3 * Name: Advanced content Filter
4 * Description: Expression-based content filter
6 * Author: Hypolite Petovan <https://friendica.mrpetovan.com/profile/hypolite>
7 * Maintainer: Hypolite Petovan <https://friendica.mrpetovan.com/profile/hypolite>
9 * Copyright (c) 2018 Hypolite Petovan
10 * All rights reserved.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions are met:
14 * * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
16 * * Redistributions in binary form must reproduce the above
17 * * copyright notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the distribution.
19 * * Neither the name of Friendica nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
25 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
26 * DISCLAIMED. IN NO EVENT SHALL FRIENDICA BE LIABLE FOR ANY DIRECT,
27 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
28 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
30 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
31 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
32 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 use Friendica\BaseModule;
38 use Friendica\Content\Text\Markdown;
39 use Friendica\Core\Hook;
40 use Friendica\Core\Logger;
41 use Friendica\Core\Renderer;
42 use Friendica\Database\DBA;
43 use Friendica\Database\DBStructure;
45 use Friendica\Model\Item;
46 use Friendica\Model\Post;
47 use Friendica\Model\Tag;
48 use Friendica\Model\User;
49 use Friendica\Module\Security\Login;
50 use Friendica\Network\HTTPException;
51 use Friendica\Util\DateTimeFormat;
52 use Psr\Http\Message\ResponseInterface;
53 use Psr\Http\Message\ServerRequestInterface;
54 use Symfony\Component\ExpressionLanguage;
56 require_once __DIR__ . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
58 function advancedcontentfilter_install()
60 Hook::register('dbstructure_definition' , __FILE__, 'advancedcontentfilter_dbstructure_definition');
61 Hook::register('prepare_body_content_filter', __FILE__, 'advancedcontentfilter_prepare_body_content_filter');
62 Hook::register('addon_settings' , __FILE__, 'advancedcontentfilter_addon_settings');
64 Hook::add('dbstructure_definition' , __FILE__, 'advancedcontentfilter_dbstructure_definition');
65 DBStructure::performUpdate();
67 Logger::notice('installed advancedcontentfilter');
74 function advancedcontentfilter_dbstructure_definition(&$database)
76 $database['advancedcontentfilter_rules'] = [
77 'comment' => 'Advancedcontentfilter addon rules',
79 'id' => ['type' => 'int unsigned', 'not null' => '1', 'extra' => 'auto_increment', 'primary' => '1', 'comment' => 'Auto incremented rule id'],
80 'uid' => ['type' => 'int unsigned', 'not null' => '1', 'comment' => 'Owner user id'],
81 'name' => ['type' => 'varchar(255)', 'not null' => '1', 'comment' => 'Rule name'],
82 'expression' => ['type' => 'mediumtext' , 'not null' => '1', 'comment' => 'Expression text'],
83 'serialized' => ['type' => 'mediumtext' , 'not null' => '1', 'comment' => 'Serialized parsed expression'],
84 'active' => ['type' => 'boolean' , 'not null' => '1', 'default' => '1', 'comment' => 'Whether the rule is active or not'],
85 'created' => ['type' => 'datetime' , 'not null' => '1', 'default' => DBA::NULL_DATETIME, 'comment' => 'Creation date'],
89 'uid_active' => ['uid', 'active'],
95 * @param array $item Prepared by either Model\Item::prepareBody or advancedcontentfilter_prepare_item_row
98 function advancedcontentfilter_get_filter_fields(array $item)
102 // Convert the language JSON text into a filterable format
103 if (!empty($item['language']) && ($languages = json_decode($item['language'], true))) {
104 foreach ($languages as $key => $value) {
105 $vars['language_' . strtolower($key)] = $value;
109 foreach ($item as $key => $value) {
