remote_permissions/remote_permissions.php

   1 <?php
   2 /**
   3  * Name: Remote Permissions
   4  * Description: Allow the recipients of private posts to see who else can see the post by clicking the lock icon
   5  * Version: 1.0
   6  * Author: Zach <https://f.shmuz.in/profile/techcity>
   7  *
   8  */
   9 use Friendica\Core\Addon;
  10 use Friendica\Core\Config;
  11 use Friendica\Core\L10n;
  12 use Friendica\Core\PConfig;
  13
  14 function remote_permissions_install() {
  15         Addon::registerHook('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
  16         Addon::registerHook('addon_settings', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings');
  17         Addon::registerHook('addon_settings_post', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings_post');
  18 }
  19
  20 function remote_permissions_uninstall() {
  21         Addon::unregisterHook('lockview_content', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_content');
  22         Addon::unregisterHook('addon_settings', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings');
  23         Addon::unregisterHook('addon_settings_post', 'addon/remote_permissions/remote_permissions.php', 'remote_permissions_settings_post');
  24 }
  25
  26 function remote_permissions_settings(&$a,&$o) {
  27
  28         if(! local_user())
  29                 return;
  30
  31         $global = Config::get("remote_perms", "global");
  32         if($global == 1)
  33                 return;
  34
  35         /* Add our stylesheet to the page so we can make our settings look nice */
  36
  37         $a->page['htmlhead'] .= '<link rel="stylesheet"  type="text/css" href="' . $a->get_baseurl() . '/addon/remote_permissions/settings.css' . '" media="all" />' . "\r\n";
  38
  39         /* Get the current state of our config variable */
  40
  41         $remote_perms = PConfig::get(local_user(),'remote_perms','show');
  42
  43         /* Add some HTML to the existing form */
  44
  45 //      $t = file_get_contents("addon/remote_permissions/settings.tpl" );
  46         $t = get_markup_template("settings.tpl", "addon/remote_permissions/" );
  47         $o .= replace_macros($t, [
  48                 '$remote_perms_title' => L10n::t('Remote Permissions Settings'),
  49                 '$remote_perms_label' => L10n::t('Allow recipients of your private posts to see the other recipients of the posts'),
  50                 '$checked' => (($remote_perms == 1) ? 'checked="checked"' : ''),
  51                 '$submit' => L10n::t('Save Settings')
  52         ]);
  53
  54 }
  55
  56 function remote_permissions_settings_post($a,$post) {
  57         if(! local_user() || (! x($_POST,'remote-perms-submit')))
  58                 return;
  59
  60         PConfig::set(local_user(),'remote_perms','show',intval($_POST['remote-perms']));
  61         info(L10n::t('Remote Permissions settings updated.') . EOL);
  62 }
  63
  64 function remote_permissions_content($a, $item_copy) {
  65
  66         if($item_copy['uid'] != local_user())
  67                 return;
  68
  69         if(Config::get('remote_perms','global') == 0) {
  70                 // Admin has set Individual choice. We need to find
  71                 // the original poster. First, get the contact's info
  72                 $r = q("SELECT nick, url FROM contact WHERE id = %d LIMIT 1",
  73                        intval($item_copy['contact-id'])
  74                 );
  75                 if(! $r)
  76                         return;
  77
  78                 // Find out if the contact lives here
  79                 $baseurl = $a->get_baseurl();
  80                 $baseurl = substr($baseurl, strpos($baseurl, '://') + 3);
  81                 if(strpos($r[0]['url'], $baseurl) === false)
  82                         return;
  83
  84                 // The contact lives here. Get his/her user info
  85                 $nick = $r[0]['nick'];
  86                 $r = q("SELECT uid FROM user WHERE nickname = '%s' LIMIT 1",
  87                        dbesc($nick)
  88                 );
  89                 if(! $r)
  90                         return;
  91
  92                 if(PConfig::get($r[0]['uid'],'remote_perms','show') == 0)
  93                         return;
  94         }
  95
  96         if(($item_copy['private'] == 1) && (! strlen($item_copy['allow_cid'])) && (! strlen($item_copy['allow_gid']))
  97                 && (! strlen($item_copy['deny_cid'])) && (! strlen($item_copy['deny_gid']))) {
  98
  99                 $allow_names = [];
 100
 101                 // Check for the original post here -- that's the only way
 102                 // to definitely get all of the recipients
 103
 104                 if($item_copy['uri'] === $item_copy['parent-uri']) {
 105                         // Lockview for a top-level post
 106                         $r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1",
 107                                    dbesc($item_copy['uri'])
 108                         );
 109                 }
 110                 else {
 111                         // Lockview for a comment
