src/Module/Delegation.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2021, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module;
  23
  24 use Friendica\BaseModule;
  25 use Friendica\Core\Hook;
  26 use Friendica\Core\Renderer;
  27 use Friendica\Core\Session;
  28 use Friendica\Database\DBA;
  29 use Friendica\DI;
  30 use Friendica\Model\Contact;
  31 use Friendica\Model\Notification;
  32 use Friendica\Model\User;
  33 use Friendica\Network\HTTPException\ForbiddenException;
  34 use Friendica\Util\Proxy;
  35
  36 /**
  37  * Switches current user between delegates/parent user
  38  */
  39 class Delegation extends BaseModule
  40 {
  41         public static function post(array $parameters = [])
  42         {
  43                 if (!local_user()) {
  44                         return;
  45                 }
  46
  47                 $uid = local_user();
  48                 $orig_record = DI::app()->user;
  49
  50                 if (Session::get('submanage')) {
  51                         $user = User::getById(Session::get('submanage'));
  52                         if (DBA::isResult($user)) {
  53                                 $uid = intval($user['uid']);
  54                                 $orig_record = $user;
  55                         }
  56                 }
  57
  58                 $identity = intval($_POST['identity'] ?? 0);
  59                 if (!$identity) {
  60                         return;
  61                 }
  62
  63                 $limited_id = 0;
  64                 $original_id = $uid;
  65
  66                 $manages = DBA::selectToArray('manage', ['mid'], ['uid' => $uid]);
  67                 foreach ($manages as $manage) {
  68                         if ($identity == $manage['mid']) {
  69                                 $limited_id = $manage['mid'];
  70                                 break;
  71                         }
  72                 }
  73
  74                 if ($limited_id) {
  75                         $user = User::getById($limited_id);
  76                 } else {
  77                         // Check if the target user is one of our children
  78                         $user = DBA::selectFirst('user', [], ['uid' => $identity, 'parent-uid' => $orig_record['uid']]);
  79
  80                         // Check if the target user is one of our siblings
  81                         if (!DBA::isResult($user) && ($orig_record['parent-uid'] != 0)) {
  82                                 $user = DBA::selectFirst('user', [], ['uid' => $identity, 'parent-uid' => $orig_record['parent-uid']]);
  83                         }
  84
  85                         // Check if it's our parent or our own user
  86                         if (!DBA::isResult($user)
  87                                 && (
  88                                         $orig_record['parent-uid'] != 0 && $orig_record['parent-uid'] == $identity
  89                                         ||
  90                                         $orig_record['uid'] != 0 && $orig_record['uid'] == $identity
  91                                 )
  92                         ) {
  93                                 $user = User::getById($identity);
  94                         }
  95                 }
  96
  97                 if (!DBA::isResult($user)) {
  98                         return;
  99                 }
 100
 101                 Session::clear();
 102
 103                 DI::auth()->setForUser(DI::app(), $user, true, true);
 104
 105                 if ($limited_id) {
 106                         Session::set('submanage', $original_id);
 107                 }
 108
 109                 $ret = [];
 110                 Hook::callAll('home_init', $ret);
 111
 112                 DI::baseUrl()->redirect('profile/' . DI::app()->user['nickname']);
 113                 // NOTREACHED
 114         }
 115
 116         public static function content(array $parameters = [])
 117         {
 118                 if (!local_user()) {
 119                         throw new ForbiddenException(DI::l10n()->t('Permission denied.'));
 120                 }
 121
 122                 $identities = User::identities(DI::session()->get('submanage', local_user()));
 123
 124                 //getting additinal information for each identity
 125                 foreach ($identities as $key => $identity) {
 126                         $self = Contact::selectFirst(['id', 'updated'], ['uid' => $identity['uid'], 'self' => true]);
 127                         if (!DBA::isResult($self)) {
 128                                 continue;
 129                         }
 130
 131                         $identities[$key]['thumb'] = Contact::getAvatarUrlForId($self['id'], Proxy::SIZE_THUMB, $self['updated']);
 132
 133                         $identities[$key]['selected'] = ($identity['nickname'] === DI::app()->user['nickname']);
 134
 135                         $condition = ["`uid` = ? AND `msg` != '' AND NOT (`type` IN (?, ?)) AND NOT `seen`", $identity['uid'], Notification\Type::INTRO, Notification\Type::MAIL];
 136                         $params = ['distinct' => true, 'expression' => 'parent'];
 137                         $notifications = DBA::count('notify', $condition, $params);
 138
 139                         $params = ['distinct' => true, 'expression' => 'convid'];
 140                         $notifications += DBA::count('mail', ['uid' => $identity['uid'], 'seen' => false], $params);
 141
 142                         $notifications += DBA::count('intro', ['blocked' => false, 'ignore' => false, 'uid' => $identity['uid']]);
 143
 144                         $identities[$key]['notifications'] = $notifications;
 145                 }
 146
 147                 $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegation.tpl'), [
 148                         '$title'      => DI::l10n()->t('Switch between your accounts'),
 149                         '$settings_label' => DI::l10n()->t('Manage your accounts'),
 150                         '$desc'       => DI::l10n()->t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 151                         '$choose'     => DI::l10n()->t('Select an identity to manage: '),
 152                         '$identities' => $identities,
 153                         '$submit'     => DI::l10n()->t('Submit'),
 154                 ]);
 155
 156                 return $o;
 157         }
 158 }