mirror of
https://github.com/openvk/openvk
synced 2025-01-03 06:09:49 +03:00
Служебные аккаунты
This commit is contained in:
parent
5c76b56da4
commit
472072c941
9 changed files with 60 additions and 15 deletions
|
@ -438,6 +438,8 @@ class User extends RowModel
|
|||
|
||||
function getPrivacyPermission(string $permission, ?User $user = NULL): bool
|
||||
{
|
||||
if ($this->isServiceAccount() && $permission !== "page.read" && ($user !== NULL && $user->getId() !== $this->getId())) return false;
|
||||
|
||||
$permStatus = $this->getPrivacySetting($permission);
|
||||
if(!$user)
|
||||
return $permStatus === User::PRIVACY_EVERYONE;
|
||||
|
@ -1113,6 +1115,16 @@ class User extends RowModel
|
|||
return true;
|
||||
}
|
||||
|
||||
function getServiceAccountNotify(): ?string
|
||||
{
|
||||
return $this->getRecord()->service_account_notify;
|
||||
}
|
||||
|
||||
function isServiceAccount(): bool
|
||||
{
|
||||
return !is_null($this->getServiceAccountNotify());
|
||||
}
|
||||
|
||||
function toVkApiStruct(): object
|
||||
{
|
||||
$res = (object) [];
|
||||
|
|
|
@ -23,6 +23,7 @@ final class CommentPresenter extends OpenVKPresenter
|
|||
$comment = (new Comments)->get($id);
|
||||
if(!$comment || $comment->isDeleted()) $this->notFound();
|
||||
|
||||
if (!($comment->getTarget() instanceof Post && $comment->getTarget()->getOwner() instanceof User && $comment->getTarget()->getOwner()->isServiceAccount()))
|
||||
if(!is_null($this->user)) $comment->toggleLike($this->user->identity);
|
||||
|
||||
$this->redirect($_SERVER["HTTP_REFERER"]);
|
||||
|
@ -48,6 +49,9 @@ final class CommentPresenter extends OpenVKPresenter
|
|||
else if($entity instanceof Topic)
|
||||
$club = $entity->getClub();
|
||||
|
||||
if ($entity instanceof Post && $entity->getOwner()->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
if($_FILES["_vid_attachment"] && OPENVK_ROOT_CONF['openvk']['preferences']['videos']['disableUploading'])
|
||||
$this->flashFail("err", tr("error"), "Video uploads are disabled by the system administrator.");
|
||||
|
||||
|
@ -128,7 +132,7 @@ final class CommentPresenter extends OpenVKPresenter
|
|||
|
||||
$comment = (new Comments)->get($id);
|
||||
if(!$comment) $this->notFound();
|
||||
if(!$comment->canBeDeletedBy($this->user->identity))
|
||||
if(!$comment->canBeDeletedBy($this->user->identity) || ($comment->getTarget() instanceof Post && $comment->getTarget()->getOwner() instanceof User && $comment->getTarget()->getOwner()->isServiceAccount()))
|
||||
$this->throwError(403, "Forbidden", "У вас недостаточно прав чтобы редактировать этот ресурс.");
|
||||
|
||||
$comment->delete();
|
||||
|
|
|
@ -20,7 +20,7 @@ final class GiftsPresenter extends OpenVKPresenter
|
|||
$this->assertUserLoggedIn();
|
||||
|
||||
$user = $this->users->get($user);
|
||||
if(!$user)
|
||||
if(!$user || $user->isServiceAccount())
|
||||
$this->notFound();
|
||||
|
||||
$this->template->user = $user;
|
||||
|
@ -33,7 +33,7 @@ final class GiftsPresenter extends OpenVKPresenter
|
|||
function renderGiftMenu(): void
|
||||
{
|
||||
$user = $this->users->get((int) ($this->queryParam("user") ?? 0));
|
||||
if(!$user)
|
||||
if(!$user || $user->isServiceAccount())
|
||||
$this->notFound();
|
||||
|
||||
$this->template->page = $page = (int) ($this->queryParam("p") ?? 1);
|
||||
|
