The profile page does now shows reshared items

diff --git a/include/conversation.php b/include/conversation.php
index 6adc00d0c40d795dad1e2fcfb7d03542dc36b2c2..40ed2259764cce6d50a58cd75534f74d4a60f3ef 100644 (file)
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -711,13 +711,28 @@ function conversation(App $a, array $items, $mode, $update, $preview = false, $o
  *
  * @param mixed   $thread_items Database statement with thread posts
  * @param boolean $pinned       Is the item pinned?
+ * @param integer $causer       Contact ID of the resharer
  *
  * @return array items with parents and comments
  */
-function conversation_fetch_comments($thread_items, $pinned) {
+function conversation_fetch_comments($thread_items, $pinned, $causer) {
        $comments = [];
 
        while ($row = Item::fetch($thread_items)) {
+               if (!empty($causer)) {
+                       if (($row['gravity'] == GRAVITY_PARENT)) {
+                               $row['post-type'] = Item::PT_ANNOUNCEMENT;
+                               $row['causer-id'] = $causer;
+                               $contact = Contact::getById($causer, ['url', 'name', 'thumb']);
+                               $row['causer-link'] = $contact['url'];
+                               $row['causer-avatar'] = $contact['thumb'];
+                               $row['causer-name'] = $contact['name'];
+                       } elseif (($row['gravity'] == GRAVITY_ACTIVITY) && ($row['verb'] == Activity::ANNOUNCE) &&
+                               ($row['author-id'] == $causer)) {
+                               continue;
+                       }
+               }
+
                $name = $row['causer-contact-type'] == Contact::TYPE_RELAY ? $row['causer-link'] : $row['causer-name'];
 
                switch ($row['post-type']) {
@@ -810,9 +825,16 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
        $items = [];
 
        foreach ($parents AS $parent) {
-               $condition = ["`item`.`parent-uri` = ? AND `item`.`uid` IN (0, ?) AND (`vid` != ? OR `vid` IS NULL)",
-                       $parent['uri'], $uid, Verb::getID(Activity::FOLLOW)];
-               $items = conversation_fetch_items($parent, $items, $condition, $block_authors, $params);
+               if (!empty($parent['thr-parent-id']) && !empty($parent['gravity']) && ($parent['gravity'] == GRAVITY_ACTIVITY)) {
+                       $condition = ["`item`.`parent-uri-id` = ? AND `item`.`uid` IN (0, ?) AND (`vid` != ? OR `vid` IS NULL)",
+                               $parent['thr-parent-id'], $uid, Verb::getID(Activity::FOLLOW)];
+                       $causer = $parent['author-id'] ?? 0;
+               } else {
+                       $condition = ["`item`.`parent-uri` = ? AND `item`.`uid` IN (0, ?) AND (`vid` != ? OR `vid` IS NULL)",
+                               $parent['uri'], $uid, Verb::getID(Activity::FOLLOW)];
+                       $causer = 0;
+                       }
+               $items = conversation_fetch_items($parent, $items, $condition, $block_authors, $params, $causer);
        }
 
        foreach ($items as $index => $item) {
@@ -834,16 +856,17 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
  * @param array $condition
  * @param boolean $block_authors
  * @param array $params
+ * @param integer $causer
  * @return array
  */
-function conversation_fetch_items(array $parent, array $items, array $condition, bool $block_authors, array $params) {
+function conversation_fetch_items(array $parent, array $items, array $condition, bool $block_authors, array $params, int $causer) {
        if ($block_authors) {
                $condition[0] .= " AND NOT `author`.`hidden`";
        }
 
        $thread_items = Item::selectForUser(local_user(), array_merge(Item::DISPLAY_FIELDLIST, ['contact-uid', 'gravity', 'post-type']), $condition, $params);
 
-       $comments = conversation_fetch_comments($thread_items, $parent['pinned'] ?? false);
+       $comments = conversation_fetch_comments($thread_items, $parent['pinned'] ?? false, $causer);
 
        if (count($comments) != 0) {
                $items = array_merge($items, $comments);

diff --git a/src/Core/Session.php b/src/Core/Session.php
index b15b53c4eef4ecc04e709a6f7b9b9f3d39dd6f09..c4fbb3f8c6d043b9764a0ef2623c64a92e2752d9 100644 (file)
--- a/src/Core/Session.php
+++ b/src/Core/Session.php
@@ -74,11 +74,19 @@ class Session
        {
                $session = DI::session();
 
-               if (empty($session->get('remote')[$uid])) {
-                       return 0;
+               if (!empty($session->get('remote')[$uid])) {
+                       $remote = $session->get('remote')[$uid];
+               } else {
+                       $remote = 0;
                }
 
