Get rid of App->user completely

This commit is contained in:
Michael 2021-08-08 19:30:21 +00:00
parent fc283ab928
commit 28090bd793
39 changed files with 158 additions and 234 deletions

View File

@ -379,7 +379,7 @@ function is_site_admin()
$adminlist = explode(',', str_replace(' ', '', $admin_email));
return local_user() && $admin_email && in_array($a->getUserValue('email') ?? '', $adminlist);
return local_user() && $admin_email && DBA::exists('user', ['uid' => $a->getUserId(), 'email' => $adminlist]);
}
/**

View File

@ -22,6 +22,7 @@
use Friendica\App;
use Friendica\Content\ContactSelector;
use Friendica\Content\Feature;
use Friendica\Core\ACL;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
@ -34,6 +35,7 @@ use Friendica\Model\Contact;
use Friendica\Model\Item;
use Friendica\Model\Post;
use Friendica\Model\Tag;
use Friendica\Model\User;
use Friendica\Model\Verb;
use Friendica\Object\Post as PostObject;
use Friendica\Object\Thread;
@ -1064,11 +1066,24 @@ function format_activity(array $links, $verb, $id) {
return $o;
}
function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
function status_editor(App $a, array $x = [], $notes_cid = 0, $popup = false)
{
DI::profiler()->startRecording('rendering');
$o = '';
$user = User::getById($a->getUserId(), ['uid', 'nickname', 'allow_location', 'default-location']);
$x['allow_location'] = $x['allow_location'] ?? $user['allow_location'];
$x['default_location'] = $x['default_location'] ?? $user['default-location'];
$x['nickname'] = $x['nickname'] ?? $user['nickname'];
$x['lockstate'] = $x['lockstate'] ?? ACL::getLockstateForUserId($user['uid']) ? 'lock' : 'unlock';
$x['acl'] = $x['acl'] ?? ACL::getFullSelectorHTML(DI::page(), $user['uid'], true);
$x['bang'] = $x['bang'] ?? '';
$x['visitor'] = $x['visitor'] ?? 'block';
$x['is_owner'] = $x['is_owner'] ?? true;
$x['profile_uid'] = $x['profile_uid'] ?? local_user();
$geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$tpl = Renderer::getMarkupTemplate('jot-header.tpl');

View File

@ -26,12 +26,7 @@ require_once __DIR__ . '/../include/api.php';
function api_post(App $a)
{
if (!local_user()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}
if (empty($a->getUserId()) || $a->getUserId() != local_user()) {
if (!$a->isLoggedIn()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}

View File

@ -273,18 +273,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
// We need the editor here to be able to reshare an item.
if ($is_owner && !$update) {
$x = [
'is_owner' => true,
'allow_location' => $a->getUserValue('allow_location'),
'default_location' => $a->getUserValue('default-location'),
'nickname' => $a->getNickname(),
'lockstate' => ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock',
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o .= status_editor($a, $x, 0, true);
$o .= status_editor($a, [], 0, true);
}
$sql_extra = Item::getPermissionsSQLByUserId($page_uid);

View File

@ -27,6 +27,7 @@ use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\Post;
use Friendica\Model\User;
use Friendica\Util\Crypto;
function editpost_content(App $a)
@ -55,6 +56,8 @@ function editpost_content(App $a)
return;
}
$user = User::getById(local_user());
$geotag = '';
$o .= Renderer::replaceMacros(Renderer::getMarkupTemplate("section_title.tpl"), [
@ -107,7 +110,7 @@ function editpost_content(App $a)
'$posttype' => $item['post-type'],
'$content' => undo_post_tagging($item['body']),
'$post_id' => $post_id,
'$defloc' => $a->getUserValue('default-location'),
'$defloc' => $user['default-location'],
'$visitor' => 'none',
'$pvisit' => 'none',
'$emailcc' => DI::l10n()->t('CC: email addresses'),

View File

@ -513,7 +513,7 @@ function events_content(App $a)
$fminute = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00';
if (!$cid && in_array($mode, ['new', 'copy'])) {
$acl = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($orig_event));
$acl = ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), false, ACL::getDefaultUserPermissions($orig_event));
} else {
$acl = '';
}

View File

@ -175,7 +175,7 @@ function follow_process(App $a, string $url)
{
$return_path = 'follow?url=' . urlencode($url);
$result = Contact::createFromProbe($a->user, $url, true);
$result = Contact::createFromProbe($a->getUserId(), $url);
if ($result['success'] == false) {
// Possibly it is a remote item and not an account