110 $vars[str_replace('-', '_', $key)] = $value;
118 function advancedcontentfilter_prepare_body_content_filter(&$hook_data)
120 static $expressionLanguage;
122 if (is_null($expressionLanguage)) {
123 $expressionLanguage = new ExpressionLanguage\ExpressionLanguage();
126 if (!DI::userSession()->getLocalUserId()) {
130 $vars = advancedcontentfilter_get_filter_fields($hook_data['item']);
132 $rules = DI::cache()->get('rules_' . DI::userSession()->getLocalUserId());
133 if (!isset($rules)) {
134 $rules = DBA::toArray(DBA::select(
135 'advancedcontentfilter_rules',
136 ['name', 'expression', 'serialized'],
137 ['uid' => DI::userSession()->getLocalUserId(), 'active' => true]
140 DI::cache()->set('rules_' . DI::userSession()->getLocalUserId(), $rules);
144 foreach($rules as $rule) {
146 $serializedParsedExpression = new ExpressionLanguage\SerializedParsedExpression(
151 // The error suppression operator is used because of potentially broken user-supplied regular expressions
152 $found = (bool) @$expressionLanguage->evaluate($serializedParsedExpression, $vars);
153 } catch (Exception $e) {
158 $hook_data['filter_reasons'][] = DI::l10n()->t('Filtered by rule: %s', $rule['name']);
166 function advancedcontentfilter_addon_settings(array &$data)
168 if (!DI::userSession()->getLocalUserId()) {
173 'addon' => 'advancedcontentfilter',
174 'title' => DI::l10n()->t('Advanced Content Filter'),
175 'href' => 'advancedcontentfilter',
184 * This is a statement rather than an actual function definition. The simple
185 * existence of this method is checked to figure out if the addon offers a
188 function advancedcontentfilter_module() {}
190 function advancedcontentfilter_init()
192 if (DI::args()->getArgc() > 1 && DI::args()->getArgv()[1] == 'api') {
193 $slim = new \Slim\App();
195 require __DIR__ . '/src/middlewares.php';
197 require __DIR__ . '/src/routes.php';
204 function advancedcontentfilter_content()
206 if (!DI::userSession()->getLocalUserId()) {
207 return Login::form('/' . implode('/', DI::args()->getArgv()));
210 if (DI::args()->getArgc() > 1 && DI::args()->getArgv()[1] == 'help') {
211 $user = User::getById(DI::userSession()->getLocalUserId());
213 $lang = $user['language'];
215 $default_dir = 'addon/advancedcontentfilter/doc/';
216 $help_file = 'advancedcontentfilter.md';
217 $help_path = $default_dir . $help_file;
218 if (file_exists($default_dir . $lang . '/' . $help_file)) {
219 $help_path = $default_dir . $lang . '/' . $help_file;
222 $content = file_get_contents($help_path);
224 $html = Markdown::convert($content, false);
226 $html = str_replace('code>', 'key>', $html);
230 $t = Renderer::getMarkupTemplate('settings.tpl', 'addon/advancedcontentfilter/');
231 return Renderer::replaceMacros($t, [
233 'backtosettings' => DI::l10n()->t('Back to Addon Settings'),
234 'title' => DI::l10n()->t('Advanced Content Filter'),
235 'add_a_rule' => DI::l10n()->t('Add a Rule'),
236 'help' => DI::l10n()->t('Help'),
237 'intro' => DI::l10n()->t('Add and manage your personal content filter rules in this screen. Rules have a name and an arbitrary expression that will be matched against post data. For a complete reference of the available operations and variables, check the help page.'),
238 'your_rules' => DI::l10n()->t('Your rules'),
239 'no_rules' => DI::l10n()->t('You have no rules yet! Start adding one by clicking on the button above next to the title.'),
240 'disabled' => DI::l10n()->t('Disabled'),
241 'enabled' => DI::l10n()->t('Enabled'),
242 'disable_this_rule' => DI::l10n()->t('Disable this rule'),
243 'enable_this_rule' => DI::l10n()->t('Enable this rule'),
244 'edit_this_rule' => DI::l10n()->t('Edit this rule'),
245 'edit_the_rule' => DI::l10n()->t('Edit the rule'),
