use Friendica\Model\Photo;
use Friendica\Model\Post;
use Friendica\Model\Tag;
+use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity;
$api_source = $_REQUEST['api_source'] ?? false;
- $message_id = ((!empty($_REQUEST['message_id']) && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
-
$return_path = $_REQUEST['return'] ?? '';
$preview = intval($_REQUEST['preview'] ?? 0);
$profile_uid = $toplevel_user_id;
}
- // Check for multiple posts with the same message id (when the post was created via API)
- if (($message_id != '') && ($profile_uid != 0)) {
- if (Item::exists(['uri' => $message_id, 'uid' => $profile_uid])) {
- Logger::info('Message already exists for user', ['uri' => $message_id, 'uid' => $profile_uid]);
- return 0;
- }
- }
-
// Allow commenting if it is an answer to a public post
$allow_comment = local_user() && ($profile_uid == 0) && $toplevel_item_id && in_array($toplevel_item['network'], Protocol::FEDERATED);
$orig_post = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
}
- $user = DBA::selectFirst('user', [], ['uid' => $profile_uid]);
-
+ $user = User::getById($profile_uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
if (!DBA::isResult($user) && !$toplevel_item_id) {
return 0;
}
$guid = $orig_post['guid'];
$extid = $orig_post['extid'];
} else {
- $str_contact_allow = '';
- $str_group_allow = '';
- $str_contact_deny = '';
- $str_group_deny = '';
-
- if (($_REQUEST['visibility'] ?? '') !== 'public') {
- $aclFormatter = DI::aclFormatter();
- $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
- $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
- $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
- $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
+ $aclFormatter = DI::aclFormatter();
+ $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
+ $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
+ $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
+ $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
+
+ $visibility = $_REQUEST['visibility'] ?? '';
+ if ($visibility === 'public') {
+ // The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
+ $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+ } else if ($visibility === 'custom') {
+ // Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
+ // case that would make it public. So we always append the author's contact id to the allowed contacts.
+ // See https://github.com/friendica/friendica/issues/9672
+ $str_contact_allow .= $aclFormatter->toString(Contact::getPublicIdByUserId($uid));
}
$title = trim($_REQUEST['title'] ?? '');
$origin = $_REQUEST['origin'];
}
- $uri = ($message_id ? $message_id : Item::newURI($api_source ? $profile_uid : $uid, $guid));
+ $uri = Item::newURI($api_source ? $profile_uid : $uid, $guid);
// Fallback so that we alway have a parent uri
if (!$thr_parent_uri || !$toplevel_item_id) {
$datarray['api_source'] = $api_source;
// This field is for storing the raw conversation data
- $datarray['protocol'] = Conversation::PARCEL_DFRN;
+ $datarray['protocol'] = Conversation::PARCEL_DIRECT;
$conversation = DBA::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $datarray['thr-parent']]);
if (DBA::isResult($conversation)) {
'type' => Type::COMMENT,
'otype' => Notify\ObjectType::ITEM,
'verb' => Activity::POST,
- 'uid' => $user['uid'],
+ 'uid' => $profile_uid,
'cid' => $datarray['author-id'],
'item' => $datarray,
'link' => DI::baseUrl() . '/display/' . urlencode($datarray['guid']),
'type' => Type::WALL,
'otype' => Notify\ObjectType::ITEM,
'verb' => Activity::POST,
- 'uid' => $user['uid'],
+ 'uid' => $profile_uid,
'cid' => $datarray['author-id'],
'item' => $datarray,
'link' => DI::baseUrl() . '/display/' . urlencode($datarray['guid']),
projects / friendica.git / blobdiff