-               return $session->get('remote')[$uid];
+               $local_user = !empty($session->get('authenticated')) ? $session->get('uid') : 0;
+
+               if (empty($remote) && ($local_user != $uid) && !empty($my_address = $session->get('my_address'))) {
+                       $remote = Contact::getIdForURL($my_address, $uid, false);
+               }
+
+               return $remote;
        }
 
        /**

diff --git a/src/Model/Item.php b/src/Model/Item.php
index 3b1a58cc858bede49a2ef65d7daf8bee8c95dc92..216172c92115213dee5e7c7403e2207c5427c056 100644 (file)
--- a/src/Model/Item.php
+++ b/src/Model/Item.php
@@ -3400,6 +3400,36 @@ class Item
                }
        }
 
+       /**
+        * Fetch the SQL condition for the given user id
+        *
+        * @param integer $owner_id User ID for which the permissions should be fetched
+        * @return array condition
+        */
+       public static function getPermissionsConditionArrayByUserId(int $owner_id)
+       {
+               $local_user = local_user();
+               $remote_user = Session::getRemoteContactID($owner_id);
+
+               // default permissions - anonymous user
+               $condition = ["`private` != ?", self::PRIVATE];
+
+               if ($local_user && ($local_user == $owner_id)) {
+                       // Profile owner - everything is visible
+                       $condition = [];
+               } elseif ($remote_user) {
+                        // Authenticated visitor - fetch the matching permissionsets
+                       $set = PermissionSet::get($owner_id, $remote_user);
+                       if (!empty($set)) {
+                               $condition = ["(`private` != ? OR (`private` = ? AND `wall` AND `psid` IN (?" . str_repeat(",?", count($set) - 1) . ")))",
+                                       Item::PRIVATE, Item::PRIVATE];
+                               $condition = array_merge($condition, $set);
+                       }
+               }
+
+               return $condition;
+       }
+
        public static function getPermissionsSQLByUserId($owner_id)
        {
                $local_user = local_user();

diff --git a/src/Module/Profile/Status.php b/src/Module/Profile/Status.php
index ccb1d9eef4641b22ac783074b51b76853dfcfbb4..65f3a5cd7d4cb5a66ebb2364a58c5acb18dd7c63 100644 (file)
--- a/src/Module/Profile/Status.php
+++ b/src/Module/Profile/Status.php
@@ -25,6 +25,7 @@ use Friendica\Content\Nav;
 use Friendica\Content\Pager;
 use Friendica\Content\Widget;
 use Friendica\Core\ACL;
+use Friendica\Core\Protocol;
 use Friendica\Core\Session;
 use Friendica\Database\DBA;
 use Friendica\DI;
@@ -32,9 +33,11 @@ use Friendica\Model\Item;
 use Friendica\Model\Post\Category;
 use Friendica\Model\Profile as ProfileModel;
 use Friendica\Model\User;
+use Friendica\Model\Verb;
 use Friendica\Module\BaseProfile;
 use Friendica\Module\Security\Login;
 use Friendica\Network\HTTPException;
+use Friendica\Protocol\Activity;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Security\Security;
 use Friendica\Util\Strings;
@@ -139,37 +142,32 @@ class Status extends BaseProfile
                }
 
                // Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
-               $sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid']);
-               $sql_extra2 = '';
+               $condition = Item::getPermissionsConditionArrayByUserId($a->profile['uid']);
 
                $last_updated_array = Session::get('last_updated', []);
 
-               $sql_post_table = "";
-
                if (!empty($category)) {
-                       $sql_post_table = sprintf("INNER JOIN (SELECT `uri-id` FROM `category-view` WHERE `name` = '%s' AND `type` = %d AND `uid` = %d ORDER BY `uri-id` DESC) AS `category` ON `item`.`uri-id` = `category`.`uri-id` ",
-                               DBA::escape(Strings::protectSprintf($category)), intval(Category::CATEGORY), intval($a->profile['uid']));
+                       $condition = DBA::mergeConditions($condition, ["`uri-id` IN (SELECT `uri-id` FROM `category-view` WHERE `name` = ? AND `type` = ? AND `uid` = ?)",
+                               $category, Category::CATEGORY, $a->profile['uid']]);
                }
 
                if (!empty($hashtags)) {
-                       $sql_post_table .= sprintf("INNER JOIN (SELECT `uri-id` FROM `tag-search-view` WHERE `name` = '%s' AND `uid` = %d ORDER BY `uri-id` DESC) AS `tag-search` ON `item`.`uri-id` = `tag-search`.`uri-id` ",
-                               DBA::escape(Strings::protectSprintf($hashtags)), intval($a->profile['uid']));
+                       $condition = DBA::mergeConditions($condition, ["`uri-id` IN (SELECT `uri-id` FROM `tag-search-view` WHERE `name` = ? AND `uid` = ?)",
+                               $hashtags, $a->profile['uid']]);
                }
 