@ -65,7 +65,7 @@ final class GiftsPresenter extends OpenVKPresenter
|
|||
$user = $this->users->get((int) ($this->queryParam("user") ?? 0));
|
||||
$gift = $this->gifts->get((int) ($this->queryParam("elid") ?? 0));
|
||||
$cat = $this->gifts->getCat((int) ($this->queryParam("pack") ?? 0));
|
||||
if(!$user || !$cat || !$gift || !$cat->hasGift($gift))
|
||||
if(!$user || !$cat || !$gift || !$cat->hasGift($gift) || $user->isServiceAccount())
|
||||
$this->flashFail("err", "Не удалось подарить", "Не удалось подтвердить права на подарок.");
|
||||
|
||||
if(!$gift->canUse($this->user->identity))
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<?php declare(strict_types=1);
|
||||
namespace openvk\Web\Presenters;
|
||||
use openvk\Web\Models\Entities\{Club, Photo, Album};
|
||||
use openvk\Web\Models\Entities\{Club, Photo, Album, User};
|
||||
use openvk\Web\Models\Repositories\{Photos, Albums, Users, Clubs};
|
||||
use Nette\InvalidStateException as ISE;
|
||||
|
||||
|
@ -159,6 +159,9 @@ final class PhotosPresenter extends OpenVKPresenter
|
|||
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
|
||||
if(!$photo || $photo->isDeleted()) $this->notFound();
|
||||
|
||||
if ($photo->getOwner() instanceof User && $photo->getOwner()->isServiceAccount())
|
||||
$this->notFound();
|
||||
|
||||
if(!is_null($this->queryParam("from"))) {
|
||||
if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) {
|
||||
$album = $this->albums->get((int) $matches[1]);
|
||||
|
|
|
@ -296,6 +296,8 @@ final class UserPresenter extends OpenVKPresenter
|
|||
|
||||
$user = $this->users->get((int) $this->postParam("id"));
|
||||
if(!$user) exit("Invalid state");
|
||||
if ($user->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
$user->toggleSubscription($this->user->identity);
|
||||
|
||||
|
@ -654,6 +656,9 @@ final class UserPresenter extends OpenVKPresenter
|
|||
if($this->user->identity->getCoins() < $value)
|
||||
$this->flashFail("err", tr("failed_to_tranfer_points"), tr("you_dont_have_enough_points"));
|
||||
|
||||
if ($receiver->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
if($this->user->id !== $receiver->getId()) {
|
||||
$this->user->identity->setCoins($this->user->identity->getCoins() - $value);
|
||||
$this->user->identity->save();
|
||||
|
@ -695,6 +700,9 @@ final class UserPresenter extends OpenVKPresenter
|
|||
if($this->user->identity->getCoins() < $value)
|
||||
$this->flashFail("err", tr("failed_to_increase_rating"), tr("you_dont_have_enough_points"));
|
||||
|
||||
if ($receiver->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
$this->user->identity->setCoins($this->user->identity->getCoins() - $value);
|
||||
$this->user->identity->save();
|
||||
|
||||
|
|
|
@ -90,6 +90,9 @@ final class WallPresenter extends OpenVKPresenter
|
|||
function renderRSS(int $user): void
|
||||
{
|
||||
$owner = ($user < 0 ? (new Clubs) : (new Users))->get(abs($user));
|
||||
if ($owner instanceof User && $owner->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
if(is_null($this->user)) {
|
||||
$canPost = false;
|
||||
} else if($user > 0) {
|
||||
|
@ -212,6 +215,10 @@ final class WallPresenter extends OpenVKPresenter
|
|||
|
||||
$wallOwner = ($wall > 0 ? (new Users)->get($wall) : (new Clubs)->get($wall * -1))
|
||||
?? $this->flashFail("err", tr("failed_to_publish_post"), tr("error_4"));
