const LOCAL_NONPUBLIC = -1;
const GATEWAY = -2;
+ const PUBLIC_SCOPE = 0; // Useful fake constant
const SITE_SCOPE = 1;
const ADDRESSEE_SCOPE = 2;
const GROUP_SCOPE = 4;
* notice in place of extracting links from content
* boolean 'distribute' whether to distribute the notice, default true
* string 'object_type' URL of the associated object type (default ActivityObject::NOTE)
+ * int 'scope' Scope bitmask; default to SITE_SCOPE on private sites, 0 otherwise
*
* @fixme tag override
*
'url' => null,
'reply_to' => null,
'repeat_of' => null,
+ 'scope' => null,
'distribute' => true);
if (!empty($options)) {
// Handle repeat case
if (isset($repeat_of)) {
+
+ // Check for a private one
+
+ $repeat = Notice::staticGet('id', $repeat_of);
+
+ if (empty($repeat)) {
+ throw new ClientException(_('Cannot repeat; original notice is missing or deleted.'));
+ }
+
+ if ($profile->id == $repeat->profile_id) {
+ // TRANS: Client error displayed when trying to repeat an own notice.
+ throw new ClientException(_('You cannot repeat your own notice.'));
+ }
+
+ if ($repeat->scope != Notice::SITE_SCOPE &&
+ $repeat->scope != Notice::PUBLIC_SCOPE) {
+ // TRANS: Client error displayed when trying to repeat a non-public notice.
+ throw new ClientException(_('Cannot repeat a private notice.'), 403);
+ }
+
+ if (!$repeat->inScope($profile)) {
+ // The generic checks above should cover this, but let's be sure!
+ // TRANS: Client error displayed when trying to repeat a notice you cannot access.
+ throw new ClientException(_('Cannot repeat a notice you cannot read.'), 403);
+ }
+
+ if ($profile->hasRepeated($repeat->id)) {
+ // TRANS: Client error displayed when trying to repeat an already repeated notice.
+ throw new ClientException(_('You already repeated that notice.'));
+ }
+
$notice->repeat_of = $repeat_of;
} else {
$notice->reply_to = self::getReplyTo($reply_to, $profile_id, $source, $final);
if (!empty($notice->reply_to)) {
$reply = Notice::staticGet('id', $notice->reply_to);
+ if (!$reply->inScope($profile)) {
+ // TRANS: Client error displayed when trying to reply to a notice a the target has no access to.
+ // TRANS: %1$s is a user nickname, %2$d is a notice ID (number).
+ throw new ClientException(sprintf(_('%1$s has no access to notice %2$d.'),
+ $profile->nickname, $reply->id), 403);
+ }
$notice->conversation = $reply->conversation;
}
$notice->object_type = $object_type;
}
+ if (is_null($scope)) { // 0 is a valid value
+ $notice->scope = common_config('notice', 'defaultscope');
+ } else {
+ $notice->scope = $scope;
+ }
+
if (Event::handle('StartNoticeSave', array(&$notice))) {
// XXX: some of these functions write to the DB
$notice->saveGroups();
}
+ if (isset($peopletags)) {
+ $notice->saveProfileTags($peopletags);
+ } else {
+ $notice->saveProfileTags();
+ }
+
if (isset($urls)) {
$notice->saveKnownUrls($urls);
} else {
}
$users = $this->getSubscribedUsers();
+ $ptags = $this->getProfileTags();
// FIXME: kind of ignoring 'transitional'...
// we'll probably stop supporting inboxless mode
}
}
+ foreach ($ptags as $ptag) {
+ $users = $ptag->getUserSubscribers();
+ foreach ($users as $id) {
+ if (!array_key_exists($id, $ni)) {
+ $user = User::staticGet('id', $id);
+ if (!$user->hasBlocked($profile)) {
+ $ni[$id] = NOTICE_INBOX_SOURCE_PROFILE_TAG;
+ }
+ }
+ }
+ }
+
foreach ($recipients as $recipient) {
if (!array_key_exists($recipient, $ni)) {
$ni[$recipient] = NOTICE_INBOX_SOURCE_REPLY;
}
- }
- // Exclude any deleted, non-local, or blocking recipients.
- $profile = $this->getProfile();
- $originalProfile = null;
- if ($this->repeat_of) {
- // Check blocks against the original notice's poster as well.
- $original = Notice::staticGet('id', $this->repeat_of);
- if ($original) {
- $originalProfile = $original->getProfile();
+ // Exclude any deleted, non-local, or blocking recipients.
+ $profile = $this->getProfile();
+ $originalProfile = null;
+ if ($this->repeat_of) {
+ // Check blocks against the original notice's poster as well.
