function init() { if (!local_channel()) { return; } $uid = local_channel(); $url = notags(trim($_REQUEST['url'])); $return_url = $_SESSION['return_url']; $confirm = intval($_REQUEST['confirm']); $channel = \App::get_channel(); // Warning: Do not edit the following line. The first symbol is UTF-8 @ $url = str_replace('@', '@', $url); $result = new_contact($uid, $url, $channel, true, $confirm); if ($result['success'] == false) { if ($result['message']) { notice($result['message']); } goaway($return_url); } info(t('Channel added.') . EOL); $clone = array(); foreach ($result['abook'] as $k => $v) { if (strpos($k, 'abook_') === 0) { $clone[$k] = $v; } } unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); $abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } build_sync_packet(0, array('abook' => array($clone)), true); $can_view_stream = intval(get_abconfig($channel['channel_id'], $clone['abook_xchan'], 'their_perms', 'view_stream')); // If we can view their stream, pull in some posts if ($can_view_stream || $result['abook']['xchan_network'] === 'rss') { \Zotlabs\Daemon\Master::Summon(array('Onepoll', $result['abook']['abook_id'])); } goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); }
function follow_init(&$a) { if (!local_channel()) { return; } $uid = local_channel(); $url = notags(trim($_REQUEST['url'])); $return_url = $_SESSION['return_url']; $confirm = intval($_REQUEST['confirm']); $channel = App::get_channel(); $result = new_contact($uid, $url, $channel, true, $confirm); if ($result['success'] == false) { if ($result['message']) { notice($result['message']); } goaway($return_url); } info(t('Channel added.') . EOL); $clone = array(); foreach ($result['abook'] as $k => $v) { if (strpos($k, 'abook_') === 0) { $clone[$k] = $v; } } unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); $abconfig = load_abconfig($channel['channel_hash'], $clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } build_sync_packet(0, array('abook' => array($clone))); // If we can view their stream, pull in some posts if ($result['abook']['abook_their_perms'] & PERMS_R_STREAM || $result['abook']['xchan_network'] === 'rss') { proc_run('php', 'include/onepoll.php', $result['abook']['abook_id']); } goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1'); }
function gnusoc_follow_from_feed(&$a, &$b) { $item = $b['item']; $importer = $b['channel']; $xchan = $b['xchan']; $author = $b['author']; $b['caught'] = true; logger('follow activity received'); if ($author && !$xchan) { $r = q("select * from xchan where xchan_guid = '%s' limit 1", dbesc($author['author_link'])); if (!$r) { if (discover_by_webbie($author['author_link'])) { $r = q("select * from xchan where xchan_guid = '%s' limit 1", dbesc($author['author_link'])); if (!$r) { logger('discovery failed'); return; } } $xchan = $r[0]; } $x = \Zotlabs\Access\PermissionRoles::role_perms('social'); $their_perms = \Zotlabs\Access\Permissions::FilledPerms($x['perms_connect']); $r = q("select * from abook where abook_channel = %d and abook_xchan = '%s' limit 1", intval($importer['channel_id']), dbesc($xchan['xchan_hash'])); if ($r) { $contact = $r[0]; $abook_instance = $contact['abook_instance']; if ($abook_instance) { $abook_instance .= ','; } $abook_instance .= z_root(); $r = q("update abook set abook_instance = '%s' where abook_id = %d and abook_channel = %d", dbesc($abook_instance), intval($contact['abook_id']), intval($importer['channel_id'])); foreach ($their_perms as $k => $v) { set_abconfig($importer['channel_id'], $contact['abook_xchan'], 'their_perms', $k, $v); } } else { $role = get_pconfig($importer['channel_id'], 'system', 'permissions_role'); if ($role) { $x = \Zotlabs\Access\PermissionRoles::role_perms($role); if ($x['perms_auto']) { $my_perms = \Zotlabs\Access\Permissions::FilledPerms($x['perms_connect']); } } if (!$my_perms) { $my_perms = \Zotlabs\Access\Permissions::FilledAutoperms($importer['channel_id']); } $closeness = get_pconfig($importer['channel_id'], 'system', 'new_abook_closeness'); if ($closeness === false) { $closeness = 80; } $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_connected, abook_dob, abook_pending, abook_instance ) values ( %d, %d, '%s', %d, '%s', '%s', '%s', '%s', %d, '%s' )", intval($importer['channel_account_id']), intval($importer['channel_id']), dbesc($xchan['xchan_hash']), intval($closeness), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(NULL_DATE), intval($my_perms ? 