Handle private streams better (failed to show profile before)

This commit is contained in:
Mikael Nordfeldth 2016-01-03 19:05:49 +01:00
parent 7df8a6b731
commit df0f9547b5
4 changed files with 52 additions and 9 deletions

View File

@ -761,6 +761,17 @@ class Profile extends Managed_DataObject
return Subscription::exists($this, $other);
}
function readableBy(Profile $other=null)
{
// If it's not a private stream, it's readable by anyone
if (!$this->isPrivateStream()) {
return true;
}
// If it's a private stream, $other must be a subscriber to $this
return is_null($other) ? false : $other->isSubscribed($this);
}
/**
* Check if a pending subscription request is outstanding for this...
*

View File

@ -13,8 +13,13 @@ abstract class NoticestreamAction extends ProfileAction
$this->doStreamPreparation();
// fetch the actual stream stuff
try {
$stream = $this->getStream();
$this->notice = $stream->getNotices(($this->page-1) * NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1);
} catch (PrivateStreamException $e) {
$this->notice = new Notice();
$this->notice->whereAdd('FALSE');
}
if ($this->page > 1 && $this->notice->N == 0) {
// TRANS: Client error when page not found (404).

View File

@ -0,0 +1,31 @@
<?php
if (!defined('GNUSOCIAL')) { exit(1); }
/**
* An exception for private streams
*
* @category Exception
* @package GNUsocial
* @author Mikael Nordfeldth <mmn@hethane.se>
* @copyright 2016 Free Software Foundation, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
*/
class PrivateStreamException extends AuthorizationException
{
var $owner = null; // owner of the private stream
var $reader = null; // reader, may be null if not logged in
public function __construct(Profile $owner, Profile $reader=null)
{
$this->owner = $owner;
$this->reader = $reader;
// TRANS: Message when a private stream attemps to be read by unauthorized third party.
$msg = sprintf(_m('This stream is protected and only authorized subscribers may see its contents.'));
// If $reader is a profile, authentication has been made but still not accepted (403),
// otherwise authentication may give access to this resource (401).
parent::__construct($msg, ($reader instanceof Profile ? 403 : 401));
}
}

View File

@ -74,7 +74,7 @@ class ProfileNoticeStream extends ScopingNoticeStream
function getNotices($offset, $limit, $since_id=null, $max_id=null)
{
if ($this->impossibleStream()) {
return new ArrayWrapper(array());
throw new PrivateStreamException($this->streamProfile, $this->userProfile);
} else {
return parent::getNotices($offset, $limit, $since_id, $max_id);
}
@ -82,12 +82,8 @@ class ProfileNoticeStream extends ScopingNoticeStream
function impossibleStream()
{
$user = User::getKV('id', $this->streamProfile->id);
// If it's a private stream, and no user or not a subscriber
if (!empty($user) && $user->private_stream &&
(empty($this->userProfile) || !$this->userProfile->isSubscribed($this->streamProfile))) {
if (!$this->streamProfile->readableBy($this->userProfile)) {
// cannot read because it's a private stream and either noone's logged in or they are not subscribers
return true;
}