]> git.mxchange.org Git - friendica.git/blobdiff - src/Security/Security.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #12673 from annando/andstatus-api
[friendica.git] / src / Security / Security.php
diff --git a/src/Security/Security.php b/src/Security/Security.php
index f0b33501f96b556139ef1f857e9951af6a50d1dc..bc1d98ac16471421a7d16fe776e031e7b5175544 100644 (file)
--- a/src/Security/Security.php
+++ b/src/Security/Security.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -22,10 +22,10 @@
 namespace Friendica\Security;
 
 use Friendica\Database\DBA;
+use Friendica\DI;
 use Friendica\Model\Contact;
 use Friendica\Model\Group;
 use Friendica\Model\User;
-use Friendica\Core\Session;
 
 /**
  * Secures that User is allow to do requests
@@ -36,20 +36,20 @@ class Security
        {
                static $verified = 0;
 
-               if (!Session::isAuthenticated()) {
+               if (!DI::userSession()->isAuthenticated()) {
                        return false;
                }
 
-               $uid = Session::getLocalUser();
+               $uid = DI::userSession()->getLocalUserId();
                if ($uid == $owner) {
                        return true;
                }
 
-               if (Session::getLocalUser() && ($owner == 0)) {
+               if (DI::userSession()->getLocalUserId() && ($owner == 0)) {
                        return true;
                }
 
-               if (!empty($cid = Session::getRemoteContactID($owner))) {
+               if (!empty($cid = DI::userSession()->getRemoteContactID($owner))) {
                        // use remembered decision and avoid a DB lookup for each and every display item
                        // DO NOT use this function if there are going to be multiple owners
                        // We have a contact-id for an authenticated remote user, this block determines if the contact
@@ -71,7 +71,7 @@ class Security
                                        $verified = 1;
                                        return false;
                                }
-                               
+
                                if (in_array($contact['rel'], [Contact::SHARING, Contact::FRIEND]) || ($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY)) {
                                        $verified = 2;
                                        return true;
@@ -93,8 +93,8 @@ class Security
         */
        public static function getPermissionsSQLByUserId(int $owner_id, bool $accessible = false)
        {
-               $local_user = Session::getLocalUser();
-               $remote_contact = Session::getRemoteContactID($owner_id);
+               $local_user = DI::userSession()->getLocalUserId();
+               $remote_contact = DI::userSession()->getRemoteContactID($owner_id);
                $acc_sql = '';
 
                if ($accessible) {
Unnamed repository; edit this file 'description' to name the repository.