X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FCore%2FACL.php;h=1bf8ef03eee9fdc8f8b1a4f2aa1f2fffd9582b27;hb=34521c228bd69609fa4f475bb2e2e826723fcc16;hp=4df15dc536906a31e6a8c64b245140830c910854;hpb=ee8689cc899beecaf0943ac175550a7fb49cf199;p=friendica.git

diff --git a/src/Core/ACL.php b/src/Core/ACL.php
index 4df15dc536..1bf8ef03ee 100644
--- a/src/Core/ACL.php
+++ b/src/Core/ACL.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -25,21 +25,33 @@ use Friendica\App\Page;
 use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Model\Contact;
-use Friendica\Model\Group;
+use Friendica\Model\Circle;
+use Friendica\Model\User;
 
 /**
  * Handle ACL management and display
  */
 class ACL
 {
+	/**
+	 * Returns the default lock state for the given user id
+	 * @param int $uid
+	 * @return bool "true" if the default settings are non public
+	 */
+	public static function getLockstateForUserId(int $uid)
+	{
+		$user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
+		return !empty($user['allow_cid']) || !empty($user['allow_gid']) || !empty($user['deny_cid']) || !empty($user['deny_gid']);
+	}
+
 	/**
 	 * Returns a select input tag for private message recipient
 	 *
-	 * @param int  $selected Existing recipien contact ID
+	 * @param int  $selected Existing recipient contact ID
 	 * @return string
 	 * @throws \Exception
 	 */
-	public static function getMessageContactSelectHTML(int $selected = null)
+	public static function getMessageContactSelectHTML(int $selected = null): string
 	{
 		$o = '';
 
@@ -50,36 +62,57 @@ class ACL
 		$page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.css'));
 		$page->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput-typeahead.css'));
 
-		// When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
-		// to one recipient. By default our selector allows multiple selects amongst all contacts.
+		$contacts = self::getValidMessageRecipientsForUser(DI::userSession()->getLocalUserId());
+
+		$tpl = Renderer::getMarkupTemplate('acl/message_recipient.tpl');
+		$o = Renderer::replaceMacros($tpl, [
+			'$contacts'      => $contacts,
+			'$contacts_json' => json_encode($contacts),
+			'$selected'      => $selected,
+		]);
+
+		Hook::callAll(DI::args()->getModuleName() . '_post_recipient', $o);
+
+		return $o;
+	}
+
+	public static function getValidMessageRecipientsForUser(int $uid): array
+	{
 		$condition = [
-			'uid' => local_user(),
-			'self' => false,
+			'uid'     => $uid,
+			'self'    => false,
 			'blocked' => false,
 			'pending' => false,
 			'archive' => false,
 			'deleted' => false,
-			'rel' => [Contact::FOLLOWER, Contact::SHARING, Contact::FRIEND],
-			'network' => Protocol::FEDERATED,
+			'rel'     => [Contact::FOLLOWER, Contact::SHARING, Contact::FRIEND],
+			'network' => Protocol::SUPPORT_PRIVATE,
 		];
 
-		$contacts = Contact::selectToArray(
-			['id', 'name', 'addr', 'micro'],
+		return Contact::selectToArray(
+			['id', 'name', 'addr', 'micro', 'url', 'nick'],
 			DBA::mergeConditions($condition, ["`notify` != ''"])
 		);
+	}
 
-		$arr = ['contact' => $contacts, 'entry' => $o];
-
-		Hook::callAll(DI::module()->getName() . '_pre_recipient', $arr);
+	/**
+	 * Returns a minimal ACL block for self-only permissions
+	 *
+	 * @param int    $localUserId
+	 * @param string $explanation
+	 * @return string
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+	 */
+	public static function getSelfOnlyHTML(int $localUserId, string $explanation)
+	{
+		$selfPublicContactId = Contact::getPublicIdByUserId($localUserId);
 
-		$tpl = Renderer::getMarkupTemplate('acl/message_recipient.tpl');
+		$tpl = Renderer::getMarkupTemplate('acl/self_only.tpl');
 		$o = Renderer::replaceMacros($tpl, [
-			'$contacts' => $contacts,
-			'$selected' => $selected,
+			'$selfPublicContactId' => $selfPublicContactId,
+			'$explanation' => $explanation,
 		]);
 
-		Hook::callAll(DI::module()->getName() . '_post_recipient', $o);
-
 		return $o;
 	}
 
@@ -123,6 +156,7 @@ class ACL
 				'archive' => false,
 				'deleted' => false,
 				'pending' => false,
+				'network' => Protocol::FEDERATED,
 				'rel' => [Contact::FOLLOWER, Contact::FRIEND]
 			], $condition),
 			$params
@@ -133,12 +167,12 @@ class ACL
 
