src/Module/User/Delegation.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2023, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\User;
  23
  24 use Friendica\App;
  25 use Friendica\BaseModule;
  26 use Friendica\Contact\Introduction\Repository\Introduction;
  27 use Friendica\Core\Hook;
  28 use Friendica\Core\L10n;
  29 use Friendica\Core\Renderer;
  30 use Friendica\Core\Session\Capability\IHandleUserSessions;
  31 use Friendica\Database\Database;
  32 use Friendica\Model\Notification;
  33 use Friendica\Model\User;
  34 use Friendica\Module\Response;
  35 use Friendica\Navigation\Notifications\Repository\Notify;
  36 use Friendica\Navigation\SystemMessages;
  37 use Friendica\Network\HTTPException\ForbiddenException;
  38 use Friendica\Security\Authentication;
  39 use Friendica\Util;
  40 use Psr\Log\LoggerInterface;
  41
  42 /**
  43  * Switches current user between delegates/parent user
  44  */
  45 class Delegation extends BaseModule
  46 {
  47         /** @var IHandleUserSessions */
  48         private $session;
  49         /** @var Database */
  50         private $db;
  51         /** @var Authentication */
  52         private $auth;
  53         /** @var SystemMessages */
  54         private $systemMessages;
  55         /** @var Notify */
  56         private $notify;
  57         /** @var Introduction */
  58         private $intro;
  59         /** @var App */
  60         private $app;
  61
  62         public function __construct(App $app, Introduction $intro, Notify $notify, SystemMessages $systemMessages, Authentication $auth, Database $db, IHandleUserSessions $session, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Util\Profiler $profiler, Response $response, array $server, array $parameters = [])
  63         {
  64                 parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
  65
  66                 $this->session        = $session;
  67                 $this->db             = $db;
  68                 $this->auth           = $auth;
  69                 $this->systemMessages = $systemMessages;
  70                 $this->notify         = $notify;
  71                 $this->intro          = $intro;
  72                 $this->app            = $app;
  73         }
  74
  75         protected function post(array $request = [])
  76         {
  77                 if (!$this->session->getLocalUserId()) {
  78                         return;
  79                 }
  80
  81                 $uid         = $this->session->getLocalUserId();
  82                 $orig_record = User::getById($this->session->getLocalUserId());
  83
  84                 if ($this->session->getSubManagedUserId()) {
  85                         $user = User::getById($this->session->getSubManagedUserId());
  86                         if ($this->db->isResult($user)) {
  87                                 $uid         = intval($user['uid']);
  88                                 $orig_record = $user;
  89                         }
  90                 }
  91
  92                 $identity = intval($request['identity'] ?? 0);
  93                 if (!$identity) {
  94                         return;
  95                 }
  96
  97                 $limited_id  = 0;
  98                 $original_id = $uid;
  99
 100                 $manages = $this->db->selectToArray('manage', ['mid'], ['uid' => $uid]);
 101                 foreach ($manages as $manage) {
 102                         if ($identity == $manage['mid']) {
 103                                 $limited_id = $manage['mid'];
 104                                 break;
 105                         }
 106                 }
 107
 108                 if ($limited_id) {
 109                         $user = User::getById($limited_id);
 110                 } else {
 111                         // Check if the target user is one of our children
 112                         $user = $this->db->selectFirst('user', [], ['uid' => $identity, 'parent-uid' => $orig_record['uid']]);
 113
 114                         // Check if the target user is one of our siblings
 115                         if (!$this->db->isResult($user) && $orig_record['parent-uid']) {
 116                                 $user = $this->db->selectFirst('user', [], ['uid' => $identity, 'parent-uid' => $orig_record['parent-uid']]);
 117                         }
 118
 119                         // Check if it's our parent or our own user
 120                         if (!$this->db->isResult($user)
 121                                 && (
 122                                         $orig_record['parent-uid'] && $orig_record['parent-uid'] === $identity
 123                                         ||
 124                                         $orig_record['uid'] && $orig_record['uid'] === $identity
 125                                 )
 126                         ) {
 127                                 $user = User::getById($identity);
 128                         }
 129                 }
 130
 131                 if (!$this->db->isResult($user)) {
 132                         return;
 133                 }
 134
 135                 $this->session->clear();
 136
 137                 $this->auth->setForUser($this->app, $user, true, true);
 138
 139                 if ($limited_id) {
 140                         $this->session->setSubManagedUserId($original_id);
 141                 }
 142
 143                 $ret = [];
 144                 Hook::callAll('home_init', $ret);
 145
 146                 $this->systemMessages->addNotice($this->t('You are now logged in as %s', $user['username']));
 147
 148                 $this->baseUrl->redirect('network');
 149         }
 150
 151         protected function content(array $request = []): string
 152         {
 153                 if (!$this->session->getLocalUserId()) {
 154                         throw new ForbiddenException($this->t('Permission denied.'));
 155                 }
 156
 157                 $identities = User::identities($this->session->getSubManagedUserId() ?: $this->session->getLocalUserId());
 158
 159                 //getting additional information for each identity
 160                 foreach ($identities as $key => $identity) {
 161                         $identities[$key]['thumb'] = User::getAvatarUrl($identity, Util\Proxy::SIZE_THUMB);
 162
 163                         $identities[$key]['selected'] = ($identity['nickname'] === $this->session->getLocalUserNickname());
 164
 165                         $notifications = $this->notify->countForUser(
 166                                 $identity['uid'],
 167                                 ["`msg` != '' AND NOT (`type` IN (?, ?)) AND NOT `seen`", Notification\Type::INTRO, Notification\Type::MAIL],
 168                                 ['distinct' => true, 'expression' => 'parent']
 169                         );
 170
 171                         $notifications += $this->db->count(
 172                                 'mail',
 173                                 ['uid'      => $identity['uid'], 'seen' => false],
 174                                 ['distinct' => true, 'expression' => 'convid']
 175                         );
 176
 177                         $notifications += $this->intro->countActiveForUser($identity['uid']);
 178
 179                         $identities[$key]['notifications'] = $notifications;
 180                 }
 181
 182                 $tpl = Renderer::getMarkupTemplate('delegation.tpl');
 183                 return Renderer::replaceMacros($tpl, [
 184                         '$l10n' => [
 185                                 'title'          => $this->t('Switch between your accounts'),
 186                                 'settings_label' => $this->t('Manage your accounts'),
 187                                 'desc'           => $this->t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 188                                 'choose'         => $this->t('Select an identity to manage: '),
 189                                 'submit'         => $this->t('Submit'),
 190                         ],
 191
 192                         '$identities' => $identities,
 193                 ]);
 194         }
 195 }