<?php
-
/**
- * @file src/Core/Acl.php
+ * @copyright Copyright (C) 2010-2022, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
*/
namespace Friendica\Core;
-use Friendica\BaseObject;
-use Friendica\Content\Feature;
+use Friendica\App\Page;
use Friendica\Database\DBA;
+use Friendica\DI;
use Friendica\Model\Contact;
-use Friendica\Model\GContact;
-use Friendica\Core\Session;
-use Friendica\Util\Network;
+use Friendica\Model\Group;
+use Friendica\Model\User;
/**
* Handle ACL management and display
- *
- * @author Hypolite Petovan <hypolite@mrpetovan.com>
*/
-class ACL extends BaseObject
+class ACL
{
/**
- * Returns a select input tag with all the contact of the local user
+ * Returns the default lock state for the given user id
+ * @param int $uid
+ * @return bool "true" if the default settings are non public
+ */
+ public static function getLockstateForUserId(int $uid)
+ {
+ $user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
+ return !empty($user['allow_cid']) || !empty($user['allow_gid']) || !empty($user['deny_cid']) || !empty($user['deny_gid']);
+ }
+
+ /**
+ * Returns a select input tag for private message recipient
*
- * @param string $selname Name attribute of the select input tag
- * @param string $selclass Class attribute of the select input tag
- * @param array $options Available options:
- * - size: length of the select box
- * - mutual_friends: Only used for the hook
- * - single: Only used for the hook
- * - exclude: Only used for the hook
- * @param array $preselected Contact ID that should be already selected
+ * @param int $selected Existing recipien contact ID
* @return string
* @throws \Exception
*/
- public static function getSuggestContactSelectHTML($selname, $selclass, array $options = [], array $preselected = [])
+ public static function getMessageContactSelectHTML(int $selected = null)
{
- $a = self::getApp();
-
- $networks = null;
-
- $size = defaults($options, 'size', 4);
- $mutual = !empty($options['mutual_friends']);
- $single = !empty($options['single']) && empty($options['multiple']);
- $exclude = defaults($options, 'exclude', false);
-
- switch (defaults($options, 'networks', Protocol::PHANTOM)) {
- case 'DFRN_ONLY':
- $networks = [Protocol::DFRN];
- break;
-
- case 'PRIVATE':
- $networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA];
- break;
-
- case 'TWO_WAY':
- if (!empty($a->user['prvnets'])) {
- $networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA];
- } else {
- $networks = [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::MAIL, Protocol::DIASPORA, Protocol::OSTATUS];
- }
- break;
-
- default: /// @TODO Maybe log this call?
- break;
- }
-
- $x = ['options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks];
-
- Hook::callAll('contact_select_options', $x);
-
$o = '';
- $sql_extra = '';
-
- if (!empty($x['mutual'])) {
- $sql_extra .= sprintf(" AND `rel` = %d ", intval(Contact::FRIEND));
- }
-
- if (!empty($x['exclude'])) {
- $sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
- }
-
- if (!empty($x['networks'])) {
- /// @TODO rewrite to foreach()
- array_walk($x['networks'], function (&$value) {
- $value = "'" . DBA::escape($value) . "'";
- });
- $str_nets = implode(',', $x['networks']);
- $sql_extra .= " AND `network` IN ( $str_nets ) ";
- }
-
- $tabindex = (!empty($options['tabindex']) ? 'tabindex="' . $options["tabindex"] . '"' : '');
-
- if (!empty($x['single'])) {
- $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