 		$acl_contacts[] = $acl_yourself;
 
-		$acl_forums = Contact::selectToArray($fields,
+		$acl_groups = Contact::selectToArray($fields,
 			['uid' => $user_id, 'self' => false, 'blocked' => false, 'archive' => false, 'deleted' => false,
-			'pending' => false, 'contact-type' => Contact::TYPE_COMMUNITY], $params
+			'network' => Protocol::FEDERATED, 'pending' => false, 'contact-type' => Contact::TYPE_COMMUNITY], $params
 		);
 
-		$acl_contacts = array_merge($acl_forums, $acl_contacts);
+		$acl_contacts = array_merge($acl_groups, $acl_contacts);
 
 		array_walk($acl_contacts, function (&$value) {
 			$value['type'] = 'contact';
@@ -148,47 +182,47 @@ class ACL
 	}
 
 	/**
-	 * Returns the ACL list of groups (including meta-groups) for a given user id
+	 * Returns the ACL list of circles (including meta-circles) for a given user id
 	 *
 	 * @param int $user_id
 	 * @return array
 	 */
-	public static function getGroupListByUserId(int $user_id)
+	public static function getCircleListByUserId(int $user_id)
 	{
-		$acl_groups = [
+		$acl_circles = [
 			[
-				'id' => Group::FOLLOWERS,
+				'id' => Circle::FOLLOWERS,
 				'name' => DI::l10n()->t('Followers'),
 				'addr' => '',
 				'micro' => 'images/twopeople.png',
-				'type' => 'group',
+				'type' => 'circle',
 			],
 			[
-				'id' => Group::MUTUALS,
+				'id' => Circle::MUTUALS,
 				'name' => DI::l10n()->t('Mutuals'),
 				'addr' => '',
 				'micro' => 'images/twopeople.png',
-				'type' => 'group',
+				'type' => 'circle',
 			]
 		];
-		foreach (Group::getByUserId($user_id) as $group) {
-			$acl_groups[] = [
-				'id' => $group['id'],
-				'name' => $group['name'],
+		foreach (Circle::getByUserId($user_id) as $circle) {
+			$acl_circles[] = [
+				'id' => $circle['id'],
+				'name' => $circle['name'],
 				'addr' => '',
 				'micro' => 'images/twopeople.png',
-				'type' => 'group',
+				'type' => 'circle',
 			];
 		}
 
-		return $acl_groups;
+		return $acl_circles;
 	}
 
 	/**
 	 * Return the full jot ACL selector HTML
 	 *
 	 * @param Page   $page
-	 * @param array  $user                  User array
+	 * @param int    $uid                   User ID
 	 * @param bool   $for_federation
 	 * @param array  $default_permissions   Static defaults permission array:
 	 *                                      [
@@ -204,18 +238,20 @@ class ACL
 	 */
 	public static function getFullSelectorHTML(
 		Page $page,
-		array $user = null,
+		int $uid = null,
 		bool $for_federation = false,
 		array $default_permissions = [],
 		array $condition = [],
 		$form_prefix = ''
 	) {
-		if (empty($user['uid'])) {
+		if (empty($uid)) {
 			return '';
 		}
 
 		static $input_group_id = 0;
 
+		$user = User::getById($uid);
+
 		$input_group_id++;
 
 		$page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
@@ -243,7 +279,7 @@ class ACL
 		} else {
 			$visibility = 'public';
 			// Default permission display for custom panel
-			$default_permissions['allow_gid'] = [Group::FOLLOWERS];
+			$default_permissions['allow_gid'] = [Circle::FOLLOWERS];
 		}
 
 		$jotnets_fields = [];
@@ -259,7 +295,7 @@ class ACL
 							!empty($mailacct['pubmail'])
 						]
 					];
-	
+
 				}
 			}
 			Hook::callAll('jot_networks', $jotnets_fields);
@@ -267,15 +303,15 @@ class ACL
 
 		$acl_contacts = self::getContactListByUserId($user['uid'], $condition);
 
-		$acl_groups = self::getGroupListByUserId($user['uid']);
+		$acl_circles = self::getCircleListByUserId($user['uid']);
 
-		$acl_list = array_merge($acl_groups, $acl_contacts);
+		$acl_list = array_merge($acl_circles, $acl_contacts);
 