View File

@ -51,15 +51,8 @@ function notes_content(App $a, $update = false)
$o .= '<h3>' . DI::l10n()->t('Personal Notes') . '</h3>';
$x = [
'is_owner' => true,
'allow_location' => (($a->getUserValue('allow_location')) ? true : false),
'default_location' => $a->getUserValue('default-location'),
'nickname' => $a->getNickname(),
'lockstate' => 'lock',
'acl' => \Friendica\Core\ACL::getSelfOnlyHTML(local_user(), DI::l10n()->t('Personal notes are visible only by yourself.')),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
'button' => DI::l10n()->t('Save'),
'acl_data' => '',
];

View File

@ -111,7 +111,7 @@ function ostatus_subscribe_content(App $a)
$probed = Contact::getByURL($url);
if (in_array($probed['network'], Protocol::FEDERATED)) {
$result = Contact::createFromProbe($a->user, $probed['url']);
$result = Contact::createFromProbe($a->getUserId(), $probed['url']);
if ($result['success']) {
$o .= ' - ' . DI::l10n()->t('success');
} else {

View File

@ -948,7 +948,7 @@ function photos_content(App $a)
$tpl = Renderer::getMarkupTemplate('photos_upload.tpl');
$aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML(DI::page(), $a->user));
$aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML(DI::page(), $a->getUserId()));
$o .= Renderer::replaceMacros($tpl,[
'$pagename' => DI::l10n()->t('Upload Photos'),
@ -1307,7 +1307,7 @@ function photos_content(App $a)
$album_e = $ph[0]['album'];
$caption_e = $ph[0]['desc'];
$aclselect_e = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($ph[0]));
$aclselect_e = ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), false, ACL::getDefaultUserPermissions($ph[0]));
$edit = Renderer::replaceMacros($edit_tpl, [
'$id' => $ph[0]['id'],

View File

@ -69,7 +69,7 @@ function removeme_post(App $a)
DI::emailer()->send($email);
}
if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
if (User::getIdFromPasswordAuthentication($a->getUserId(), trim($_POST['qxz_password']))) {
User::remove($a->getUserId());
unset($_SESSION['authenticated']);

View File

@ -70,7 +70,7 @@ function repair_ostatus_content(App $a) {
$o .= "<p>".DI::l10n()->t("Keep this window open until done.")."</p>";
Contact::createFromProbe($a->user, $r[0]["url"], true);
Contact::createFromProbe($a->getUserId(), $r[0]["url"]);
DI::page()['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . DI::baseUrl() . '/repair_ostatus?counter='.$counter.'">';

View File

@ -53,7 +53,8 @@ function settings_init(App $a)
function settings_post(App $a)
{
if (!local_user()) {
if (!$a->isLoggedIn()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}
@ -61,11 +62,6 @@ function settings_post(App $a)
return;
}
if (empty($a->getUserId()) || $a->getUserId() != local_user()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}
if ((DI::args()->getArgc() > 1) && (DI::args()->getArgv()[1] == 'addon')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/addon', 'settings_addon');
@ -752,7 +748,7 @@ function settings_content(App $a)
'$cntunkmail' => ['cntunkmail', DI::l10n()->t('Maximum private messages per day from unknown people:'), $cntunkmail , DI::l10n()->t("\x28to prevent spam abuse\x29")],
'$group_select' => Group::displayGroupSelection(local_user(), $user['def_gid']),
'$permissions' => DI::l10n()->t('Default Post Permissions'),
'$aclselect' => ACL::getFullSelectorHTML(DI::page(), $a->user),
'$aclselect' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId()),
'$expire' => [
'label' => DI::l10n()->t('Expiration settings'),

View File

@ -57,8 +57,6 @@ use Psr\Log\LoggerInterface;
*/
class App
{
public $user;
// Allow themes to control internal parameters
// by changing App values in theme.php
private $theme_info = [
@ -151,6 +149,11 @@ class App
$this->nickname = $nickname;
}
public function isLoggedIn()
{
return local_user() && $this->user_id && ($this->user_id == local_user());
}
/**
* Fetch the user id
* @return int
@ -169,25 +172,6 @@ class App
return $this->nickname;
}
/**
* Fetch a specific user field
*
* @param string $index
* @return mixed
*/
public function getUserValue(string $index)
{
if (empty($this->user_id)) {
return null;
}
if (empty($this->user)) {
$this->user = User::getById($this->user_id);
}
return $this->user[$index] ?? null;
}
/**
* Set the profile owner ID
*

