick' ];
$r = q ( " SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $nick )
2012-10-11 20:27:04 -04:00
);
if ( ! $r )
return ;
2020-01-18 10:50:56 -05:00
if ( DI :: pConfig () -> get ( $r [ 0 ][ 'uid' ], 'remote_perms' , 'show' ) == 0 )
2012-10-11 20:27:04 -04:00
return ;
}
if (( $item_copy [ 'private' ] == 1 ) && ( ! strlen ( $item_copy [ 'allow_cid' ])) && ( ! strlen ( $item_copy [ 'allow_gid' ]))
&& ( ! strlen ( $item_copy [ 'deny_cid' ])) && ( ! strlen ( $item_copy [ 'deny_gid' ]))) {
2018-01-15 08:15:33 -05:00
$allow_names = [];
2012-10-11 20:27:04 -04:00
// Check for the original post here -- that's the only way
// to definitely get all of the recipients
if ( $item_copy [ 'uri' ] === $item_copy [ 'parent-uri' ]) {
// Lockview for a top-level post
$r = q ( " SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1 " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $item_copy [ 'uri' ])
2012-10-11 20:27:04 -04:00
);
}
else {
// Lockview for a comment
$r = q ( " SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'
AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1 " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $item_copy [ 'uri' ]),
DBA :: escape ( $item_copy [ 'parent-uri' ])
2012-10-11 20:27:04 -04:00
);
}
if ( $r ) {
$item = $r [ 0 ];
2019-12-15 17:28:00 -05:00
$aclFormatter = DI :: aclFormatter ();
2019-10-22 18:40:13 -04:00
2019-11-01 09:13:29 -04:00
$allowed_users = $aclFormatter -> expand ( $item [ 'allow_cid' ]);
$allowed_groups = $aclFormatter -> expand ( $item [ 'allow_gid' ]);
$deny_users = $aclFormatter -> expand ( $item [ 'deny_cid' ]);
$deny_groups = $aclFormatter -> expand ( $item [ 'deny_gid' ]);
2012-10-11 20:27:04 -04:00
2020-01-18 14:52:33 -05:00
$o = DI :: l10n () -> t ( 'Visible to:' ) . '<br />' ;
2018-01-15 08:15:33 -05:00
$allow = [];
$deny = [];
2012-10-11 20:27:04 -04:00
if ( count ( $allowed_groups )) {
$r = q ( " SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , $allowed_groups ))
2012-10-11 20:27:04 -04:00
);
2018-01-15 08:15:33 -05:00
foreach ( $r as $rr )
2012-10-11 20:27:04 -04:00
$allow [] = $rr [ 'contact-id' ];
}
$allow = array_unique ( $allow + $allowed_users );
if ( count ( $deny_groups )) {
$r = q ( " SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , $deny_groups ))
2012-10-11 20:27:04 -04:00
);
2018-01-15 08:15:33 -05:00
foreach ( $r as $rr )
2012-10-11 20:27:04 -04:00
$deny [] = $rr [ 'contact-id' ];
}
$deny = $deny + $deny_users ;
if ( $allow )
{
$r = q ( " SELECT name FROM contact WHERE id IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , array_diff ( $allow , $deny )))
2012-10-11 20:27:04 -04:00
);
foreach ( $r as $rr )
$allow_names [] = $rr [ 'name' ];
}
}
else {
// We don't have the original post. Let's try for the next best thing:
// checking who else has the post on our own server. Note that comments
// that were sent to Diaspora and were relayed to others on our server
// will have different URIs than the original. We can match the GUID for
// those
$r = q ( " SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s' " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( $item_copy [ 'uri' ]),
DBA :: escape ( $item_copy [ 'guid' ])
2012-10-11 20:27:04 -04:00
);
if ( ! $r )
return ;
2018-01-15 08:15:33 -05:00
$allow = [];
2012-10-11 20:27:04 -04:00
foreach ( $r as $rr )
$allow [] = $rr [ 'uid' ];
$r = q ( " SELECT username FROM user WHERE uid IN ( %s ) " ,
2018-07-21 09:13:02 -04:00
DBA :: escape ( implode ( ', ' , $allow ))
2012-10-11 20:27:04 -04:00
);
if ( ! $r )
return ;
2020-01-18 14:52:33 -05:00
$o = DI :: l10n () -> t ( 'Visible to' ) . ' (' . DI :: l10n () -> t ( 'may only be a partial list' ) . '):<br />' ;
2012-10-11 20:27:04 -04:00
foreach ( $r as $rr )
$allow_names [] = $rr [ 'username' ];
}
// Sort the names alphabetically, case-insensitive
natcasesort ( $allow_names );
echo $o . implode ( ', ' , $allow_names );
2018-12-26 00:39:53 -05:00
exit ();
2012-10-11 20:27:04 -04:00
}
return ;
}
2018-01-20 08:57:41 -05:00
function remote_permissions_addon_admin ( & $a , & $o ){
2018-10-31 10:55:15 -04:00
$t = Renderer :: getMarkupTemplate ( " admin.tpl " , " addon/remote_permissions/ " );
$o = Renderer :: replaceMacros ( $t , [
2020-01-18 14:52:33 -05:00
'$submit' => DI :: l10n () -> t ( 'Save Settings' ),
2020-01-19 15:21:12 -05:00
'$global' => [ 'remotepermschoice' , DI :: l10n () -> t ( 'Global' ), 1 , DI :: l10n () -> t ( 'The posts of every user on this server show the post recipients' ), DI :: config () -> get ( 'remote_perms' , 'global' ) == 1 ],
'$individual' => [ 'remotepermschoice' , DI :: l10n () -> t ( 'Individual' ), 2 , DI :: l10n () -> t ( 'Each user chooses whether his/her posts show the post recipients' ), DI :: config () -> get ( 'remote_perms' , 'global' ) == 0 ]
2018-01-15 08:15:33 -05:00
]);
2012-10-11 20:27:04 -04:00
}
2018-01-20 08:57:41 -05:00
function remote_permissions_addon_admin_post ( & $a ){
2018-11-30 09:11:56 -05:00
$choice = ( ! empty ( $_POST [ 'remotepermschoice' ]) ? Strings :: escapeTags ( trim ( $_POST [ 'remotepermschoice' ])) : '' );
2020-01-19 15:21:52 -05:00
DI :: config () -> set ( 'remote_perms' , 'global' ,( $choice == 1 ? 1 : 0 ));
2012-10-11 20:27:04 -04:00
}