[MODULES][PLUGINS] Move noteActionHandle utility to NoteHandlerPlugin which plugins which handle actions on notes should extend

This commit is contained in:
Hugo Sales 2021-08-18 19:14:24 +01:00
parent 2c10ce5cfc
commit 027c9a9324
Signed by untrusted user: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
6 changed files with 89 additions and 67 deletions

View File

@ -24,7 +24,7 @@ namespace Plugin\Favourite;
use App\Core\DB\DB;
use App\Core\Event;
use App\Core\Form;
use App\Core\Modules\Plugin;
use App\Core\Modules\NoteHandlerPlugin;
use App\Core\Router\RouteLoader;
use App\Entity\Note;
use App\Util\Common;
@ -35,7 +35,7 @@ use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\HttpFoundation\Request;
class Favourite extends Plugin
class Favourite extends NoteHandlerPlugin
{
/**
* HTML rendering event that adds the favourite form as a note

View File

@ -24,7 +24,7 @@ use App\Core\DB\DB;
use App\Core\Event;
use App\Core\Form;
use function App\Core\I18n\_m;
use App\Core\Modules\Plugin;
use App\Core\Modules\NoteHandlerPlugin;
use App\Core\Router\RouteLoader;
use App\Entity\Note;
use App\Entity\PollResponse;
@ -45,10 +45,11 @@ use Symfony\Component\HttpFoundation\Request;
* @category Poll
*
* @author Daniel Brandao <up201705812@fe.up.pt>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @author Hugo Sales <hugo@hsal.es>
* @copyright 2020-2021 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class Poll extends Plugin
class Poll extends NoteHandlerPlugin
{
/**
* Map URLs to actions

View File

@ -22,7 +22,7 @@ namespace Plugin\Repeat;
use App\Core\DB\DB;
use App\Core\Event;
use App\Core\Form;
use App\Core\Modules\Plugin;
use App\Core\Modules\NoteHandlerPlugin;
use App\Entity\Note;
use App\Util\Common;
use App\Util\Exception\NotFoundException;
@ -30,7 +30,7 @@ use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\HttpFoundation\Request;
class Repeat extends Plugin
class Repeat extends NoteHandlerPlugin
{
/**
* HTML rendering event that adds the repeat form as a note

View File

@ -25,7 +25,7 @@ use App\Core\DB\DB;
use App\Core\Event;
use App\Core\Form;
use function App\Core\I18n\_m;
use App\Core\Modules\Plugin;
use App\Core\Modules\NoteHandlerPlugin;
use App\Entity\Note;
use App\Util\Common;
use App\Util\Exceptiion\InvalidFormException;
@ -37,7 +37,7 @@ use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextareaType;
use Symfony\Component\HttpFoundation\Request;
class Reply extends Plugin
class Reply extends NoteHandlerPlugin
{
public function onAddRoute($r)
{

View File

@ -19,14 +19,7 @@
namespace App\Core\Modules;
use App\Core\Event;
use App\Core\Log;
use App\Entity\Note;
use App\Util\Common;
use App\Util\Exception\InvalidFormException;
use App\Util\Exception\NoSuchNoteException;
use Symfony\Component\Form\Form;
use Symfony\Component\HttpFoundation\Request;
/**
* Base class for all GNU social modules (plugins and components)
@ -60,55 +53,4 @@ abstract class Module
}
return $obj;
}
/**
* Handle the $form submission for the note action for note if
* $note->getId() == $data['note_id']
*
* This function is called when a user interacts with a note, such as through favouriting or commenting
*
* @codeCoverageIgnore
*
* @param Request $request
* @param Form $form
* @param Note $note
* @param string $form_name
* @param callable $handle
*
* @throws InvalidFormException
* @throws NoSuchNoteException
*
* @return bool|void
*/
public static function noteActionHandle(Request $request, Form $form, Note $note, string $form_name, callable $handle)
{
if ('POST' === $request->getMethod() && $request->request->has($form_name)) {
$form->handleRequest($request);
if ($form->isSubmitted()) {
$data = $form->getData();
// Loose comparison
if ($data['note_id'] != $note->getId()) {
return Event::next;
} else {
$user = Common::user();
if (!$note->isVisibleTo($user)) {
// ^ Ensure user isn't trying to trip us up
Log::warning('Suspicious activity: user ' . $user->getNickname() .
' tried to interact with note ' . $note->getId() .
', but they shouldn\'t have access to it');
throw new NoSuchNoteException();
} else {
if ($form->isValid()) {
$ret = $handle($note, $data, $user);
if ($ret != null) {
return $ret;
}
} else {
throw new InvalidFormException();
}
}
}
}
}
}
}

View File

@ -0,0 +1,79 @@
<?php
// {{{ License
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
// }}}
namespace App\Core\Modules;
use App\Entity\Note;
use App\Util\Common;
use Symfony\Component\Form\Form;
use Symfony\Component\HttpFoundation\Request;
class NoteHandlerPlugin extends Plugin
{
/**
* Handle the $form submission for the note action for note if
* $note->getId() == $data['note_id']
*
* This function is called when a user interacts with a note, such as through favouriting or commenting
*
* @codeCoverageIgnore
*
* @param Request $request
* @param Form $form
* @param Note $note
* @param string $form_name
* @param callable $handle
*
* @throws InvalidFormException
* @throws NoSuchNoteException
*
* @return bool|void
*/
public static function noteActionHandle(Request $request, Form $form, Note $note, string $form_name, callable $handle)
{
if ('POST' === $request->getMethod() && $request->request->has($form_name)) {
$form->handleRequest($request);
if ($form->isSubmitted()) {
$data = $form->getData();
// Loose comparison
if ($data['note_id'] != $note->getId()) {
return Event::next;
} else {
$user = Common::user();
if (!$note->isVisibleTo($user)) {
// ^ Ensure user isn't trying to trip us up
Log::warning('Suspicious activity: user ' . $user->getNickname() .
' tried to interact with note ' . $note->getId() .
', but they shouldn\'t have access to it');
throw new NoSuchNoteException();
} else {
if ($form->isValid()) {
$ret = $handle($note, $data, $user);
if ($ret != null) {
return $ret;
}
} else {
throw new InvalidFormException();
}
}
}
}
}
}
}