View File

@ -164,7 +164,7 @@ HELP;
$network = CliPrompt::prompt();
}
$result = ContactModel::createFromProbe($user, $url, false, $network);
$result = ContactModel::createFromProbe($user['uid'], $url, $network);
if ($result['success']) {
$this->out('User ' . $user['nickname'] . ' now connected to ' . $url . ', contact ID ' . $result['cid']);

View File

@ -23,6 +23,7 @@ namespace Friendica\Content;
use Friendica\App;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Database\DBA;
@ -185,25 +186,21 @@ class Nav
$nav['login'] = ['login', DI::l10n()->t('Login'), (DI::module()->getName() == 'login' ? 'selected' : ''), DI::l10n()->t('Sign in')];
}
if (local_user()) {
if (!empty($a->user)) {
// user menu
$nav['usermenu'][] = ['profile/' . $a->getNickname(), DI::l10n()->t('Status'), '', DI::l10n()->t('Your posts and conversations')];
$nav['usermenu'][] = ['profile/' . $a->getNickname() . '/profile', DI::l10n()->t('Profile'), '', DI::l10n()->t('Your profile page')];
$nav['usermenu'][] = ['photos/' . $a->getNickname(), DI::l10n()->t('Photos'), '', DI::l10n()->t('Your photos')];
$nav['usermenu'][] = ['videos/' . $a->getNickname(), DI::l10n()->t('Videos'), '', DI::l10n()->t('Your videos')];
$nav['usermenu'][] = ['events/', DI::l10n()->t('Events'), '', DI::l10n()->t('Your events')];
$nav['usermenu'][] = ['notes/', DI::l10n()->t('Personal notes'), '', DI::l10n()->t('Your personal notes')];
if ($a->isLoggedIn()) {
// user menu
$nav['usermenu'][] = ['profile/' . $a->getNickname(), DI::l10n()->t('Status'), '', DI::l10n()->t('Your posts and conversations')];
$nav['usermenu'][] = ['profile/' . $a->getNickname() . '/profile', DI::l10n()->t('Profile'), '', DI::l10n()->t('Your profile page')];
$nav['usermenu'][] = ['photos/' . $a->getNickname(), DI::l10n()->t('Photos'), '', DI::l10n()->t('Your photos')];
$nav['usermenu'][] = ['videos/' . $a->getNickname(), DI::l10n()->t('Videos'), '', DI::l10n()->t('Your videos')];
$nav['usermenu'][] = ['events/', DI::l10n()->t('Events'), '', DI::l10n()->t('Your events')];
$nav['usermenu'][] = ['notes/', DI::l10n()->t('Personal notes'), '', DI::l10n()->t('Your personal notes')];
// user info
$contact = DBA::selectFirst('contact', ['micro'], ['uid' => $a->getUserId(), 'self' => true]);
$userinfo = [
'icon' => (DBA::isResult($contact) ? DI::baseUrl()->remove($contact['micro']) : Contact::DEFAULT_AVATAR_MICRO),
'name' => $a->getUserValue('username'),
];
} else {
DI::logger()->warning('Empty $a->user for local user', ['local_user' => local_user(), '$a' => $a]);
}
// user info
$contact = DBA::selectFirst('contact', ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl', 'updated'], ['uid' => $a->getUserId(), 'self' => true]);
$userinfo = [
'icon' => Contact::getMicro($contact),
'name' => $contact['name'],
];
}
// "Home" should also take you home from an authenticated remote profile connection
@ -271,7 +268,7 @@ class Nav
}
// The following nav links are only show to logged in users
if (local_user() && !empty($a->user)) {
if (local_user() && !empty($a->getNickname())) {
$nav['network'] = ['network', DI::l10n()->t('Network'), '', DI::l10n()->t('Conversations from your friends')];
$nav['home'] = ['profile/' . $a->getNickname(), DI::l10n()->t('Home'), '', DI::l10n()->t('Your posts and conversations')];

