3 * @copyright Copyright (C) 2010-2023, the Friendica project
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Core;
24 use Friendica\App\Page;
25 use Friendica\Database\DBA;
27 use Friendica\Model\Contact;
28 use Friendica\Model\Group;
29 use Friendica\Model\User;
32 * Handle ACL management and display
37 * Returns the default lock state for the given user id
39 * @return bool "true" if the default settings are non public
41 public static function getLockstateForUserId(int $uid)
43 $user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
44 return !empty($user['allow_cid']) || !empty($user['allow_gid']) || !empty($user['deny_cid']) || !empty($user['deny_gid']);
48 * Returns a select input tag for private message recipient
50 * @param int $selected Existing recipien contact ID
54 public static function getMessageContactSelectHTML(int $selected = null): string
60 $page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
61 $page->registerFooterScript(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.js'));
62 $page->registerFooterScript(Theme::getPathForFile('../vendor/enyo/dropzone/dist/min/dropzone.min.js'));
63 $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.css'));
64 $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput-typeahead.css'));
65 $page->registerStylesheet(Theme::getPathForFile('../vendor/enyo/dropzone/dist/min/dropzone.min.css'));
67 $contacts = self::getValidMessageRecipientsForUser(DI::userSession()->getLocalUserId());
69 $tpl = Renderer::getMarkupTemplate('acl/message_recipient.tpl');
70 $o = Renderer::replaceMacros($tpl, [
71 '$contacts' => $contacts,
72 '$selected' => $selected,
75 Hook::callAll(DI::args()->getModuleName() . '_post_recipient', $o);
80 public static function getValidMessageRecipientsForUser(int $uid): array
89 'rel' => [Contact::FOLLOWER, Contact::SHARING, Contact::FRIEND],
90 'network' => Protocol::SUPPORT_PRIVATE,
93 return Contact::selectToArray(
94 ['id', 'name', 'addr', 'micro', 'url', 'nick'],
95 DBA::mergeConditions($condition, ["`notify` != ''"])
100 * Returns a minimal ACL block for self-only permissions
102 * @param int $localUserId
103 * @param string $explanation
105 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
107 public static function getSelfOnlyHTML(int $localUserId, string $explanation)
109 $selfPublicContactId = Contact::getPublicIdByUserId($localUserId);
111 $tpl = Renderer::getMarkupTemplate('acl/self_only.tpl');
112 $o = Renderer::replaceMacros($tpl, [
113 '$selfPublicContactId' => $selfPublicContactId,
114 '$explanation' => $explanation,
121 * Return the default permission of the provided user array
124 * @return array Hash of contact id lists
127 public static function getDefaultUserPermissions(array $user = null)
129 $aclFormatter = DI::aclFormatter();
132 'allow_cid' => Contact::pruneUnavailable($aclFormatter->expand($user['allow_cid'] ?? '')),
133 'allow_gid' => $aclFormatter->expand($user['allow_gid'] ?? ''),
134 'deny_cid' => $aclFormatter->expand($user['deny_cid'] ?? ''),
135 'deny_gid' => $aclFormatter->expand($user['deny_gid'] ?? ''),
140 * Returns the ACL list of contacts for a given user id
142 * @param int $user_id
143 * @param array $condition Additional contact lookup table conditions
147 public static function getContactListByUserId(int $user_id, array $condition = [])
149 $fields = ['id', 'name', 'addr', 'micro'];
150 $params = ['order' => ['name']];
151 $acl_contacts = Contact::selectToArray(
160 'network' => Protocol::FEDERATED,
161 'rel' => [Contact::FOLLOWER, Contact::FRIEND]
166 $acl_yourself = Contact::selectFirst($fields, ['uid' => $user_id, 'self' => true]);
167 $acl_yourself['name'] = DI::l10n()->t('Yourself');
169 $acl_contacts[] = $acl_yourself;
171 $acl_forums = Contact::selectToArray($fields,
172 ['uid' => $user_id, 'self' => false, 'blocked' => false, 'archive' => false, 'deleted' => false,
173 'network' => Protocol::FEDERATED, 'pending' => false, 'contact-type' => Contact::TYPE_COMMUNITY], $params
176 $acl_contacts = array_merge($acl_forums, $acl_contacts);
178 array_walk($acl_contacts, function (&$value) {
179 $value['type'] = 'contact';
182 return $acl_contacts;
186 * Returns the ACL list of groups (including meta-groups) for a given user id
188 * @param int $user_id
191 public static function getGroupListByUserId(int $user_id)
195 'id' => Group::FOLLOWERS,
196 'name' => DI::l10n()->t('Followers'),
198 'micro' => 'images/twopeople.png',
202 'id' => Group::MUTUALS,
203 'name' => DI::l10n()->t('Mutuals'),
205 'micro' => 'images/twopeople.png',
209 foreach (Group::getByUserId($user_id) as $group) {
211 'id' => $group['id'],
212 'name' => $group['name'],
214 'micro' => 'images/twopeople.png',
223 * Return the full jot ACL selector HTML
226 * @param int $uid User ID
227 * @param bool $for_federation
228 * @param array $default_permissions Static defaults permission array:
235 * @param array $condition
236 * @param string $form_prefix
238 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
240 public static function getFullSelectorHTML(