0 : 1), dbesc(z_root())); if ($r) { if ($my_perms) { foreach ($my_perms as $k => $v) { set_abconfig($importer['channel_id'], $xchan['xchan_hash'], 'my_perms', $k, $v); } } if ($their_perms) { foreach ($their_perms as $k => $v) { set_abconfig($importer['channel_id'], $xchan['xchan_hash'], 'their_perms', $k, $v); } } logger("New GNU-Social follower received for {$importer['channel_name']}"); $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash left join hubloc on hubloc_hash = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1", intval($importer['channel_id']), dbesc($xchan['xchan_hash'])); if ($new_connection) { \Zotlabs\Lib\Enotify::submit(array('type' => NOTIFY_INTRO, 'from_xchan' => $xchan['xchan_hash'], 'to_xchan' => $importer['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'])); if ($default_perms) { // Send back a sharing notification to them $deliver = gnusoc_remote_follow($importer, $new_connection[0]); if ($deliver) { Zotlabs\Daemon\Master::Summon(array('Deliver', $deliver)); } } $clone = array(); foreach ($new_connection[0] as $k => $v) { if (strpos($k, 'abook_') === 0) { $clone[$k] = $v; } } unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); $abconfig = load_abconfig($importer['channel_id'], $clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } build_sync_packet($importer['channel_id'], array('abook' => array($clone))); } } } return; } }
function get_channel_default_perms($uid) { $ret = []; $r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1", intval($uid)); if ($r) { $x = load_abconfig($uid, $r[0]['abook_xchan'], 'my_perms'); if ($x) { foreach ($x as $xv) { if (intval($xv['v'])) { $ret[] = $xv['k']; } } } } return $ret; }
/** * @brief Create an array representing the important channel information * which would be necessary to create a nomadic identity clone. This includes * most channel resources and connection information with the exception of content. * * @param int $channel_id * Channel_id to export * @param boolean $items * Include channel posts (wall items), default false * * @returns array * See function for details */ function identity_basic_export($channel_id, $items = false) { /* * Red basic channel export */ $ret = array(); // use constants here as otherwise we will have no idea if we can import from a site // with a non-standard platform and version. $ret['compatibility'] = array('project' => PLATFORM_NAME, 'version' => STD_VERSION, 'database' => DB_UPDATE_VERSION, 'server_role' => Zotlabs\Lib\System::get_server_role()); $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); if ($r) { $ret['channel'] = $r[0]; $ret['relocate'] = ['channel_address' => $r[0]['channel_address'], 'url' => z_root()]; } $r = q("select * from profile where uid = %d", intval($channel_id)); if ($r) { $ret['profile'] = $r; } $xchans = array(); $r = q("select * from abook where abook_channel = %d ", intval($channel_id)); if ($r) { $ret['abook'] = $r; for ($x = 0; $x < count($ret['abook']); $x++) { $xchans[] = $ret['abook'][$x]['abook_chan']; $abconfig = load_abconfig($channel_id, $ret['abook'][$x]['abook_xchan']); if ($abconfig) { $ret['abook'][$x]['abconfig'] = $abconfig; } } stringify_array_elms($xchans); } if ($xchans) { $r = q("select * from xchan where xchan_hash in ( " . implode(',', $xchans) . " ) "); if ($r) { $ret['xchan'] = $r; } $r = q("select * from hubloc where hubloc_hash in ( " . implode(',', $xchans) . " ) "); if ($r) { $ret['hubloc'] = $r; } } $r = q("select * from `groups` where uid = %d ", intval($channel_id)); if ($r) { $ret['group'] = $r; } $r = q("select * from group_member where uid = %d ", intval($channel_id)); if ($r) { $ret['group_member'] = $r; } $r = q("select * from pconfig where uid = %d", intval($channel_id)); if ($r) { $ret['config'] = $r; } $r = q("select mimetype, content, os_storage from photo where imgscale = 4 and photo_usage = %d and uid = %d limit 1", intval(PHOTO_PROFILE), intval($channel_id)); if ($r) { $ret['photo'] = array('type' => $r[0]['mimetype'], 'data' => $r[0]['os_storage'] ? base64url_encode(file_get_contents($r[0]['content'])) : base64url_encode($r[0]['content'])); } // All other term types will be included in items, if requested. $r = q("select * from term where ttype in (%d,%d) and uid = %d", intval(TERM_SAVEDSEARCH), intval(TERM_THING), intval($channel_id)); if ($r) { $ret['term'] = $r; } // add psuedo-column obj_baseurl to aid in relocations $r = q("select obj.