namespace Friendica\Model;
+use Friendica\Content\Feature;
use Friendica\Content\Text\BBCode;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
-use Friendica\Network\HTTPException\NotFoundException;
-use Friendica\Network\HTTPException\UnauthorizedException;
+use Friendica\Network\HTTPException;
use Friendica\Protocol\Activity;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
* @param string $nickname
*
* @return array the owner array
- * @throws NotFoundException The given nickname does not exist
- * @throws UnauthorizedException The access for the given nickname is restricted
+ * @throws HTTPException\InternalServerErrorException
+ * @throws HTTPException\NotFoundException The given nickname does not exist
+ * @throws HTTPException\UnauthorizedException The access for the given nickname is restricted
*/
public static function getOwnerForNickname(string $nickname): array
{
$owner = User::getOwnerDataByNick($nickname);
if (empty($owner) || $owner['account_removed'] || $owner['account_expired']) {
- throw new NotFoundException(DI::l10n()->t('User not found.'));
+ throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.'));
}
- if ($owner['hidewall'] && !DI::userSession()->isAuthenticated()) {
- throw new UnauthorizedException(DI::l10n()->t('Access to this profile has been restricted.'));
+ if (!DI::userSession()->isAuthenticated() && $owner['hidewall']) {
+ throw new HTTPException\UnauthorizedException(DI::l10n()->t('Access to this profile has been restricted.'));
+ }
+
+ if (!DI::userSession()->isAuthenticated() && !Feature::isEnabled($owner['uid'], 'public_calendar')) {
+ throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
}
return $owner;
}
/**
- * Get an event by its event ID.
+ * Get an event by its event ID. Checks permissions.
*
* @param int $owner_uid The User ID of the owner of the event
* @param int $event_id The ID of the event in the event table
* @return array Query result
* @throws \Exception
*/
- public static function getByIdAndUid(int $owner_uid, int $event_id, string $nickname = null): array
+ public static function getByIdAndUid(int $owner_uid, int $event_id): array
{
- if (!empty($nickname)) {
- $owner = static::getOwnerForNickname($nickname);
- $owner_uid = $owner['uid'];
-
- // get the permissions
- $sql_perms = Item::getPermissionsSQLByUserId($owner_uid);
- // we only want to have the events of the profile owner
- $sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
- } else {
- $sql_extra = "";
- }
-
// Only allow events if there is a valid owner_id.
if ($owner_uid == 0) {
return [];
}
- // Query for the event by event id
- $events = DBA::toArray(DBA::p("SELECT `event`.*, `post-user`.`id` AS `itemid` FROM `event`
- LEFT JOIN `post-user` ON `post-user`.`event-id` = `event`.`id` AND `post-user`.`uid` = `event`.`uid`
- WHERE `event`.`uid` = ? AND `event`.`id` = ? $sql_extra",
- $owner_uid, $event_id));
+ // get the permissions
+ $sql_perms = Item::getPermissionsSQLByUserId($owner_uid);
+ // Query for the event by event id
+ $events = DBA::toArray(DBA::p(
+ "SELECT `event`.*, `post-user`.`id` AS `itemid` FROM `event`
+ LEFT JOIN `post-user`
+ ON `post-user`.`event-id` = `event`.`id`
+ AND `post-user`.`uid` = `event`.`uid`
+ WHERE `event`.`id` = ?
+ AND `event`.`uid` = ?
+ $sql_perms",
+ $event_id, $owner_uid
+ ));
if (empty($events)) {
- throw new NotFoundException(DI::l10n()->t('Event not found.'));
- } else {
- $events = self::removeDuplicates($events);
- return $events[0];
+ throw new HTTPException\NotFoundException(DI::l10n()->t('Event not found.'));
}
+
+ return $events[0];
}
/**
* @param int $owner_uid The User ID of the owner of the events.
* @param string|null $start Start time of the timeframe.
* @param string|null $finish Finish time of the timeframe.
- * @param bool $ignore
- * @param string|null $nickname
+ * @param bool|null $ignore Filters ignored events (false: unignored events, true: ignored events, null: all events)
*
* @return array Query results.
