From: brunoccast Date: Tue, 30 Jul 2019 01:18:52 +0000 (+0100) Subject: [CORE] Fix notice delete-form X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=0b58465fb96f96ee41d8e03b5727a763fccc96bc;p=quix0rs-gnu-social.git [CORE] Fix notice delete-form DeletenoticeAction: - Added tombstone check before deletion NoticeListItem: - Added tombstone check before showing delete-form ActivityVerb: - The plugin was overwriting the deletenotice route. Added stronger regexp to the connected routes. --- diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 2dd0848aa5..783a0bf4bf 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -39,9 +39,10 @@ class DeletenoticeAction extends FormAction { $this->notice = Notice::getByID($this->trimmed('notice')); - if (!$this->scoped->sameAs($this->notice->getProfile()) && - !$this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) { - // TRANS: Error message displayed trying to delete a notice that was not made by the current user. + if ($this->notice->isVerb([ActivityVerb::DELETE]) || + (!$this->scoped->sameAs($this->notice->getProfile()) && + !$this->scoped->hasRight(Right::DELETEOTHERSNOTICE))) { + // TRANS: Error message displayed when trying to delete a notice that was not made by the current user. $this->clientError(_('Cannot delete this notice.')); } diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index 5468310ea3..aa4f6b7bc6 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -618,6 +618,7 @@ class NoticeListItem extends Widget $todel = (empty($this->repeat)) ? $this->notice : $this->repeat; if (!empty($user) && + !$this->notice->isVerb([ActivityVerb::DELETE]) && ($todel->profile_id == $user->id || $user->hasRight(Right::DELETEOTHERSNOTICE))) { $this->out->text(' '); $deleteurl = common_local_url('deletenotice', diff --git a/plugins/ActivityVerb/ActivityVerbPlugin.php b/plugins/ActivityVerb/ActivityVerbPlugin.php index 4d92e36665..22b12a680f 100644 --- a/plugins/ActivityVerb/ActivityVerbPlugin.php +++ b/plugins/ActivityVerb/ActivityVerbPlugin.php @@ -35,14 +35,26 @@ class ActivityVerbPlugin extends Plugin public function onRouterInitialized(URLMapper $m) { + $unsupported = ['delete', 'share']; + + foreach ($unsupported as $idx => $verb) { + $unsupported[$idx] = "(?!".$verb.")"; + } + + // not all verbs are currently handled by ActivityVerb Plugins, + // so we need a strong regexp to prevent route replacement in + // the URLMapper + $verb_regexp = implode("", $unsupported) . '[a-z]+'; + $m->connect('notice/:id/:verb', - array('action' => 'activityverb'), - array('id' => '[0-9]+', - 'verb' => '[a-z]+')); + ['action' => 'activityverb'], + ['id' => '[0-9]+', + 'verb' => $verb_regexp]); + $m->connect('activity/:id/:verb', - array('action' => 'activityverb'), - array('id' => '[0-9]+', - 'verb' => '[a-z]+')); + ['action' => 'activityverb'], + ['id' => '[0-9]+', + 'verb' => $verb_regexp]); } public function onPluginVersion(array &$versions)