friendica/src/Model/PermissionSet.php

<?php
/**
 * @file src/Model/PermissionSet.php
 */
namespace Friendica\Model;

use Friendica\Database\DBA;

/**
 * functions for interacting with the permission set of an object (item, photo, event, ...)
 */
class PermissionSet
{
	/**
	 * Fetch the id of a given permission set. Generate a new one when needed
	 *
	 * @param array $postarray The array from an item, picture or event post
	 * @return int id
	 * @throws \Exception
	 */
	public static function fetchIDForPost(&$postarray)
	{
		$condition = ['uid' => $postarray['uid'],
			'allow_cid' => self::sortPermissions($postarray['allow_cid'] ?? ''),
			'allow_gid' => self::sortPermissions($postarray['allow_gid'] ?? ''),
			'deny_cid'  => self::sortPermissions($postarray['deny_cid']  ?? ''),
			'deny_gid'  => self::sortPermissions($postarray['deny_gid']  ?? '')];

		$set = DBA::selectFirst('permissionset', ['id'], $condition);

		if (!DBA::isResult($set)) {
			DBA::insert('permissionset', $condition, true);

			$set = DBA::selectFirst('permissionset', ['id'], $condition);
		}

		$postarray['allow_cid'] = null;
		$postarray['allow_gid'] = null;
		$postarray['deny_cid'] = null;
		$postarray['deny_gid'] = null;

		return $set['id'];
	}

	private static function sortPermissions($permissionlist)
	{
		$cleaned_list = trim($permissionlist, '<>');

		if (empty($cleaned_list)) {
			return $permissionlist;
		}

		$elements = explode('><', $cleaned_list);

		if (count($elements) <= 1) {
			return $permissionlist;
		}

		asort($elements);

		return '<' . implode('><', $elements) . '>';
	}

	/**
	 * Returns a permission set for a given contact
	 *
	 * @param integer $uid        User id whom the items belong
	 * @param integer $contact_id Contact id of the visitor
	 *
	 * @return array of permission set ids.
	 * @throws \Exception
	 */
	static public function get($uid, $contact_id)
	{
		if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {
			$groups = Group::getIdsByContactId($contact_id);
		}

		if (empty($groups) || !is_array($groups)) {
			return [];
		}

		$group_str = '<<>>'; // should be impossible to match

		foreach ($groups as $g) {
			$group_str .= '|<' . intval($g) . '>';
		}

		$contact_str = '<' . $contact_id . '>';

		$condition = ["`uid` = ? AND (NOT (`deny_cid` REGEXP ? OR deny_gid REGEXP ?)
			AND (allow_cid REGEXP ? OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))",
			$uid, $contact_str, $group_str, $contact_str, $group_str];

		$ret = DBA::select('permissionset', ['id'], $condition);
		$set = [];
		while ($permission = DBA::fetch($ret)) {
			$set[] = $permission['id'];
		}
		DBA::close($ret);

		return $set;
	}
}
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`<?php`
			`/**`
			`* @file src/Model/PermissionSet.php`
			`*/`
			`namespace Friendica\Model;`

Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 08:19:26 -04:00			`use Friendica\Database\DBA;`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00
			`/**`
@brief is removed completely 2020-01-19 01:05:23 -05:00			`* functions for interacting with the permission set of an object (item, photo, event, ...)`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`*/`
Replace BaseObject class with DI::* calls 2019-12-15 17:28:01 -05:00			`class PermissionSet`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`{`
			`/**`
			`* Fetch the id of a given permission set. Generate a new one when needed`
			`*`
			`* @param array $postarray The array from an item, picture or event post`
Fix PHPDoc comments project-wide 2019-01-06 16:06:53 -05:00			`* @return int id`
			`* @throws \Exception`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`*/`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00			`public static function fetchIDForPost(&$postarray)`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`{`
			`$condition = ['uid' => $postarray['uid'],`
Replace deprecated calls to defaults() by ?? and ?: in src/ 2019-10-16 08:35:14 -04:00			`'allow_cid' => self::sortPermissions($postarray['allow_cid'] ?? ''),`
			`'allow_gid' => self::sortPermissions($postarray['allow_gid'] ?? ''),`
			`'deny_cid' => self::sortPermissions($postarray['deny_cid'] ?? ''),`
			`'deny_gid' => self::sortPermissions($postarray['deny_gid'] ?? '')];`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 08:19:26 -04:00			`$set = DBA::selectFirst('permissionset', ['id'], $condition);`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00
Rename DBA::is_result to DBA::isResult 2018-07-21 08:46:04 -04:00			`if (!DBA::isResult($set)) {`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 08:19:26 -04:00			`DBA::insert('permissionset', $condition, true);`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 08:19:26 -04:00			`$set = DBA::selectFirst('permissionset', ['id'], $condition);`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`}`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00
			`$postarray['allow_cid'] = null;`
			`$postarray['allow_gid'] = null;`
			`$postarray['deny_cid'] = null;`
			`$postarray['deny_gid'] = null;`

New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`return $set['id'];`
			`}`

			`private static function sortPermissions($permissionlist)`
			`{`
			`$cleaned_list = trim($permissionlist, '<>');`

			`if (empty($cleaned_list)) {`
			`return $permissionlist;`
			`}`

			`$elements = explode('><', $cleaned_list);`

			`if (count($elements) <= 1) {`
			`return $permissionlist;`
			`}`

			`asort($elements);`

			`return '<' . implode('><', $elements) . '>';`
			`}`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00
			`/**`
@brief is removed completely 2020-01-19 01:05:23 -05:00			`* Returns a permission set for a given contact`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00			`*`
			`* @param integer $uid User id whom the items belong`
			`* @param integer $contact_id Contact id of the visitor`
			`*`
			`* @return array of permission set ids.`
Fix PHPDoc comments project-wide 2019-01-06 16:06:53 -05:00			`* @throws \Exception`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00			`*/`
Removed obsolete code 2019-09-28 01:37:24 -04:00			`static public function get($uid, $contact_id)`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00			`{`
Removed obsolete code 2019-09-28 01:37:24 -04:00			`if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00			`$groups = Group::getIdsByContactId($contact_id);`
			`}`

			`if (empty($groups) \|\| !is_array($groups)) {`
			`return [];`
			`}`
Removed obsolete code 2019-09-28 01:37:24 -04:00
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00			`$group_str = '<<>>'; // should be impossible to match`

			`foreach ($groups as $g) {`
			`$group_str .= '\|<' . intval($g) . '>';`
			`}`

			`$contact_str = '<' . $contact_id . '>';`

Fix permissionset query 2019-09-28 16:42:33 -04:00			$condition = ["`uid` = ? AND (NOT (`deny_cid` REGEXP ? OR deny_gid REGEXP ?)
			`AND (allow_cid REGEXP ? OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))",`
			`$uid, $contact_str, $group_str, $contact_str, $group_str];`
Item storage: Permissions aren't stored in the items anymore (#5495) * The permission set is now used for item permissions * Check for allow_cid, ... is superfluous. Checking for "private" is enough * We query the permissionset * Permissions are displayed correctly * Changed index * We don't store the permissions in the item table anymore * Permission fields are now deprecated * Reversed ... 2018-07-25 19:14:55 -04:00
			`$ret = DBA::select('permissionset', ['id'], $condition);`
			`$set = [];`
			`while ($permission = DBA::fetch($ret)) {`
			`$set[] = $permission['id'];`
			`}`
			`DBA::close($ret);`

			`return $set;`
			`}`
New item field "Post-type" and new table "permissionset" (#5408) * "post-type" replaces "bookmark" and "type" * Removed some more type * Added index to permission set * The permission set is now stored * The permission set is now removed upon expiry * Post update now stores the permission set * New file * Permissions are now sorted * Changed documentation 2018-07-19 09:52:05 -04:00			`}`