+ $original = Notice::staticGet('id', $this->repeat_of);
+ if ($original) {
+ $originalProfile = $original->getProfile();
+ }
}
- }
- foreach ($ni as $id => $source) {
- $user = User::staticGet('id', $id);
- if (empty($user) || $user->hasBlocked($profile) ||
- ($originalProfile && $user->hasBlocked($originalProfile))) {
- unset($ni[$id]);
+ foreach ($ni as $id => $source) {
+ $user = User::staticGet('id', $id);
+ if (empty($user) || $user->hasBlocked($profile) ||
+ ($originalProfile && $user->hasBlocked($originalProfile))) {
+ unset($ni[$id]);
+ }
}
}
return $ids;
}
+ function getProfileTags()
+ {
+ // Don't save ptags for repeats, for now.
+
+ if (!empty($this->repeat_of)) {
+ return array();
+ }
+
+ // XXX: cache me
+
+ $ptags = array();
+
+ $ptagi = new Profile_tag_inbox();
+
+ $ptagi->selectAdd();
+ $ptagi->selectAdd('profile_tag_id');
+
+ $ptagi->notice_id = $this->id;
+
+ if ($ptagi->find()) {
+ while ($ptagi->fetch()) {
+ $profile_list = Profile_list::staticGet('id', $ptagi->profile_tag_id);
+ if ($profile_list) {
+ $ptags[] = $profile_list;
+ }
+ }
+ }
+
+ $ptagi->free();
+
+ return $ptags;
+ }
+
/**
* Record this notice to the given group inboxes for delivery.
* Overrides the regular parsing of !group markup.
return true;
}
+ /**
+ * record targets into profile_tag_inbox.
+ * @return array of Profile_list objects
+ */
+ function saveProfileTags($known=array())
+ {
+ // Don't save ptags for repeats, for now
+
+ if (!empty($this->repeat_of)) {
+ return array();
+ }
+
+ if (is_array($known)) {
+ $ptags = $known;
+ } else {
+ $ptags = array();
+ }
+
+ $ptag = new Profile_tag();
+ $ptag->tagged = $this->profile_id;
+
+ if($ptag->find()) {
+ while($ptag->fetch()) {
+ $plist = Profile_list::getByTaggerAndTag($ptag->tagger, $ptag->tag);
+ $ptags[] = clone($plist);
+ }
+ }
+
+ foreach ($ptags as $target) {
+ $this->addToProfileTagInbox($target);
+ }
+
+ return $ptags;
+ }
+
+ function addToProfileTagInbox($plist)
+ {
+ $ptagi = Profile_tag_inbox::pkeyGet(array('profile_tag_id' => $plist->id,
+ 'notice_id' => $this->id));
+
+ if (empty($ptagi)) {
+
+ $ptagi = new Profile_tag_inbox();
+
+ $ptagi->query('BEGIN');
+ $ptagi->profile_tag_id = $plist->id;
+ $ptagi->notice_id = $this->id;
+ $ptagi->created = $this->created;
+
+ $result = $ptagi->insert();
+ if (!$result) {
+ common_log_db_error($ptagi, 'INSERT', __FILE__);
+ throw new ServerException(_('Problem saving profile_tag inbox.'));
+ }
+
+ $ptagi->query('COMMIT');
+
+ self::blow('profile_tag:notice_ids:%d', $ptagi->profile_tag_id);
+ }
+
+ return true;
+ }
+
/**
* Save reply records indicating that this notice needs to be
* delivered to the local users with the given URIs.
return $location;
}
+ /**
+ * Convenience function for posting a repeat of an existing message.
+ *
+ * @param int $repeater_id: profile ID of user doing the repeat
+ * @param string $source: posting source key, eg 'web', 'api', etc
+ * @return Notice
+ *
+ * @throws Exception on failure or permission problems
+ */
function repeat($repeater_id, $source)
{
$author = Profile::staticGet('id', $this->profile_id);
$content = mb_substr($content, 0, $maxlen - 4) . ' ...';
}
- return self::saveNew($repeater_id, $content, $source,
- array('repeat_of' => $this->id));
+ // Scope is same as this one's
+
+ return self::saveNew($repeater_id,
+ $content,
+ $source,
+ array('repeat_of' => $this->id,
+ 'scope' => $this->scope));
}
// These are supposed to be in chron order!
* Users on the site who are not mentioned in the notice will not be able to see the
* notice.
*
- * @param Profile $profile The profile to check
+ * @param Profile $profile The profile to check; pass null to check for public/unauthenticated users.
*
* @return boolean whether the profile is in the notice's scope
*/
-
function inScope($profile)
{
- // If there's any scope, and there's no logged-in user,
- // not allowed.
+ // If there's no scope, anyone (even anon) is in scope.
+
+ if ($this->scope == 0) {
+ return true;
+ }
- if ($this->scope > 0 && empty($profile)) {
+ // If there's scope, anon cannot be in scope
+
+ if (empty($profile)) {
return false;
}
+ // Author is always in scope
+
+ if ($this->profile_id == $profile->id) {
+ return true;
+ }
+
// Only for users on this site
if ($this->scope & Notice::SITE_SCOPE) {