4 * @file src/Core/Acl.php
7 namespace Friendica\Core;
9 use Friendica\BaseObject;
10 use Friendica\Content\Feature;
11 use Friendica\Database\DBA;
12 use Friendica\Model\Contact;
13 use Friendica\Model\GContact;
14 use Friendica\Core\Session;
15 use Friendica\Util\Network;
16 use Friendica\Model\Group;
19 * Handle ACL management and display
21 * @author Hypolite Petovan <hypolite@mrpetovan.com>
23 class ACL extends BaseObject
26 * Returns a select input tag with all the contact of the local user
28 * @param string $selname Name attribute of the select input tag
29 * @param string $selclass Class attribute of the select input tag
30 * @param array $options Available options:
31 * - size: length of the select box
32 * - mutual_friends: Only used for the hook
33 * - single: Only used for the hook
34 * - exclude: Only used for the hook
35 * @param array $preselected Contact ID that should be already selected
39 public static function getSuggestContactSelectHTML($selname, $selclass, array $options = [], array $preselected = [])
45 $size = ($options['size'] ?? 0) ?: 4;
46 $mutual = !empty($options['mutual_friends']);
47 $single = !empty($options['single']) && empty($options['multiple']);
48 $exclude = $options['exclude'] ?? false;
50 switch (($options['networks'] ?? '') ?: Protocol::PHANTOM) {
52 $networks = [Protocol::DFRN];
56 $networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA];
60 if (!empty($a->user['prvnets'])) {
61 $networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA];
63 $networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA, Protocol::OSTATUS];
67 default: /// @TODO Maybe log this call?
71 $x = ['options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks];
73 Hook::callAll('contact_select_options', $x);
79 if (!empty($x['mutual'])) {
80 $sql_extra .= sprintf(" AND `rel` = %d ", intval(Contact::FRIEND));
83 if (!empty($x['exclude'])) {
84 $sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
87 if (!empty($x['networks'])) {
88 /// @TODO rewrite to foreach()
89 array_walk($x['networks'], function (&$value) {
90 $value = "'" . DBA::escape($value) . "'";
92 $str_nets = implode(',', $x['networks']);
93 $sql_extra .= " AND `network` IN ( $str_nets ) ";
96 $tabindex = (!empty($options['tabindex']) ? 'tabindex="' . $options["tabindex"] . '"' : '');
98 if (!empty($x['single'])) {
99 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
101 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
104 $stmt = DBA::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
105 WHERE `uid` = ? AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND NOT `deleted` AND `notify` != ''
107 ORDER BY `name` ASC ", intval(local_user())
110 $contacts = DBA::toArray($stmt);
112 $arr = ['contact' => $contacts, 'entry' => $o];
114 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
115 Hook::callAll($a->module . '_pre_' . $selname, $arr);
117 if (DBA::isResult($contacts)) {
118 foreach ($contacts as $contact) {
119 if (in_array($contact['id'], $preselected)) {
120 $selected = ' selected="selected" ';
125 $trimmed = mb_substr($contact['name'], 0, 20);
127 $o .= "<option value=\"{$contact['id']}\" $selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
131 $o .= '</select>' . PHP_EOL;
133 Hook::callAll($a->module . '_post_' . $selname, $o);
139 * Returns a select input tag with all the contact of the local user
141 * @param string $selname Name attribute of the select input tag
142 * @param string $selclass Class attribute of the select input tag
143 * @param array $preselected Contact IDs that should be already selected
144 * @param int $size Length of the select box
145 * @param int $tabindex Select input tag tabindex attribute
149 public static function getMessageContactSelectHTML($selname, $selclass, array $preselected = [], $size = 4, $tabindex = null)
155 // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
156 // to one recipient. By default our selector allows multiple selects amongst all contacts.