- } else {
- $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
- }
+ $page = DI::page();
+
+ $page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
+ $page->registerFooterScript(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.js'));
+ $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.css'));
+ $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput-typeahead.css'));
+
+ $condition = [
+ 'uid' => local_user(),
+ 'self' => false,
+ 'blocked' => false,
+ 'pending' => false,
+ 'archive' => false,
+ 'deleted' => false,
+ 'rel' => [Contact::FOLLOWER, Contact::SHARING, Contact::FRIEND],
+ 'network' => Protocol::SUPPORT_PRIVATE,
+ ];
- $stmt = DBA::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
- WHERE `uid` = ? AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND NOT `deleted` AND `notify` != ''
- $sql_extra
- ORDER BY `name` ASC ", intval(local_user())
+ $contacts = Contact::selectToArray(
+ ['id', 'name', 'addr', 'micro'],
+ DBA::mergeConditions($condition, ["`notify` != ''"])
);
- $contacts = DBA::toArray($stmt);
-
$arr = ['contact' => $contacts, 'entry' => $o];
- // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
- Hook::callAll($a->module . '_pre_' . $selname, $arr);
-
- if (DBA::isResult($contacts)) {
- foreach ($contacts as $contact) {
- if (in_array($contact['id'], $preselected)) {
- $selected = ' selected="selected" ';
- } else {
- $selected = '';
- }
-
- $trimmed = mb_substr($contact['name'], 0, 20);
+ Hook::callAll(DI::args()->getModuleName() . '_pre_recipient', $arr);
- $o .= "<option value=\"{$contact['id']}\" $selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
- }
- }
-
- $o .= '</select>' . PHP_EOL;
+ $tpl = Renderer::getMarkupTemplate('acl/message_recipient.tpl');
+ $o = Renderer::replaceMacros($tpl, [
+ '$contacts' => $contacts,
+ '$selected' => $selected,
+ ]);
- Hook::callAll($a->module . '_post_' . $selname, $o);
+ Hook::callAll(DI::args()->getModuleName() . '_post_recipient', $o);
return $o;
}
/**
- * Returns a select input tag with all the contact of the local user
+ * Returns a minimal ACL block for self-only permissions
*
- * @param string $selname Name attribute of the select input tag
- * @param string $selclass Class attribute of the select input tag
- * @param array $preselected Contact IDs that should be already selected
- * @param int $size Length of the select box
- * @param int $tabindex Select input tag tabindex attribute
+ * @param int $localUserId
+ * @param string $explanation
* @return string
- * @throws \Exception
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
- public static function getMessageContactSelectHTML($selname, $selclass, array $preselected = [], $size = 4, $tabindex = null)
+ public static function getSelfOnlyHTML(int $localUserId, string $explanation)
{
- $a = self::getApp();
-
- $o = '';
-
- // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
- // to one recipient. By default our selector allows multiple selects amongst all contacts.
- $sql_extra = sprintf(" AND `rel` = %d ", intval(Contact::FRIEND));
- $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ", Protocol::DFRN, Protocol::DIASPORA);
-
- $tabindex_attr = !empty($tabindex) ? ' tabindex="' . intval($tabindex) . '"' : '';
-
- $hidepreselected = '';
- if ($preselected) {
- $sql_extra .= " AND `id` IN (" . implode(",", $preselected) . ")";
- $hidepreselected = ' style="display: none;"';
- }
-
- $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\"$tabindex_attr$hidepreselected>\r\n";