 112                         $r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'
 113                                 AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1",
 114                                    dbesc($item_copy['uri']),
 115                                    dbesc($item_copy['parent-uri'])
 116                         );
 117                 }
 118                 if($r) {
 119
 120                         $item = $r[0];
 121
 122                         $allowed_users = expand_acl($item['allow_cid']);
 123                         $allowed_groups = expand_acl($item['allow_gid']);
 124                         $deny_users = expand_acl($item['deny_cid']);
 125                         $deny_groups = expand_acl($item['deny_gid']);
 126
 127                         $o = L10n::t('Visible to:') . '<br />';
 128                         $allow = [];
 129                         $deny = [];
 130
 131                         if(count($allowed_groups)) {
 132                                 $r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )",
 133                                         dbesc(implode(', ', $allowed_groups))
 134                                 );
 135                                 foreach($r as $rr)
 136                                         $allow[] = $rr['contact-id'];
 137                         }
 138                         $allow = array_unique($allow + $allowed_users);
 139
 140                         if(count($deny_groups)) {
 141                                 $r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )",
 142                                         dbesc(implode(', ', $deny_groups))
 143                                 );
 144                                 foreach($r as $rr)
 145                                         $deny[] = $rr['contact-id'];
 146                         }
 147                         $deny = $deny + $deny_users;
 148
 149                         if($allow)
 150                         {
 151                                 $r = q("SELECT name FROM contact WHERE id IN ( %s )",
 152                                            dbesc(implode(', ', array_diff($allow, $deny)))
 153                                 );
 154                                 foreach($r as $rr)
 155                                         $allow_names[] = $rr['name'];
 156                         }
 157                 }
 158                 else {
 159                         // We don't have the original post. Let's try for the next best thing:
 160                         // checking who else has the post on our own server. Note that comments
 161                         // that were sent to Diaspora and were relayed to others on our server
 162                         // will have different URIs than the original. We can match the GUID for
 163                         // those
 164                         $r = q("SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s'",
 165                                    dbesc($item_copy['uri']),
 166                                dbesc($item_copy['guid'])
 167                         );
 168                         if(! $r)
 169                                 return;
 170
 171                         $allow = [];
 172                         foreach($r as $rr)
 173                                 $allow[] = $rr['uid'];
 174
 175                         $r = q("SELECT username FROM user WHERE uid IN ( %s )",
 176                                 dbesc(implode(', ', $allow))
 177                         );
 178                         if(! $r)
 179                                 return;
 180
 181                         $o = L10n::t('Visible to') . ' (' . L10n::t('may only be a partial list') . '):<br />';
 182
 183                         foreach($r as $rr)
 184                                 $allow_names[] = $rr['username'];
 185                 }
 186
 187                 // Sort the names alphabetically, case-insensitive
 188                 natcasesort($allow_names);
 189                 echo $o . implode(', ', $allow_names);
 190                 killme();
 191         }
 192
 193         return;
 194 }
 195
 196 function remote_permissions_addon_admin(&$a, &$o){
 197         $t = get_markup_template( "admin.tpl", "addon/remote_permissions/" );
 198         $o = replace_macros($t, [
 199                 '$submit' => L10n::t('Save Settings'),
 200                 '$global' => ['remotepermschoice', L10n::t('Global'), 1, L10n::t('The posts of every user on this server show the post recipients'),  Config::get('remote_perms', 'global') == 1],
 201                 '$individual' => ['remotepermschoice', L10n::t('Individual'), 2, L10n::t('Each user chooses whether his/her posts show the post recipients'),  Config::get('remote_perms', 'global') == 0]
 202         ]);
 203 }
 204
 205 function remote_permissions_addon_admin_post(&$a){
 206         $choice =       ((x($_POST,'remotepermschoice'))                ? notags(trim($_POST['remotepermschoice']))     : '');
 207         Config::set('remote_perms','global',($choice == 1 ? 1 : 0));
 208         info(L10n::t('Settings updated.'). EOL);
 209 }