                if (!empty($datequery)) {
-                       $sql_extra2 .= Strings::protectSprintf(sprintf(" AND `thread`.`received` <= '%s' ", DBA::escape(DateTimeFormat::convert($datequery, 'UTC', date_default_timezone_get()))));
+                       $condition = DBA::mergeConditions($condition, ["`received` <= ?", DateTimeFormat::convert($datequery, 'UTC', date_default_timezone_get())]);
                }
                if (!empty($datequery2)) {
-                       $sql_extra2 .= Strings::protectSprintf(sprintf(" AND `thread`.`received` >= '%s' ", DBA::escape(DateTimeFormat::convert($datequery2, 'UTC', date_default_timezone_get()))));
+                       $condition = DBA::mergeConditions($condition, ["`received` >= ?", DateTimeFormat::convert($datequery2, 'UTC', date_default_timezone_get())]);
                }
 
                // Does the profile page belong to a forum?
                // If not then we can improve the performance with an additional condition
-               $condition = ['uid' => $a->profile['uid'], 'page-flags' => [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]];
-               if (!DBA::exists('user', $condition)) {
-                       $sql_extra3 = sprintf(" AND `thread`.`contact-id` = %d ", intval(intval($a->profile['id'])));
-               } else {
-                       $sql_extra3 = "";
+               $condition2 = ['uid' => $a->profile['uid'], 'page-flags' => [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]];
+               if (!DBA::exists('user', $condition2)) {
+                       $condition = DBA::mergeConditions($condition, ['contact-id' => $a->profile['id']]);
                }
 
                if (DI::mode()->isMobile()) {
@@ -180,31 +178,22 @@ class Status extends BaseProfile
                                DI::config()->get('system', 'itemspage_network'));
                }
 
+               $condition = DBA::mergeConditions($condition, ["((`gravity` = ? AND `wall`) OR
+                       (`gravity` = ? AND `vid` = ? AND `origin` AND `thr-parent-id` IN
+                               (SELECT `uri-id` FROM `item` AS `i`
+                                       WHERE `gravity` = ? AND `network` IN (?, ?, ?, ?) AND `uid` IN (?, ?)
+                                               AND `i`.`uri-id` = `item`.`thr-parent-id`)))",
+                       GRAVITY_PARENT, GRAVITY_ACTIVITY, Verb::getID(Activity::ANNOUNCE), GRAVITY_PARENT,
+                       Protocol::DFRN, Protocol::ACTIVITYPUB, Protocol::DIASPORA, Protocol::OSTATUS,
+                       0, $a->profile['uid']]);
+
+               $condition = DBA::mergeConditions($condition, ['uid' => $a->profile['uid'], 'network' => Protocol::FEDERATED,
+                       'visible' => true, 'deleted' => false, 'moderated' => false]);
+
                $pager = new Pager(DI::l10n(), $args->getQueryString(), $itemspage_network);
+               $params = ['limit' => [$pager->getStart(), $pager->getItemsPerPage()], 'order' => ['received' => true]];
 
-               $pager_sql = sprintf(" LIMIT %d, %d ", $pager->getStart(), $pager->getItemsPerPage());
-
-               $items_stmt = DBA::p(
-                       "SELECT `item`.`uri`
-                       FROM `thread`
-                       STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
-                       $sql_post_table
-                       STRAIGHT_JOIN `contact`
-                       ON `contact`.`id` = `thread`.`contact-id`
-                               AND NOT `contact`.`blocked`
-                               AND NOT `contact`.`pending`
-                       WHERE `thread`.`uid` = ?
-                               AND `thread`.`visible`
-                               AND NOT `thread`.`deleted`
-                               AND NOT `thread`.`moderated`
-                               AND `thread`.`wall`
-                               $sql_extra3
-                               $sql_extra
-                               $sql_extra2
-                       ORDER BY `thread`.`received` DESC
-                       $pager_sql",
-                       $a->profile['uid']
-               );
+               $items_stmt = DBA::select('item', ['uri', 'thr-parent-id', 'gravity', 'author-id'], $condition, $params);
 
                // Set a time stamp for this page. We will make use of it when we
                // search for new items (update routine)
@@ -227,8 +216,9 @@ class Status extends BaseProfile
 
                if ($pager->getStart() == 0 && !empty($a->profile['uid'])) {
                        $condition = ['private' => [Item::PUBLIC, Item::UNLISTED]];
-                       if (remote_user()) {
-                               $permissionSets = DI::permissionSet()->selectByContactId(remote_user(), $a->profile['uid']);
+                       $remote_user = Session::getRemoteContactID($a->profile['uid']);
+                       if (!empty($remote_user)) {
+                               $permissionSets = DI::permissionSet()->selectByContactId($remote_user, $a->profile['uid']);
                                if (!empty($permissionSets)) {
                                        $condition = ['psid' => array_merge($permissionSets->column('id'),
                                                        [DI::permissionSet()->getIdFromACL($a->profile['uid'], '', '', '', '')])];