*, '%s' as obj_baseurl from obj where obj_channel = %d", dbesc(z_root()), intval($channel_id)); if ($r) { $ret['obj'] = $r; } $r = q("select * from app where app_channel = %d and app_system = 0", intval($channel_id)); if ($r) { for ($x = 0; $x < count($r); $x++) { $r[$x]['term'] = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($r[$x]['id'])); } $ret['app'] = $r; } $r = q("select * from chatroom where cr_uid = %d", intval($channel_id)); if ($r) { $ret['chatroom'] = $r; } $r = q("select * from event where uid = %d", intval($channel_id)); if ($r) { $ret['event'] = $r; } $r = q("select * from item where resource_type = 'event' and uid = %d", intval($channel_id)); if ($r) { $ret['event_item'] = array(); xchan_query($r); $r = fetch_post_tags($r, true); foreach ($r as $rr) { $ret['event_item'][] = encode_item($rr, true); } } $x = menu_list($channel_id); if ($x) { $ret['menu'] = array(); for ($y = 0; $y < count($x); $y++) { $m = menu_fetch($x[$y]['menu_name'], $channel_id, $ret['channel']['channel_hash']); if ($m) { $ret['menu'][] = menu_element($m); } } } $x = menu_list($channel_id); if ($x) { $ret['menu'] = array(); for ($y = 0; $y < count($x); $y++) { $m = menu_fetch($x[$y]['menu_name'], $channel_id, $ret['channel']['channel_hash']); if ($m) { $ret['menu'][] = menu_element($m); } } } $addon = array('channel_id' => $channel_id, 'data' => $ret); call_hooks('identity_basic_export', $addon); $ret = $addon['data']; if (!$items) { return $ret; } $r = q("select * from likes where channel_id = %d", intval($channel_id)); if ($r) { $ret['likes'] = $r; } $r = q("select * from conv where uid = %d", intval($channel_id)); if ($r) { for ($x = 0; $x < count($r); $x++) { $r[$x]['subject'] = base64url_decode(str_rot47($r[$x]['subject'])); } $ret['conv'] = $r; } $r = q("select * from mail where mail.uid = %d", intval($channel_id)); if ($r) { $m = array(); foreach ($r as $rr) { xchan_mail_query($rr); $m[] = mail_encode($rr, true); } $ret['mail'] = $m; } /** @warning this may run into memory limits on smaller systems */ /** export three months of posts. If you want to export and import all posts you have to start with * the first year and export/import them in ascending order. * * Don't export linked resource items. we'll have to pull those out separately. */ $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created > %s - INTERVAL %s and resource_type = '' order by created", intval($channel_id), db_utcnow(), db_quoteinterval('3 MONTH')); if ($r) { $ret['item'] = array(); xchan_query($r); $r = fetch_post_tags($r, true); foreach ($r as $rr) { $ret['item'][] = encode_item($rr, true); } } return $ret; }
/** * @brief Refreshes after permission changed or friending, etc. * * zot_refresh is typically invoked when somebody has changed permissions of a channel and they are notified * to fetch new permissions via a finger/discovery operation. This may result in a new connection * (abook entry) being added to a local channel and it may result in auto-permissions being granted. * * Friending in zot is accomplished by sending a refresh packet to a specific channel which indicates a * permission change has been made by the sender which affects the target channel. The hub controlling * the target channel does targetted discovery (a zot-finger request requesting permissions for the local * channel). These are decoded here, and if necessary and abook structure (addressbook) is created to store * the permissions assigned to this channel. * * Initially these abook structures are created with a 'pending' flag, so that no reverse permissions are * implied until this is approved by the owner channel. A channel can also auto-populate permissions in * return and send back a refresh packet of its own. This is used by forum and group communication channels * so that friending and membership in the channel's "club" is automatic. * * @param array $them => xchan structure of sender * @param array $channel => local channel structure of target recipient, required for "friending" operations * @param array $force default false * * @returns boolean true if successful, else false */ function zot_refresh($them, $channel = null, $force = false) { if (array_key_exists('xchan_network', $them) && $them['xchan_network'] !== 'zot') { logger('zot_refresh: not got zot. ' . $them['xchan_name']); return true; } logger('zot_refresh: them: ' . print_r($them, true), LOGGER_DATA, LOG_DEBUG); if ($channel) { logger('zot_refresh: channel: ' . print_r($channel, true), LOGGER_DATA, LOG_DEBUG); } $url = null; if ($them['hubloc_url']) { $url = $them['hubloc_url']; } else { $r = null; // if they re-installed the server we could end up with the wrong record - pointing to the old install. // We'll order by reverse id to try and pick off the newest one first and hopefully end up with the // correct hubloc. If this doesn't work we may have to re-write this section to try them all. if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) { $r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc", dbesc($them['xchan_addr'])); } if (!