src/Module/Delegation.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2021, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module;
  23
  24 use Friendica\BaseModule;
  25 use Friendica\Core\Hook;
  26 use Friendica\Core\Renderer;
  27 use Friendica\Core\Session;
  28 use Friendica\Database\DBA;
  29 use Friendica\DI;
  30 use Friendica\Model\Notification;
  31 use Friendica\Model\User;
  32 use Friendica\Network\HTTPException\ForbiddenException;
  33 use Friendica\Util\Proxy;
  34
  35 /**
  36  * Switches current user between delegates/parent user
  37  */
  38 class Delegation extends BaseModule
  39 {
  40         public static function post(array $parameters = [])
  41         {
  42                 if (!local_user()) {
  43                         return;
  44                 }
  45
  46                 $uid = local_user();
  47                 $orig_record = User::getById(DI::app()->getLoggedInUserId());
  48
  49                 if (Session::get('submanage')) {
  50                         $user = User::getById(Session::get('submanage'));
  51                         if (DBA::isResult($user)) {
  52                                 $uid = intval($user['uid']);
  53                                 $orig_record = $user;
  54                         }
  55                 }
  56
  57                 $identity = intval($_POST['identity'] ?? 0);
  58                 if (!$identity) {
  59                         return;
  60                 }
  61
  62                 $limited_id = 0;
  63                 $original_id = $uid;
  64
  65                 $manages = DBA::selectToArray('manage', ['mid'], ['uid' => $uid]);
  66                 foreach ($manages as $manage) {
  67                         if ($identity == $manage['mid']) {
  68                                 $limited_id = $manage['mid'];
  69                                 break;
  70                         }
  71                 }
  72
  73                 if ($limited_id) {
  74                         $user = User::getById($limited_id);
  75                 } else {
  76                         // Check if the target user is one of our children
  77                         $user = DBA::selectFirst('user', [], ['uid' => $identity, 'parent-uid' => $orig_record['uid']]);
  78
  79                         // Check if the target user is one of our siblings
  80                         if (!DBA::isResult($user) && ($orig_record['parent-uid'] != 0)) {
  81                                 $user = DBA::selectFirst('user', [], ['uid' => $identity, 'parent-uid' => $orig_record['parent-uid']]);
  82                         }
  83
  84                         // Check if it's our parent or our own user
  85                         if (!DBA::isResult($user)
  86                                 && (
  87                                         $orig_record['parent-uid'] != 0 && $orig_record['parent-uid'] == $identity
  88                                         ||
  89                                         $orig_record['uid'] != 0 && $orig_record['uid'] == $identity
  90                                 )
  91                         ) {
  92                                 $user = User::getById($identity);
  93                         }
  94                 }
  95
  96                 if (!DBA::isResult($user)) {
  97                         return;
  98                 }
  99
 100                 Session::clear();
 101
 102                 DI::auth()->setForUser(DI::app(), $user, true, true);
 103
 104                 if ($limited_id) {
 105                         Session::set('submanage', $original_id);
 106                 }
 107
 108                 $ret = [];
 109                 Hook::callAll('home_init', $ret);
 110
 111                 DI::baseUrl()->redirect('profile/' . DI::app()->getLoggedInUserNickname());
 112                 // NOTREACHED
 113         }
 114
 115         public static function content(array $parameters = [])
 116         {
 117                 if (!local_user()) {
 118                         throw new ForbiddenException(DI::l10n()->t('Permission denied.'));
 119                 }
 120
 121                 $identities = User::identities(DI::session()->get('submanage', local_user()));
 122
 123                 //getting additinal information for each identity
 124                 foreach ($identities as $key => $identity) {
 125                         $identities[$key]['thumb'] = User::getAvatarUrlForId($identity['uid'], Proxy::SIZE_THUMB);
 126
 127                         $identities[$key]['selected'] = ($identity['nickname'] === DI::app()->getLoggedInUserNickname());
 128
 129                         $condition = ["`uid` = ? AND `msg` != '' AND NOT (`type` IN (?, ?)) AND NOT `seen`", $identity['uid'], Notification\Type::INTRO, Notification\Type::MAIL];
 130                         $params = ['distinct' => true, 'expression' => 'parent'];
 131                         $notifications = DBA::count('notify', $condition, $params);
 132
 133                         $params = ['distinct' => true, 'expression' => 'convid'];
 134                         $notifications += DBA::count('mail', ['uid' => $identity['uid'], 'seen' => false], $params);
 135
 136                         $notifications += DBA::count('intro', ['blocked' => false, 'ignore' => false, 'uid' => $identity['uid']]);
 137
 138                         $identities[$key]['notifications'] = $notifications;
 139                 }
 140
 141                 $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegation.tpl'), [
 142                         '$title'      => DI::l10n()->t('Switch between your accounts'),
 143                         '$settings_label' => DI::l10n()->t('Manage your accounts'),
 144                         '$desc'       => DI::l10n()->t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 145                         '$choose'     => DI::l10n()->t('Select an identity to manage: '),
 146                         '$identities' => $identities,
 147                         '$submit'     => DI::l10n()->t('Submit'),
 148                 ]);
 149
 150                 return $o;
 151         }
 152 }