|
||||
|
||||
if ($wallOwner instanceof User && $wallOwner->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
if($wall > 0) {
|
||||
if(!$wallOwner->isBanned())
|
||||
$canPost = $wallOwner->getPrivacyPermission("wall.write", $this->user->identity);
|
||||
|
@ -343,6 +350,9 @@ final class WallPresenter extends OpenVKPresenter
|
|||
if(!$post || $post->isDeleted())
|
||||
$this->notFound();
|
||||
|
||||
if ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
$this->logPostView($post, $wall);
|
||||
|
||||
$this->template->post = $post;
|
||||
|
@ -367,7 +377,7 @@ final class WallPresenter extends OpenVKPresenter
|
|||
$this->assertNoCSRF();
|
||||
|
||||
$post = $this->posts->getPostById($wall, $post_id);
|
||||
if(!$post || $post->isDeleted()) $this->notFound();
|
||||
if(!$post || $post->isDeleted() || ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount())) $this->notFound();
|
||||
|
||||
if(!is_null($this->user)) {
|
||||
$post->toggleLike($this->user->identity);
|
||||
|
@ -384,7 +394,7 @@ final class WallPresenter extends OpenVKPresenter
|
|||
|
||||
$post = $this->posts->getPostById($wall, $post_id);
|
||||
|
||||
if(!$post || $post->isDeleted())
|
||||
if(!$post || $post->isDeleted() || ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount()))
|
||||
$this->notFound();
|
||||
|
||||
$where = $this->postParam("type") ?? "wall";
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
alt="Фотография пользователя" />
|
||||
</div>
|
||||
<div class="crp-entry--info">
|
||||
<a href="{$recipient->getURL()}">{$recipient->getCanonicalName()}</a><br/>
|
||||
<a href="{$recipient->getURL()}" n:attr="style => $recipient->isServiceAccount() ? 'font-weight: 700; color: #1b7a1b;' : ''">{$recipient->getCanonicalName()}</a><br/>
|
||||
<span>{$lastMsg->getSendTimeHumanized()}</span>
|
||||
</div>
|
||||
<div n:class="crp-entry--message, $lastMsg->getUnreadState() ? unread">
|
||||
|
|
|
@ -393,7 +393,7 @@
|
|||
</div>
|
||||
<div class="accountInfo clearFix">
|
||||
<div class="profileName">
|
||||
<h2>{$user->getFullName()}</h2>
|
||||
<h2 n:attr="style => $user->isServiceAccount() ? 'font-weight: 700; color: #1b7a1b;' : ''">{$user->getFullName()}</h2>
|
||||
{if !is_null($user->getStatus())}
|
||||
<div n:class="page_status, $thatIsThisUser ? page_status_edit_button" n:attr="id => $thatIsThisUser ? page_status_text : NULL">{$user->getStatus()}</div>
|
||||
{elseif $thatIsThisUser}
|
||||
|
@ -593,7 +593,13 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
{if $user->isServiceAccount() && $user->getId() !== $thisUser->getId()}
|
||||
<div style="color: grey; margin: 36px 48px; text-align: center;">
|
||||
{$user->getServiceAccountNotify()|noescape}
|
||||
</div>
|
||||
{else}
|
||||
{presenter "openvk!Wall->wallEmbedded", $user->getId()}
|
||||
{/if}
|
||||
|
||||
<script n:if="isset($thisUser) && $thisUser->getChandlerUser()->can('access')->model('admin')->whichBelongsTo(NULL)">
|
||||
function banUser() {
|
||||
|
|
2
install/sqls/00038-service-account-notifies.sql
Normal file
2
install/sqls/00038-service-account-notifies.sql
Normal file
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE `profiles`
|
||||
ADD `service_account_notify` TEXT NULL DEFAULT NULL AFTER `alert`;
|
Loading…
Reference in a new issue