From 0c65856108d85998abfa18c92812f665da2288b5 Mon Sep 17 00:00:00 2001 From: n1rwana <93197434+n1rwana@users.noreply.github.com> Date: Sun, 28 Aug 2022 19:08:54 +0300 Subject: [PATCH] Added restrictions in the users.get method --- VKAPI/Handlers/Users.php | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/VKAPI/Handlers/Users.php b/VKAPI/Handlers/Users.php index 6185a250..52c80c64 100644 --- a/VKAPI/Handlers/Users.php +++ b/VKAPI/Handlers/Users.php @@ -2,6 +2,7 @@ namespace openvk\VKAPI\Handlers; use openvk\Web\Models\Entities\User; use openvk\Web\Models\Repositories\Users as UsersRepo; +use openvk\Web\Models\Repositories\Blacklists; final class Users extends VKAPIRequestHandler { @@ -40,13 +41,14 @@ final class Users extends VKAPIRequestHandler "id" => $usr->getId(), "first_name" => $usr->getFirstName(), "last_name" => $usr->getLastName(), - "is_closed" => false, - "can_access_closed" => true, + "is_closed" => (new Blacklists)->isBanned($usr, $authuser), + "can_access_closed" => !(new Blacklists)->isBanned($usr, $authuser), ]; $flds = explode(',', $fields); - foreach($flds as $field) { + if (!(new Blacklists)->isBanned($usr, $authuser)) + foreach($flds as $field) { switch($field) { case "verified": $response[$i]->verified = intval($usr->isVerified()); @@ -134,6 +136,7 @@ final class Users extends VKAPIRequestHandler } } + if (!(new Blacklists)->isBanned($usr, $authuser)) if($usr->getOnline()->timestamp() + 300 > time()) $response[$i]->online = 1; else @@ -153,8 +156,14 @@ final class Users extends VKAPIRequestHandler $users = new UsersRepo; $this->requireUser(); - - foreach($users->get($user_id)->getFollowers($offset, $count) as $follower) + + $authuser = $this->getUser(); + $target = $users->get($user_id); + + if ((new Blacklists)->isBanned($target, $authuser)) + $this->fail(15, "Access denied: User is blacklisted"); + + foreach($target->getFollowers($offset, $count) as $follower) $followers[] = $follower->getId(); $response = $followers; @@ -163,7 +172,7 @@ final class Users extends VKAPIRequestHandler $response = $this->get(implode(',', $followers), $fields, 0, $count); return (object) [ - "count" => $users->get($user_id)->getFollowersCount(), + "count" => $target->getFollowersCount(), "items" => $response ]; }