$r) { $r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_hash = '%s' order by hubloc_id desc", dbesc($them['xchan_hash'])); } if ($r) { foreach ($r as $rr) { if (intval($rr['hubloc_primary'])) { $url = $rr['hubloc_url']; break; } } if (!$url) { $url = $r[0]['hubloc_url']; } } } if (!$url) { logger('zot_refresh: no url'); return false; } $token = random_string(); $postvars = array(); $postvars['token'] = $token; if ($channel) { $postvars['target'] = $channel['channel_guid']; $postvars['target_sig'] = $channel['channel_guid_sig']; $postvars['key'] = $channel['channel_pubkey']; } if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) { $postvars['address'] = $them['xchan_addr']; } if (array_key_exists('xchan_hash', $them) && $them['xchan_hash']) { $postvars['guid_hash'] = $them['xchan_hash']; } if (array_key_exists('xchan_guid', $them) && $them['xchan_guid'] && array_key_exists('xchan_guid_sig', $them) && $them['xchan_guid_sig']) { $postvars['guid'] = $them['xchan_guid']; $postvars['guid_sig'] = $them['xchan_guid_sig']; } $rhs = '/.well-known/zot-info'; $result = z_post_url($url . $rhs, $postvars); logger('zot_refresh: zot-info: ' . print_r($result, true), LOGGER_DATA, LOG_DEBUG); if ($result['success']) { $j = json_decode($result['body'], true); if (!($j && $j['success'])) { logger('zot_refresh: result not decodable'); return false; } $signed_token = is_array($j) && array_key_exists('signed_token', $j) ? $j['signed_token'] : null; if ($signed_token) { $valid = rsa_verify('token.' . $token, base64url_decode($signed_token), $j['key']); if (!$valid) { logger('invalid signed token: ' . $url . $rhs, LOGGER_NORMAL, LOG_ERR); return false; } } else { logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING); // after 2017-01-01 this will be a hard error unless you over-ride it. if (time() > 1483228800 && !get_config('system', 'allow_unsigned_zotfinger')) { return false; } } $x = import_xchan($j, $force ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED); if (!$x['success']) { return false; } $their_perms = 0; if ($channel) { $global_perms = get_perms(); if ($j['permissions']['data']) { $permissions = crypto_unencapsulate(array('data' => $j['permissions']['data'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']); if ($permissions) { $permissions = json_decode($permissions, true); } logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA, LOG_DEBUG); } else { $permissions = $j['permissions']; } $connected_set = false; if ($permissions && is_array($permissions)) { foreach ($permissions as $k => $v) { // The connected permission means you are in their address book if ($k === 'connected') { $connected_set = intval($v); continue; } if ($v && array_key_exists($k, $global_perms)) { $their_perms = $their_perms | intval($global_perms[$k][1]); } } } if (array_key_exists('profile', $j) && array_key_exists('next_birthday', $j['profile'])) { $next_birthday = datetime_convert('UTC', 'UTC', $j['profile']['next_birthday']); } else { $next_birthday = NULL_DATE; } $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1", dbesc($x['hash']), intval($channel['channel_id'])); if ($r) { // connection exists // if the dob is the same as what we have stored (disregarding the year), keep the one // we have as we may have updated the year after sending a notification; and resetting // to the one we just received would cause us to create duplicated events. if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5)) { $next_birthday = $r[0]['abook_dob']; } $current_abook_connected = intval($r[0]['abook_unconnected']) ? 0 : 1; $y = q("update abook set abook_their_perms = %d, abook_dob = '%s'\n\t\t\t\t\twhere abook_xchan = '%s' and abook_channel = %d\n\t\t\t\t\tand abook_self = 0 ", intval($their_perms), dbescdate($next_birthday), dbesc($x['hash']), intval($channel['channel_id'])); // if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) { // if they are in your address book but you aren't in theirs, and/or this does not // match your current connected state setting, toggle it. /** @FIXME uncoverted to postgres */ /** @FIXME when this was enabled, all contacts became unconnected. Currently disabled intentionally */ // $y1 = q("update abook set abook_unconnected = 1 // where abook_xchan = '%s' and abook_channel = %d // and abook_self = 0 limit 1", // dbesc($x['hash']), // intval($channel['channel_id']) // ); // } if (!