246 'save_this_rule' => DI::l10n()->t('Save this rule'),
247 'delete_this_rule' => DI::l10n()->t('Delete this rule'),
248 'rule' => DI::l10n()->t('Rule'),
249 'close' => DI::l10n()->t('Close'),
250 'addtitle' => DI::l10n()->t('Add new rule'),
251 'rule_name' => DI::l10n()->t('Rule Name'),
252 'rule_expression' => DI::l10n()->t('Rule Expression'),
253 'cancel' => DI::l10n()->t('Cancel'),
255 '$current_theme' => DI::app()->getCurrentTheme(),
256 '$rules' => advancedcontentfilter_get_rules(),
257 '$form_security_token' => BaseModule::getFormSecurityToken()
265 function advancedcontentfilter_build_fields($data)
269 if (!empty($data['name'])) {
270 $fields['name'] = $data['name'];
273 if (!empty($data['expression'])) {
274 // Using a dummy item to validate the field existence
275 $condition = ["(`uid` = ? OR `uid` = 0)", DI::userSession()->getLocalUserId()];
276 $params = ['order' => ['uid' => true]];
277 $item_row = Post::selectFirstForUser(DI::userSession()->getLocalUserId(), [], $condition, $params);
279 if (!DBA::isResult($item_row)) {
280 throw new HTTPException\NotFoundException(DI::l10n()->t('This addon requires this node having at least one post'));
283 $expressionLanguage = new ExpressionLanguage\ExpressionLanguage();
284 $parsedExpression = $expressionLanguage->parse(
286 array_keys(advancedcontentfilter_get_filter_fields(advancedcontentfilter_prepare_item_row($item_row)))
289 $serialized = serialize($parsedExpression->getNodes());
291 $fields['expression'] = $data['expression'];
292 $fields['serialized'] = $serialized;
295 if (isset($data['active'])) {
296 $fields['active'] = intval($data['active']);
298 $fields['active'] = 1;
308 function advancedcontentfilter_get_rules()
310 if (!DI::userSession()->getLocalUserId()) {
311 throw new HTTPException\UnauthorizedException(DI::l10n()->t('You must be logged in to use this method'));
314 $rules = DBA::toArray(DBA::select('advancedcontentfilter_rules', [], ['uid' => DI::userSession()->getLocalUserId()]));
316 return json_encode($rules);
319 function advancedcontentfilter_get_rules_id(ServerRequestInterface $request, ResponseInterface $response, $args)
321 if (!DI::userSession()->getLocalUserId()) {
322 throw new HTTPException\UnauthorizedException(DI::l10n()->t('You must be logged in to use this method'));
325 $rule = DBA::selectFirst('advancedcontentfilter_rules', [], ['id' => $args['id'], 'uid' => DI::userSession()->getLocalUserId()]);
327 return json_encode($rule);
330 function advancedcontentfilter_post_rules(ServerRequestInterface $request)
332 if (!DI::userSession()->getLocalUserId()) {
333 throw new HTTPException\UnauthorizedException(DI::l10n()->t('You must be logged in to use this method'));
336 if (!BaseModule::checkFormSecurityToken()) {
337 throw new HTTPException\BadRequestException(DI::l10n()->t('Invalid form security token, please refresh the page.'));
340 $data = json_decode($request->getBody(), true);
343 $fields = advancedcontentfilter_build_fields($data);
344 } catch (Exception $e) {
345 throw new HTTPException\BadRequestException($e->getMessage(), $e);
348 if (empty($fields['name']) || empty($fields['expression'])) {
349 throw new HTTPException\BadRequestException(DI::l10n()->t('The rule name and expression are required.'));
352 $fields['uid'] = DI::userSession()->getLocalUserId();
353 $fields['created'] = DateTimeFormat::utcNow();
355 if (!DBA::insert('advancedcontentfilter_rules', $fields)) {
356 throw new HTTPException\ServiceUnavailableException(DBA::errorMessage());
359 $rule = DBA::selectFirst('advancedcontentfilter_rules', [], ['id' => DBA::lastInsertId()]);
361 DI::cache()->delete('rules_' . DI::userSession()->getLocalUserId());
363 return json_encode(['message' => DI::l10n()->t('Rule successfully added'), 'rule' => $rule]);
