src/Module/PermissionTooltip.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2022, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module;
  23
  24 use Friendica\Core\Hook;
  25 use Friendica\Database\DBA;
  26 use Friendica\DI;
  27 use Friendica\Model\APContact;
  28 use Friendica\Model\Group;
  29 use Friendica\Model\Post;
  30 use Friendica\Model\Tag;
  31 use Friendica\Model\User;
  32 use Friendica\Network\HTTPException;
  33 use Friendica\Protocol\ActivityPub;
  34
  35 /**
  36  * Outputs the permission tooltip HTML content for the provided item, photo or event id.
  37  */
  38 class PermissionTooltip extends \Friendica\BaseModule
  39 {
  40         protected function rawContent(array $request = [])
  41         {
  42                 $type = $this->parameters['type'];
  43                 $referenceId = $this->parameters['id'];
  44
  45                 $expectedTypes = ['item', 'photo', 'event'];
  46                 if (!in_array($type, $expectedTypes)) {
  47                         throw new HTTPException\BadRequestException(DI::l10n()->t('Wrong type "%s", expected one of: %s', $type, implode(', ', $expectedTypes)));
  48                 }
  49
  50                 $condition = ['id' => $referenceId];
  51                 if ($type == 'item') {
  52                         $fields = ['uid', 'psid', 'private', 'uri-id'];
  53                         $model = Post::selectFirst($fields, $condition);
  54                 } else {
  55                         $fields = ['uid', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid'];
  56                         $model = DBA::selectFirst($type, $fields, $condition);
  57                         $model['allow_cid'] = DI::aclFormatter()->expand($model['allow_cid']);
  58                         $model['allow_gid'] = DI::aclFormatter()->expand($model['allow_gid']);
  59                         $model['deny_cid']  = DI::aclFormatter()->expand($model['deny_cid']);
  60                         $model['deny_gid']  = DI::aclFormatter()->expand($model['deny_gid']);
  61                 }
  62
  63                 if (!DBA::isResult($model)) {
  64                         throw new HttpException\NotFoundException(DI::l10n()->t('Model not found'));
  65                 }
  66
  67                 if (isset($model['psid'])) {
  68                         $permissionSet = DI::permissionSet()->selectOneById($model['psid'], $model['uid']);
  69                         $model['allow_cid'] = $permissionSet->allow_cid;
  70                         $model['allow_gid'] = $permissionSet->allow_gid;
  71                         $model['deny_cid']  = $permissionSet->deny_cid;
  72                         $model['deny_gid']  = $permissionSet->deny_gid;
  73                 }
  74
  75                 // Kept for backwards compatiblity
  76                 Hook::callAll('lockview_content', $model);
  77
  78                 if ($type == 'item') {
  79                         $receivers = $this->fetchReceivers($model['uri-id']);
  80                 } else {
  81                         $receivers = '';
  82                 }
  83
  84                 if ($model['uid'] != local_user() ||
  85                         empty($model['allow_cid'])
  86                         && empty($model['allow_gid'])
  87                         && empty($model['deny_cid'])
  88                         && empty($model['deny_gid'])
  89                         && empty($receivers))
  90                 {
  91                         echo DI::l10n()->t('Remote privacy information not available.');
  92                         exit;
  93                 }
  94
  95                 $allowed_users  = $model['allow_cid'];
  96                 $allowed_groups = $model['allow_gid'];
  97                 $deny_users     = $model['deny_cid'];
  98                 $deny_groups    = $model['deny_gid'];
  99
 100                 $o = DI::l10n()->t('Visible to:') . '<br />';
 101                 $l = [];
 102
 103                 if (count($allowed_groups)) {
 104                         $key = array_search(Group::FOLLOWERS, $allowed_groups);
 105                         if ($key !== false) {
 106                                 $l[] = '<b>' . DI::l10n()->t('Followers') . '</b>';
 107                                 unset($allowed_groups[$key]);
 108                         }
 109
 110                         $key = array_search(Group::MUTUALS, $allowed_groups);
 111                         if ($key !== false) {
 112                                 $l[] = '<b>' . DI::l10n()->t('Mutuals') . '</b>';
 113                                 unset($allowed_groups[$key]);
 114                         }
 115
 116                         foreach (DI::dba()->selectToArray('group', ['name'], ['id' => $allowed_groups]) as $group) {
 117                                 $l[] = '<b>' . $group['name'] . '</b>';
 118                         }
 119                 }
 120