$y) { logger('abook update failed'); } else { // if we were just granted read stream permission and didn't have it before, try to pull in some posts if (!($r[0]['abook_their_perms'] & PERMS_R_STREAM) && $their_perms & PERMS_R_STREAM) { Zotlabs\Daemon\Master::Summon(array('Onepoll', $r[0]['abook_id'])); } } } else { // new connection $role = get_pconfig($channel['channel_id'], 'system', 'permissions_role'); if ($role) { $xx = get_role_perms($role); if ($xx['perms_auto']) { $default_perms = $xx['perms_accept']; } } if (!$default_perms) { $default_perms = intval(get_pconfig($channel['channel_id'], 'system', 'autoperms')); } // Keep original perms to check if we need to notify them $previous_perms = get_all_perms($channel['channel_id'], $x['hash']); $closeness = get_pconfig($channel['channel_id'], 'system', 'new_abook_closeness'); if ($closeness === false) { $closeness = 80; } $y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )", intval($channel['channel_account_id']), intval($channel['channel_id']), intval($closeness), dbesc($x['hash']), intval($their_perms), intval($default_perms), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($next_birthday), intval($default_perms ? 0 : 1)); if ($y) { logger("New introduction received for {$channel['channel_name']}"); $new_perms = get_all_perms($channel['channel_id'], $x['hash']); // Send a clone sync packet and a permissions update if permissions have changed $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 order by abook_created desc limit 1", dbesc($x['hash']), intval($channel['channel_id'])); if ($new_connection) { if ($new_perms != $previous_perms) { Zotlabs\Daemon\Master::Summon(array('Notifier', 'permission_create', $new_connection[0]['abook_id'])); } Zotlabs\Lib\Enotify::submit(array('type' => NOTIFY_INTRO, 'from_xchan' => $x['hash'], 'to_xchan' => $channel['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'])); if ($their_perms & PERMS_R_STREAM) { if ($channel['channel_w_stream'] & PERMS_PENDING || !intval($new_connection[0]['abook_pending'])) { Zotlabs\Daemon\Master::Summon(array('Onepoll', $new_connection[0]['abook_id'])); } } /** If there is a default group for this channel, add this connection to it */ $default_group = $channel['channel_default_group']; if ($default_group) { require_once 'include/group.php'; $g = group_rec_byhash($channel['channel_id'], $default_group); if ($g) { group_add_member($channel['channel_id'], '', $x['hash'], $g['id']); } } unset($new_connection[0]['abook_id']); unset($new_connection[0]['abook_account']); unset($new_connection[0]['abook_channel']); $abconfig = load_abconfig($channel['channel_id'], $new_connection['abook_xchan']); if ($abconfig) { $new_connection['abconfig'] = $abconfig; } build_sync_packet($channel['channel_id'], array('abook' => $new_connection)); } } } } return true; } return false; }
function diaspora_request($importer, $xml) { $a = get_app(); $sender_handle = unxmlify(diaspora_get_author($xml)); $recipient_handle = unxmlify(diaspora_get_recipient($xml)); // @TODO - map these perms to $newperms below if (array_key_exists('following', $xml) && array_key_exists('sharing', $xml)) { $following = unxmlify($xml['following']) === 'true' ? true : false; $sharing = unxmlify($xml['sharing']) === 'true' ? true : false; } else { $following = true; $sharing = true; } if (!$sender_handle || !$recipient_handle) { return; } // Do we already have an abook record? $contact = diaspora_get_contact_by_handle($importer['channel_id'], $sender_handle); if ($contact && $contact['abook_id']) { // perhaps we were already sharing with this person. Now they're sharing with us. // That makes us friends. Maybe. // Please note some of these permissions such as PERMS_R_PAGES are impossible for Disapora. // They cannot authenticate to our system. $newperms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES; $abook_instance = $contact['abook_instance']; if ($abook_instance) { $abook_instance .= ','; } $abook_instance .= z_root(); $r = q("update abook set abook_their_perms = %d, abook_instance = '%s' where abook_id = %d and abook_channel = %d", intval($newperms), dbesc($abook_instance), intval($contact['abook_id']), intval($importer['channel_id'])); return; } $ret = find_diaspora_person_by_handle($sender_handle); if (!