From: Roland Haeder Date: Fri, 22 May 2015 03:04:54 +0000 (+0200) Subject: *** Privacy Leak fixed: *** X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=dafeb4b538c6ad6b9f9600b924851e65b3c98ff7;p=quix0rs-gnu-social.git *** Privacy Leak fixed: *** - isCurrentProfileInScope() is now more asked if the current profile is allowed to see the given notice. It was possible (with upstream master) to see private messages in RSS and (possible) JSON feeds Signed-off-by: Roland Haeder --- diff --git a/actions/apisearchatom.php b/actions/apisearchatom.php index e82ea39f9f..9491dc9570 100644 --- a/actions/apisearchatom.php +++ b/actions/apisearchatom.php @@ -167,6 +167,12 @@ class ApiSearchAtomAction extends ApiPrivateAuthAction if ($this->cnt > 0) { while ($notice->fetch()) { + // Check scope of notice to current profile (including guests) + if (!$notice->isCurrentProfileInScope()) { + // Not in scope + continue; + } + ++$cnt; if (!$this->max_id) { diff --git a/actions/apisearchjson.php b/actions/apisearchjson.php index d49444369d..5703fd135d 100644 --- a/actions/apisearchjson.php +++ b/actions/apisearchjson.php @@ -118,7 +118,16 @@ class ApiSearchJSONAction extends ApiPrivateAuthAction $search_engine->limit(($this->page - 1) * $this->rpp, $this->rpp + 1); if ($search_engine->query($this->query)) { $cnt = $notice->find(); - $this->notices = $notice->fetchAll(); + foreach ($notice->fetchAll() as $testNotice) { + // Must be true + assert($testNotice instanceof Notice); + + // Check scope of notice to current profile (including guests) + if ($testNotice->isCurrentProfileInScope()) { + // In scope + $this->notices[] = $testNotice; + } + } // END - if } $this->showJsonTimeline($this->notices); diff --git a/actions/noticesearchrss.php b/actions/noticesearchrss.php index 2a5187b885..b6be76ca95 100644 --- a/actions/noticesearchrss.php +++ b/actions/noticesearchrss.php @@ -63,7 +63,11 @@ class NoticesearchrssAction extends Rss10Action if ($cnt > 0) { while ($notice->fetch()) { - $notices[] = clone($notice); + // Check scope of notice to current profile (including guests) + if ($notice->isCurrentProfileInScope()) { + // Is in scope + $notices[] = clone($notice); + } } } diff --git a/classes/Notice.php b/classes/Notice.php index 533d4c100c..16b56e299c 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -3298,4 +3298,37 @@ class Notice extends Managed_DataObject return ($this->scope != Notice::SITE_SCOPE && $this->scope != Notice::PUBLIC_SCOPE); } + + /** + * Checks whether the current profile is allowed (in scope) to see this notice. + * + * @return $inScope Whether the current profile is allowed to see this notice + */ + public function isCurrentProfileInScope () { + // Check scope, default is allowed + $inScope = true; + + //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] this->tag=' . $this->tag . ',this->id=' . $this->id . ',this->scope=' . $this->scope); + + // Is it private scope? + if ($this->isPrivateScope()) { + // 2) Get current profile + $profile = Profile::current(); + + // Is the profile not set? + if (!$profile instanceof Profile) { + // Public viewer shall not see a tag from a private dent (privacy leak) + //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] Not logged in (public view).'); + $inScope = false; + } elseif (!$this->inScope($profile)) { + // Current profile is not in scope (not allowed to see) of notice + //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] profile->id=' . $profile->id . ' is not allowed to see this notice.'); + $inScope = false; + } + } + + // Return result + //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] this->tag=' . $this->tag . ',this->weight=' . $this->weight . ',inScope=' . intval($inScope) . ' - EXIT!'); + return $inScope; + } } diff --git a/classes/Notice_tag.php b/classes/Notice_tag.php index 45788285b5..4f7e6af409 100644 --- a/classes/Notice_tag.php +++ b/classes/Notice_tag.php @@ -108,21 +108,7 @@ class Notice_tag extends Managed_DataObject //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] this->tag=' . $this->tag . ',notice->id=' . $notice->id . ',notice->scope=' . $notice->scope); // Is it private scope? - if ($notice->isPrivateScope()) { - // 2) Get current profile - $profile = Profile::current(); - - // Is the profile not set? - if (!$profile instanceof Profile) { - // Public viewer shall not see a tag from a private dent (privacy leak) - //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] Not logged in (public view).'); - $inScope = FALSE; - } elseif (!$notice->inScope($profile)) { - // Current profile is not in scope (not allowed to see) of notice - //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] profile->id=' . $profile->id . ' is not allowed to see this tag.'); - $inScope = FALSE; - } - } + $inScope = $notice->isCurrentProfileInScope(); // Return result //* NOISY-DEBUG: */ common_debug('[' . __METHOD__ . ':' . __LINE__ . '] this->tag=' . $this->tag . ',this->weight=' . $this->weight . ',inScope=' . intval($inScope) . ' - EXIT!'); diff --git a/lib/search_engines.php b/lib/search_engines.php index 4ced45cac7..dbdeeb65b2 100644 --- a/lib/search_engines.php +++ b/lib/search_engines.php @@ -95,7 +95,6 @@ class MySQLSearch extends SearchEngine 'OR' ); } - return true; } else if ('notice' === $this->table) { // Don't show imported notices @@ -115,10 +114,11 @@ class MySQLSearch extends SearchEngine ); } - return true; } else { throw new ServerException('Unknown table: ' . $this->table); } + + return true; } } diff --git a/plugins/TagCloud/lib/tagcloudsection.php b/plugins/TagCloud/lib/tagcloudsection.php index 1ff973b902..9f7320f2de 100644 --- a/plugins/TagCloud/lib/tagcloudsection.php +++ b/plugins/TagCloud/lib/tagcloudsection.php @@ -64,6 +64,7 @@ class TagCloudSection extends Section $sum = 0; while ($tags->fetch() && ++$cnt <= TAGS_PER_SECTION) { + // Check scope of tag to current profile (including guests) if ($tags->isCurrentProfileInScope()) { $tw[$tags->tag] = $tags->weight; $sum += $tags->weight;