View File

@ -222,7 +222,7 @@ class ACL
* Return the full jot ACL selector HTML
*
* @param Page $page
* @param array $user User array
* @param int $uid User ID
* @param bool $for_federation
* @param array $default_permissions Static defaults permission array:
* [
@ -238,18 +238,20 @@ class ACL
*/
public static function getFullSelectorHTML(
Page $page,
array $user = null,
int $uid = null,
bool $for_federation = false,
array $default_permissions = [],
array $condition = [],
$form_prefix = ''
) {
if (empty($user['uid'])) {
if (empty($uid)) {
return '';
}
static $input_group_id = 0;
$user = User::getById($uid);
$input_group_id++;
$page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));

View File

@ -2311,16 +2311,15 @@ class Contact
*
* Takes a $uid and a url/handle and adds a new contact
*
* @param array $user The user the contact should be created for
* @param int $uid The user id the contact should be created for
* @param string $url The profile URL of the contact
* @param bool $interactive
* @param string $network
* @return array
* @throws HTTPException\InternalServerErrorException
* @throws HTTPException\NotFoundException
* @throws \ImagickException
*/
public static function createFromProbe(array $user, $url, $interactive = false, $network = '')
public static function createFromProbe(int $uid, $url, $network = '')
{
$result = ['cid' => -1, 'success' => false, 'message' => ''];
@ -2356,7 +2355,7 @@ class Contact
$ret = $arr['contact'];
} else {
$probed = true;
$ret = Probe::uri($url, $network, $user['uid']);
$ret = Probe::uri($url, $network, $uid);
}
if (($network != '') && ($ret['network'] != $network)) {
@ -2368,10 +2367,10 @@ class Contact
// the poll url is more reliable than the profile url, as we may have
// indirect links or webfinger links
$condition = ['uid' => $user['uid'], 'poll' => [$ret['poll'], Strings::normaliseLink($ret['poll'])], 'network' => $ret['network'], 'pending' => false];
$condition = ['uid' => $uid, 'poll' => [$ret['poll'], Strings::normaliseLink($ret['poll'])], 'network' => $ret['network'], 'pending' => false];
$contact = DBA::selectFirst('contact', ['id', 'rel'], $condition);
if (!DBA::isResult($contact)) {
$condition = ['uid' => $user['uid'], 'nurl' => Strings::normaliseLink($ret['url']), 'network' => $ret['network'], 'pending' => false];
$condition = ['uid' => $uid, 'nurl' => Strings::normaliseLink($ret['url']), 'network' => $ret['network'], 'pending' => false];
$contact = DBA::selectFirst('contact', ['id', 'rel'], $condition);
}
@ -2436,7 +2435,7 @@ class Contact
// create contact record
self::insert([
'uid' => $user['uid'],
'uid' => $uid,
'created' => DateTimeFormat::utcNow(),
'url' => $ret['url'],
'nurl' => Strings::normaliseLink($ret['url']),
@ -2464,7 +2463,7 @@ class Contact
]);
}
$contact = DBA::selectFirst('contact', [], ['url' => $ret['url'], 'network' => $ret['network'], 'uid' => $user['uid']]);
$contact = DBA::selectFirst('contact', [], ['url' => $ret['url'], 'network' => $ret['network'], 'uid' => $uid]);
if (!DBA::isResult($contact)) {
$result['message'] .= DI::l10n()->t('Unable to retrieve contact information.') . EOL;
return $result;
@ -2473,7 +2472,7 @@ class Contact
$contact_id = $contact['id'];
$result['cid'] = $contact_id;
Group::addMember(User::getDefaultGroup($user['uid'], $contact["network"]), $contact_id);
Group::addMember(User::getDefaultGroup($uid, $contact["network"]), $contact_id);
// Update the avatar
self::updateAvatar($contact_id, $ret['photo']);
@ -2489,7 +2488,7 @@ class Contact
Worker::add(PRIORITY_HIGH, 'UpdateContact', $contact_id);
}
$owner = User::getOwnerDataById($user['uid']);
$owner = User::getOwnerDataById($uid);
if (DBA::isResult($owner)) {
if (in_array($protocol, [Protocol::OSTATUS, Protocol::DFRN])) {
@ -2518,7 +2517,7 @@ class Contact
return false;
}
$ret = ActivityPub\Transmitter::sendActivity('Follow', $contact['url'], $user['uid'], $activity_id);
$ret = ActivityPub\Transmitter::sendActivity('Follow', $contact['url'], $uid, $activity_id);
Logger::log('Follow returns: ' . $ret);
}
}
@ -2579,14 +2578,9 @@ class Contact
*/
public static function follow(int $cid, int $uid)
{
$user = User::getById($uid);
if (empty($user)) {
return false;
}
$contact = self::getById($cid, ['url']);
$result = self::createFromProbe($user, $contact['url'], false);
$result = self::createFromProbe($uid, $contact['url']);
return $result['cid'];
}
@ -2744,7 +2738,7 @@ class Contact
}
} elseif (DBA::isResult($user) && in_array($user['page-flags'], [User::PAGE_FLAGS_SOAPBOX, User::PAGE_FLAGS_FREELOVE, User::PAGE_FLAGS_COMMUNITY])) {
if (($user['page-flags'] == User::PAGE_FLAGS_FREELOVE) && ($network != Protocol::DIASPORA)) {
self::createFromProbe($importer, $url, false, $network);
self::createFromProbe($importer['uid'], $url, $network);
}
$condition = ['uid' => $importer['uid'], 'url' => $url, 'pending' => true];