-
- $stmt = DBA::p("SELECT `id`, `name`, `url`, `network` FROM `contact`
- WHERE `uid` = ? AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND NOT `deleted` AND `notify` != ''
- $sql_extra
- ORDER BY `name` ASC ", intval(local_user())
- );
-
- $contacts = DBA::toArray($stmt);
-
- $arr = ['contact' => $contacts, 'entry' => $o];
-
- // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
- Hook::callAll($a->module . '_pre_' . $selname, $arr);
-
- $receiverlist = [];
-
- if (DBA::isResult($contacts)) {
- foreach ($contacts as $contact) {
- if (in_array($contact['id'], $preselected)) {
- $selected = ' selected="selected"';
- } else {
- $selected = '';
- }
-
- $trimmed = Protocol::formatMention($contact['url'], $contact['name']);
-
- $receiverlist[] = $trimmed;
-
- $o .= "<option value=\"{$contact['id']}\"$selected title=\"{$contact['name']}|{$contact['url']}\" >$trimmed</option>\r\n";
- }
- }
+ $selfPublicContactId = Contact::getPublicIdByUserId($localUserId);
- $o .= '</select>' . PHP_EOL;
-
- if ($preselected) {
- $o .= implode(', ', $receiverlist);
- }
-
- Hook::callAll($a->module . '_post_' . $selname, $o);
+ $tpl = Renderer::getMarkupTemplate('acl/self_only.tpl');
+ $o = Renderer::replaceMacros($tpl, [
+ '$selfPublicContactId' => $selfPublicContactId,
+ '$explanation' => $explanation,
+ ]);
return $o;
}
- private static function fixACL(&$item)
- {
- $item = intval(str_replace(['<', '>'], ['', ''], $item));
- }
-
/**
* Return the default permission of the provided user array
*
*/
public static function getDefaultUserPermissions(array $user = null)
{
- $matches = [];
+ $aclFormatter = DI::aclFormatter();
- $acl_regex = '/<([0-9]+)>/i';
+ return [
+ 'allow_cid' => Contact::pruneUnavailable($aclFormatter->expand($user['allow_cid'] ?? '')),
+ 'allow_gid' => $aclFormatter->expand($user['allow_gid'] ?? ''),
+ 'deny_cid' => $aclFormatter->expand($user['deny_cid'] ?? ''),
+ 'deny_gid' => $aclFormatter->expand($user['deny_gid'] ?? ''),
+ ];
+ }
- preg_match_all($acl_regex, defaults($user, 'allow_cid', ''), $matches);
- $allow_cid = $matches[1];
- preg_match_all($acl_regex, defaults($user, 'allow_gid', ''), $matches);
- $allow_gid = $matches[1];
- preg_match_all($acl_regex, defaults($user, 'deny_cid', ''), $matches);
- $deny_cid = $matches[1];
- preg_match_all($acl_regex, defaults($user, 'deny_gid', ''), $matches);
- $deny_gid = $matches[1];
+ /**
+ * Returns the ACL list of contacts for a given user id
+ *
+ * @param int $user_id
+ * @param array $condition Additional contact lookup table conditions
+ * @return array
+ * @throws \Exception
+ */
+ public static function getContactListByUserId(int $user_id, array $condition = [])
+ {
+ $fields = ['id', 'name', 'addr', 'micro'];
+ $params = ['order' => ['name']];
+ $acl_contacts = Contact::selectToArray(
+ $fields,
+ array_merge([
+ 'uid' => $user_id,
+ 'self' => false,
+ 'blocked' => false,
+ 'archive' => false,
+ 'deleted' => false,
+ 'pending' => false,
+ 'network' => Protocol::FEDERATED,
+ 'rel' => [Contact::FOLLOWER, Contact::FRIEND]
+ ], $condition),
+ $params
+ );
- // Reformats the ACL data so that it is accepted by the JS frontend
- array_walk($allow_cid, 'self::fixACL');
- array_walk($allow_gid, 'self::fixACL');
- array_walk($deny_cid, 'self::fixACL');
- array_walk($deny_gid, 'self::fixACL');
+ $acl_yourself = Contact::selectFirst($fields, ['uid' => $user_id, 'self' => true]);
+ $acl_yourself['name'] = DI::l10n()->t('Yourself');