$ret || !strstr($ret['xchan_network'], 'diaspora')) { logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle); return; } //FIXME /* if(feature_enabled($channel['channel_id'],'premium_channel')) { $myaddr = $importer['channel_address'] . '@' . App::get_hostname(); $cnv = random_string(); $mid = random_string(); $msg = t('You have started sharing with a $Projectname premium channel.'); $msg .= t('$Projectname premium channels are not available for sharing with Diaspora members. This sharing request has been blocked.') . "\r"; $msg .= t('Please do not reply to this message, as this channel is not sharing with you and any reply will not be seen by the recipient.') . "\r"; $created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C'); $signed_text = $mid . ';' . $cnv . ';' . $msg . ';' . $created . ';' . $myaddr . ';' . $cnv; $sig = base64_encode(rsa_sign($signed_text,$importer['channel_prvkey'],'sha256')); $conv = array( 'guid' => xmlify($cnv), 'subject' => xmlify(t('Sharing request failed.')), 'created_at' => xmlify($created), 'diaspora_handle' => xmlify($myaddr), 'participant_handles' => xmlify($myaddr . ';' . $sender_handle) ); $msg = array( 'guid' => xmlify($mid), 'parent_guid' => xmlify($cnv), 'parent_author_signature' => xmlify($sig), 'author_signature' => xmlify($sig), 'text' => xmlify($msg), 'created_at' => xmlify($created), 'diaspora_handle' => xmlify($myaddr), 'conversation_guid' => xmlify($cnv) ); $conv['messages'] = array($msg); $tpl = get_markup_template('diaspora_conversation.tpl','addon/diaspora'); $xmsg = replace_macros($tpl, array('$conv' => $conv)); $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg,$importer,$ret,$importer['channel_prvkey'],$ret['xchan_pubkey'],false))); $qi = diaspora_queue($importer,$ret,$slap,false); return $qi; } */ // End FIXME $role = get_pconfig($importer['channel_id'], 'system', 'permissions_role'); if ($role) { $x = get_role_perms($role); if ($x['perms_auto']) { $default_perms = $x['perms_accept']; } } if (!$default_perms) { $default_perms = intval(get_pconfig($importer['channel_id'], 'system', 'autoperms')); } $their_perms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES; $closeness = get_pconfig($importer['channel_id'], 'system', 'new_abook_closeness'); if ($closeness === false) { $closeness = 80; } $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_created, abook_updated, abook_connected, abook_dob, abook_pending, abook_instance ) values ( %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', %d, '%s' )", intval($importer['channel_account_id']), intval($importer['channel_id']), dbesc($ret['xchan_hash']), intval($default_perms), intval($their_perms), intval($closeness), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(NULL_DATE), intval($default_perms ? 0 : 1), dbesc(z_root())); if ($r) { logger("New Diaspora introduction received for {$importer['channel_name']}"); $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash left join hubloc on hubloc_hash = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1", intval($importer['channel_id']), dbesc($ret['xchan_hash'])); if ($new_connection) { \Zotlabs\Lib\Enotify::submit(array('type' => NOTIFY_INTRO, 'from_xchan' => $ret['xchan_hash'], 'to_xchan' => $importer['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'])); if ($default_perms) { // Send back a sharing notification to them $x = diaspora_share($importer, $new_connection[0]); if ($x) { Zotlabs\Daemon\Master::Summon(array('Deliver', $x)); } } $clone = array(); foreach ($new_connection[0] as $k => $v) { if (strpos($k, 'abook_') === 0) { $clone[$k] = $v; } } unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); $abconfig = load_abconfig($importer['channel_hash'], $clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } build_sync_packet($importer['channel_id'], array('abook' => array($clone))); } } // find the abook record we just created $contact_record = diaspora_get_contact_by_handle($importer['channel_id'], $sender_handle); if (!$contact_record) { logger('diaspora_request: unable to locate newly created contact record.'); return; } /** If there is a default group for this channel, add this member to it */ if ($importer['channel_default_group']) { require_once 'include/group.php'; $g = group_rec_byhash($importer['channel_id'], $importer['channel_default_group']); if ($g) { group_add_member($importer['channel_id'], '', $contact_record['xchan_hash'], $g['id']); } } return; }
