diff options
author | Maxence Lange <maxence@artificial-owl.com> | 2020-07-27 19:39:03 -0100 |
---|---|---|
committer | Maxence Lange <maxence@artificial-owl.com> | 2020-07-27 19:39:03 -0100 |
commit | b91f94b32e76d7f1007f3e47d66b1ac06cde6a91 (patch) | |
tree | 82fd4aaebd64aa8b50a0ef0d18b036ec08b2d1f5 | |
parent | fd5790bd5c74c999096334860c8b2641b3a529b9 (diff) |
filter displayed Post based on viewer
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-rw-r--r-- | lib/Controller/ActivityPubController.php | 26 | ||||
-rw-r--r-- | lib/Controller/SocialPubController.php | 18 | ||||
-rw-r--r-- | lib/Db/SocialLimitsQueryBuilder.php | 13 | ||||
-rw-r--r-- | lib/Db/StreamRequest.php | 4 | ||||
-rw-r--r-- | lib/Service/AccountService.php | 28 |
5 files changed, 66 insertions, 23 deletions
diff --git a/lib/Controller/ActivityPubController.php b/lib/Controller/ActivityPubController.php index 23713aee..ac4b4d28 100644 --- a/lib/Controller/ActivityPubController.php +++ b/lib/Controller/ActivityPubController.php @@ -36,12 +36,14 @@ use daita\MySmallPhpTools\Traits\TStringTools; use Exception; use OC\AppFramework\Http; use OCA\Social\AppInfo\Application; +use OCA\Social\Exceptions\AccountDoesNotExistException; use OCA\Social\Exceptions\ItemUnknownException; use OCA\Social\Exceptions\RealTokenException; use OCA\Social\Exceptions\SignatureIsGoneException; use OCA\Social\Exceptions\SocialAppConfigException; use OCA\Social\Exceptions\StreamNotFoundException; use OCA\Social\Exceptions\UrlCloudException; +use OCA\Social\Service\AccountService; use OCA\Social\Service\CacheActorService; use OCA\Social\Service\ConfigService; use OCA\Social\Service\FediverseService; @@ -82,6 +84,9 @@ class ActivityPubController extends Controller { /** @var ImportService */ private $importService; + /** @var AccountService */ + private $accountService; + /** @var FollowService */ private $followService; @@ -105,17 +110,18 @@ class ActivityPubController extends Controller { * @param SignatureService $signatureService * @param StreamQueueService $streamQueueService * @param ImportService $importService + * @param AccountService $accountService * @param FollowService $followService * @param StreamService $streamService * @param ConfigService $configService * @param MiscService $miscService */ public function __construct( - IRequest $request, SocialPubController $socialPubController, - FediverseService $fediverseService, CacheActorService $cacheActorService, - SignatureService $signatureService, StreamQueueService $streamQueueService, - ImportService $importService, FollowService $followService, StreamService $streamService, - ConfigService $configService, MiscService $miscService + IRequest $request, SocialPubController $socialPubController, FediverseService $fediverseService, + CacheActorService $cacheActorService, SignatureService $signatureService, + StreamQueueService $streamQueueService, ImportService $importService, AccountService $accountService, + FollowService $followService, StreamService $streamService, ConfigService $configService, + MiscService $miscService ) { parent::__construct(Application::APP_NAME, $request); @@ -125,6 +131,7 @@ class ActivityPubController extends Controller { $this->signatureService = $signatureService; $this->streamQueueService = $streamQueueService; $this->importService = $importService; + $this->accountService = $accountService; $this->followService = $followService; $this->streamService = $streamService; $this->configService = $configService; @@ -364,9 +371,14 @@ class ActivityPubController extends Controller { return $this->socialPubController->displayPost($username, $token); } - // TODO - check viewer rights ! + try { + $viewer = $this->accountService->getCurrentViewer(); + $this->streamService->setViewer($viewer); + } catch (AccountDoesNotExistException $e) { + } + $postId = $this->configService->getSocialUrl() . '@' . $username . '/' . $token; - $stream = $this->streamService->getStreamById($postId, false); + $stream = $this->streamService->getStreamById($postId, true); $stream->setCompleteDetails(false); diff --git a/lib/Controller/SocialPubController.php b/lib/Controller/SocialPubController.php index 481bf394..253c9308 100644 --- a/lib/Controller/SocialPubController.php +++ b/lib/Controller/SocialPubController.php @@ -33,10 +33,12 @@ namespace OCA\Social\Controller; use daita\MySmallPhpTools\Traits\Nextcloud\TNCDataResponse; use Exception; use OCA\Social\AppInfo\Application; +use OCA\Social\Exceptions\AccountDoesNotExistException; use OCA\Social\Exceptions\CacheActorDoesNotExistException; use OCA\Social\Exceptions\SocialAppConfigException; use OCA\Social\Exceptions\StreamNotFoundException; use OCA\Social\Exceptions\UrlCloudException; +use OCA\Social\Model\ActivityPub\Actor\Person; use OCA\Social\Service\AccountService; use OCA\Social\Service\CacheActorService; use OCA\Social\Service\ConfigService; @@ -212,20 +214,18 @@ class SocialPubController extends