- Contact::pruneUnavailable($allow_cid);
+ $acl_contacts[] = $acl_yourself;
- return [
- 'allow_cid' => $allow_cid,
- 'allow_gid' => $allow_gid,
- 'deny_cid' => $deny_cid,
- 'deny_gid' => $deny_gid,
+ $acl_forums = Contact::selectToArray($fields,
+ ['uid' => $user_id, 'self' => false, 'blocked' => false, 'archive' => false, 'deleted' => false,
+ 'network' => Protocol::FEDERATED, 'pending' => false, 'contact-type' => Contact::TYPE_COMMUNITY], $params
+ );
+
+ $acl_contacts = array_merge($acl_forums, $acl_contacts);
+
+ array_walk($acl_contacts, function (&$value) {
+ $value['type'] = 'contact';
+ });
+
+ return $acl_contacts;
+ }
+
+ /**
+ * Returns the ACL list of groups (including meta-groups) for a given user id
+ *
+ * @param int $user_id
+ * @return array
+ */
+ public static function getGroupListByUserId(int $user_id)
+ {
+ $acl_groups = [
+ [
+ 'id' => Group::FOLLOWERS,
+ 'name' => DI::l10n()->t('Followers'),
+ 'addr' => '',
+ 'micro' => 'images/twopeople.png',
+ 'type' => 'group',
+ ],
+ [
+ 'id' => Group::MUTUALS,
+ 'name' => DI::l10n()->t('Mutuals'),
+ 'addr' => '',
+ 'micro' => 'images/twopeople.png',
+ 'type' => 'group',
+ ]
];
+ foreach (Group::getByUserId($user_id) as $group) {
+ $acl_groups[] = [
+ 'id' => $group['id'],
+ 'name' => $group['name'],
+ 'addr' => '',
+ 'micro' => 'images/twopeople.png',
+ 'type' => 'group',
+ ];
+ }
+
+ return $acl_groups;
}
/**
* Return the full jot ACL selector HTML
*
- * @param array $user User array
- * @param bool $show_jotnets
- * @param array $default_permissions Static defaults permission array: ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '']
+ * @param Page $page
+ * @param int $uid User ID
+ * @param bool $for_federation
+ * @param array $default_permissions Static defaults permission array:
+ * [
+ * 'allow_cid' => [],
+ * 'allow_gid' => [],
+ * 'deny_cid' => [],
+ * 'deny_gid' => []
+ * ]
+ * @param array $condition
+ * @param string $form_prefix
* @return string
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
- public static function getFullSelectorHTML(array $user = null, $show_jotnets = false, array $default_permissions = [])
- {
+ public static function getFullSelectorHTML(
+ Page $page,
+ int $uid = null,
+ bool $for_federation = false,
+ array $default_permissions = [],
+ array $condition = [],
+ $form_prefix = ''
+ ) {
+ if (empty($uid)) {
+ return '';
+ }
+
+ static $input_group_id = 0;
+
+ $user = User::getById($uid);
+
+ $input_group_id++;
+
+ $page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
+ $page->registerFooterScript(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.js'));
+ $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.css'));
+ $page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput-typeahead.css'));
+
// Defaults user permissions
if (empty($default_permissions)) {
$default_permissions = self::getDefaultUserPermissions($user);
}
- $jotnets_fields = [];
- if ($show_jotnets) {
- $mail_enabled = false;
- $pubmail_enabled = false;
+ $default_permissions = [
+ 'allow_cid' => $default_permissions['allow_cid'] ?? [],
+ 'allow_gid' => $default_permissions['allow_gid'] ?? [],
+ 'deny_cid' => $default_permissions['deny_cid'] ?? [],
+ 'deny_gid' => $default_permissions['deny_gid'] ?? [],
+ ];
- if (function_exists('imap_open') && !Config::get('system', 'imap_disabled')) {
- $mailacct = DBA::selectFirst('mailacct', ['pubmail'], ['`uid` = ? AND `server` != ""', local_user()]);