function connedit_clone(&$a) { if (!\App::$poi) { return; } $channel = \App::get_channel(); $r = q("SELECT abook.*, xchan.*\n\t\t\t\tFROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\t\tWHERE abook_channel = %d and abook_id = %d LIMIT 1", intval(local_channel()), intval(\App::$poi['abook_id'])); if ($r) { \App::$poi = $r[0]; } $clone = \App::$poi; unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); $abconfig = load_abconfig($channel['channel_hash'], $clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } build_sync_packet(0, array('abook' => array($clone))); }
function diaspora_request($importer, $xml) { $a = get_app(); $sender_handle = unxmlify(diaspora_get_author($xml)); $recipient_handle = unxmlify(diaspora_get_recipient($xml)); // @TODO - map these perms to $newperms below if (array_key_exists('following', $xml) && array_key_exists('sharing', $xml)) { $following = unxmlify($xml['following']) === 'true' ? true : false; $sharing = unxmlify($xml['sharing']) === 'true' ? true : false; } else { $following = true; $sharing = true; } if (!$sender_handle || !$recipient_handle) { return; } // Do we already have an abook record? $contact = diaspora_get_contact_by_handle($importer['channel_id'], $sender_handle); // Please note some permissions such as PERMS_R_PAGES are impossible for Disapora. // They cannot currently authenticate to our system. $x = \Zotlabs\Access\PermissionRoles::role_perms('social'); $their_perms = \Zotlabs\Access\Permissions::FilledPerms($x['perms_connect']); if ($contact && $contact['abook_id']) { // perhaps we were already sharing with this person. Now they're sharing with us. // That makes us friends. Maybe. foreach ($their_perms as $k => $v) { set_abconfig($importer['channel_id'], $contact['abook_xchan'], 'their_perms', $k, $v); } $abook_instance = $contact['abook_instance']; if ($abook_instance) { $abook_instance .= ','; } $abook_instance .= z_root(); $r = q("update abook set abook_instance = '%s' where abook_id = %d and abook_channel = %d", dbesc($abook_instance), intval($contact['abook_id']), intval($importer['channel_id'])); return; } $ret = find_diaspora_person_by_handle($sender_handle); if (!$ret || !strstr($ret['xchan_network'], 'diaspora')) { logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle); return; } $my_perms = false; $role = get_pconfig($importer['channel_id'], 'system', 'permissions_role'); if ($role) { $x = \Zotlabs\Access\PermissionRoles::role_perms($role); if ($x['perms_auto']) { $my_perms = \Zotlabs\Access\Permissions::FilledPerms($x['perms_connect']); } } if (!$my_perms) { $my_perms = \Zotlabs\Access\Permissions::FilledAutoperms($importer['channel_id']); } $closeness = get_pconfig($importer['channel_id'], 'system', 'new_abook_closeness'); if ($closeness === false) { $closeness = 80; } $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_created, abook_updated, abook_connected, abook_dob, abook_pending, abook_instance ) values ( %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', %d, '%s' )", intval($importer['channel_account_id']), intval($importer['channel_id']), dbesc($ret['xchan_hash']), intval($default_perms), intval($their_perms), intval($closeness), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(NULL_DATE), intval($my_perms ? 0 : 1), dbesc(z_root())); if ($my_perms) { foreach ($my_perms as $k => $v) { set_abconfig($importer['channel_id'], $ret['xchan_hash'], 'my_perms', $k, $v); } } if ($their_perms) { foreach ($their_perms as $k => $v) { set_abconfig($importer['channel_id'], $ret['xchan_hash'], 'their_perms', $k, $v); } } if ($r) { logger("New Diaspora introduction received for {$importer['channel_name']}"); $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash left join hubloc on hubloc_hash = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1", intval($importer['channel_id']), dbesc($ret['xchan_hash'])); if ($new_connection) { \Zotlabs\Lib\Enotify::submit(['type' => NOTIFY_INTRO, 'from_xchan' => $ret['xchan_hash'], 'to_xchan' => $importer['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id']]); if ($my_perms) { // Send back a sharing notification to them $x = diaspora_share($importer, $new_connection[0]); if ($x) { Zotlabs\Daemon\Master::Summon(array('Deliver', $x)); } } $clone = array(); foreach ($new_connection[0] as $k => $v) { if (strpos($k, 'abook_') === 0) { $clone[$k] = $v; } } unset($clone['abook_id']); unset($clone['abook_account']); unset($clone['abook_channel']); $abconfig = load_abconfig($importer['channel_id'], $clone['abook_xchan']); if ($abconfig) { $clone['abconfig'] = $abconfig; } build_sync_packet($importer['channel_id'], ['abook' => array($clone)]); } } // find the abook record we just created $contact_record = diaspora_get_contact_by_handle($importer['channel_id'], $sender_handle); if (!$contact_record) { logger('diaspora_request: unable to locate newly created contact record.'); return; } /** If there is a default group for this channel, add this member to it */ if ($importer['channel_default_group']) { require_once 'include/group.php'; $g = group_rec_byhash($importer['channel_id'], $importer['channel_default_group']); if ($g) { group_add_member($importer['channel_id'], '', $contact_record['xchan_hash'], $g['id']); } } return; }
