2019-10-09 22:17:09 -04:00
< ? php
2020-02-09 09:45:36 -05:00
/**
2021-03-29 02:40:20 -04:00
* @ copyright Copyright ( C ) 2010 - 2021 , the Friendica project
2020-02-09 09:45:36 -05:00
*
* @ license GNU AGPL version 3 or any later version
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation , either version 3 of the
* License , or ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU Affero General Public License for more details .
*
* You should have received a copy of the GNU Affero General Public License
* along with this program . If not , see < https :// www . gnu . org / licenses />.
*
*/
2019-10-09 22:17:09 -04:00
namespace Friendica\Module\Settings ;
use Friendica\BaseModule ;
use Friendica\Core\Renderer ;
use Friendica\Core\Session ;
use Friendica\Database\DBA ;
2019-12-15 16:34:11 -05:00
use Friendica\DI ;
2019-10-09 22:17:09 -04:00
use Friendica\Model\User ;
2020-01-22 23:14:14 -05:00
use Friendica\Module\BaseSettings ;
2019-10-09 22:17:09 -04:00
use Friendica\Network\HTTPException ;
use Friendica\Util\Strings ;
2019-10-10 04:17:37 -04:00
/**
* Account delegation settings module
*/
2020-01-22 23:14:14 -05:00
class Delegation extends BaseSettings
2019-10-09 22:17:09 -04:00
{
2019-11-05 16:48:54 -05:00
public static function post ( array $parameters = [])
2019-10-09 22:17:09 -04:00
{
2019-12-15 16:34:11 -05:00
if ( ! local_user () || ! empty ( DI :: app () -> user [ 'uid' ]) && DI :: app () -> user [ 'uid' ] != local_user ()) {
2020-01-18 14:52:34 -05:00
throw new HTTPException\ForbiddenException ( DI :: l10n () -> t ( 'Permission denied.' ));
2019-10-09 22:17:09 -04:00
}
BaseModule :: checkFormSecurityTokenRedirectOnError ( 'settings/delegation' , 'delegate' );
2020-01-16 15:58:33 -05:00
$parent_uid = ( int ) $_POST [ 'parent_user' ] ? ? 0 ;
2019-10-09 22:17:09 -04:00
$parent_password = $_POST [ 'parent_password' ] ? ? '' ;
if ( $parent_uid != 0 ) {
try {
2019-10-10 04:10:29 -04:00
User :: getIdFromPasswordAuthentication ( $parent_uid , $parent_password );
2020-01-18 14:52:34 -05:00
info ( DI :: l10n () -> t ( 'Delegation successfully granted.' ));
2019-10-10 04:10:29 -04:00
} catch ( \Exception $ex ) {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Parent user not found, unavailable or password doesn\'t match.' ));
2019-10-09 22:17:09 -04:00
return ;
}
} else {
2020-01-18 14:52:34 -05:00
info ( DI :: l10n () -> t ( 'Delegation successfully revoked.' ));
2019-10-09 22:17:09 -04:00
}
DBA :: update ( 'user' , [ 'parent-uid' => $parent_uid ], [ 'uid' => local_user ()]);
}
2019-11-05 16:48:54 -05:00
public static function content ( array $parameters = [])
2019-10-09 22:17:09 -04:00
{
2019-11-05 15:22:54 -05:00
parent :: content ( $parameters );
2019-10-09 22:17:09 -04:00
if ( ! local_user ()) {
2020-01-18 14:52:34 -05:00
throw new HTTPException\ForbiddenException ( DI :: l10n () -> t ( 'Permission denied.' ));
2019-10-09 22:17:09 -04:00
}
2019-12-15 17:28:01 -05:00
$args = DI :: args ();
2019-10-09 22:17:09 -04:00
2019-10-10 04:17:37 -04:00
// @TODO Replace with router-provided arguments
2019-10-09 22:17:09 -04:00
$action = $args -> get ( 2 );
$user_id = $args -> get ( 3 );
2019-10-10 04:17:37 -04:00
2019-10-09 22:17:09 -04:00
if ( $action === 'add' && $user_id ) {
if ( Session :: get ( 'submanage' )) {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Delegated administrators can view but not change delegation permissions.' ));
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/delegation' );
2019-10-09 22:17:09 -04:00
}
2019-10-10 04:10:57 -04:00
$user = User :: getById ( $user_id , [ 'nickname' ]);
2019-10-09 22:17:09 -04:00
if ( DBA :: isResult ( $user )) {
$condition = [
'uid' => local_user (),
2019-12-30 17:00:08 -05:00
'nurl' => Strings :: normaliseLink ( DI :: baseUrl () . '/profile/' . $user [ 'nickname' ])
2019-10-09 22:17:09 -04:00
];
if ( DBA :: exists ( 'contact' , $condition )) {
DBA :: insert ( 'manage' , [ 'uid' => $user_id , 'mid' => local_user ()]);
}
} else {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Delegate user not found.' ));
2019-10-09 22:17:09 -04:00
}
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/delegation' );
2019-10-09 22:17:09 -04:00
}
if ( $action === 'remove' && $user_id ) {
if ( Session :: get ( 'submanage' )) {
2020-01-18 14:52:34 -05:00
notice ( DI :: l10n () -> t ( 'Delegated administrators can view but not change delegation permissions.' ));
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/delegation' );
2019-10-09 22:17:09 -04:00
}