Controller { * @param string $token * * @return TemplateResponse - * @throws StreamNotFoundException * @throws SocialAppConfigException + * @throws StreamNotFoundException */ public function displayPost(string $username, string $token): TemplateResponse { - $postId = $this->configService->getSocialUrl() . '@' . $username . '/' . $token; - - if (isset($this->userId)) { - try { - $viewer = $this->accountService->getActorFromUserId($this->userId, true); - $this->streamService->setViewer($viewer); - } catch (Exception $e) { - } + try { + $viewer = $this->accountService->getCurrentViewer(); + $this->streamService->setViewer($viewer); + } catch (AccountDoesNotExistException $e) { } + $postId = $this->configService->getSocialUrl() . '@' . $username . '/' . $token; + $stream = $this->streamService->getStreamById($postId, true); $data = [ 'id' => $postId, diff --git a/lib/Db/SocialLimitsQueryBuilder.php b/lib/Db/SocialLimitsQueryBuilder.php index a82cddb3..c1dc173e 100644 --- a/lib/Db/SocialLimitsQueryBuilder.php +++ b/lib/Db/SocialLimitsQueryBuilder.php @@ -381,9 +381,12 @@ class SocialLimitsQueryBuilder extends SocialCrossQueryBuilder { /** * @param string $aliasDest * @param string $aliasFollowing - * @param bool $public + * @param bool $allowPublic + * @param bool $allowDirect */ - public function limitToViewer(string $aliasDest = 'sd', string $aliasFollowing = 'f', bool $public = false + public function limitToViewer( + string $aliasDest = 'sd', string $aliasFollowing = 'f', bool $allowPublic = false, + bool $allowDirect = false ) { if (!$this->hasViewer()) { $this->selectDestFollowing($aliasDest); @@ -403,10 +406,14 @@ class SocialLimitsQueryBuilder extends SocialCrossQueryBuilder { ); $orX->add($following); - if ($public) { + if ($allowPublic) { $orX->add($this->exprLimitToDest(ACore::CONTEXT_PUBLIC, 'recipient', '', $aliasDest)); } + if ($allowDirect) { + $orX->add($this->exprLimitToDest($actor->getId(), 'dm', '', $aliasDest)); + } + $this->andWhere($orX); } diff --git a/lib/Db/StreamRequest.php b/lib/Db/StreamRequest.php index fc54fc0e..0a50c1a3 100644 --- a/lib/Db/StreamRequest.php +++ b/lib/Db/StreamRequest.php @@ -241,13 +241,11 @@ class StreamRequest extends StreamRequestBuilder { }; $qb = $this->getStreamSelectSql(); - $expr = $qb->expr(); - $qb->limitToIdPrim($qb->prim($id)); $qb->linkToCacheActors('ca', 's.attributed_to_prim'); if ($asViewer) { - $qb->limitToViewer('sd', 'f', true); + $qb->limitToViewer('sd', 'f', true, true); $qb->leftJoinStreamAction('sa'); } diff --git a/lib/Service/AccountService.php b/lib/Service/AccountService.php index 70ce2714..7a513217 100644 --- a/lib/Service/AccountService.php +++ b/lib/Service/AccountService.php @@ -37,6 +37,7 @@ use OCA\Social\Db\ActorsRequest; use OCA\Social\Db\FollowsRequest; use OCA\Social\Db\StreamRequest; use OCA\Social\Exceptions\AccountAlreadyExistsException; +use OCA\Social\Exceptions\AccountDoesNotExistException; use OCA\Social\Exceptions\ActorDoesNotExistException; use OCA\Social\Exceptions\ItemAlreadyExistsException; use OCA\Social\Exceptions\ItemUnknownException; @@ -45,6 +46,7 @@ use OCA\Social\Exceptions\UrlCloudException; use OCA\Social\Model\ActivityPub\Actor\Person; use OCP\Accounts\IAccountManager; use OCP\IUserManager; +use OCP\IUserSession; /** @@ -64,6 +66,9 @@ class AccountService { /** @var IUserManager */ private $userManager; + /** @var IUserSession */ + private $userSession; + /** @var IAccountManager */ private $accountManager; @@ -96,6 +101,7 @@ class AccountService { * ActorService constructor. * * @param IUserManager $userManager + * @param IUserSession $userSession * @param IAccountManager $accountManager * @param ActorsRequest $actorsRequest * @param FollowsRequest $followsRequest @@ -107,12 +113,14 @@ class AccountService { * @param MiscService $miscService */ public function __construct( - IUserManager $userManager, IAccountManager $accountManager, ActorsRequest $actorsRequest, + IUserManager $userManager, IUserSession $userSession, IAccountManager $accountManager, + ActorsRequest $actorsRequest, FollowsRequest $followsRequest, StreamRequest $streamRequest, ActorService $actorService, DocumentService $documentService, SignatureService $signatureService, ConfigService $configService, MiscService $miscService ) { $this->userManager = $userManager; + $this->userSession = $userSession; $this->accountManager = $accountManager; $this->actorsRequest = $actorsRequest; $this->followsRequest = $followsRequest; @@ -153,6 +161,24 @@ class AccountService { /** + * @return Person + * @throws AccountDoesNotExistException + */ + public function getCurrentViewer(): Person { + $user = $this->userSession->getUser(); + if ($user === null) { + throw new AccountDoesNotExistException(); + } + + try { + return $this->getActorFromUserId($user->getUID()); + } catch (Exception $e) { + throw new AccountDoesNotExistException(); + } + } + + + /** * @param string $userId * @param bool $create * |