harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more heavy lifting on API - though need to re-visit events and give them all message_ids from the origination site.

Browse Source
This commit is contained in:
friendica 2013-01-19 22:21:00 -08:00
parent 994f322d47
commit 45be26dd81
7 changed files with 78 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
include/api.php
View File

@ -381,32 +381,20 @@ require_once('include/security.php');
} }
// FIXME
function api_item_get_user(&$a, $item) { function api_item_get_user(&$a, $item) {
global $usercache; global $usercache;
// The author is our direct contact, in a conversation with us. // The author is our direct contact, in a conversation with us.
if(link_compare($item['url'],$item['author-link'])) {
return api_get_user($a,$item['cid']); if($item['author']['abook_id']) {
} return api_get_user($a,$item['author']['abook_id']);
else {
// The author may be a contact of ours, but is replying to somebody else.
// Figure out if we know him/her.
$normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']);
if(($normalised != 'mailbox') && (x($a->contacts[$normalised])))
return api_get_user($a,$a->contacts[$normalised]['id']);
} }
// We don't know this person directly. // We don't know this person directly.
list($nick, $name) = array_map("trim",explode("(",$item['author-name'])); $nick = substr($item['author']['xchan_addr'],0,strpos($item['author']['xchan_addr'],'@'));
$name=str_replace(")","",$name); $name = $item['author']['xchan_name'];
if ($name == '')
$name = $nick;
if ($nick == '')
$nick = $name;
// Generating a random ID // Generating a random ID
if (is_null($usercache[$nick]) or !array_key_exists($nick, $usercache)) if (is_null($usercache[$nick]) or !array_key_exists($nick, $usercache))
@ -418,8 +406,8 @@ require_once('include/security.php');
'screen_name' => $nick, 'screen_name' => $nick,
'location' => '', //$uinfo[0]['default-location'], 'location' => '', //$uinfo[0]['default-location'],
'description' => '', 'description' => '',
'profile_image_url' => $item['author-avatar'], 'profile_image_url' => $item['author']['xchan_photo_m'],
'url' => $item['author-link'], 'url' => $item['author']['xchan_url'],
'protected' => false, # 'protected' => false, #
'followers_count' => 0, 'followers_count' => 0,
'friends_count' => 0, 'friends_count' => 0,
@ -653,12 +641,11 @@ require_once('include/security.php');
// get last public message // get last public message
$lastwall = q("SELECT * from item where 1 $lastwall = q("SELECT * from item where 1
and not ( item_flags & %d ) and item_restrict = 0 and item_private != 0 and item_restrict = 0
and author_xchan = '%s' and author_xchan = '%s'
and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = ''
and verb = '%s' and verb = '%s'
order by created desc limit 1", order by created desc limit 1",
intval(ITEM_PRIVATE),
dbesc($user_info['guid']), dbesc($user_info['guid']),
dbesc(ACTIVITY_POST) dbesc(ACTIVITY_POST)
); );
@ -723,12 +710,11 @@ require_once('include/security.php');
$user_info = api_get_user($a); $user_info = api_get_user($a);
$lastwall = q("SELECT * from item where 1 $lastwall = q("SELECT * from item where 1
and not ( item_flags & %d ) and item_restrict = 0 and item_private != 0 and item_restrict = 0
and author_xchan = '%s' and author_xchan = '%s'
and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = ''
and verb = '%s' and verb = '%s'
order by created desc limit 1", order by created desc limit 1",
intval(ITEM_PRIVATE),
dbesc($user_info['guid']), dbesc($user_info['guid']),
dbesc(ACTIVITY_POST) dbesc(ACTIVITY_POST)
); );
@ -826,7 +812,7 @@ require_once('include/security.php');
intval($count) intval($count)
); );
xchan_query($r); xchan_query($r,true);
$ret = api_format_items($r,$user_info); $ret = api_format_items($r,$user_info);
@ -882,22 +868,22 @@ require_once('include/security.php');
if ($max_id > 0) if ($max_id > 0)
$sql_extra = 'AND `item`.`id` <= '.intval($max_id); $sql_extra = 'AND `item`.`id` <= '.intval($max_id);
require_once('include/security.php');
$r = q("SELECT * from item where id in (select distinct(uri) from item where item_restrict = 0 $r = q("select * from item where item_restrict = 0
and allow_cid = '' and allow_gid = '' and allow_cid = '' and allow_gid = ''
and deny_cid = '' and deny_gid = '' and deny_cid = '' and deny_gid = ''
and not ( item_flags & %d ) and ( item_flags & %d ) and item_private = 0
and uid in ( " . stream_perms_api_uids() . " )
$sql_extra $sql_extra
AND id > %d) AND id > %d group by uri
ORDER BY received DESC LIMIT %d, %d ", order by received desc LIMIT %d, %d ",
intval(ITEM_PRIVATE),
intval(ITEM_WALL),
intval($since_id), intval($since_id),
intval($start), intval($start),
intval($count) intval($count)
); );
xchan_query($r); xchan_query($r,true);
$ret = api_format_items($r,$user_info); $ret = api_format_items($r,$user_info);
@ -946,7 +932,7 @@ require_once('include/security.php');
$r = q("select * from item where item_restrict = 0 $sql_extra", $r = q("select * from item where item_restrict = 0 $sql_extra",
intval($id) intval($id)
); );
xchan_query($r); xchan_query($r,true);
$ret = api_format_items($r,$user_info); $ret = api_format_items($r,$user_info);
@ -1346,7 +1332,8 @@ require_once('include/security.php');
foreach($r as $item) { foreach($r as $item) {
localize_item($item); localize_item($item);
$status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item));
$status_user = (($item['author_xchan']==$user_info['guid'])?$user_info: api_item_get_user($a,$item));
if($item['parent'] != $item['id']) { if($item['parent'] != $item['id']) {
$r = q("select id from item where parent= %d and id < %d order by id desc limit 1", $r = q("select id from item where parent= %d and id < %d order by id desc limit 1",
@ -1358,7 +1345,7 @@ require_once('include/security.php');
else else
$in_reply_to_status_id = $item['parent']; $in_reply_to_status_id = $item['parent'];
xchan_query($r); xchan_query($r,true);
$in_reply_to_screen_name = $r[0]['author']['xchan_name']; $in_reply_to_screen_name = $r[0]['author']['xchan_name'];
$in_reply_to_user_id = $r[0]['author']['abook_id']; $in_reply_to_user_id = $r[0]['author']['abook_id'];