243 bool $for_federation = false,
244 array $default_permissions = [],
245 array $condition = [],
252 static $input_group_id = 0;
254 $user = User::getById($uid);
258 $page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
259 $page->registerFooterScript(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.js'));
260 $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.css'));
261 $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput-typeahead.css'));
263 // Defaults user permissions
264 if (empty($default_permissions)) {
265 $default_permissions = self::getDefaultUserPermissions($user);
268 $default_permissions = [
269 'allow_cid' => $default_permissions['allow_cid'] ?? [],
270 'allow_gid' => $default_permissions['allow_gid'] ?? [],
271 'deny_cid' => $default_permissions['deny_cid'] ?? [],
272 'deny_gid' => $default_permissions['deny_gid'] ?? [],
275 if (count($default_permissions['allow_cid'])
276 + count($default_permissions['allow_gid'])
277 + count($default_permissions['deny_cid'])
278 + count($default_permissions['deny_gid'])) {
279 $visibility = 'custom';
281 $visibility = 'public';
282 // Default permission display for custom panel
283 $default_permissions['allow_gid'] = [Group::FOLLOWERS];
286 $jotnets_fields = [];
287 if ($for_federation) {
288 if (function_exists('imap_open') && !DI::config()->get('system', 'imap_disabled')) {
289 $mailacct = DBA::selectFirst('mailacct', ['pubmail'], ['`uid` = ? AND `server` != ""', $user['uid']]);
290 if (DBA::isResult($mailacct)) {
291 $jotnets_fields[] = [
292 'type' => 'checkbox',
295 DI::l10n()->t('Post to Email'),
296 !empty($mailacct['pubmail'])
302 Hook::callAll('jot_networks', $jotnets_fields);
305 $acl_contacts = self::getContactListByUserId($user['uid'], $condition);
307 $acl_groups = self::getGroupListByUserId($user['uid']);
309 $acl_list = array_merge($acl_groups, $acl_contacts);
312 'visibility' => $form_prefix ? $form_prefix . '[visibility]' : 'visibility',
313 'group_allow' => $form_prefix ? $form_prefix . '[group_allow]' : 'group_allow',
314 'contact_allow' => $form_prefix ? $form_prefix . '[contact_allow]' : 'contact_allow',
315 'group_deny' => $form_prefix ? $form_prefix . '[group_deny]' : 'group_deny',
316 'contact_deny' => $form_prefix ? $form_prefix . '[contact_deny]' : 'contact_deny',
317 'emailcc' => $form_prefix ? $form_prefix . '[emailcc]' : 'emailcc',
320 $tpl = Renderer::getMarkupTemplate('acl/full_selector.tpl');
321 $o = Renderer::replaceMacros($tpl, [
322 '$public_title' => DI::l10n()->t('Public'),
323 '$public_desc' => DI::l10n()->t('This content will be shown to all your followers and can be seen in the community pages and by anyone with its link.'),
324 '$custom_title' => DI::l10n()->t('Limited/Private'),
325 '$custom_desc' => DI::l10n()->t('This content will be shown only to the people in the first box, to the exception of the people mentioned in the second box. It won\'t appear anywhere public.') . DI::l10n()->t('Start typing the name of a contact or a group to show a filtered list. You can also mention the special groups "Followers" and "Mutuals".'),
326 '$allow_label' => DI::l10n()->t('Show to:'),
327 '$deny_label' => DI::l10n()->t('Except to:'),
328 '$emailcc' => DI::l10n()->t('CC: email addresses'),
329 '$emtitle' => DI::l10n()->t('Example: bob@example.com, mary@example.com'),
330 '$jotnets_summary' => DI::l10n()->t('Connectors'),
331 '$visibility' => $visibility,
332 '$acl_contacts' => $acl_contacts,
333 '$acl_groups' => $acl_groups,
334 '$acl_list' => $acl_list,
335 '$contact_allow' => implode(',', $default_permissions['allow_cid']),
336 '$group_allow' => implode(',', $default_permissions['allow_gid']),
337 '$contact_deny' => implode(',', $default_permissions['deny_cid']),
338 '$group_deny' => implode(',', $default_permissions['deny_gid']),
339 '$for_federation' => $for_federation,
340 '$jotnets_fields' => $jotnets_fields,
341 '$input_names' => $input_names,
342 '$input_group_id' => $input_group_id,
349 * Checks the validity of the given ACL string
351 * @param string $acl_string
356 public static function isValidContact($acl_string, $uid)
358 if (empty($acl_string)) {
362 // split <x><y><z> into array of cids
363 preg_match_all('/<[A-Za-z0-9]+>/', $acl_string, $array);
365 // check for each cid if the contact is valid for the given user
366 $cid_array = $array[0];
367 foreach ($cid_array as $cid) {
368 $cid = str_replace(['<', '>'], ['', ''], $cid);
369 if (!DBA::exists('contact', ['id' => $cid, 'uid' => $uid])) {
378 * Checks the validity of the given ACL string
380 * @param string $acl_string
385 public static function isValidGroup($acl_string, $uid)
387 if (empty($acl_string)) {
391 // split <x><y><z> into array of cids
392 preg_match_all('/<[A-Za-z0-9]+>/', $acl_string, $array);
394 // check for each cid if the contact is valid for the given user
395 $gid_array = $array[0];
396 foreach ($gid_array as $gid) {
397 $gid = str_replace(['<', '>'], ['', ''], $gid);
398 if (!DBA::exists('group', ['id' => $gid, 'uid' => $uid, 'deleted' => false])) {