diff options
| author | Maxence Lange <maxence@artificial-owl.com> | 2019-05-30 17:05:22 -0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-05-30 17:05:22 -0100 |
| commit | a5a085527335e38b12dbbdfdd2d58793fa2b281f (patch) | |
| tree | 7454fd5886b07a18c374c4bab109dde73c8da206 | |
| parent | 427f79ea87961e96e129ab494fd4d2ae15a98da2 (diff) | |
| parent | b53e5209ab11e112edae4985213694749c49b247 (diff) | |
Merge pull request #550 from nextcloud/enhancement/noid/fediverse-right-access
limit request to fediverse
| -rw-r--r-- | appinfo/info.xml | 1 | ||||
| -rw-r--r-- | lib/Command/Fediverse.php | 232 | ||||
| -rw-r--r-- | lib/Controller/ActivityPubController.php | 14 | ||||
| -rw-r--r-- | lib/Exceptions/UnauthorizedFediverseException.php | 40 | ||||
| -rw-r--r-- | lib/Service/ActivityService.php | 3 | ||||
| -rw-r--r-- | lib/Service/CacheActorService.php | 2 | ||||
| -rw-r--r-- | lib/Service/CacheDocumentService.php | 16 | ||||
| -rw-r--r-- | lib/Service/ConfigService.php | 17 | ||||
| -rw-r--r-- | lib/Service/CurlService.php | 26 | ||||
| -rw-r--r-- | lib/Service/DocumentService.php | 5 | ||||
| -rw-r--r-- | lib/Service/FediverseService.php | 281 | ||||
| -rw-r--r-- | lib/Service/StreamQueueService.php | 8 | ||||
| -rw-r--r-- | lib/webfinger.php | 18 |
13 files changed, 643 insertions, 20 deletions
diff --git a/appinfo/info.xml b/appinfo/info.xml index 939b29a6..f761d219 100644 --- a/appinfo/info.xml +++ b/appinfo/info.xml @@ -48,6 +48,7 @@ <commands> <command>OCA\Social\Command\CacheRefresh</command> <command>OCA\Social\Command\CheckInstall</command> + <command>OCA\Social\Command\Fediverse</command> <command>OCA\Social\Command\NoteCreate</command> <command>OCA\Social\Command\NoteBoost</command> <command>OCA\Social\Command\Reset</command> diff --git a/lib/Command/Fediverse.php b/lib/Command/Fediverse.php new file mode 100644 index 00000000..0a2dbf6e --- /dev/null +++ b/lib/Command/Fediverse.php @@ -0,0 +1,232 @@ +<?php +declare(strict_types=1); + + +/** + * Nextcloud - Social Support + * + * This file is licensed under the Affero General Public License version 3 or + * later. See the COPYING file. + * + * @author Maxence Lange <maxence@artificial-owl.com> + * @copyright 2018, Maxence Lange <maxence@artificial-owl.com> + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\Social\Command; + + +use Exception; +use OC\Core\Command\Base; +use OCA\Social\Exceptions\UnauthorizedFediverseException; +use OCA\Social\Service\ConfigService; +use OCA\Social\Service\FediverseService; +use OCA\Social\Service\MiscService; +use Symfony\Component\Console\Input\InputArgument; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Output\OutputInterface; + + +/** + * Class Fediverse + * + * @package OCA\Social\Command + */ +class Fediverse extends Base { + + + /** @var FediverseService */ + private $fediverseService; + + /** @var ConfigService */ + private $configService; + + /** @var MiscService */ + private $miscService; + + + /** @var OutputInterface */ + private $output; + + + /** + * CacheUpdate constructor. + * + * @param FediverseService $fediverseService + * @param ConfigService $configService + * @param MiscService $miscService + */ + public function __construct( + FediverseService $fediverseService, ConfigService $configService, + MiscService $miscService + ) { + parent::__construct(); + + $this->fediverseService = $fediverseService; + $this->configService = $configService; + $this->miscService = $miscService; + } + + + /** + * + */ + protected function configure() { + parent::configure(); + $this->setName('social:fediverse') + ->addOption( + 'type', 't', InputArgument::OPTIONAL, + 'Change the type of access management', '' + ) + ->addArgument('action', InputArgument::OPTIONAL, 'add/remove/test address', '') + ->addArgument('address', InputArgument::OPTIONAL, 'address/host', '') + ->setDescription('Allow or deny access to the fediverse'); + } + + + /** + * @param InputInterface $input + * @param OutputInterface $output + * + * @throws Exception + */ + protected function execute(InputInterface $input, OutputInterface $output) { + $this->output = $output; + + if ($this->typeAccess($input->getOption('type'))) { + return; + } + + $this->output->writeln( + 'Current access type: <info>' . $this->fediverseService->getAccessType() . '</info>' + ); + + switch ($input->getArgument('action')) { + case '': + $this->listAddresses(false); + break; + + case 'list': + $this->listAddresses(true); + break; + + case 'add': + $this->addAddress($input->getArgument('address')); + break; + + case 'remove': + $this->removeAddress($input->getArgument('address')); + break; + + case 'test': + $this->testAddress($input->getArgument('address')); + break; + + case 'reset': + $this->resetAddresses(); + break; + + default: + throw new Exception('specify action: add, remove, list, reset'); + } + } + + + /** + * @param string $type + * + * @return bool + * @throws Exception + */ + private function typeAccess(string $type) { + if ($type === '') { + return false; + } + + $this->fediverseService->setAccessType($type); + + return true; + } + + + /** + * @param bool $allKnownAddress + */ + private function listAddresses(bool $allKnownAddress = false) { + + if ($allKnownAddress) { + $this->output->writeln('- Known address:'); + foreach ($this->fediverseService->getKnownAddresses() as $address) { + $this->output->writeln(' <info>' . $address . '</info>'); + } + } + + $this->output->writeln('- List:'); + foreach ($this->fediverseService->getListedAddresses() as $address) { + $this->output->writeln(' <info>' . $address . '</info>'); + } + + } + + + /** + * @param string $address + * + * @throws Exception + */ + private function addAddress(string $address) { + $this->fediverseService->addAddress($address); + $this->output->writeln('<info>' . $address . '</info> added to the list'); + } + + + /** + * @param string $address + * + * @throws Exception + */ + private function removeAddress(string $address) { + $this->fediverseService->removeAddress($address); + $this->output->writeln('<info>' . $address . '</info> removed from the list'); + } + + + /** + * @param string $address + */ + private function testAddress(string $address) { + try { + $this->fediverseService->authorized($address); + $this->output->writeln('<info>Authorized</info>'); + } catch (UnauthorizedFediverseException $e) { + $this->output->writeln('<comment>Unauthorized</comment>'); + } + } + + + /** + * + */ + private function resetAddresses() { + $this->fediverseService->resetAddresses(); + $this->output->writeln('list is now empty'); + } + + +} + diff --git a/lib/Controller/ActivityPubController.php b/lib/Controller/ActivityPubController.php index 51df1b09..a1d50d22 100644 --- a/lib/Controller/ActivityPubController.php +++ b/lib/Controller/ActivityPubController.php @@ -40,6 +40,7 @@ use OCA\Social\Exceptions\SignatureIsGoneException; use OCA\Social\Exceptions\ItemUnknownException; use OCA\Social\Exceptions\UrlCloudException; use OCA\Social\Service\CacheActorService; +use OCA\Social\Service\FediverseService; use OCA\Social\Service\FollowService; use OCA\Social\Service\ImportService; use OCA\Social\Service\MiscService; @@ -61,6 +62,9 @@ class ActivityPubController extends Controller { /** @var SocialPubController */ private $socialPubController; + /** @var FediverseService */ + private $fediverseService; + /** @var CacheActorService */ private $cacheActorService; @@ -85,6 +89,7 @@ class ActivityPubController extends Controller { * * @param IRequest $request * @param SocialPubController $socialPubController + * @param FediverseService $fediverseService * @param CacheActorService $cacheActorService * @param SignatureService $signatureService * @param StreamQueueService $streamQueueService @@ -94,13 +99,14 @@ class ActivityPubController extends Controller { */ public function __construct( IRequest $request, SocialPubController $socialPubController, - CacheActorService $cacheActorService, SignatureService $signatureService, - StreamQueueService $streamQueueService, ImportService $importService, - FollowService $followService, MiscService $miscService + FediverseService $fediverseService, CacheActorService $cacheActorService, + SignatureService $signatureService, StreamQueueService $streamQueueService, + ImportService $importService, FollowService $followService, MiscService $miscService ) { parent::__construct(Application::APP_NAME, $request); $this->socialPubController = $socialPubController; + $this->fediverseService = $fediverseService; $this->cacheActorService = $cacheActorService; $this->signatureService = $signatureService; $this->streamQueueService = $streamQueueService; @@ -178,6 +184,7 @@ class ActivityPubController extends Controller { $requestTime = 0; $origin = $this->signatureService->checkRequest($this->request, $requestTime); + $this->fediverseService->authorized($origin); $activity = $this->importService->importFromJson($body); if (!$this->signatureService->checkObject($activity)) { @@ -221,6 +228,7 @@ class ActivityPubController extends Controller { $requestTime = 0; $origin = $this->signatureService->checkRequest($this->request, $requestTime); + $this->fediverseService->authorized($origin); // TODO - check the recipient <-> username // $actor = $this->actorService->getActor($username); diff --git a/lib/Exceptions/UnauthorizedFediverseException.php b/lib/Exceptions/UnauthorizedFediverseException.php new file mode 100644 index 00000000..22d7ba5c --- /dev/null +++ b/lib/Exceptions/UnauthorizedFediverseException.php @@ -0,0 +1,40 @@ +<?php +declare(strict_types=1); + + +/** + * Nextcloud - Social Support + * + * This file is licensed under the Affero General Public License version 3 or + * later. See the COPYING file. + * + * @author Maxence Lange <maxence@artificial-owl.com> + * @copyright 2018, Maxence Lange <maxence@artificial-owl.com> + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\Social\Exceptions; + + +use Exception; + + +class UnauthorizedFediverseException extends Exception { + +} + diff --git a/lib/Service/ActivityService.php b/lib/Service/ActivityService.php index c9237508..513a048b 100644 --- a/lib/Service/ActivityService.php +++ b/lib/Service/ActivityService.php @@ -48,6 +48,7 @@ use OCA\Social\Exceptions\RequestResultNotJsonException; use OCA\Social\Exceptions\RequestResultSizeException; use OCA\Social\Exceptions\RequestServerException; use OCA\Social\Exceptions\SocialAppConfigException; +use OCA\Social\Exceptions\UnauthorizedFediverseException; use OCA\Social\Model\ActivityPub\ACore; use OCA\Social\Model\ActivityPub\Activity\Create; use OCA\Social\Model\ActivityPub\Activity\Delete; @@ -284,6 +285,8 @@ class ActivityService { $this->signatureService->signRequest($request, $queue); $this->curlService->request($request); $this->requestQueueService->endRequest($queue, true); + } catch (UnauthorizedFediverseException $e) { + $this->requestQueueService->endRequest($queue, true); } catch (RequestResultNotJsonException $e) { $this->requestQueueService->endRequest($queue, true); } catch (ActorDoesNotExistException $e) { diff --git a/lib/Service/CacheActorService.php b/lib/Service/CacheActorService.php index 5d16fc05..d900741c 100644 --- a/lib/Service/CacheActorService.php +++ b/lib/Service/CacheActorService.php @@ -47,6 +47,7 @@ use OCA\Social\Exceptions\RequestResultSizeException; use OCA\Social\Exceptions\RequestServerException; use OCA\Social\Exceptions\SocialAppConfigException; use OCA\Social\Exceptions\ItemUnknownException; +use OCA\Social\Exceptions\UnauthorizedFediverseException; use OCA\Social\Model\ActivityPub\Actor\Person; @@ -118,6 +119,7 @@ class CacheActorService { * @throws SocialAppConfigException * @throws ItemUnknownException * @throws RequestResultNotJsonException + * @throws UnauthorizedFediverseException */ public function getFromId(string $id, bool $refresh = false): Person { diff --git a/lib/Service/CacheDocumentService.php b/lib/Service/CacheDocumentService.php index 0877846d..84aa32a2 100644 --- a/lib/Service/CacheDocumentService.php +++ b/lib/Service/CacheDocumentService.php @@ -43,6 +43,8 @@ use OCA\Social\Exceptions\RequestNetworkException; use OCA\Social\Exceptions\RequestResultNotJsonException; use