 		$input_names = [
 			'visibility'    => $form_prefix ? $form_prefix . '[visibility]'    : 'visibility',
-			'group_allow'   => $form_prefix ? $form_prefix . '[group_allow]'   : 'group_allow',
+			'circle_allow'  => $form_prefix ? $form_prefix . '[circle_allow]'  : 'circle_allow',
 			'contact_allow' => $form_prefix ? $form_prefix . '[contact_allow]' : 'contact_allow',
-			'group_deny'    => $form_prefix ? $form_prefix . '[group_deny]'    : 'group_deny',
+			'circle_deny'   => $form_prefix ? $form_prefix . '[circle_deny]'   : 'circle_deny',
 			'contact_deny'  => $form_prefix ? $form_prefix . '[contact_deny]'  : 'contact_deny',
 			'emailcc'       => $form_prefix ? $form_prefix . '[emailcc]'       : 'emailcc',
 		];
@@ -285,20 +321,20 @@ class ACL
 			'$public_title'   => DI::l10n()->t('Public'),
 			'$public_desc'    => DI::l10n()->t('This content will be shown to all your followers and can be seen in the community pages and by anyone with its link.'),
 			'$custom_title'   => DI::l10n()->t('Limited/Private'),
-			'$custom_desc'    => DI::l10n()->t('This content will be shown only to the people in the first box, to the exception of the people mentioned in the second box. It won\'t appear anywhere public.'),
+			'$custom_desc'    => DI::l10n()->t('This content will be shown only to the people in the first box, to the exception of the people mentioned in the second box. It won\'t appear anywhere public.') . DI::l10n()->t('Start typing the name of a contact or a circle to show a filtered list. You can also mention the special circles "Followers" and "Mutuals".'),
 			'$allow_label'    => DI::l10n()->t('Show to:'),
 			'$deny_label'     => DI::l10n()->t('Except to:'),
 			'$emailcc'        => DI::l10n()->t('CC: email addresses'),
 			'$emtitle'        => DI::l10n()->t('Example: bob@example.com, mary@example.com'),
 			'$jotnets_summary' => DI::l10n()->t('Connectors'),
 			'$visibility'     => $visibility,
-			'$acl_contacts'   => $acl_contacts,
-			'$acl_groups'     => $acl_groups,
-			'$acl_list'       => $acl_list,
+			'$acl_contacts'   => json_encode($acl_contacts),
+			'$acl_circles'    => json_encode($acl_circles),
+			'$acl_list'       => json_encode($acl_list),
 			'$contact_allow'  => implode(',', $default_permissions['allow_cid']),
-			'$group_allow'    => implode(',', $default_permissions['allow_gid']),
+			'$circle_allow'   => implode(',', $default_permissions['allow_gid']),
 			'$contact_deny'   => implode(',', $default_permissions['deny_cid']),
-			'$group_deny'     => implode(',', $default_permissions['deny_gid']),
+			'$circle_deny'    => implode(',', $default_permissions['deny_gid']),
 			'$for_federation' => $for_federation,
 			'$jotnets_fields' => $jotnets_fields,
 			'$input_names'    => $input_names,
@@ -307,4 +343,62 @@ class ACL
 
 		return $o;
 	}
+
+	/**
+	 * Checks the validity of the given ACL string
+	 *
+	 * @param string $acl_string
+	 * @param int    $uid
+	 * @return bool
+	 * @throws Exception
+	 */
+	public static function isValidContact($acl_string, $uid)
+	{
+		if (empty($acl_string)) {
+			return true;
+		}
+
+		// split <x><y><z> into array of cids
+		preg_match_all('/<[A-Za-z0-9]+>/', $acl_string, $array);
+
+		// check for each cid if the contact is valid for the given user
+		$cid_array = $array[0];
+		foreach ($cid_array as $cid) {
+			$cid = str_replace(['<', '>'], ['', ''], $cid);
+			if (!DBA::exists('contact', ['id' => $cid, 'uid' => $uid])) {
+				return false;
+			}
+		}
+
+		return true;
+	}
+
+	/**
+	 * Checks the validity of the given ACL string
+	 *
+	 * @param string $acl_string
+	 * @param int    $uid
+	 * @return bool
+	 * @throws Exception
+	 */
+	public static function isValidCircle($acl_string, $uid)
+	{
+		if (empty($acl_string)) {
+			return true;
+		}
+
+		// split <x><y><z> into array of cids
+		preg_match_all('/<[A-Za-z0-9]+>/', $acl_string, $array);
+
+		// check for each cid if the contact is valid for the given user
+		$gid_array = $array[0];
+		foreach ($gid_array as $gid) {
+			$gid = str_replace(['<', '>'], ['', ''], $gid);
+			if (!DBA::exists('circle', ['id' => $gid, 'uid' => $uid, 'deleted' => false])) {
+				return false;
+			}
+		}
+
+		return true;
+	}
 }