366 function advancedcontentfilter_put_rules_id(ServerRequestInterface $request, ResponseInterface $response, $args)
368 if (!DI::userSession()->getLocalUserId()) {
369 throw new HTTPException\UnauthorizedException(DI::l10n()->t('You must be logged in to use this method'));
372 if (!BaseModule::checkFormSecurityToken()) {
373 throw new HTTPException\BadRequestException(DI::l10n()->t('Invalid form security token, please refresh the page.'));
376 if (!DBA::exists('advancedcontentfilter_rules', ['id' => $args['id'], 'uid' => DI::userSession()->getLocalUserId()])) {
377 throw new HTTPException\NotFoundException(DI::l10n()->t('Rule doesn\'t exist or doesn\'t belong to you.'));
380 $data = json_decode($request->getBody(), true);
383 $fields = advancedcontentfilter_build_fields($data);
384 } catch (Exception $e) {
385 throw new HTTPException\BadRequestException($e->getMessage(), $e);
388 if (!DBA::update('advancedcontentfilter_rules', $fields, ['id' => $args['id']])) {
389 throw new HTTPException\ServiceUnavailableException(DBA::errorMessage());
392 DI::cache()->delete('rules_' . DI::userSession()->getLocalUserId());
394 return json_encode(['message' => DI::l10n()->t('Rule successfully updated')]);
397 function advancedcontentfilter_delete_rules_id(ServerRequestInterface $request, ResponseInterface $response, $args)
399 if (!DI::userSession()->getLocalUserId()) {
400 throw new HTTPException\UnauthorizedException(DI::l10n()->t('You must be logged in to use this method'));
403 if (!BaseModule::checkFormSecurityToken()) {
404 throw new HTTPException\BadRequestException(DI::l10n()->t('Invalid form security token, please refresh the page.'));
407 if (!DBA::exists('advancedcontentfilter_rules', ['id' => $args['id'], 'uid' => DI::userSession()->getLocalUserId()])) {
408 throw new HTTPException\NotFoundException(DI::l10n()->t('Rule doesn\'t exist or doesn\'t belong to you.'));
411 if (!DBA::delete('advancedcontentfilter_rules', ['id' => $args['id']])) {
412 throw new HTTPException\ServiceUnavailableException(DBA::errorMessage());
415 DI::cache()->delete('rules_' . DI::userSession()->getLocalUserId());
417 return json_encode(['message' => DI::l10n()->t('Rule successfully deleted')]);
420 function advancedcontentfilter_get_variables_guid(ServerRequestInterface $request, ResponseInterface $response, $args)
422 if (!DI::userSession()->getLocalUserId()) {
423 throw new HTTPException\UnauthorizedException(DI::l10n()->t('You must be logged in to use this method'));
426 if (!isset($args['guid'])) {
427 throw new HTTPException\BadRequestException(DI::l10n()->t('Missing argument: guid.'));
430 $condition = ["`guid` = ? AND (`uid` = ? OR `uid` = 0)", $args['guid'], DI::userSession()->getLocalUserId()];
431 $params = ['order' => ['uid' => true]];
432 $item_row = Post::selectFirstForUser(DI::userSession()->getLocalUserId(), [], $condition, $params);
434 if (!DBA::isResult($item_row)) {
435 throw new HTTPException\NotFoundException(DI::l10n()->t('Unknown post with guid: %s', $args['guid']));
438 $return = advancedcontentfilter_get_filter_fields(advancedcontentfilter_prepare_item_row($item_row));
440 return json_encode(['variables' => str_replace('\\\'', '\'', var_export($return, true))]);
444 * This mimimcs the processing performed in Model\Item::prepareBody
446 * @param array $item_row
448 * @throws HTTPException\InternalServerErrorException
449 * @throws ImagickException
451 function advancedcontentfilter_prepare_item_row(array $item_row): array
453 $tags = Tag::populateFromItem($item_row);
455 $item_row['tags'] = $tags['tags'];
456 $item_row['hashtags'] = $tags['hashtags'];
457 $item_row['mentions'] = $tags['mentions'];
458 $item_row['attachments'] = Post\Media::splitAttachments($item_row['uri-id']);