remote_permissions/remote_permissions.php

   1 <?php
   2 /**
   3  * Name: Remote Permissions
   4  * Description: Allow the recipients of private posts to see who else can see the post by clicking the lock icon
   5  * Version: 1.0
   6  * Author: Zach <https://f.shmuz.in/profile/techcity>
   7  * Status: Unsupported
   8  */
   9
  10 use Friendica\Core\Config;
  11 use Friendica\Core\Hook;
  12 use Friendica\Core\L10n;
  13 use Friendica\Core\Renderer;
  14 use Friendica\Database\DBA;
  15 use Friendica\DI;
  16 use Friendica\Util\Strings;
  17
  18 function remote_permissions_install() {
  19         Hook::register('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
  20         Hook::register('addon_settings', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings');
  21         Hook::register('addon_settings_post', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings_post');
  22 }
  23
  24 function remote_permissions_uninstall() {
  25         Hook::unregister('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
  26         Hook::unregister('addon_settings', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings');
  27         Hook::unregister('addon_settings_post', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings_post');
  28 }
  29
  30 function remote_permissions_settings(&$a,&$o) {
  31
  32         if(! local_user())
  33                 return;
  34
  35         $global = Config::get("remote_perms", "global");
  36         if($global == 1)
  37                 return;
  38
  39         /* Add our stylesheet to the page so we can make our settings look nice */
  40
  41         DI::page()['htmlhead'] .= '<link rel="stylesheet"  type="text/css" href="' . DI::baseUrl()->get() . '/addon/remote_permissions/settings.css' . '" media="all" />' . "\r\n";
  42
  43         /* Get the current state of our config variable */
  44
  45         $remote_perms = DI::pConfig()->get(local_user(),'remote_perms','show');
  46
  47         /* Add some HTML to the existing form */
  48
  49 //      $t = file_get_contents("addon/remote_permissions/settings.tpl" );
  50         $t = Renderer::getMarkupTemplate("settings.tpl", "addon/remote_permissions/" );
  51         $o .= Renderer::replaceMacros($t, [
  52                 '$remote_perms_title' => DI::l10n()->t('Remote Permissions Settings'),
  53                 '$remote_perms_label' => DI::l10n()->t('Allow recipients of your private posts to see the other recipients of the posts'),
  54                 '$checked' => (($remote_perms == 1) ? 'checked="checked"' : ''),
  55                 '$submit' => DI::l10n()->t('Save Settings')
  56         ]);
  57
  58 }
  59
  60 function remote_permissions_settings_post($a,$post) {
  61         if(! local_user() || empty($_POST['remote-perms-submit']))
  62                 return;
  63
  64         DI::pConfig()->set(local_user(),'remote_perms','show',intval($_POST['remote-perms']));
  65         info(DI::l10n()->t('Remote Permissions settings updated.') . EOL);
  66 }
  67
  68 function remote_permissions_content($a, $item_copy) {
  69
  70         if($item_copy['uid'] != local_user())
  71                 return;
  72
  73         if(Config::get('remote_perms','global') == 0) {
  74                 // Admin has set Individual choice. We need to find
  75                 // the original poster. First, get the contact's info
  76                 $r = q("SELECT nick, url FROM contact WHERE id = %d LIMIT 1",
  77                        intval($item_copy['contact-id'])
  78                 );
  79                 if(! $r)
  80                         return;
  81
  82                 // Find out if the contact lives here
  83                 $baseurl = DI::baseUrl()->get();
  84                 $baseurl = substr($baseurl, strpos($baseurl, '://') + 3);
  85                 if(strpos($r[0]['url'], $baseurl) === false)
  86                         return;
  87
  88                 // The contact lives here. Get his/her user info
  89                 $nick = $r[0]['nick'];
  90                 $r = q("SELECT uid FROM user WHERE nickname = '%s' LIMIT 1",
  91                        DBA::escape($nick)
  92                 );
  93                 if(! $r)
  94                         return;
  95
  96                 if(DI::pConfig()->get($r[0]['uid'],'remote_perms','show') == 0)
  97                         return;
  98         }
  99
 100         if(($item_copy['private'] == 1) && (! strlen($item_copy['allow_cid'])) && (! strlen($item_copy['allow_gid']))
 101                 && (! strlen($item_copy['deny_cid'])) && (! strlen($item_copy['deny_gid']))) {
 102
 103                 $allow_names = [];
 104
 105                 // Check for the original post here -- that's the only way
 106                 // to definitely get all of the recipients
 107
 108                 if($item_copy['uri'] === $item_copy['parent-uri']) {
 109                         // Lockview for a top-level post
 110                         $r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1",
 111                                    DBA::escape($item_copy['uri'])
 112                         );
 113                 }
 114                 else {
 115                         // Lockview for a comment
 116                         $r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'