View File

@ -75,9 +75,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -86,9 +84,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -97,9 +93,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -108,9 +102,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (empty($a->getUserId()) || $a->getUserId() != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}

View File

@ -59,16 +59,6 @@ class Bookmarklet extends BaseModule
$content = "\n" . PageInfo::getFooterFromUrl($_REQUEST['url']);
$x = [
'is_owner' => true,
'allow_location' => $app->getUserValue('allow_location'),
'default_location' => $app->getUserValue('default-location'),
'nickname' => $app->getNickname(),
'lockstate' => ACL::getLockstateForUserId($app->getUserId()) ? 'lock' : 'unlock',
'default_perms' => ACL::getDefaultUserPermissions($app->user),
'acl' => ACL::getFullSelectorHTML(DI::page(), $app->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
'title' => trim($_REQUEST['title'] ?? '', '*'),
'content' => $content
];

View File

@ -169,8 +169,7 @@ class Contact extends BaseModule
}
if ($contact['network'] == Protocol::OSTATUS) {
$user = Model\User::getById($contact['uid']);
$result = Model\Contact::createFromProbe($user, $contact['url'], false, $contact['network']);
$result = Model\Contact::createFromProbe($contact['uid'], $contact['url'], $contact['network']);
if ($result['success']) {
DBA::update('contact', ['subhub' => 1], ['id' => $contact_id]);
@ -935,18 +934,7 @@ class Contact extends BaseModule
if (!$update) {
// We need the editor here to be able to reshare an item.
if (local_user()) {
$x = [
'is_owner' => true,
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => (is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock'),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o = status_editor($a, $x, 0, true);
$o = status_editor($a, [], 0, true);
}
}

View File

@ -128,18 +128,7 @@ class Community extends BaseModule
// We need the editor here to be able to reshare an item.
if (Session::isAuthenticated()) {
$x = [
'is_owner' => true,
'allow_location' => DI::app()->getUserValue('allow_location'),
'default_location' => DI::app()->getUserValue('default-location'),
'nickname' => DI::app()->getNickname(),
'lockstate' => ACL::getLockstateForUserId(DI::app()->getUserId()) ? 'lock' : 'unlock',
'acl' => ACL::getFullSelectorHTML(DI::page(), DI::app()->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o .= status_editor(DI::app(), $x, 0, true);
$o .= status_editor(DI::app(), [], 0, true);
}
}

View File

@ -139,16 +139,9 @@ class Network extends BaseModule
}
$x = [
'is_owner' => true,
'allow_location' => $a->getUserValue('allow_location'),
'default_location' => $a->getUserValue('default-location'),
'nickname' => $a->getNickname(),
'lockstate' => self::$groupId || self::$forumContactId || self::$network || ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock',
'default_perms' => ACL::getDefaultUserPermissions($a->user),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true, $default_permissions),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), true, $default_permissions),
'bang' => ((self::$groupId || self::$forumContactId || self::$network) ? '!' : ''),
'visitor' => 'block',
'profile_uid' => local_user(),
'content' => $content,
];

View File

@ -45,7 +45,7 @@ class Delegation extends BaseModule
}
$uid = local_user();
$orig_record = DI::app()->user;
$orig_record = User::getById(DI::app()->getUserId());
if (Session::get('submanage')) {
$user = User::getById(Session::get('submanage'));