- if (DBA::isResult($mailacct)) {
- $mail_enabled = true;
- $pubmail_enabled = !empty($mailacct['pubmail']);
- }
- }
+ if (count($default_permissions['allow_cid'])
+ + count($default_permissions['allow_gid'])
+ + count($default_permissions['deny_cid'])
+ + count($default_permissions['deny_gid'])) {
+ $visibility = 'custom';
+ } else {
+ $visibility = 'public';
+ // Default permission display for custom panel
+ $default_permissions['allow_gid'] = [Group::FOLLOWERS];
+ }
- if (empty($default_permissions['hidewall'])) {
- if ($mail_enabled) {
+ $jotnets_fields = [];
+ if ($for_federation) {
+ if (function_exists('imap_open') && !DI::config()->get('system', 'imap_disabled')) {
+ $mailacct = DBA::selectFirst('mailacct', ['pubmail'], ['`uid` = ? AND `server` != ""', $user['uid']]);
+ if (DBA::isResult($mailacct)) {
$jotnets_fields[] = [
'type' => 'checkbox',
'field' => [
'pubmail_enable',
- L10n::t('Post to Email'),
- $pubmail_enabled
+ DI::l10n()->t('Post to Email'),
+ !empty($mailacct['pubmail'])
]
];
+
}
-
- Hook::callAll('jot_networks', $jotnets_fields);
}
+ Hook::callAll('jot_networks', $jotnets_fields);
}
- $tpl = Renderer::getMarkupTemplate('acl_selector.tpl');
+ $acl_contacts = self::getContactListByUserId($user['uid'], $condition);
+
+ $acl_groups = self::getGroupListByUserId($user['uid']);
+
+ $acl_list = array_merge($acl_groups, $acl_contacts);
+
+ $input_names = [
+ 'visibility' => $form_prefix ? $form_prefix . '[visibility]' : 'visibility',
+ 'group_allow' => $form_prefix ? $form_prefix . '[group_allow]' : 'group_allow',
+ 'contact_allow' => $form_prefix ? $form_prefix . '[contact_allow]' : 'contact_allow',
+ 'group_deny' => $form_prefix ? $form_prefix . '[group_deny]' : 'group_deny',
+ 'contact_deny' => $form_prefix ? $form_prefix . '[contact_deny]' : 'contact_deny',
+ 'emailcc' => $form_prefix ? $form_prefix . '[emailcc]' : 'emailcc',
+ ];
+
+ $tpl = Renderer::getMarkupTemplate('acl/full_selector.tpl');
$o = Renderer::replaceMacros($tpl, [
- '$showall' => L10n::t('Visible to everybody'),
- '$show' => L10n::t('show'),
- '$hide' => L10n::t('don\'t show'),
- '$allowcid' => json_encode(defaults($default_permissions, 'allow_cid', [])), // we need arrays for Javascript since we call .remove() and .push() on this values
- '$allowgid' => json_encode(defaults($default_permissions, 'allow_gid', [])),
- '$denycid' => json_encode(defaults($default_permissions, 'deny_cid', [])),
- '$denygid' => json_encode(defaults($default_permissions, 'deny_gid', [])),
- '$networks' => $show_jotnets,
- '$emailcc' => L10n::t('CC: email addresses'),
- '$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'),
- '$jotnets_enabled' => empty($default_permissions['hidewall']),
- '$jotnets_summary' => L10n::t('Connectors'),
+ '$public_title' => DI::l10n()->t('Public'),
+ '$public_desc' => DI::l10n()->t('This content will be shown to all your followers and can be seen in the community pages and by anyone with its link.'),
+ '$custom_title' => DI::l10n()->t('Limited/Private'),
+ '$custom_desc' => DI::l10n()->t('This content will be shown only to the people in the first box, to the exception of the people mentioned in the second box. It won\'t appear anywhere public.'),
+ '$allow_label' => DI::l10n()->t('Show to:'),
+ '$deny_label' => DI::l10n()->t('Except to:'),
+ '$emailcc' => DI::l10n()->t('CC: email addresses'),
+ '$emtitle' => DI::l10n()->t('Example: bob@example.com, mary@example.com'),
+ '$jotnets_summary' => DI::l10n()->t('Connectors'),