 117                                 AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1",
 118                                    DBA::escape($item_copy['uri']),
 119                                    DBA::escape($item_copy['parent-uri'])
 120                         );
 121                 }
 122                 if($r) {
 123
 124                         $item = $r[0];
 125
 126                         $aclFormatter = DI::aclFormatter();
 127
 128                         $allowed_users = $aclFormatter->expand($item['allow_cid']);
 129                         $allowed_groups = $aclFormatter->expand($item['allow_gid']);
 130                         $deny_users = $aclFormatter->expand($item['deny_cid']);
 131                         $deny_groups = $aclFormatter->expand($item['deny_gid']);
 132
 133                         $o = DI::l10n()->t('Visible to:') . '<br />';
 134                         $allow = [];
 135                         $deny = [];
 136
 137                         if(count($allowed_groups)) {
 138                                 $r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )",
 139                                         DBA::escape(implode(', ', $allowed_groups))
 140                                 );
 141                                 foreach($r as $rr)
 142                                         $allow[] = $rr['contact-id'];
 143                         }
 144                         $allow = array_unique($allow + $allowed_users);
 145
 146                         if(count($deny_groups)) {
 147                                 $r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )",
 148                                         DBA::escape(implode(', ', $deny_groups))
 149                                 );
 150                                 foreach($r as $rr)
 151                                         $deny[] = $rr['contact-id'];
 152                         }
 153                         $deny = $deny + $deny_users;
 154
 155                         if($allow)
 156                         {
 157                                 $r = q("SELECT name FROM contact WHERE id IN ( %s )",
 158                                            DBA::escape(implode(', ', array_diff($allow, $deny)))
 159                                 );
 160                                 foreach($r as $rr)
 161                                         $allow_names[] = $rr['name'];
 162                         }
 163                 }
 164                 else {
 165                         // We don't have the original post. Let's try for the next best thing:
 166                         // checking who else has the post on our own server. Note that comments
 167                         // that were sent to Diaspora and were relayed to others on our server
 168                         // will have different URIs than the original. We can match the GUID for
 169                         // those
 170                         $r = q("SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s'",
 171                                    DBA::escape($item_copy['uri']),
 172                                DBA::escape($item_copy['guid'])
 173                         );
 174                         if(! $r)
 175                                 return;
 176
 177                         $allow = [];
 178                         foreach($r as $rr)
 179                                 $allow[] = $rr['uid'];
 180
 181                         $r = q("SELECT username FROM user WHERE uid IN ( %s )",
 182                                 DBA::escape(implode(', ', $allow))
 183                         );
 184                         if(! $r)
 185                                 return;
 186
 187                         $o = DI::l10n()->t('Visible to') . ' (' . DI::l10n()->t('may only be a partial list') . '):<br />';
 188
 189                         foreach($r as $rr)
 190                                 $allow_names[] = $rr['username'];
 191                 }
 192
 193                 // Sort the names alphabetically, case-insensitive
 194                 natcasesort($allow_names);
 195                 echo $o . implode(', ', $allow_names);
 196                 exit();
 197         }
 198
 199         return;
 200 }
 201
 202 function remote_permissions_addon_admin(&$a, &$o){
 203         $t = Renderer::getMarkupTemplate( "admin.tpl", "addon/remote_permissions/" );
 204         $o = Renderer::replaceMacros($t, [
 205                 '$submit' => DI::l10n()->t('Save Settings'),
 206                 '$global' => ['remotepermschoice', DI::l10n()->t('Global'), 1, DI::l10n()->t('The posts of every user on this server show the post recipients'),  Config::get('remote_perms', 'global') == 1],
 207                 '$individual' => ['remotepermschoice', DI::l10n()->t('Individual'), 2, DI::l10n()->t('Each user chooses whether his/her posts show the post recipients'),  Config::get('remote_perms', 'global') == 0]
 208         ]);
 209 }
 210
 211 function remote_permissions_addon_admin_post(&$a){
 212         $choice =       (!empty($_POST['remotepermschoice'])            ? Strings::escapeTags(trim($_POST['remotepermschoice']))        : '');
 213         Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
 214         info(DI::l10n()->t('Settings updated.'). EOL);
 215 }