View File

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\DI;
use Friendica\Model;
use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Protocol\Email;
use Friendica\Util\Strings;
@ -71,6 +72,8 @@ class Invite extends BaseModule
}
}
$user = User::getById(local_user());
foreach ($recipients as $recipient) {
$recipient = trim($recipient);
@ -95,7 +98,7 @@ class Invite extends BaseModule
$nmessage = $message;
}
$additional_headers = 'From: "' . $app->getUserValue('email') . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n"
$additional_headers = 'From: "' . $user['email'] . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit';

View File

@ -186,7 +186,7 @@ class Compose extends BaseModule
'$jotplugins' => $jotplugins,
'$rand_num' => Crypto::randomDigits(12),
'$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->user, $doesFederate, [
'$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), $doesFederate, [
'allow_cid' => $contact_allow_list,
'allow_gid' => $group_allow_list,
'deny_cid' => $contact_deny_list,

View File

@ -27,6 +27,7 @@ use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Util\HTTPSignature;
use Friendica\Util\Strings;
@ -76,52 +77,50 @@ class Magic extends BaseModule
System::externalRedirect($dest);
}
if (local_user()) {
$user = $a->user;
// OpenWebAuth
if (local_user() && $owa) {
$user = User::getById(local_user());
// OpenWebAuth
if ($owa) {
// Extract the basepath
// NOTE: we need another solution because this does only work
// for friendica contacts :-/ . We should have the basepath
// of a contact also in the contact table.
$exp = explode('/profile/', $contact['url']);
$basepath = $exp[0];
// Extract the basepath
// NOTE: we need another solution because this does only work
// for friendica contacts :-/ . We should have the basepath
// of a contact also in the contact table.
$exp = explode('/profile/', $contact['url']);
$basepath = $exp[0];
$header = [];
$header['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
$header['X-Open-Web-Auth'] = Strings::getRandomHex();
$header = [];
$header['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
$header['X-Open-Web-Auth'] = Strings::getRandomHex();
// Create a header that is signed with the local users private key.
$header = HTTPSignature::createSig(
$header,
$user['prvkey'],
'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '')
);
// Create a header that is signed with the local users private key.
$header = HTTPSignature::createSig(
$header,
$user['prvkey'],
'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '')
);
// Try to get an authentication token from the other instance.
$curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]);
// Try to get an authentication token from the other instance.
$curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]);
if ($curlResult->isSuccess()) {
$j = json_decode($curlResult->getBody(), true);
if ($curlResult->isSuccess()) {
$j = json_decode($curlResult->getBody(), true);
if ($j['success']) {
$token = '';
if ($j['encrypted_token']) {
// The token is encrypted. If the local user is really the one the other instance
// thinks he/she is, the token can be decrypted with the local users public key.
openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
} else {
$token = $j['token'];
}
$args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token;
Logger::info('Redirecting', ['path' => $dest . $args]);
System::externalRedirect($dest . $args);
if ($j['success']) {
$token = '';
if ($j['encrypted_token']) {
// The token is encrypted. If the local user is really the one the other instance
// thinks he/she is, the token can be decrypted with the local users public key.
openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
} else {
$token = $j['token'];
}
$args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token;
Logger::info('Redirecting', ['path' => $dest . $args]);
System::externalRedirect($dest . $args);
}
System::externalRedirect($dest);
}
System::externalRedirect($dest);
}
if ($test) {

View File

@ -125,11 +125,9 @@ class Status extends BaseProfile
$x = [
'is_owner' => $is_owner,
'allow_location' => ($is_owner || $commvisitor) && $profile['allow_location'],
'default_location' => $is_owner ? $a->getUserValue('default-location') : '',
'default_location' => $is_owner ? $profile['default-location'] : '',
'nickname' => $profile['nickname'],
'lockstate' => ACL::getLockstateForUserId($a->getUserId()) ? 'lock' : 'unlock',
'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->user, true) : '',
'bang' => '',
'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->getUserId(), true) : '',
'visitor' => $is_owner || $commvisitor ? 'block' : 'none',
'profile_uid' => $profile['uid'],
];

View File

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Security\TwoFactor\Model\RecoveryCode;
/**
@ -59,7 +60,7 @@ class Recovery extends BaseModule
Session::set('2fa', true);
info(DI::l10n()->t('Remaining recovery codes: %d', RecoveryCode::countValidForUser(local_user())));
DI::auth()->setForUser($a, $a->user, true, true);
DI::auth()->setForUser($a, User::getById($a->getUserId()), true, true);
} else {
notice(DI::l10n()->t('Invalid code, please retry.'));
}

