/* We keep 200 notices, the max number of notices available per API request,
* in the memcached cache. */
-define('NOTICE_CACHE_WINDOW', 200);
+define('NOTICE_CACHE_WINDOW', CachingNoticeStream::CACHE_WINDOW);
define('MAX_BOXCARS', 128);
const LOCAL_NONPUBLIC = -1;
const GATEWAY = -2;
+ const PUBLIC_SCOPE = 0; // Useful fake constant
const SITE_SCOPE = 1;
const ADDRESSEE_SCOPE = 2;
- const FOLLOWER_SCOPE = 4;
+ const GROUP_SCOPE = 4;
+ const FOLLOWER_SCOPE = 8;
function getProfile()
{
* notice in place of extracting links from content
* boolean 'distribute' whether to distribute the notice, default true
* string 'object_type' URL of the associated object type (default ActivityObject::NOTE)
+ * int 'scope' Scope bitmask; default to SITE_SCOPE on private sites, 0 otherwise
*
* @fixme tag override
*
'url' => null,
'reply_to' => null,
'repeat_of' => null,
+ 'scope' => null,
'distribute' => true);
if (!empty($options)) {
// Handle repeat case
if (isset($repeat_of)) {
+
+ // Check for a private one
+
+ $repeat = Notice::staticGet('id', $repeat_of);
+
+ if (!empty($repeat) &&
+ $repeat->scope != Notice::SITE_SCOPE &&
+ $repeat->scope != Notice::PUBLIC_SCOPE) {
+ // TRANS: Client exception thrown when trying to repeat a private notice.
+ throw new ClientException(_('Cannot repeat a private notice.'), 403);
+ }
+
+ // XXX: Check for access...?
+
$notice->repeat_of = $repeat_of;
} else {
$notice->reply_to = self::getReplyTo($reply_to, $profile_id, $source, $final);
if (!empty($notice->reply_to)) {
$reply = Notice::staticGet('id', $notice->reply_to);
+ if (!$reply->inScope($profile)) {
+ // TRANS: Client error displayed when trying to reply to a notice a the target has no access to.
+ // TRANS: %1$s is a user nickname, %2$d is a notice ID (number).
+ throw new ClientException(sprintf(_('%1$s has no access to notice %2$d.'),
+ $profile->nickname, $reply->id), 403);
+ }
$notice->conversation = $reply->conversation;
}
$notice->object_type = $object_type;
}
+ if (is_null($scope)) { // 0 is a valid value
+ $notice->scope = common_config('notice', 'defaultscope');
+ } else {
+ $notice->scope = $scope;
+ }
+
if (Event::handle('StartNoticeSave', array(&$notice))) {
// XXX: some of these functions write to the DB
if (empty($profile)) {
return false;
}
- $notice = $profile->getNotices(0, NOTICE_CACHE_WINDOW);
+ $notice = $profile->getNotices(0, CachingNoticeStream::CACHE_WINDOW);
if (!empty($notice)) {
$last = 0;
while ($notice->fetch()) {
return $att;
}
- function getStreamByIds($ids)
- {
- $cache = Cache::instance();
-
- if (!empty($cache)) {
- $notices = array();
- foreach ($ids as $id) {
- $n = Notice::staticGet('id', $id);
- if (!empty($n)) {
- $notices[] = $n;
- }
- }
- return new ArrayWrapper($notices);
- } else {
- $notice = new Notice();
- if (empty($ids)) {
- //if no IDs requested, just return the notice object
- return $notice;
- }
- $notice->whereAdd('id in (' . implode(', ', $ids) . ')');
-
- $notice->find();
-
- $temp = array();
-
- while ($notice->fetch()) {
- $temp[$notice->id] = clone($notice);
- }
-
- $wrapped = array();
-
- foreach ($ids as $id) {
- if (array_key_exists($id, $temp)) {
- $wrapped[] = $temp[$id];
- }
- }
-
- return new ArrayWrapper($wrapped);
- }
- }
function publicStream($offset=0, $limit=20, $since_id=0, $max_id=0)
{
- $ids = Notice::stream(array('Notice', '_publicStreamDirect'),
- array(),
- 'public',
- $offset, $limit, $since_id, $max_id);
- return Notice::getStreamByIds($ids);
+ $stream = new PublicNoticeStream();
+ return $stream->getNotices($offset, $limit, $since_id, $max_id);
}
- function _publicStreamDirect($offset=0, $limit=20, $since_id=0, $max_id=0)
- {
- $notice = new Notice();
-
- $notice->selectAdd(); // clears it
- $notice->selectAdd('id');
-
- $notice->orderBy('created DESC, id DESC');
-
- if (!is_null($offset)) {
- $notice->limit($offset, $limit);
- }
-
- if (common_config('public', 'localonly')) {
- $notice->whereAdd('is_local = ' . Notice::LOCAL_PUBLIC);
- } else {
- // -1 == blacklisted, -2 == gateway (i.e. Twitter)
- $notice->whereAdd('is_local !='. Notice::LOCAL_NONPUBLIC);
- $notice->whereAdd('is_local !='. Notice::GATEWAY);
- }
-
- Notice::addWhereSinceId($notice, $since_id);
- Notice::addWhereMaxId($notice, $max_id);
-
- $ids = array();
-
- if ($notice->find()) {
- while ($notice->fetch()) {
- $ids[] = $notice->id;
- }
- }
-
- $notice->free();
- $notice = NULL;
-
- return $ids;
- }
function conversationStream($id, $offset=0, $limit=20, $since_id=0, $max_id=0)
{
- $ids = Notice::stream(array('Notice', '_conversationStreamDirect'),
- array($id),
- 'notice:conversation_ids:'.$id,
- $offset, $limit, $since_id, $max_id);
-
- return Notice::getStreamByIds($ids);
- }
-
- function _conversationStreamDirect($id, $offset=0, $limit=20, $since_id=0, $max_id=0)
- {
- $notice = new Notice();
-
- $notice->selectAdd(); // clears it
- $notice->selectAdd('id');
-
- $notice->conversation = $id;
-
- $notice->orderBy('created DESC, id DESC');
-
- if (!is_null($offset)) {
- $notice->limit($offset, $limit);
- }
-
- Notice::addWhereSinceId($notice, $since_id);
- Notice::addWhereMaxId($notice, $max_id);
-
- $ids = array();
-
- if ($notice->find()) {
- while ($notice->fetch()) {
- $ids[] = $notice->id;
- }
- }
-
- $notice->free();
- $notice = NULL;
+ $stream = new ConversationNoticeStream($id);
- return $ids;
+ return $stream->getNotices($offset, $limit, $since_id, $max_id);
}
/**
}
}
- function stream($fn, $args, $cachekey, $offset=0, $limit=20, $since_id=0, $max_id=0)
- {
- $cache = Cache::instance();
-
- if (empty($cache) ||
- $since_id != 0 || $max_id != 0 ||
- is_null($limit) ||
- ($offset + $limit) > NOTICE_CACHE_WINDOW) {
- return call_user_func_array($fn, array_merge($args, array($offset, $limit, $since_id,
- $max_id)));
- }
-
- $idkey = Cache::key($cachekey);
-
- $idstr = $cache->get($idkey);
-
- if ($idstr !== false) {
- // Cache hit! Woohoo!
