3 * Name: Remote Permissions
4 * Description: Allow the recipients of private posts to see who else can see the post by clicking the lock icon
6 * Author: Zach <https://f.shmuz.in/profile/techcity>
9 use Friendica\Core\Addon;
10 use Friendica\Core\Config;
11 use Friendica\Core\L10n;
12 use Friendica\Core\PConfig;
14 function remote_permissions_install() {
15 Addon::registerHook('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
16 Addon::registerHook('addon_settings', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings');
17 Addon::registerHook('addon_settings_post', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings_post');
20 function remote_permissions_uninstall() {
21 Addon::unregisterHook('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
22 Addon::unregisterHook('addon_settings', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings');
23 Addon::unregisterHook('addon_settings_post', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings_post');
26 function remote_permissions_settings(&$a,&$o) {
31 $global = Config::get("remote_perms", "global");
35 /* Add our stylesheet to the page so we can make our settings look nice */
37 $a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/remote_permissions/settings.css' . '" media="all" />' . "\r\n";
39 /* Get the current state of our config variable */
41 $remote_perms = PConfig::get(local_user(),'remote_perms','show');
43 /* Add some HTML to the existing form */
45 // $t = file_get_contents("addon/remote_permissions/settings.tpl" );
46 $t = get_markup_template("settings.tpl", "addon/remote_permissions/" );
47 $o .= replace_macros($t, [
48 '$remote_perms_title' => L10n::t('Remote Permissions Settings'),
49 '$remote_perms_label' => L10n::t('Allow recipients of your private posts to see the other recipients of the posts'),
50 '$checked' => (($remote_perms == 1) ? 'checked="checked"' : ''),
51 '$submit' => L10n::t('Save Settings')
56 function remote_permissions_settings_post($a,$post) {
57 if(! local_user() || (! x($_POST,'remote-perms-submit')))
60 PConfig::set(local_user(),'remote_perms','show',intval($_POST['remote-perms']));
61 info(L10n::t('Remote Permissions settings updated.') . EOL);
64 function remote_permissions_content($a, $item_copy) {
66 if($item_copy['uid'] != local_user())
69 if(Config::get('remote_perms','global') == 0) {
70 // Admin has set Individual choice. We need to find
71 // the original poster. First, get the contact's info
72 $r = q("SELECT nick, url FROM contact WHERE id = %d LIMIT 1",
73 intval($item_copy['contact-id'])
78 // Find out if the contact lives here
79 $baseurl = $a->get_baseurl();
80 $baseurl = substr($baseurl, strpos($baseurl, '://') + 3);
81 if(strpos($r[0]['url'], $baseurl) === false)
84 // The contact lives here. Get his/her user info
85 $nick = $r[0]['nick'];
86 $r = q("SELECT uid FROM user WHERE nickname = '%s' LIMIT 1",
92 if(PConfig::get($r[0]['uid'],'remote_perms','show') == 0)
96 if(($item_copy['private'] == 1) && (! strlen($item_copy['allow_cid'])) && (! strlen($item_copy['allow_gid']))
97 && (! strlen($item_copy['deny_cid'])) && (! strlen($item_copy['deny_gid']))) {
101 // Check for the original post here -- that's the only way
102 // to definitely get all of the recipients
104 if($item_copy['uri'] === $item_copy['parent-uri']) {
105 // Lockview for a top-level post
106 $r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1",
107 dbesc($item_copy['uri'])
111 // Lockview for a comment
112 $r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'
113 AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1",
114 dbesc($item_copy['uri']),
115 dbesc($item_copy['parent-uri'])
122 $allowed_users = expand_acl($item['allow_cid']);
123 $allowed_groups = expand_acl($item['allow_gid']);
124 $deny_users = expand_acl($item['deny_cid']);
125 $deny_groups = expand_acl($item['deny_gid']);
127 $o = L10n::t('Visible to:') . '<br />';
131 if(count($allowed_groups)) {
132 $r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )",
133 dbesc(implode(', ', $allowed_groups))
136 $allow[] = $rr['contact-id'];
138 $allow = array_unique($allow + $allowed_users);
140 if(count($deny_groups)) {
141 $r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )",
142 dbesc(implode(', ', $deny_groups))
145 $deny[] = $rr['contact-id'];
147 $deny = $deny + $deny_users;
151 $r = q("SELECT name FROM contact WHERE id IN ( %s )",
152 dbesc(implode(', ', array_diff($allow, $deny)))
155 $allow_names[] = $rr['name'];
159 // We don't have the original post. Let's try for the next best thing:
160 // checking who else has the post on our own server. Note that comments
161 // that were sent to Diaspora and were relayed to others on our server
162 // will have different URIs than the original. We can match the GUID for
164 $r = q("SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s'",
165 dbesc($item_copy['uri']),
166 dbesc($item_copy['guid'])
173 $allow[] = $rr['uid'];
175 $r = q("SELECT username FROM user WHERE uid IN ( %s )",
176 dbesc(implode(', ', $allow))
181 $o = L10n::t('Visible to') . ' (' . L10n::t('may only be a partial list') . '):<br />';
184 $allow_names[] = $rr['username'];
187 // Sort the names alphabetically, case-insensitive
188 natcasesort($allow_names);
189 echo $o . implode(', ', $allow_names);
196 function remote_permissions_addon_admin(&$a, &$o){
197 $t = get_markup_template( "admin.tpl", "addon/remote_permissions/" );
198 $o = replace_macros($t, [
199 '$submit' => L10n::t('Save Settings'),
200 '$global' => ['remotepermschoice', L10n::t('Global'), 1, L10n::t('The posts of every user on this server show the post recipients'), Config::get('remote_perms', 'global') == 1],
201 '$individual' => ['remotepermschoice', L10n::t('Individual'), 2, L10n::t('Each user chooses whether his/her posts show the post recipients'), Config::get('remote_perms', 'global') == 0]
205 function remote_permissions_addon_admin_post(&$a){
206 $choice = ((x($_POST,'remotepermschoice')) ? notags(trim($_POST['remotepermschoice'])) : '');
207 Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
208 info(L10n::t('Settings updated.'). EOL);