View File

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Model\User;
use PragmaRX\Google2FA\Google2FA;
use Friendica\Security\TwoFactor;
@ -70,7 +71,7 @@ class Verify extends BaseModule
}
// Resume normal login workflow
DI::auth()->setForUser($a, $a->user, true, true);
DI::auth()->setForUser($a, User::getById($a->getUserId()), true, true);
} else {
self::$errors[] = DI::l10n()->t('Invalid code, please retry.');
}

View File

@ -38,7 +38,7 @@ class Delegation extends BaseSettings
{
public static function post(array $parameters = [])
{
if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}

View File

@ -27,6 +27,7 @@ use Friendica\Core\Session;
use Friendica\Core\Theme;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Module\BaseSettings;
use Friendica\Network\HTTPException;
use Friendica\Util\Strings;
@ -38,13 +39,15 @@ class Display extends BaseSettings
{
public static function post(array $parameters = [])
{
if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
self::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : DI::app()->getUserValue('theme');
$user = User::getById(local_user());
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme'];
$mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$nosmile = !empty($_POST['nosmile']) ? intval($_POST['nosmile']) : 0;
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
@ -92,7 +95,7 @@ class Display extends BaseSettings
DI::pConfig()->set(local_user(), 'system', 'first_day_of_week' , $first_day_of_week);
if (in_array($theme, Theme::getAllowedList())) {
if ($theme == DI::app()->getUserValue('theme')) {
if ($theme == $user['theme']) {
// call theme_post only if theme has not been changed
if (($themeconfigfile = Theme::getConfigFile($theme)) !== null) {
require_once $themeconfigfile;
@ -128,6 +131,8 @@ class Display extends BaseSettings
$default_mobile_theme = 'none';
}
$user = User::getById(local_user());
$allowed_themes = Theme::getAllowedList();
$themes = [];
@ -152,7 +157,7 @@ class Display extends BaseSettings
}
}
$theme_selected = DI::app()->getUserValue('theme') ?: $default_theme;
$theme_selected = $user['theme'] ?: $default_theme;
$mobile_theme_selected = Session::get('mobile-theme', $default_mobile_theme);
$itemspage_network = intval(DI::pConfig()->get(local_user(), 'system', 'itemspage_network'));

View File

@ -172,7 +172,7 @@ class Index extends BaseSettings
'value' => ['profile_field[' . $profileField->id . '][value]', DI::l10n()->t('Value:'), $profileField->value],
'acl' => ACL::getFullSelectorHTML(
DI::page(),
$a->user,
$a->getUserId(),
false,
$defaultPermissions,
['network' => Protocol::DFRN],
@ -192,7 +192,7 @@ class Index extends BaseSettings
'value' => ['profile_field[new][value]', DI::l10n()->t('Value:')],
'acl' => ACL::getFullSelectorHTML(
DI::page(),
$a->user,
$a->getUserId(),
false,
['allow_cid' => []],
['network' => Protocol::DFRN],

View File

@ -90,7 +90,7 @@ class UserExport extends BaseSettings
*/
public static function rawContent(array $parameters = [])
{
if (!local_user() || empty(DI::app()->getUserId()) || DI::app()->getUserId() != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
@ -98,21 +98,20 @@ class UserExport extends BaseSettings
if ($args->getArgc() == 3) {
// @TODO Replace with router-provided arguments
$action = $args->get(2);
$user = DI::app()->user;
switch ($action) {
case "backup":
header("Content-type: application/json");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '.' . $action . '"');
self::exportAll(local_user());
break;
case "account":
header("Content-type: application/json");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '.' . $action . '"');
self::exportAccount(local_user());
break;
case "contact":
header("Content-type: application/csv");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '-contacts.csv' . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getNickname() . '-contacts.csv' . '"');
self::exportContactsAsCSV(local_user());
break;
}