- $window = explode(',', $idstr);
- $ids = array_slice($window, $offset, $limit);
- return $ids;
- }
-
- $laststr = $cache->get($idkey.';last');
-
- if ($laststr !== false) {
- $window = explode(',', $laststr);
- $last_id = $window[0];
- $new_ids = call_user_func_array($fn, array_merge($args, array(0, NOTICE_CACHE_WINDOW,
- $last_id, 0, null)));
-
- $new_window = array_merge($new_ids, $window);
-
- $new_windowstr = implode(',', $new_window);
-
- $result = $cache->set($idkey, $new_windowstr);
- $result = $cache->set($idkey . ';last', $new_windowstr);
-
- $ids = array_slice($new_window, $offset, $limit);
-
- return $ids;
- }
-
- $window = call_user_func_array($fn, array_merge($args, array(0, NOTICE_CACHE_WINDOW,
- 0, 0, null)));
-
- $windowstr = implode(',', $window);
-
- $result = $cache->set($idkey, $windowstr);
- $result = $cache->set($idkey . ';last', $windowstr);
-
- $ids = array_slice($window, $offset, $limit);
-
- return $ids;
- }
/**
* Determine which notice, if any, a new notice is in reply to.
$content = mb_substr($content, 0, $maxlen - 4) . ' ...';
}
- return self::saveNew($repeater_id, $content, $source,
- array('repeat_of' => $this->id));
+ // Scope is same as this one's
+
+ return self::saveNew($repeater_id,
+ $content,
+ $source,
+ array('repeat_of' => $this->id,
+ 'scope' => $this->scope));
}
// These are supposed to be in chron order!
}
}
- return Notice::getStreamByIds($ids);
+ return NoticeStream::getStreamByIds($ids);
}
function _repeatStreamDirect($limit)
($this->is_local != Notice::GATEWAY));
}
}
+
+ /**
+ * Check that the given profile is allowed to read, respond to, or otherwise
+ * act on this notice.
+ *
+ * The $scope member is a bitmask of scopes, representing a logical AND of the
+ * scope requirement. So, 0x03 (Notice::ADDRESSEE_SCOPE | Notice::SITE_SCOPE) means
+ * "only visible to people who are mentioned in the notice AND are users on this site."
+ * Users on the site who are not mentioned in the notice will not be able to see the
+ * notice.
+ *
+ * @param Profile $profile The profile to check
+ *
+ * @return boolean whether the profile is in the notice's scope
+ */
+ function inScope($profile)
+ {
+ // If there's no scope, anyone (even anon) is in scope.
+
+ if ($this->scope == 0) {
+ return true;
+ }
+
+ // If there's scope, anon cannot be in scope
+
+ if (empty($profile)) {
+ return false;
+ }
+
+ // Author is always in scope
+
+ if ($this->profile_id == $profile->id) {
+ return true;
+ }
+
+ // Only for users on this site
+
+ if ($this->scope & Notice::SITE_SCOPE) {
+ $user = $profile->getUser();
+ if (empty($user)) {
+ return false;
+ }
+ }
+
+ // Only for users mentioned in the notice
+
+ if ($this->scope & Notice::ADDRESSEE_SCOPE) {
+
+ // XXX: just query for the single reply
+
+ $replies = $this->getReplies();
+
+ if (!in_array($profile->id, $replies)) {
+ return false;
+ }
+ }
+
+ // Only for members of the given group
+
+ if ($this->scope & Notice::GROUP_SCOPE) {
+
+ // XXX: just query for the single membership
+
+ $groups = $this->getGroups();
+
+ $foundOne = false;
+
+ foreach ($groups as $group) {
+ if ($profile->isMember($group)) {
+ $foundOne = true;
+ break;
+ }
+ }
+
+ if (!$foundOne) {
+ return false;
+ }
+ }
+
+ // Only for followers of the author
+
+ if ($this->scope & Notice::FOLLOWER_SCOPE) {
+ $author = $this->getProfile();
+ if (!Subscription::exists($profile, $author)) {
+ return false;
+ }
+ }
+
+ return true;
+ }
}
projects / quix0rs-gnu-social.git / blobdiff