Служебные аккаунты

This commit is contained in:
n1rwana 2023-08-07 21:24:48 +03:00
parent 5c76b56da4
commit 472072c941
No known key found for this signature in database
GPG key ID: 1D319A83686EC843
9 changed files with 60 additions and 15 deletions

View file

@ -438,6 +438,8 @@ class User extends RowModel
function getPrivacyPermission(string $permission, ?User $user = NULL): bool function getPrivacyPermission(string $permission, ?User $user = NULL): bool
{ {
if ($this->isServiceAccount() && $permission !== "page.read" && ($user !== NULL && $user->getId() !== $this->getId())) return false;
$permStatus = $this->getPrivacySetting($permission); $permStatus = $this->getPrivacySetting($permission);
if(!$user) if(!$user)
return $permStatus === User::PRIVACY_EVERYONE; return $permStatus === User::PRIVACY_EVERYONE;
@ -1113,6 +1115,16 @@ class User extends RowModel
return true; return true;
} }
function getServiceAccountNotify(): ?string
{
return $this->getRecord()->service_account_notify;
}
function isServiceAccount(): bool
{
return !is_null($this->getServiceAccountNotify());
}
function toVkApiStruct(): object function toVkApiStruct(): object
{ {
$res = (object) []; $res = (object) [];

View file

@ -22,8 +22,9 @@ final class CommentPresenter extends OpenVKPresenter
$comment = (new Comments)->get($id); $comment = (new Comments)->get($id);
if(!$comment || $comment->isDeleted()) $this->notFound(); if(!$comment || $comment->isDeleted()) $this->notFound();
if(!is_null($this->user)) $comment->toggleLike($this->user->identity); if (!($comment->getTarget() instanceof Post && $comment->getTarget()->getOwner() instanceof User && $comment->getTarget()->getOwner()->isServiceAccount()))
if(!is_null($this->user)) $comment->toggleLike($this->user->identity);
$this->redirect($_SERVER["HTTP_REFERER"]); $this->redirect($_SERVER["HTTP_REFERER"]);
} }
@ -48,6 +49,9 @@ final class CommentPresenter extends OpenVKPresenter
else if($entity instanceof Topic) else if($entity instanceof Topic)
$club = $entity->getClub(); $club = $entity->getClub();
if ($entity instanceof Post && $entity->getOwner()->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
if($_FILES["_vid_attachment"] && OPENVK_ROOT_CONF['openvk']['preferences']['videos']['disableUploading']) if($_FILES["_vid_attachment"] && OPENVK_ROOT_CONF['openvk']['preferences']['videos']['disableUploading'])
$this->flashFail("err", tr("error"), "Video uploads are disabled by the system administrator."); $this->flashFail("err", tr("error"), "Video uploads are disabled by the system administrator.");
@ -128,7 +132,7 @@ final class CommentPresenter extends OpenVKPresenter
$comment = (new Comments)->get($id); $comment = (new Comments)->get($id);
if(!$comment) $this->notFound(); if(!$comment) $this->notFound();
if(!$comment->canBeDeletedBy($this->user->identity)) if(!$comment->canBeDeletedBy($this->user->identity) || ($comment->getTarget() instanceof Post && $comment->getTarget()->getOwner() instanceof User && $comment->getTarget()->getOwner()->isServiceAccount()))
$this->throwError(403, "Forbidden", "У вас недостаточно прав чтобы редактировать этот ресурс."); $this->throwError(403, "Forbidden", "У вас недостаточно прав чтобы редактировать этот ресурс.");
$comment->delete(); $comment->delete();

View file

@ -20,7 +20,7 @@ final class GiftsPresenter extends OpenVKPresenter
$this->assertUserLoggedIn(); $this->assertUserLoggedIn();
$user = $this->users->get($user); $user = $this->users->get($user);
if(!$user) if(!$user || $user->isServiceAccount())
$this->notFound(); $this->notFound();
$this->template->user = $user; $this->template->user = $user;
@ -33,7 +33,7 @@ final class GiftsPresenter extends OpenVKPresenter
function renderGiftMenu(): void function renderGiftMenu(): void
{ {
$user = $this->users->get((int) ($this->queryParam("user") ?? 0)); $user = $this->users->get((int) ($this->queryParam("user") ?? 0));
if(!$user) if(!$user || $user->isServiceAccount())
$this->notFound(); $this->notFound();
$this->template->page = $page = (int) ($this->queryParam("p") ?? 1); $this->template->page = $page = (int) ($this->queryParam("p") ?? 1);
@ -65,7 +65,7 @@ final class GiftsPresenter extends OpenVKPresenter
$user = $this->users->get((int) ($this->queryParam("user") ?? 0)); $user = $this->users->get((int) ($this->queryParam("user") ?? 0));
$gift = $this->gifts->get((int) ($this->queryParam("elid") ?? 0)); $gift = $this->gifts->get((int) ($this->queryParam("elid") ?? 0));
$cat = $this->gifts->getCat((int) ($this->queryParam("pack") ?? 0)); $cat = $this->gifts->getCat((int) ($this->queryParam("pack") ?? 0));
if(!$user || !$cat || !$gift || !$cat->hasGift($gift)) if(!$user || !$cat || !$gift || !$cat->hasGift($gift) || $user->isServiceAccount())
$this->flashFail("err", "Не удалось подарить", "Не удалось подтвердить права на подарок."); $this->flashFail("err", "Не удалось подарить", "Не удалось подтвердить права на подарок.");
if(!$gift->canUse($this->user->identity)) if(!$gift->canUse($this->user->identity))