OCA\Social\Exceptions\RequestResultSizeException; use OCA\Social\Exceptions\RequestServerException; +use OCA\Social\Exceptions\SocialAppConfigException; +use OCA\Social\Exceptions\UnauthorizedFediverseException; use OCP\Files\IAppData; use OCP\Files\NotFoundException; use OCP\Files\NotPermittedException; @@ -96,13 +98,15 @@ class CacheDocumentService { * @return string * @throws CacheContentMimeTypeException * @throws MalformedArrayException + * @throws NotFoundException * @throws NotPermittedException * @throws RequestContentException * @throws RequestNetworkException - * @throws RequestServerException - * @throws RequestResultSizeException * @throws RequestResultNotJsonException - * @throws NotFoundException + * @throws RequestResultSizeException + * @throws RequestServerException + * @throws SocialAppConfigException + * @throws UnauthorizedFediverseException */ public function saveRemoteFileToCache(string $url, &$mime = '') { @@ -190,9 +194,11 @@ class CacheDocumentService { * @throws MalformedArrayException * @throws RequestContentException * @throws RequestNetworkException - * @throws RequestServerException - * @throws RequestResultSizeException * @throws RequestResultNotJsonException + * @throws RequestResultSizeException + * @throws RequestServerException + * @throws SocialAppConfigException + * @throws UnauthorizedFediverseException */ public function retrieveContent(string $url) { $url = parse_url($url); diff --git a/lib/Service/ConfigService.php b/lib/Service/ConfigService.php index cdfee8e3..cf747f6f 100644 --- a/lib/Service/ConfigService.php +++ b/lib/Service/ConfigService.php @@ -54,6 +54,8 @@ class ConfigService { const SOCIAL_ADDRESS = 'address'; const SOCIAL_SERVICE = 'service'; const SOCIAL_MAX_SIZE = 'max_size'; + const SOCIAL_ACCESS_TYPE = 'access_type'; + const SOCIAL_ACCESS_LIST = 'access_list'; const BACKGROUND_CRON = 1; const BACKGROUND_ASYNC = 2; @@ -62,11 +64,20 @@ class ConfigService { /** @var array */ public $defaults = [ - self::SOCIAL_ADDRESS => '', - self::SOCIAL_SERVICE => 1, - self::SOCIAL_MAX_SIZE => 10 + self::SOCIAL_ADDRESS => '', + self::SOCIAL_SERVICE => 1, + self::SOCIAL_MAX_SIZE => 10, + self::SOCIAL_ACCESS_TYPE => 'all_but', + self::SOCIAL_ACCESS_LIST => '[]' ]; + /** @var array */ + public $accessTypeList = [ + 'BLACKLIST' => 'all_but', + 'WHITELIST' => 'none_but' + ]; + + /** @var string */ private $userId; diff --git a/lib/Service/CurlService.php b/lib/Service/CurlService.php index 7900649b..01eabb30 100644 --- a/lib/Service/CurlService.php +++ b/lib/Service/CurlService.php @@ -48,6 +48,7 @@ use OCA\Social\Exceptions\RequestResultSizeException; use OCA\Social\Exceptions\RequestServerException; use OCA\Social\Exceptions\SocialAppConfigException; use OCA\Social\Exceptions\ItemUnknownException; +use OCA\Social\Exceptions\UnauthorizedFediverseException; use OCA\Social\Model\ActivityPub\Actor\Person; class CurlService { @@ -64,6 +65,9 @@ class CurlService { /** @var ConfigService */ private $configService; + /** @var FediverseService */ + private $fediverseService; + /** @var MiscService */ private $miscService; @@ -79,10 +83,14 @@ class CurlService { * CurlService constructor. * * @param ConfigService $configService + * @param FediverseService $fediverseService * @param MiscService $miscService */ - public function __construct(ConfigService $configService, MiscService $miscService) { + public function __construct( + ConfigService $configService, FediverseService $fediverseService, MiscService $miscService + ) { $this->configService = $configService; + $this->fediverseService = $fediverseService; $this->miscService = $miscService; } @@ -94,9 +102,11 @@ class CurlService { * @throws InvalidResourceException * @throws RequestContentException * @throws RequestNetworkException + * @throws RequestResultNotJsonException * @throws RequestResultSizeException * @throws RequestServerException - * @throws RequestResultNotJsonException + * @throws SocialAppConfigException + * @throws UnauthorizedFediverseException */ public function webfingerAccount(string $account): array { $account = $this->withoutBeginAt($account); @@ -144,6 +154,7 @@ class CurlService { * @throws SocialAppConfigException * @throws ItemUnknownException * @throws RequestResultNotJsonException + * @throws UnauthorizedFediverseException */ public function retrieveAccount(string $account): Person { $result = $this->webfingerAccount($account); @@ -178,9 +189,11 @@ class CurlService { * @throws MalformedArrayException * @throws RequestContentException * @throws RequestNetworkException - * @throws RequestServerException - * @throws RequestResultSizeException * @throws RequestResultNotJsonException + * @throws RequestResultSizeException + * @throws RequestServerException + * @throws SocialAppConfigException + * @throws UnauthorizedFediverseException */ public function retrieveObject($id): array { @@ -205,11 +218,14 @@ class CurlService { * @return mixed * @throws RequestContentException * @throws RequestNetworkException + * @throws RequestResultNotJsonException * @throws RequestResultSizeException * @throws RequestServerException - * @throws RequestResultNotJsonException + * @throws SocialAppConfigException + * @throws UnauthorizedFediverseException */ public function request(Request $request) { + $this->fediverseService->authorized($request->getAddress()); $this->maxDownloadSizeReached = false; $curl = $this->initRequest($request); diff --git a/lib/Service/DocumentService.php b/lib/Service/DocumentService.php index 1dfbcd2f..d860a018 100644 --- a/lib/Service/DocumentService.php +++ b/lib/Service/DocumentService.php @@ -46,6 +46,7 @@ use OCA\Social\Exceptions\RequestResultNotJsonException; use OCA\Social\Exceptions\RequestResultSizeException; use OCA\Social\Exceptions\RequestServerException; use OCA\Social\Exceptions\SocialAppConfigException; +use OCA\Social\Exceptions\UnauthorizedFediverseException; use OCA\Social\Exceptions\UrlCloudException; use OCA\Social\Model\ActivityPub\Actor\Person; use OCA\Social\Model\ActivityPub\Object\Document; @@ -117,6 +118,7 @@ class DocumentService { * @throws CacheDocumentDoesNotExistException * @throws MalformedArrayException * @throws RequestResultNotJsonException + * @throws SocialAppConfigException */ public function cacheRemoteDocument(string $id, bool $public = false) { $document = $this->cacheDocumentsRequest->getById($id, $public); @@ -169,6 +171,8 @@ class DocumentService { $this->cacheDocumentsRequest->endCaching($document); } catch (RequestContentException $e) { $this->cacheDocumentsRequest->deleteById($id); + } catch (UnauthorizedFediverseException $e) { + $this->cacheDocumentsRequest->deleteById($id); } catch (RequestNetworkException $e) { $this->cacheDocumentsRequest->endCaching($document); } catch (RequestServerException $e) { @@ -189,6 +193,7 @@ class DocumentService { * @throws CacheDocumentDoesNotExistException * @throws MalformedArrayException * @throws RequestResultNotJsonException + * @throws SocialAppConfigException */ public function getFromCache(string $id, bool $public = false) { $document = $this->cacheRemoteDocument($id, $public); diff --git a/lib/Service/FediverseService.php b/lib/Service/FediverseService.php new file mode 100644 index 00000000..c5d8664f --- /dev/null +++ b/lib/Service/FediverseService.php @@ -0,0 +1,281 @@ +<?php +declare(strict_types=1); + + +/** + * Nextcloud - Social Support + * + * This file is licensed under the Affero General Public License version 3 or + * later. See the COPYING file. + * + * @author Maxence Lange <maxence@artificial-owl.com> + * @copyright 2018, Maxence Lange <maxence@artificial-owl.com> + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\Social\Service; + +use Exception; +use OCA\Social\Exceptions\SocialAppConfigException; +use OCA\Social\Exceptions\UnauthorizedFediverseException; + + +/** + * Class FediverseService + * + * @package OCA\Social\Service + */ +class FediverseService { + + + /** @var ConfigService */ + private $configService; + + /** @var MiscService */ + private $miscService; + + + /** + * FediverseService constructor. + * + * @param ConfigService $configService + * @param MiscService $miscService + */ + public function __construct( + ConfigService $configService, MiscService $miscService + ) { + $this->configService = $configService; + $this->miscService = $miscService; + } + + + /** + * @param string $address + * + * @return bool + * @throws UnauthorizedFediverseException + * @throws SocialAppConfigException + */ + public function authorized(string $address): bool { + if ($this->getAccessType() === + $this->configService->accessTypeList['BLACKLIST'] + && !