8
include/event.php
View File

@ -291,7 +291,7 @@ function event_store($arr) {
$private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0); $private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0);
q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d WHERE id = %d AND uid = %d LIMIT 1", q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d LIMIT 1",
dbesc($arr['summary']), dbesc($arr['summary']),
dbesc(format_event_bbcode($arr)), dbesc(format_event_bbcode($arr)),
dbesc($object), dbesc($object),
@ -300,7 +300,8 @@ function event_store($arr) {
dbesc($arr['deny_cid']), dbesc($arr['deny_cid']),
dbesc($arr['deny_gid']), dbesc($arr['deny_gid']),
dbesc($arr['edited']), dbesc($arr['edited']),
intval(($private && ($r[0]['item_flags'] & ITEM_PRIVATE)) ? $r[0]['item_flags'] : $r[0]['item_flags'] ^ ITEM_PRIVATE), intval($r[0]['item_flags']),
intval($private),
intval($r[0]['id']), intval($r[0]['id']),
intval($arr['uid']) intval($arr['uid'])
); );
@ -368,8 +369,6 @@ function event_store($arr) {
$uri = item_message_id(); $uri = item_message_id();
$private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0); $private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0);
if($private)
$item_flags |= ITEM_PRIVATE;
$item_arr = array(); $item_arr = array();
@ -387,6 +386,7 @@ function event_store($arr) {
$item_arr['allow_gid'] = $arr['allow_gid']; $item_arr['allow_gid'] = $arr['allow_gid'];
$item_arr['deny_cid'] = $arr['deny_cid']; $item_arr['deny_cid'] = $arr['deny_cid'];
$item_arr['deny_gid'] = $arr['deny_gid']; $item_arr['deny_gid'] = $arr['deny_gid'];
$item_arr['private'] = (($arr['private'] || $private) ? 1 : 0);
$item_arr['verb'] = ACTIVITY_POST; $item_arr['verb'] = ACTIVITY_POST;
$item_arr['resource_type'] = 'event'; $item_arr['resource_type'] = 'event';