View file

@ -1,6 +1,6 @@
<?php declare(strict_types=1); <?php declare(strict_types=1);
namespace openvk\Web\Presenters; namespace openvk\Web\Presenters;
use openvk\Web\Models\Entities\{Club, Photo, Album}; use openvk\Web\Models\Entities\{Club, Photo, Album, User};
use openvk\Web\Models\Repositories\{Photos, Albums, Users, Clubs}; use openvk\Web\Models\Repositories\{Photos, Albums, Users, Clubs};
use Nette\InvalidStateException as ISE; use Nette\InvalidStateException as ISE;
@ -158,7 +158,10 @@ final class PhotosPresenter extends OpenVKPresenter
{ {
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId); $photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
if(!$photo || $photo->isDeleted()) $this->notFound(); if(!$photo || $photo->isDeleted()) $this->notFound();
if ($photo->getOwner() instanceof User && $photo->getOwner()->isServiceAccount())
$this->notFound();
if(!is_null($this->queryParam("from"))) { if(!is_null($this->queryParam("from"))) {
if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) { if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) {
$album = $this->albums->get((int) $matches[1]); $album = $this->albums->get((int) $matches[1]);

View file

@ -296,6 +296,8 @@ final class UserPresenter extends OpenVKPresenter
$user = $this->users->get((int) $this->postParam("id")); $user = $this->users->get((int) $this->postParam("id"));
if(!$user) exit("Invalid state"); if(!$user) exit("Invalid state");
if ($user->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
$user->toggleSubscription($this->user->identity); $user->toggleSubscription($this->user->identity);
@ -654,6 +656,9 @@ final class UserPresenter extends OpenVKPresenter
if($this->user->identity->getCoins() < $value) if($this->user->identity->getCoins() < $value)
$this->flashFail("err", tr("failed_to_tranfer_points"), tr("you_dont_have_enough_points")); $this->flashFail("err", tr("failed_to_tranfer_points"), tr("you_dont_have_enough_points"));
if ($receiver->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
if($this->user->id !== $receiver->getId()) { if($this->user->id !== $receiver->getId()) {
$this->user->identity->setCoins($this->user->identity->getCoins() - $value); $this->user->identity->setCoins($this->user->identity->getCoins() - $value);
$this->user->identity->save(); $this->user->identity->save();
@ -695,6 +700,9 @@ final class UserPresenter extends OpenVKPresenter
if($this->user->identity->getCoins() < $value) if($this->user->identity->getCoins() < $value)
$this->flashFail("err", tr("failed_to_increase_rating"), tr("you_dont_have_enough_points")); $this->flashFail("err", tr("failed_to_increase_rating"), tr("you_dont_have_enough_points"));
if ($receiver->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
$this->user->identity->setCoins($this->user->identity->getCoins() - $value); $this->user->identity->setCoins($this->user->identity->getCoins() - $value);
$this->user->identity->save(); $this->user->identity->save();