+ '$visibility' => $visibility,
+ '$acl_contacts' => $acl_contacts,
+ '$acl_groups' => $acl_groups,
+ '$acl_list' => $acl_list,
+ '$contact_allow' => implode(',', $default_permissions['allow_cid']),
+ '$group_allow' => implode(',', $default_permissions['allow_gid']),
+ '$contact_deny' => implode(',', $default_permissions['deny_cid']),
+ '$group_deny' => implode(',', $default_permissions['deny_gid']),
+ '$for_federation' => $for_federation,
'$jotnets_fields' => $jotnets_fields,
- '$jotnets_disabled_label' => L10n::t('Connectors disabled, since "%s" is enabled.', L10n::t('Hide your profile details from unknown viewers?')),
- '$aclModalTitle' => L10n::t('Permissions'),
- '$aclModalDismiss' => L10n::t('Close'),
- '$features' => [
- 'aclautomention' => !empty($user['uid']) && Feature::isEnabled($user['uid'], 'aclautomention') ? 'true' : 'false'
- ],
+ '$input_names' => $input_names,
+ '$input_group_id' => $input_group_id,
]);
return $o;
}
/**
- * Searching for global contacts for autocompletion
+ * Checks the validity of the given ACL string
*
- * @brief Searching for global contacts for autocompletion
- * @param string $search Name or part of a name or nick
- * @param string $mode Search mode (e.g. "community")
- * @param int $page Page number (starts at 1)
- * @return array with the search results
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @param string $acl_string
+ * @param int $uid
+ * @return bool
+ * @throws Exception
*/
- public static function contactAutocomplete($search, $mode, int $page = 1)
+ public static function isValidContact($acl_string, $uid)
{
- if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
- return [];
+ if (empty($acl_string)) {
+ return true;
}
- // don't search if search term has less than 2 characters
- if (!$search || mb_strlen($search) < 2) {
- return [];
+ // split <x><y><z> into array of cids
+ preg_match_all('/<[A-Za-z0-9]+>/', $acl_string, $array);
+
+ // check for each cid if the contact is valid for the given user
+ $cid_array = $array[0];
+ foreach ($cid_array as $cid) {
+ $cid = str_replace(['<', '>'], ['', ''], $cid);
+ if (!DBA::exists('contact', ['id' => $cid, 'uid' => $uid])) {
+ return false;
+ }
}
- if (substr($search, 0, 1) === '@') {
- $search = substr($search, 1);
+ return true;
+ }
+
+ /**
+ * Checks the validity of the given ACL string
+ *
+ * @param string $acl_string
+ * @param int $uid
+ * @return bool
+ * @throws Exception
+ */
+ public static function isValidGroup($acl_string, $uid)
+ {
+ if (empty($acl_string)) {
+ return true;
}
- // check if searching in the local global contact table is enabled
- if (Config::get('system', 'poco_local_search')) {
- $return = GContact::searchByName($search, $mode);
- } else {
- $p = $page > 1 ? 'p=' . $page : '';
+ // split <x><y><z> into array of cids
+ preg_match_all('/<[A-Za-z0-9]+>/', $acl_string, $array);
- $curlResult = Network::curl(get_server() . '/lsearch?' . $p . '&search=' . urlencode($search));
- if ($curlResult->isSuccess()) {
- $lsearch = json_decode($curlResult->getBody(), true);
- if (!empty($lsearch['results'])) {
- $return = $lsearch['results'];
- }
+ // check for each cid if the contact is valid for the given user
+ $gid_array = $array[0];
+ foreach ($gid_array as $gid) {
+ $gid = str_replace(['<', '>'], ['', ''], $gid);
+ if (!DBA::exists('group', ['id' => $gid, 'uid' => $uid, 'deleted' => false])) {
+ return false;
}
}
- return $return ?? [];
+ return true;
}
}