- * @throws NotFoundException
- * @throws UnauthorizedException
+ * @throws HTTPException\NotFoundException
+ * @throws HTTPException\UnauthorizedException
*/
- public static function getListByDate(int $owner_uid, string $start = null, string $finish = null, bool $ignore = false, string $nickname = null): array
+ public static function getListByDate(int $owner_uid, string $start = null, string $finish = null, ?bool $ignore = false): array
{
- if (!empty($nickname)) {
- $owner = static::getOwnerForNickname($nickname);
- $owner_uid = $owner['uid'];
-
- // get the permissions
- $sql_perms = Item::getPermissionsSQLByUserId($owner_uid);
- // we only want to have the events of the profile owner
- $sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
- } else {
- $sql_extra = "";
- }
-
// Only allow events if there is a valid owner_id.
if ($owner_uid == 0) {
return [];
}
- if (empty($start) || empty($finish)) {
+ // get the permissions
+ $sql_perms = Item::getPermissionsSQLByUserId($owner_uid);
+ if (empty($start) || empty($finish)) {
$y = intval(DateTimeFormat::localNow('Y'));
$m = intval(DateTimeFormat::localNow('m'));
}
}
+ if ($ignore === true) {
+ $sql_ignore = " AND `event`.`ignore` = 1";
+ } elseif ($ignore === false) {
+ $sql_ignore = " AND `event`.`ignore` = 0";
+ } else {
+ $sql_ignore = "";
+ }
+
// Query for the event by date.
- $events = DBA::toArray(DBA::p("SELECT `event`.*, `post-user`.`id` AS `itemid` FROM `event`
- LEFT JOIN `post-user` ON `post-user`.`event-id` = `event`.`id` AND `post-user`.`uid` = `event`.`uid`
- WHERE `event`.`uid` = ? AND `event`.`ignore` = ?
- AND (`finish` >= ? OR (`nofinish` AND `start` >= ?)) AND `start` <= ?
- " . $sql_extra,
- $owner_uid, $ignore,
- $start, $start, $finish
+ $events = DBA::toArray(DBA::p(
+ "SELECT `event`.*, `post-user`.`id` AS `itemid` FROM `event`
+ LEFT JOIN `post-user`
+ ON `post-user`.`event-id` = `event`.`id`
+ AND `post-user`.`uid` = `event`.`uid`
+ WHERE `event`.`uid` = ?
+ $sql_ignore
+ AND (`finish` >= ? OR (`nofinish` AND `start` >= ?))
+ AND `start` <= ?
+ $sql_perms",
+ $owner_uid,
+ $start, $start,
+ $finish
));
- $events = self::removeDuplicates($events ?? []);
+ $events = self::removeDuplicates($events);
return self::sortByDate($events);
}
/**
- * Convert an array query results in an array which could be used by the events template.
- *
- * @param array $event_result Event query array.
- * @return array Event array for the template.
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
- * @throws \ImagickException
- */
- public static function prepareListForTemplate(array $event_result): array
- {
- $event_list = [];
-
- foreach ($event_result as $event) {
- $event_list[] = static::prepareForItem($event);
- }
-
- return $event_list;
- }
-
- /**
- * Convert an one event in an array which could be used by the events template.
+ * Convert an event in an array which could be used by the event template.
*
* @param array $event Event query array.
* @return array Event array for the template.
[$title, $_trash] = explode("<br", BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['desc'])), BBCode::TWITTER_API);
}
- $author_link = $event['author-link'];
-
- $event['author-link'] = Contact::magicLink($author_link);
-
- $html = self::getHTML($event);
- $event['summary'] = BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['summary']));
- $event['desc'] = BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['desc']));
- $event['location'] = BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['location']));
+ $event['author-link'] = Contact::magicLink($event['author-link']);
+ $event['summary'] = BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['summary']));
+ $event['desc'] = BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['desc']));
+ $event['location'] = BBCode::convertForUriId($event['uri-id'], Strings::escapeHtml($event['location']));
return [
- 'id' => $event['id'],
- 'start' => $start,
- 'end' => $end,
- 'allDay' => false,
- 'title' => $title,
- 'j' => $j,
- 'd' => $day,
- 'edit' => $edit,
- 'drop' => $drop,
- 'copy' => $copy,
- 'item' => $event,
- 'html' => $html,
- 'plink' => Item::getPlink($event),
+ 'id' => $event['id'],
+ 'start' => $start,
+ 'end' => $end,
+ 'allDay' => false,
+ 'title' => $title,
+ 'j' => $j,
+ 'd' => $day,
+ 'edit' => $edit,
+ 'drop' => $drop,
+ 'copy' => $copy,
+ 'item' => $event,
+ 'html' => self::getHTML($event),
+ 'plink' => Item::getPlink($event),
];
}
*
* @param array $events Query result for events.
* @param string $format The output format (ical/csv).
- *
- * @param string $timezone Timezone (missing parameter!)
* @return string Content according to selected export format.