View file

@ -90,6 +90,9 @@ final class WallPresenter extends OpenVKPresenter
function renderRSS(int $user): void function renderRSS(int $user): void
{ {
$owner = ($user < 0 ? (new Clubs) : (new Users))->get(abs($user)); $owner = ($user < 0 ? (new Clubs) : (new Users))->get(abs($user));
if ($owner instanceof User && $owner->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
if(is_null($this->user)) { if(is_null($this->user)) {
$canPost = false; $canPost = false;
} else if($user > 0) { } else if($user > 0) {
@ -212,6 +215,10 @@ final class WallPresenter extends OpenVKPresenter
$wallOwner = ($wall > 0 ? (new Users)->get($wall) : (new Clubs)->get($wall * -1)) $wallOwner = ($wall > 0 ? (new Users)->get($wall) : (new Clubs)->get($wall * -1))
?? $this->flashFail("err", tr("failed_to_publish_post"), tr("error_4")); ?? $this->flashFail("err", tr("failed_to_publish_post"), tr("error_4"));
if ($wallOwner instanceof User && $wallOwner->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
if($wall > 0) { if($wall > 0) {
if(!$wallOwner->isBanned()) if(!$wallOwner->isBanned())
$canPost = $wallOwner->getPrivacyPermission("wall.write", $this->user->identity); $canPost = $wallOwner->getPrivacyPermission("wall.write", $this->user->identity);
@ -342,7 +349,10 @@ final class WallPresenter extends OpenVKPresenter
$post = $this->posts->getPostById($wall, $post_id); $post = $this->posts->getPostById($wall, $post_id);
if(!$post || $post->isDeleted()) if(!$post || $post->isDeleted())
$this->notFound(); $this->notFound();
if ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount())
$this->flashFail("err", tr("error"), tr("forbidden"));
$this->logPostView($post, $wall); $this->logPostView($post, $wall);
$this->template->post = $post; $this->template->post = $post;
@ -367,7 +377,7 @@ final class WallPresenter extends OpenVKPresenter
$this->assertNoCSRF(); $this->assertNoCSRF();
$post = $this->posts->getPostById($wall, $post_id); $post = $this->posts->getPostById($wall, $post_id);
if(!$post || $post->isDeleted()) $this->notFound(); if(!$post || $post->isDeleted() || ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount())) $this->notFound();
if(!is_null($this->user)) { if(!is_null($this->user)) {
$post->toggleLike($this->user->identity); $post->toggleLike($this->user->identity);
@ -384,7 +394,7 @@ final class WallPresenter extends OpenVKPresenter
$post = $this->posts->getPostById($wall, $post_id); $post = $this->posts->getPostById($wall, $post_id);
if(!$post || $post->isDeleted()) if(!$post || $post->isDeleted() || ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount()))
$this->notFound(); $this->notFound();
$where = $this->postParam("type") ?? "wall"; $where = $this->postParam("type") ?? "wall";

View file

@ -29,7 +29,7 @@
alt="Фотография пользователя" /> alt="Фотография пользователя" />
</div> </div>
<div class="crp-entry--info"> <div class="crp-entry--info">
<a href="{$recipient->getURL()}">{$recipient->getCanonicalName()}</a><br/> <a href="{$recipient->getURL()}" n:attr="style => $recipient->isServiceAccount() ? 'font-weight: 700; color: #1b7a1b;' : ''">{$recipient->getCanonicalName()}</a><br/>
<span>{$lastMsg->getSendTimeHumanized()}</span> <span>{$lastMsg->getSendTimeHumanized()}</span>
</div> </div>
<div n:class="crp-entry--message, $lastMsg->getUnreadState() ? unread"> <div n:class="crp-entry--message, $lastMsg->getUnreadState() ? unread">

View file

@ -393,7 +393,7 @@
</div> </div>
<div class="accountInfo clearFix"> <div class="accountInfo clearFix">
<div class="profileName"> <div class="profileName">
<h2>{$user->getFullName()}</h2> <h2 n:attr="style => $user->isServiceAccount() ? 'font-weight: 700; color: #1b7a1b;' : ''">{$user->getFullName()}</h2>
{if !is_null($user->getStatus())} {if !is_null($user->getStatus())}
<div n:class="page_status, $thatIsThisUser ? page_status_edit_button" n:attr="id => $thatIsThisUser ? page_status_text : NULL">{$user->getStatus()}</div> <div n:class="page_status, $thatIsThisUser ? page_status_edit_button" n:attr="id => $thatIsThisUser ? page_status_text : NULL">{$user->getStatus()}</div>
{elseif $thatIsThisUser} {elseif $thatIsThisUser}
@ -592,8 +592,14 @@
</div> </div>
</div> </div>
</div> </div>
{presenter "openvk!Wall->wallEmbedded", $user->getId()} {if $user->isServiceAccount() && $user->getId() !== $thisUser->getId()}
<div style="color: grey; margin: 36px 48px; text-align: center;">
{$user->getServiceAccountNotify()|noescape}
</div>
{else}
{presenter "openvk!Wall->wallEmbedded", $user->getId()}
{/if}
<script n:if="isset($thisUser) && $thisUser->getChandlerUser()->can('access')->model('admin')->whichBelongsTo(NULL)"> <script n:if="isset($thisUser) && $thisUser->getChandlerUser()->can('access')->model('admin')->whichBelongsTo(NULL)">
function banUser() { function banUser() {

View file

@ -0,0 +1,2 @@
ALTER TABLE `profiles`
ADD `service_account_notify` TEXT NULL DEFAULT NULL AFTER `alert`;