DBA :: delete ( 'manage' , [ 'uid' => $user_id , 'mid' => local_user ()]);
2019-12-15 18:28:31 -05:00
DI :: baseUrl () -> redirect ( 'settings/delegation' );
2019-10-09 22:17:09 -04:00
}
// find everybody that currently has delegated management to this account/page
$delegates = DBA :: selectToArray ( 'user' , [], [ '`uid` IN (SELECT `uid` FROM `manage` WHERE `mid` = ?)' , local_user ()]);
$uids = [];
foreach ( $delegates as $user ) {
$uids [] = $user [ 'uid' ];
}
// find every contact who might be a candidate for delegation
$potentials = [];
2020-01-10 03:04:48 -05:00
$nicknames = [];
2019-10-09 22:17:09 -04:00
2020-01-10 03:04:48 -05:00
$condition = [ 'baseurl' => DI :: baseUrl (), 'self' => false , 'uid' => local_user (), 'blocked' => false ];
$contacts = DBA :: select ( 'contact' , [ 'nick' ], $condition );
while ( $contact = DBA :: fetch ( $contacts )) {
$nicknames [] = $contact [ 'nick' ];
}
2020-04-28 03:10:18 -04:00
DBA :: close ( $contacts );
2019-10-09 22:17:09 -04:00
2020-01-10 03:04:48 -05:00
// get user records for all potential page delegates who are not already delegates or managers
$potentialDelegateUsers = DBA :: selectToArray ( 'user' , [ 'uid' , 'username' , 'nickname' ], [ 'nickname' => $nicknames ]);
foreach ( $potentialDelegateUsers as $user ) {
if ( ! in_array ( $user [ 'uid' ], $uids )) {
$potentials [] = $user ;
2019-10-09 22:17:09 -04:00
}
}
$parent_user = null ;
$parent_password = null ;
2019-10-10 04:10:57 -04:00
$user = User :: getById ( local_user (), [ 'parent-uid' , 'email' ]);
2019-10-09 22:17:09 -04:00
if ( DBA :: isResult ( $user ) && ! DBA :: exists ( 'user' , [ 'parent-uid' => local_user ()])) {
$parent_uid = $user [ 'parent-uid' ];
2020-01-18 14:52:34 -05:00
$parents = [ 0 => DI :: l10n () -> t ( 'No parent user' )];
2019-10-09 22:17:09 -04:00
$fields = [ 'uid' , 'username' , 'nickname' ];
$condition = [ 'email' => $user [ 'email' ], 'verified' => true , 'blocked' => false , 'parent-uid' => 0 ];
$parent_users = DBA :: selectToArray ( 'user' , $fields , $condition );
foreach ( $parent_users as $parent ) {
if ( $parent [ 'uid' ] != local_user ()) {
$parents [ $parent [ 'uid' ]] = sprintf ( '%s (%s)' , $parent [ 'username' ], $parent [ 'nickname' ]);
}
}
2020-01-20 00:05:20 -05:00
$parent_user = [ 'parent_user' , DI :: l10n () -> t ( 'Parent User' ), $parent_uid , '' , $parents ];
2020-01-18 14:52:34 -05:00
$parent_password = [ 'parent_password' , DI :: l10n () -> t ( 'Parent Password:' ), '' , DI :: l10n () -> t ( 'Please enter the password of the parent account to legitimize your request.' )];
2019-10-09 22:17:09 -04:00
}
2020-01-18 13:40:48 -05:00
$is_child_user = ! empty ( $user [ 'parent-uid' ]);
2019-10-09 22:17:09 -04:00
$o = Renderer :: replaceMacros ( Renderer :: getMarkupTemplate ( 'settings/delegation.tpl' ), [
'$form_security_token' => BaseModule :: getFormSecurityToken ( 'delegate' ),
2020-01-18 14:52:34 -05:00
'$account_header' => DI :: l10n () -> t ( 'Additional Accounts' ),
2020-01-20 00:05:20 -05:00
'$account_desc' => DI :: l10n () -> t ( 'Register additional accounts that are automatically connected to your existing account so you can manage them from this account.' ),
2020-01-18 14:52:34 -05:00
'$add_account' => DI :: l10n () -> t ( 'Register an additional account' ),
'$parent_header' => DI :: l10n () -> t ( 'Parent User' ),
2019-10-09 22:17:09 -04:00
'$parent_user' => $parent_user ,
'$parent_password' => $parent_password ,
2020-01-18 14:52:34 -05:00
'$parent_desc' => DI :: l10n () -> t ( 'Parent users have total control about this account, including the account settings. Please double check whom you give this access.' ),
2020-01-18 13:40:48 -05:00
'$is_child_user' => $is_child_user ,
2020-01-18 14:52:34 -05:00
'$submit' => DI :: l10n () -> t ( 'Save Settings' ),
'$header' => DI :: l10n () -> t ( 'Manage Accounts' ),
'$delegates_header' => DI :: l10n () -> t ( 'Delegates' ),
2019-12-30 17:00:08 -05:00
'$base' => DI :: baseUrl (),
2020-01-18 14:52:34 -05:00
'$desc' => DI :: l10n () -> t ( 'Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.' ),
'$head_delegates' => DI :: l10n () -> t ( 'Existing Page Delegates' ),
2019-10-09 22:17:09 -04:00
'$delegates' => $delegates ,
2020-01-18 14:52:34 -05:00
'$head_potentials' => DI :: l10n () -> t ( 'Potential Delegates' ),
2019-10-09 22:17:09 -04:00
'$potentials' => $potentials ,
2020-01-18 14:52:34 -05:00
'$remove' => DI :: l10n () -> t ( 'Remove' ),
'$add' => DI :: l10n () -> t ( 'Add' ),
'$none' => DI :: l10n () -> t ( 'No entries.' )
2019-10-09 22:17:09 -04:00
]);
return $o ;
}
}