 121                 foreach (DI::dba()->selectToArray('contact', ['name'], ['id' => $allowed_users]) as $contact) {
 122                         $l[] = $contact['name'];
 123                 }
 124
 125                 if (count($deny_groups)) {
 126                         $key = array_search(Group::FOLLOWERS, $deny_groups);
 127                         if ($key !== false) {
 128                                 $l[] = '<b><strike>' . DI::l10n()->t('Followers') . '</strike></b>';
 129                                 unset($deny_groups[$key]);
 130                         }
 131
 132                         $key = array_search(Group::MUTUALS, $deny_groups);
 133                         if ($key !== false) {
 134                                 $l[] = '<b><strike>' . DI::l10n()->t('Mutuals') . '</strike></b>';
 135                                 unset($deny_groups[$key]);
 136                         }
 137
 138                         foreach (DI::dba()->selectToArray('group', ['name'], ['id' => $allowed_groups]) as $group) {
 139                                 $l[] = '<b><strike>' . $group['name'] . '</strike></b>';
 140                         }
 141                 }
 142
 143                 foreach (DI::dba()->selectToArray('contact', ['name'], ['id' => $deny_users]) as $contact) {
 144                         $l[] = '<strike>' . $contact['name'] . '</strike>';
 145                 }
 146
 147                 if (!empty($l)) {
 148                         echo $o . implode(', ', $l);
 149                 } else {
 150                         echo $o . $receivers;
 151                 }
 152
 153                 exit();
 154         }
 155
 156         /**
 157          * Fetch a list of receivers
 158          *
 159          * @param int $uriId
 160          * @return string
 161          */
 162         private function fetchReceivers(int $uriId):string
 163         {
 164                 $own_url = '';
 165                 $uid = local_user();
 166                 if ($uid) {
 167                         $owner = User::getOwnerDataById($uid);
 168                         if (!empty($owner['url'])) {
 169                                 $own_url = $owner['url'];
 170                         }
 171                 }
 172
 173                 $receivers = [];
 174                 foreach (Tag::getByURIId($uriId, [Tag::TO, Tag::CC, Tag::BCC]) as $receiver) {
 175                         // We only display BCC when it contains the current user
 176                         if (($receiver['type'] == Tag::BCC) && ($receiver['url'] != $own_url)) {
 177                                 continue;
 178                         }
 179
 180                         if ($receiver['url'] == ActivityPub::PUBLIC_COLLECTION) {
 181                                 $receivers[$receiver['type']][] = DI::l10n()->t('Public');
 182                         } else {
 183                                 $apcontact = DBA::selectFirst('apcontact', ['name'], ['followers' => $receiver['url']]);
 184                                 if (!empty($apcontact['name'])) {
 185                                         $receivers[$receiver['type']][] = DI::l10n()->t('Followers (%s)', $apcontact['name']);
 186                                 } elseif ($apcontact = APContact::getByURL($receiver['url'], false)) {
 187                                         $receivers[$receiver['type']][] = $apcontact['name'];
 188                                 } else {
 189                                         $receivers[$receiver['type']][] = $receiver['name'];
 190                                 }
 191                         }
 192                 }
 193
 194                 $output = '';
 195
 196                 foreach ($receivers as $type => $receiver) {
 197                         $max = DI::config()->get('system', 'max_receivers');
 198                         $total = count($receiver);
 199                         if ($total > $max) {
 200                                 $receiver = array_slice($receiver, 0, $max);
 201                                 $receiver[] = DI::l10n()->t('%d more', $total - $max);
 202                         }
 203                         switch ($type) {
 204                                 case Tag::TO:
 205                                         $output .= DI::l10n()->t('<b>To:</b> %s<br>', implode(', ', $receiver));
 206                                         break;
 207                                 case Tag::CC:
 208                                         $output .= DI::l10n()->t('<b>CC:</b> %s<br>', implode(', ', $receiver));
 209                                         break;
 210                                 case Tag::BCC:
 211                                         $output .= DI::l10n()->t('<b>BCC:</b> %s<br>', implode(', ', $receiver));
 212                                         break;
 213                         }
 214                 }
 215
 216                 return $output;
 217         }
 218 }