/** * @brief Checks if given permission is allowed for given observer on a channel. * * Checks if the given observer with the hash $observer_xchan has permission * $permission on channel_id $uid. * $permission is one defined in get_perms(); * * @param int $uid The channel_id associated with the resource owner * @param string $observer_xchan The xchan_hash representing the observer * @param string $permission * @return bool true if permission is allowed for observer on channel */ function perm_is_allowed($uid, $observer_xchan, $permission) { $api = App::get_oauth_key(); if ($api) { return api_perm_is_allowed($uid, $api, $permission); } $arr = array('channel_id' => $uid, 'observer_hash' => $observer_xchan, 'permission' => $permission, 'result' => false); call_hooks('perm_is_allowed', $arr); if ($arr['result']) { return true; } $global_perms = \Zotlabs\Access\Permissions::Perms(); // First find out what the channel owner declared permissions to be. $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid, $permission); $r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1", intval($uid)); if (!$r) { return false; } $blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms(); if ($observer_xchan) { if ($channel_perm & PERMS_AUTHED) { return true; } $x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash \n\t\t\twhere abook_channel = %d and abook_xchan = '%s' and abook_self = 0 limit 1", intval($uid), dbesc($observer_xchan)); // If they're blocked - they can't read or write if ($x && intval($x[0]['abook_blocked'])) { return false; } if ($x && in_array($permission, $blocked_anon_perms) && intval($x[0]['abook_ignored'])) { return false; } if (!$x) { // see if they've got a guest access token $y = atoken_abook($uid, $observer_xchan); if ($y) { $x = array($y); } if (!$x) { // not in address book and no guest token, see if they've got an xchan $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", dbesc($observer_xchan)); if ($y) { $x = array(pseudo_abook($y[0])); } } } $abperms = load_abconfig($uid, $observer_xchan, 'my_perms'); } // system is blocked to anybody who is not authenticated if (!$observer_xchan && intval(get_config('system', 'block_public'))) { return false; } // Check if this $uid is actually the $observer_xchan // you will have full access unless the channel was moved - // in which case you will have read_only access if ($r[0]['channel_hash'] === $observer_xchan) { if ($r[0]['channel_moved'] && in_array($permission, $blocked_anon_perms)) { return false; } else { return true; } } if ($channel_perm & PERMS_PUBLIC) { return true; } // If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set if (!$observer_xchan) { return false; } // If we're still here, we have an observer, check the network. if ($channel_perm & PERMS_NETWORK) { if ($x && $x[0]['xchan_network'] === 'zot' || $y && $y[0]['xchan_network'] === 'zot') { return true; } } // If PERMS_SITE is specified, find out if they've got an account on this hub if ($channel_perm & PERMS_SITE) { $c = q("select channel_hash from channel where channel_hash = '%s' limit 1", dbesc($observer_xchan)); if ($c) { return true; } return false; } // From here on we require that the observer be a connection and // handle whether we're allowing any, approved or specific ones if (!$x) { return false; } // They are in your address book, but haven't been approved if ($channel_perm & PERMS_PENDING) { return true; } if (intval($x[0]['abook_pending'])) { return false; } // They're a contact, so they have permission if ($channel_perm & PERMS_CONTACTS) { // it was a fake abook entry, not really a connection if (array_key_exists('abook_pseudo', $x[0]) && intval($x[0]['abook_pseudo'])) { return false; } return true; } // Permission granted to certain channels. Let's see if the observer is one of them if ($r && $channel_perm & PERMS_SPECIFIC) { if ($abperms) { foreach ($abperms as $ab) { if ($ab['cat'] == 'my_perms' && $ab['k'] == $permission) { return intval($ab['v']) ? true : false; } } } } // No permissions allowed. return false; }