157 $sql_extra = sprintf(" AND `rel` = %d ", intval(Contact::FRIEND));
158 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ", Protocol::DFRN, Protocol::DIASPORA);
160 $tabindex_attr = !empty($tabindex) ? ' tabindex="' . intval($tabindex) . '"' : '';
162 $hidepreselected = '';
164 $sql_extra .= " AND `id` IN (" . implode(",", $preselected) . ")";
165 $hidepreselected = ' style="display: none;"';
168 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\"$tabindex_attr$hidepreselected>\r\n";
170 $stmt = DBA::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
171 WHERE `uid` = ? AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND NOT `deleted` AND `notify` != ''
173 ORDER BY `name` ASC ", intval(local_user())
176 $contacts = DBA::toArray($stmt);
178 $arr = ['contact' => $contacts, 'entry' => $o];
180 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
181 Hook::callAll($a->module . '_pre_' . $selname, $arr);
185 if (DBA::isResult($contacts)) {
186 foreach ($contacts as $contact) {
187 if (in_array($contact['id'], $preselected)) {
188 $selected = ' selected="selected"';
193 $trimmed = Protocol::formatMention($contact['url'], $contact['name']);
195 $receiverlist[] = $trimmed;
197 $o .= "<option value=\"{$contact['id']}\"$selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
201 $o .= '</select>' . PHP_EOL;
204 $o .= implode(', ', $receiverlist);
207 Hook::callAll($a->module . '_post_' . $selname, $o);
212 private static function fixACL(&$item)
214 $item = intval(str_replace(['<', '>'], ['', ''], $item));
218 * Return the default permission of the provided user array
221 * @return array Hash of contact id lists
224 public static function getDefaultUserPermissions(array $user = null)
228 $acl_regex = '/<([0-9]+)>/i';
230 preg_match_all($acl_regex, $user['allow_cid'] ?? '', $matches);
231 $allow_cid = $matches[1];
232 preg_match_all($acl_regex, $user['allow_gid'] ?? '', $matches);
233 $allow_gid = $matches[1];
234 preg_match_all($acl_regex, $user['deny_cid'] ?? '', $matches);
235 $deny_cid = $matches[1];
236 preg_match_all($acl_regex, $user['deny_gid'] ?? '', $matches);
237 $deny_gid = $matches[1];
239 // Reformats the ACL data so that it is accepted by the JS frontend
240 array_walk($allow_cid, 'self::fixACL');
241 array_walk($allow_gid, 'self::fixACL');
242 array_walk($deny_cid, 'self::fixACL');
243 array_walk($deny_gid, 'self::fixACL');
245 Contact::pruneUnavailable($allow_cid);
248 'allow_cid' => $allow_cid,
249 'allow_gid' => $allow_gid,
250 'deny_cid' => $deny_cid,
251 'deny_gid' => $deny_gid,
256 * Returns the ACL list of contacts for a given user id
258 * @param int $user_id
262 public static function getContactListByUserId(int $user_id)
264 $acl_contacts = Contact::selectToArray(
265 ['id', 'name', 'addr', 'micro'],
266 ['uid' => $user_id, 'pending' => false, 'rel' => [Contact::FOLLOWER, Contact::FRIEND]]
268 array_walk($acl_contacts, function (&$value) {
269 $value['type'] = 'contact';
272 return $acl_contacts;
276 * Returns the ACL list of groups (including meta-groups) for a given user id
278 * @param int $user_id
281 public static function getGroupListByUserId(int $user_id)
285 'id' => Group::FOLLOWERS,
286 'name' => L10n::t('Followers'),
288 'micro' => 'images/twopeople.png',
292 'id' => Group::MUTUALS,
293 'name' => L10n::t('Mutuals'),
295 'micro' => 'images/twopeople.png',
299 foreach (Group::getByUserId($user_id) as $group) {
301 'id' => $group['id'],
302 'name' => $group['name'],
304 'micro' => 'images/twopeople.png',
313 * Return the full jot ACL selector HTML
315 * @param array $user User array
316 * @param bool $show_jotnets
317 * @param array $default_permissions Static defaults permission array: ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '']
319 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
321 public static function getFullSelectorHTML(array $user = null, $show_jotnets = false, array $default_permissions = [])
323 // Defaults user permissions
324 if (empty($default_permissions)) {
325 $default_permissions = self::getDefaultUserPermissions($user);
328 $jotnets_fields = [];
330 $mail_enabled = false;
331 $pubmail_enabled = false;
333 if (function_exists('imap_open') && !Config::get('system', 'imap_disabled')) {
334 $mailacct = DBA::selectFirst('mailacct', ['pubmail'], ['`uid` = ? AND `server` != ""', local_user()]);
335 if (DBA::isResult($mailacct)) {
336 $mail_enabled = true;
337 $pubmail_enabled = !empty($mailacct['pubmail']);
341 if (empty($default_permissions['hidewall'])) {
343 $jotnets_fields[] = [
344 'type' => 'checkbox',
347 L10n::t('Post to Email'),
353 Hook::callAll('jot_networks', $jotnets_fields);
357 $tpl = Renderer::getMarkupTemplate('acl_selector.tpl');
358 $o = Renderer::replaceMacros($tpl, [
359 '$showall' => L10n::t('Visible to everybody'),
360 '$show' => L10n::t('show'),
361 '$hide' => L10n::t('don\'t show'),
362 '$allowcid' => json_encode(($default_permissions['allow_cid'] ?? '') ?: []), // We need arrays for
363 '$allowgid' => json_encode(($default_permissions['allow_gid'] ?? '') ?: []), // Javascript since we
364 '$denycid' => json_encode(($default_permissions['deny_cid'] ?? '') ?: []), // call .remove() and
365 '$denygid' => json_encode(($default_permissions['deny_gid'] ?? '') ?: []), // .push() on these values
366 '$networks' => $show_jotnets,
367 '$emailcc' => L10n::t('CC: email addresses'),
368 '$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'),
369 '$jotnets_enabled' => empty($default_permissions['hidewall']),
370 '$jotnets_summary' => L10n::t('Connectors'),
371 '$jotnets_fields' => $jotnets_fields,
372 '$jotnets_disabled_label' => L10n::t('Connectors disabled, since "%s" is enabled.', L10n::t('Hide your profile details from unknown viewers?')),
373 '$aclModalTitle' => L10n::t('Permissions'),
374 '$aclModalDismiss' => L10n::t('Close'),
376 'aclautomention' => !empty($user['uid']) && Feature::isEnabled($user['uid'], 'aclautomention') ? 'true' : 'false'