From 07a1b337225a5a8b2b93c01d78591e728f9b143e Mon Sep 17 00:00:00 2001 From: lalka2016 <99399973+lalka2016@users.noreply.github.com> Date: Mon, 8 May 2023 14:37:12 +0300 Subject: [PATCH] =?UTF-8?q?=D0=A0=D0=B5=D0=BF=D0=BE=D1=81=D1=82=20=D0=B2?= =?UTF-8?q?=20=D0=B3=D1=80=D1=83=D0=BF=D0=BF=D1=83=20=D0=B3=D0=B4=D0=B5=20?= =?UTF-8?q?=D1=82=D1=8B=20=D0=BD=D0=B5=20=D1=81=D0=BE=D0=B7=D0=B4=D0=B0?= =?UTF-8?q?=D1=82=D0=B5=D0=BB=D1=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Добавил репост в группу, где ты не создатель, а так же исправил стиль кода --- VKAPI/Handlers/Wall.php | 19 ++++++++++--------- Web/Models/Repositories/Clubs.php | 10 ++++++++-- Web/Presenters/UserPresenter.php | 29 ++++++++++++++++------------- 3 files changed, 34 insertions(+), 24 deletions(-) diff --git a/VKAPI/Handlers/Wall.php b/VKAPI/Handlers/Wall.php index 15284688..82fbf1c7 100644 --- a/VKAPI/Handlers/Wall.php +++ b/VKAPI/Handlers/Wall.php @@ -466,19 +466,20 @@ final class Wall extends VKAPIRequestHandler $nPost = new Post; $nPost->setOwner($this->user->getId()); - if($group_id > 0) - { - $club = (new ClubsRepo)->get($group_id); - if(!$club || !$club->canBeModifiedBy($this->user)) - { + + if($group_id > 0) { + $club = (new ClubsRepo)->get($group_id); + if(!$club) $this->fail(42, "Invalid group"); - } + + if(!$club->canBeModifiedBy($this->user)) + $this->fail(16, "Access to group denied"); + $nPost->setWall($group_id*-1); - } - else - { + } else { $nPost->setWall($this->user->getId()); } + $nPost->setContent($message); $nPost->setApi_Source_Name($this->getPlatform()); $nPost->save(); diff --git a/Web/Models/Repositories/Clubs.php b/Web/Models/Repositories/Clubs.php index 685152f3..09ab2220 100644 --- a/Web/Models/Repositories/Clubs.php +++ b/Web/Models/Repositories/Clubs.php @@ -73,11 +73,17 @@ class Clubs function getOwnedClubs(int $id): \Traversable { - # infoapp - $result = DatabaseConnection::i()->getConnection()->query("SELECT * FROM `groups` WHERE `owner` = $id ORDER BY `id`"); + $result = DatabaseConnection::i()->getConnection()->query("SELECT * FROM `groups` WHERE `owner` = $id ORDER BY `id`;"); + $coadmins = DatabaseConnection::i()->getConnection()->query("SELECT * FROM `group_coadmins` WHERE `user` = $id ORDER BY `user`;"); + foreach($result as $entry) yield $this->get($entry->id); + + foreach($coadmins as $coadmin) + yield $this->get($coadmin->club); + } + use \Nette\SmartObject; } diff --git a/Web/Presenters/UserPresenter.php b/Web/Presenters/UserPresenter.php index 5088ecd7..bde9115b 100644 --- a/Web/Presenters/UserPresenter.php +++ b/Web/Presenters/UserPresenter.php @@ -707,23 +707,26 @@ final class UserPresenter extends OpenVKPresenter $this->redirect("/settings"); } } - + function renderOwnedClubs(int $id) { - if($this->user->id == $id) - { $this->assertUserLoggedIn(); - $clubs = iterator_to_array((new Clubs)->getOwnedClubs($id)); - $json = array(); - foreach($clubs as $club) - { - $json[]=array("name"=>$club->getName(),"id"=>$club->getId()); - } - $this->returnJson($json); - } - else - { + + if($this->user->id == $id) { + $clubs = iterator_to_array((new Clubs)->getOwnedClubs($id)); + $json = []; + + foreach($clubs as $club) + $json[] = [ + "name" => $club->getName(), + "id" => $club->getId() + ]; + + $this->returnJson($json); + } else { + $this->returnJson(["You are not allowed to see user-created groups"]); } } + }