*
* @todo Implement timezone support
foreach ($events as $event) {
/// @todo The time / date entries don't include any information about the
/// timezone the event is scheduled in :-/
- $tmp1 = strtotime($event['start']);
- $tmp2 = strtotime($event['finish']);
+ $tmp1 = strtotime($event['start']);
+ $tmp2 = strtotime($event['finish']);
$time_format = "%H:%M:%S";
$date_format = "%Y-%m-%d";
$tmp = $event['summary'];
$tmp = str_replace(PHP_EOL, PHP_EOL . ' ', $tmp);
$tmp = addcslashes($tmp, ',;');
- $o .= 'SUMMARY:' . $tmp . PHP_EOL;
+ $o .= 'SUMMARY:' . $tmp . PHP_EOL;
}
if ($event['desc']) {
$tmp = $event['desc'];
$tmp = str_replace(PHP_EOL, PHP_EOL . ' ', $tmp);
$tmp = addcslashes($tmp, ',;');
- $o .= 'DESCRIPTION:' . $tmp . PHP_EOL;
+ $o .= 'DESCRIPTION:' . $tmp . PHP_EOL;
}
if ($event['location']) {
$tmp = $event['location'];
$tmp = str_replace(PHP_EOL, PHP_EOL . ' ', $tmp);
$tmp = addcslashes($tmp, ',;');
- $o .= 'LOCATION:' . $tmp . PHP_EOL;
+ $o .= 'LOCATION:' . $tmp . PHP_EOL;
}
$o .= 'END:VEVENT' . PHP_EOL;
$tformat = DI::l10n()->t('g:i A'); // 8:01 AM.
// Convert the time to different formats.
- $dtstart_dt = DI::l10n()->getDay(DateTimeFormat::local($item['event-start'], $dformat));
+ $dtstart_dt = DI::l10n()->getDay(DateTimeFormat::local($item['event-start'], $dformat));
$dtstart_title = DateTimeFormat::utc($item['event-start'], DateTimeFormat::ATOM);
// Format: Jan till Dec.
$month_short = DI::l10n()->getDayShort(DateTimeFormat::local($item['event-start'], 'M'));
// Format: 1 till 31.
- $date_short = DateTimeFormat::local($item['event-start'], 'j');
- $start_time = DateTimeFormat::local($item['event-start'], $tformat);
+ $date_short = DateTimeFormat::local($item['event-start'], 'j');
+ $start_time = DateTimeFormat::local($item['event-start'], $tformat);
$start_short = DI::l10n()->getDayShort(DateTimeFormat::local($item['event-start'], $dformat_short));
// If the option 'nofinisch' isn't set, we need to format the finish date/time.
if (!$item['event-nofinish']) {
- $finish = true;
- $dtend_dt = DI::l10n()->getDay(DateTimeFormat::local($item['event-finish'], $dformat));
+ $finish = true;
+ $dtend_dt = DI::l10n()->getDay(DateTimeFormat::local($item['event-finish'], $dformat));
$dtend_title = DateTimeFormat::utc($item['event-finish'], DateTimeFormat::ATOM);
- $end_short = DI::l10n()->getDayShort(DateTimeFormat::utc($item['event-finish'], $dformat_short));
- $end_time = DateTimeFormat::local($item['event-finish'], $tformat);
+ $end_short = DI::l10n()->getDayShort(DateTimeFormat::utc($item['event-finish'], $dformat_short));
+ $end_time = DateTimeFormat::local($item['event-finish'], $tformat);
// Check if start and finish time is at the same day.
if (substr($dtstart_title, 0, 10) === substr($dtend_title, 0, 10)) {
$same_date = true;
}
} else {
$dtend_title = '';
- $dtend_dt = '';
- $end_time = '';
- $end_short = '';
+ $dtend_dt = '';
+ $end_time = '';
+ $end_short = '';
}
// Format the event location.
$location = self::locationToArray($item['event-location']);
// Construct the profile link (magic-auth).
- $author = ['uid' => 0, 'id' => $item['author-id'],
- 'network' => $item['author-network'], 'url' => $item['author-link']];
+ $author = ['uid' => 0, 'id' => $item['author-id'],
+ 'network' => $item['author-network'], 'url' => $item['author-link']];
$profile_link = Contact::magicLinkByContact($author);
- $tpl = Renderer::getMarkupTemplate('event_stream_item.tpl');
+ $tpl = Renderer::getMarkupTemplate('event_stream_item.tpl');
$return = Renderer::replaceMacros($tpl, [
'$id' => $item['event-id'],
'$title' => BBCode::convertForUriId($item['uri-id'], $item['event-summary']),
if (strpos($s, '[/map]') !== false) {
$found = preg_match("/\[map\](.*?)\[\/map\]/ism", $s, $match);
if (intval($found) > 0 && array_key_exists(1, $match)) {
- $location['address'] = $match[1];
+ $location['address'] = $match[1];
// Remove the map bbcode from the location name.
$location['name'] = str_replace($match[0], "", $s);
}
- // Map tag with coordinates - e.g. [map=48.864716,2.349014].
+ // Map tag with coordinates - e.g. [map=48.864716,2.349014].
