forked from GNUsocial/gnu-social
[CORE] Fix notice delete-form
DeletenoticeAction: - Added tombstone check before deletion NoticeListItem: - Added tombstone check before showing delete-form ActivityVerb: - The plugin was overwriting the deletenotice route. Added stronger regexp to the connected routes.
This commit is contained in:
parent
f67a93eddc
commit
0b58465fb9
@ -39,9 +39,10 @@ class DeletenoticeAction extends FormAction
|
|||||||
{
|
{
|
||||||
$this->notice = Notice::getByID($this->trimmed('notice'));
|
$this->notice = Notice::getByID($this->trimmed('notice'));
|
||||||
|
|
||||||
if (!$this->scoped->sameAs($this->notice->getProfile()) &&
|
if ($this->notice->isVerb([ActivityVerb::DELETE]) ||
|
||||||
!$this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) {
|
(!$this->scoped->sameAs($this->notice->getProfile()) &&
|
||||||
// TRANS: Error message displayed trying to delete a notice that was not made by the current user.
|
!$this->scoped->hasRight(Right::DELETEOTHERSNOTICE))) {
|
||||||
|
// TRANS: Error message displayed when trying to delete a notice that was not made by the current user.
|
||||||
$this->clientError(_('Cannot delete this notice.'));
|
$this->clientError(_('Cannot delete this notice.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -618,6 +618,7 @@ class NoticeListItem extends Widget
|
|||||||
$todel = (empty($this->repeat)) ? $this->notice : $this->repeat;
|
$todel = (empty($this->repeat)) ? $this->notice : $this->repeat;
|
||||||
|
|
||||||
if (!empty($user) &&
|
if (!empty($user) &&
|
||||||
|
!$this->notice->isVerb([ActivityVerb::DELETE]) &&
|
||||||
($todel->profile_id == $user->id || $user->hasRight(Right::DELETEOTHERSNOTICE))) {
|
($todel->profile_id == $user->id || $user->hasRight(Right::DELETEOTHERSNOTICE))) {
|
||||||
$this->out->text(' ');
|
$this->out->text(' ');
|
||||||
$deleteurl = common_local_url('deletenotice',
|
$deleteurl = common_local_url('deletenotice',
|
||||||
|
@ -35,14 +35,26 @@ class ActivityVerbPlugin extends Plugin
|
|||||||
|
|
||||||
public function onRouterInitialized(URLMapper $m)
|
public function onRouterInitialized(URLMapper $m)
|
||||||
{
|
{
|
||||||
|
$unsupported = ['delete', 'share'];
|
||||||
|
|
||||||
|
foreach ($unsupported as $idx => $verb) {
|
||||||
|
$unsupported[$idx] = "(?!".$verb.")";
|
||||||
|
}
|
||||||
|
|
||||||
|
// not all verbs are currently handled by ActivityVerb Plugins,
|
||||||
|
// so we need a strong regexp to prevent route replacement in
|
||||||
|
// the URLMapper
|
||||||
|
$verb_regexp = implode("", $unsupported) . '[a-z]+';
|
||||||
|
|
||||||
$m->connect('notice/:id/:verb',
|
$m->connect('notice/:id/:verb',
|
||||||
array('action' => 'activityverb'),
|
['action' => 'activityverb'],
|
||||||
array('id' => '[0-9]+',
|
['id' => '[0-9]+',
|
||||||
'verb' => '[a-z]+'));
|
'verb' => $verb_regexp]);
|
||||||
|
|
||||||
$m->connect('activity/:id/:verb',
|
$m->connect('activity/:id/:verb',
|
||||||
array('action' => 'activityverb'),
|
['action' => 'activityverb'],
|
||||||
array('id' => '[0-9]+',
|
['id' => '[0-9]+',
|
||||||
'verb' => '[a-z]+'));
|
'verb' => $verb_regexp]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function onPluginVersion(array &$versions)
|
public function onPluginVersion(array &$versions)
|
||||||
|
Loading…
Reference in New Issue
Block a user