View File

@ -26,6 +26,7 @@ use Friendica\App\BaseURL;
use Friendica\Content\Text\HTML;
use Friendica\Core\L10n;
use Friendica\Model\Item;
use Friendica\Model\User;
use Friendica\Object\Email;
use Friendica\Protocol\Email as EmailProtocol;
@ -36,20 +37,22 @@ class ItemCCEMail extends Email
{
public function __construct(App $a, L10n $l10n, BaseURL $baseUrl, array $item, string $toAddress, string $authorThumb)
{
$disclaimer = '<hr />' . $l10n->t('This message was sent to you by %s, a member of the Friendica social network.', $a->getUserValue('username'))
$user = User::getById($a->getUserId());
$disclaimer = '<hr />' . $l10n->t('This message was sent to you by %s, a member of the Friendica social network.', $user['username'])
. '<br />';
$disclaimer .= $l10n->t('You may visit them online at %s', $baseUrl . '/profile/' . $a->getNickname()) . EOL;
$disclaimer .= $l10n->t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL;
if (!$item['title'] == '') {
$subject = EmailProtocol::encodeHeader($item['title'], 'UTF-8');
} else {
$subject = EmailProtocol::encodeHeader('[Friendica]' . ' ' . $l10n->t('%s posted an update.', $a->getUserValue('username')), 'UTF-8');
$subject = EmailProtocol::encodeHeader('[Friendica]' . ' ' . $l10n->t('%s posted an update.', $user['username']), 'UTF-8');
}
$link = '<a href="' . $baseUrl . '/profile/' . $a->getNickname() . '"><img src="' . $authorThumb . '" alt="' . $a->getUserValue('username') . '" /></a><br /><br />';
$link = '<a href="' . $baseUrl . '/profile/' . $a->getNickname() . '"><img src="' . $authorThumb . '" alt="' . $user['username'] . '" /></a><br /><br />';
$html = Item::prepareBody($item);
$message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';;
parent::__construct($a->getUserValue('username'), $a->getUserValue('email'), $a->getUserValue('email'), $toAddress,
parent::__construct($user['username'], $user['email'], $user['email'], $toAddress,
$subject, $message, HTML::toPlaintext($html . $disclaimer));
}
}

View File

@ -355,7 +355,6 @@ class Authentication
$a->setUserId($user_record['uid']);
$a->setNickname($user_record['nickname']);
$a->user = $user_record;
if ($login_initial) {
Hook::callAll('logged_in', $user_record);

View File

@ -41,11 +41,7 @@ class AddContact
return;
}
$user = User::getById($uid);
if (empty($user)) {
return;
}
$result = Contact::createFromProbe($user, $url, '', false);
$result = Contact::createFromProbe($uid, $url);
Logger::info('Added contact', ['uid' => $uid, 'url' => $url, 'result' => $result]);
}
}

View File

@ -1949,7 +1949,7 @@ class ApiTest extends FixtureTest
*/
public function testApiStatusesMentions()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setNickname($this->selfUser['nick']);
$_REQUEST['max_id'] = 10;
$result = api_statuses_mentions('json');
self::assertEmpty($result['status']);
@ -2865,7 +2865,7 @@ class ApiTest extends FixtureTest
*/
public function testApiDirectMessagesNewWithScreenName()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setNickname($this->selfUser['nick']);
$_POST['text'] = 'message_text';
$_POST['screen_name'] = $this->friendUser['nick'];
$result = api_direct_messages_new('json');
@ -2881,7 +2881,7 @@ class ApiTest extends FixtureTest
*/
public function testApiDirectMessagesNewWithTitle()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setNickname($this->selfUser['nick']);
$_POST['text'] = 'message_text';
$_POST['screen_name'] = $this->friendUser['nick'];
$_REQUEST['title'] = 'message_title';
@ -2899,7 +2899,7 @@ class ApiTest extends FixtureTest
*/
public function testApiDirectMessagesNewWithRss()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setNickname($this->selfUser['nick']);
$_POST['text'] = 'message_text';
$_POST['screen_name'] = $this->friendUser['nick'];
$result = api_direct_messages_new('rss');

View File

@ -200,8 +200,8 @@ function frio_remote_nav(App $a, array &$nav_info)
// since $userinfo isn't available for the hook we write it to the nav array
// this isn't optimal because the contact query will be done now twice
$fields = ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl'];
if (local_user() && !empty($a->getUserId())) {
$fields = ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl', 'updated'];
if ($a->isLoggedIn()) {
$remoteUser = Contact::selectFirst($fields, ['uid' => $a->getUserId(), 'self' => true]);
} elseif (!local_user() && remote_user()) {
$remoteUser = Contact::getById(remote_user(), $fields);