} elseif (strpos($s, '[map=') !== false) {
$found = preg_match("/\[map=(.*?)\]/ism", $s, $match);
if (intval($found) > 0 && array_key_exists(1, $match)) {
- $location['coordinates'] = $match[1];
+ $location['coordinates'] = $match[1];
// Remove the map bbcode from the location name.
$location['name'] = str_replace($match[0], "", $s);
}
{
// Check for duplicates
$condition = [
- 'uid' => $contact['uid'],
- 'cid' => $contact['id'],
+ 'uid' => $contact['uid'],
+ 'cid' => $contact['id'],
'start' => DateTimeFormat::utc($birthday),
- 'type' => 'birthday'
+ 'type' => 'birthday'
];
if (DBA::exists('event', $condition)) {
return false;
use Friendica\App;
use Friendica\BaseModule;
+use Friendica\Content\Feature;
use Friendica\Content\Nav;
use Friendica\Content\Widget;
use Friendica\Core\L10n;
use Friendica\Core\Session\Capability\IHandleUserSessions;
use Friendica\Core\Theme;
use Friendica\Model\Event;
+use Friendica\Model\User;
use Friendica\Module\BaseProfile;
use Friendica\Module\Response;
use Friendica\Module\Security\Login;
+use Friendica\Network\HTTPException;
use Friendica\Navigation\SystemMessages;
use Friendica\Util\Profiler;
use Psr\Log\LoggerInterface;
protected function content(array $request = []): string
{
- if (!$this->session->getLocalUserId()) {
+ $nickname = $this->parameters['nickname'] ?? $this->app->getLoggedInUserNickname();
+ if (!$nickname) {
+ throw new HTTPException\UnauthorizedException();
+ }
+
+ $owner = User::getOwnerDataByNick($nickname);
+ if (!$owner || $owner['account_expired'] || $owner['account_removed']) {
+ throw new HTTPException\NotFoundException($this->t('User not found.'));
+ }
+
+ if (!$this->session->isAuthenticated() && $owner['hidewall']) {
+ $this->baseUrl->redirect('profile/' . $nickname . '/restricted');
+ }
+
+ if (!$this->session->isAuthenticated() && !Feature::isEnabled($owner['uid'], 'public_calendar')) {
$this->sysMessages->addNotice($this->t('Permission denied.'));
return Login::form();
}
$this->page->registerFooterScript('view/asset/moment/min/moment-with-locales.min.js');
$this->page->registerFooterScript('view/asset/fullcalendar/dist/fullcalendar.min.js');
- $htpl = Renderer::getMarkupTemplate('calendar/calendar_head.tpl');
+ $is_owner = $nickname == $this->app->getLoggedInUserNickname();
+ $htpl = Renderer::getMarkupTemplate('calendar/calendar_head.tpl');
$this->page['htmlhead'] .= Renderer::replaceMacros($htpl, [
- '$calendar_api' => 'calendar/api/get' . (!empty($this->parameters['nickname']) ? '/' . $this->parameters['nickname'] : ''),
- '$event_api' => 'calendar/event/show' . (!empty($this->parameters['nickname']) ? '/' . $this->parameters['nickname'] : ''),
+ '$calendar_api' => 'calendar/api/get' . ($is_owner ? '' : '/' . $nickname),
+ '$event_api' => 'calendar/event/show' . ($is_owner ? '' : '/' . $nickname),
'$modparams' => 2,
'$i18n' => $i18n,
]);
- $tabs = '';
-
- if (empty($this->parameters['nickname'])) {
- Nav::setSelected('home');
-
- $tabs = BaseProfile::getTabsHTML($this->app, 'calendar', true, $this->app->getLoggedInUserNickname(), false);
-
- $this->page['aside'] .= Widget\CalendarExport::getHTML($this->session->getLocalUserId());
- } else {
- $owner = Event::getOwnerForNickname($this->parameters['nickname']);
-
- Nav::setSelected('calendar');
-
- // get the tab navigation bar
- $tabs = BaseProfile::getTabsHTML($this->app, 'calendar', false, $owner['nickname'], $owner['hide-friends']);
+ Nav::setSelected($is_owner ? 'home' : 'calendar');
+ if (!$is_owner) {
$this->page['aside'] .= Widget\VCard::getHTML($owner);
- $this->page['aside'] .= Widget\CalendarExport::getHTML($owner['uid']);
}
+ $this->page['aside'] .= Widget\CalendarExport::getHTML($owner['uid']);
+
+ $tabs = BaseProfile::getTabsHTML('calendar', $is_owner, $nickname, !$is_owner && $owner['hide-friends']);
+
// ACL blocks are loaded in modals in frio
$this->page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
$this->page->registerFooterScript(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.js'));
projects / friendica.git / commitdiff