5
include/items.php
View File

@ -1598,17 +1598,16 @@ function tag_deliver($uid,$item_id) {
$private = ($u[0]['allow_cid'] || $u[0]['allow_gid'] || $u[0]['deny_cid'] || $u[0]['deny_gid']) ? 1 : 0; $private = ($u[0]['allow_cid'] || $u[0]['allow_gid'] || $u[0]['deny_cid'] || $u[0]['deny_gid']) ? 1 : 0;
$flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK; $flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK;
if($private)
$flag_bits = $flag_bits | ITEM_PRIVATE;
$r = q("update item set item_flags = ( $item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', $r = q("update item set item_flags = ( $item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
deny_cid = '%s', deny_gid = '%s' where id = %d limit 1", deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1",
intval($flag_bits), intval($flag_bits),
dbesc($u[0]['channel_hash']), dbesc($u[0]['channel_hash']),
dbesc($u[0]['allow_cid']), dbesc($u[0]['allow_cid']),
dbesc($u[0]['allow_gid']), dbesc($u[0]['allow_gid']),
dbesc($u[0]['deny_cid']), dbesc($u[0]['deny_cid']),
dbesc($u[0]['deny_gid']), dbesc($u[0]['deny_gid']),
intval($private),
intval($item_id) intval($item_id)
); );
if($r) if($r)

35
include/security.php
View File

@ -236,7 +236,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* default permissions - anonymous user * default permissions - anonymous user
*/ */
$sql = " AND not (item_flags & " . ITEM_PRIVATE . ") "; $sql = " AND not item_private ";
/** /**
@ -359,3 +359,36 @@ function init_groups_visitor($contact_id) {
}} }}
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making $perms_min = PERMS_NETWORK unless logged in.
// Collect uids of everybody on this site who has opened their posts to everybody on this site (or greater visibility)
// We always include yourself if logged in because you can always see your own posts
// resolving granular permissions for the observer against every person and every post on the site
// will likely be too expensive.
// Returns a string list of comma separated channel_ids suitable for direct inclusion in a SQL query
function stream_perms_api_uids($perms_min = PERMS_SITE) {
$ret = array();
if(local_user())
$ret[] = local_user();
$r = q("select channel_id from channel where channel_r_stream <= %d",
intval($perms_min)
);
if($r)
foreach($r as $rr)
if(! in_array($rr['channel_id'],$ret))
$ret[] = $rr['channel_id'];
$str = '';
if($ret)
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= intval($rr);
}
return $str;
}

16
include/text.php
View File

@ -1718,7 +1718,11 @@ function ids_to_querystr($arr,$idx = 'id') {
return(implode(',', $t)); return(implode(',', $t));
} }
function xchan_query(&$items) { // Fetches xchan and hubloc data for an array of items with only an
// author_xchan and owner_xchan. If $abook is true also include the abook info.
// This is needed in the API to save extra per item lookups there.
function xchan_query(&$items,$abook = false) {
$arr = array(); $arr = array();
if($items && count($items)) { if($items && count($items)) {
foreach($items as $item) { foreach($items as $item) {
@ -1729,8 +1733,14 @@ function xchan_query(&$items) {
} }
} }
if(count($arr)) { if(count($arr)) {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash if($abook) {
where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )"); $chans = q("select * from xchan left join hubloc on hubloc_hash = xchan_hash left join abook on abook_xchan = xchan_hash
where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )");
}
else {
$chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash
where xchan_hash in (" . implode(',', $arr) . ") and ( hubloc_flags & " . intval(HUBLOC_FLAGS_PRIMARY) . " )");
}
} }
if($items && count($items) && $chans && count($chans)) { if($items && count($items) && $chans && count($chans)) {
for($x = 0; $x < count($items); $x ++) { for($x = 0; $x < count($items); $x ++) {

3
mod/search.php
View File

@ -186,11 +186,10 @@ function search_content(&$a) {
if($load) { if($load) {
$r = q("SELECT distinct(uri), item.* from item $r = q("SELECT distinct(uri), item.* from item
WHERE item_restrict = 0 WHERE item_restrict = 0
AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND not ( item_flags & %d )) AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND item_private = 0 )
OR ( `item`.`uid` = %d )) OR ( `item`.`uid` = %d ))
$sql_extra $sql_extra
group by uri ORDER BY created DESC $pager_sql ", group by uri ORDER BY created DESC $pager_sql ",
intval(ITEM_PRIVATE),
intval(local_user()), intval(local_user()),
intval(ABOOK_FLAG_BLOCKED) intval(ABOOK_FLAG_BLOCKED)

2
version.inc
View File

@ -1 +1 @@
2013-01-18.204 2013-01-19.205