$this->isListed($address)) { + return true; + } + + if ($this->getAccessType() === + $this->configService->accessTypeList['WHITELIST'] + && ($this->isListed($address) || $this->isLocal($address))) { + return true; + } + + throw new UnauthorizedFediverseException('Unauthorized Fediverse'); + } + + + /** + * @throws UnauthorizedFediverseException + */ + public function jailed() { + if ($this->getAccessType() !== $this->configService->accessTypeList['WHITELIST'] + || !empty($this->getListedAddresses())) { + return; + } + + throw new UnauthorizedFediverseException('Jailed Fediverse'); + } + + + /** + * @return string + */ + public function getAccessType(): string { + return $this->configService->getAppValue(ConfigService::SOCIAL_ACCESS_TYPE); + } + + + /** + * @param string $type + * + * @throws Exception + */ + public function setAccessType(string $type) { + $accepted = array_values($this->configService->accessTypeList); + if (!in_array($type, $accepted)) { + throw new Exception('invalid type: ' . json_encode($accepted)); + } + + $this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_TYPE, $type); + } + + + /** + * @param string $address + * + * @return bool + * @throws SocialAppConfigException + */ + public function isLocal(string $address): bool { + $local = $this->configService->getCloudAddress(true); + + return ($local === $address); + } + + + /** + * @return array + */ + public function getKnownAddresses(): array { + return []; + } + + + /** + * @return array + */ + public function getListedAddresses(): array { + return json_decode($this->configService->getAppValue(ConfigService::SOCIAL_ACCESS_LIST)); + } + + /** + * @param string $address + * + * @return bool + */ + public function isListed(string $address): bool { + $list = $this->getListedAddresses(); + + return (in_array($address, $list)); + } + + /** + * + */ + public function resetAddresses() { + $this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_LIST, '[]'); + } + + /** + * @param string $address + */ + public function addAddress(string $address) { + if ($this->isListed($address)) { + return; + } + + $list = $this->getListedAddresses(); + array_push($list, $address); + + $this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_LIST, json_encode($list)); + } + + /** + * @param string $address + * + * @return void + * @throws Exception + */ + public function removeAddress(string $address) { + $list = $this->getListedAddresses(); + $list = array_diff($list, [$address]); + $this->configService->setAppValue(ConfigService::SOCIAL_ACCESS_LIST, json_encode($list)); + } + + +// +// /** +// * @param string $address +// * +// * @throws Exception +// */ +// public function blockAddress(string $address) { +// if ($this->isBlocked($address)) { +// return; +// } +// +// if ($this->isAllowed($address)) { +// throw new Exception($address . ' is already in the whitelist'); +// } +// +// $blackList = $this->getBlockedAddresses(); +// array_push($blackList, $address); +// +// $this->configService->setAppValue(ConfigService::SOCIAL_BLACKLIST, json_encode($blackList)); +// } +// +// /** +// * @return array +// */ +// public function getBlockedAddresses(): array { +// return json_decode($this->configService->getAppValue(ConfigService::SOCIAL_BLACKLIST)); +// } +// +// /** +// * @param string $address +// * +// * @return bool +// */ +// public function isBlocked(string $address): bool { +// return (in_array('ALL', $this->getBlockedAddresses()) +// || in_array($address, $this->getBlockedAddresses())); +// } +// +// +// /** +// * @param string |