From 8495f493d0df3f4bf69a54dae4a10e502642de8c Mon Sep 17 00:00:00 2001 From: lalka2016 <99399973+lalka2016@users.noreply.github.com> Date: Mon, 17 Jul 2023 17:53:09 +0300 Subject: [PATCH] Fix aprosav --- ServiceAPI/Polls.php | 24 +++++++++++++++++------- VKAPI/Handlers/Polls.php | 9 +++++---- VKAPI/Handlers/Wall.php | 7 ++++--- Web/Models/Entities/Poll.php | 14 ++++++++++++-- 4 files changed, 38 insertions(+), 16 deletions(-) diff --git a/ServiceAPI/Polls.php b/ServiceAPI/Polls.php index 9d3e2e7f..ac676d31 100644 --- a/ServiceAPI/Polls.php +++ b/ServiceAPI/Polls.php @@ -26,7 +26,12 @@ class Polls implements Handler { $poll = $this->polls->get($pollId); if(!$poll) { - $reject("Poll not found"); + $reject(1, "Poll not found"); + return; + } + + if(!$poll->canBeViewedBy($this->user)) { + $reject(12, "Access to poll denied"); return; } @@ -34,16 +39,16 @@ class Polls implements Handler $options = explode(",", $options); $poll->vote($this->user, $options); } catch(AlreadyVotedException $ex) { - $reject("Poll state changed: user has already voted."); + $reject(10, "Poll state changed: user has already voted."); return; } catch(PollLockedException $ex) { - $reject("Poll state changed: poll has ended."); + $reject(25, "Poll state changed: poll has ended."); return; } catch(InvalidOptionException $ex) { - $reject("Foreign options passed."); + $reject(34, "Foreign options passed."); return; } catch(UnexpectedValueException $ex) { - $reject("Too much options passed."); + $reject(42, "Too much options passed."); return; } @@ -54,14 +59,19 @@ class Polls implements Handler { $poll = $this->polls->get($pollId); if(!$poll) { - $reject("Poll not found"); + $reject(28, "Poll not found"); + return; + } + + if(!$poll->canBeViewedBy($this->user)) { + $reject(12, "Access to poll denied"); return; } try { $poll->revokeVote($this->user); } catch(PollLockedException $ex) { - $reject("Votes can't be revoked from this poll."); + $reject(19, "Votes can't be revoked from this poll."); return; } diff --git a/VKAPI/Handlers/Polls.php b/VKAPI/Handlers/Polls.php index 3497120f..f901ab77 100755 --- a/VKAPI/Handlers/Polls.php +++ b/VKAPI/Handlers/Polls.php @@ -34,7 +34,8 @@ final class Polls extends VKAPIRequestHandler $userVote = array(); foreach($poll->getUserVote($this->getUser()) as $vote) $userVote[] = $vote[0]; - + + $ownerr = $poll->getAttachedPost()->getOwner() instanceof User ? $poll->getAttachedPost()->getOwner()->getId() : $poll->getAttachedPost()->getOwner()->getId() * -1; $response = [ "multiple" => $poll->isMultipleChoice(), "end_date" => $poll->endsAt() == NULL ? 0 : $poll->endsAt()->timestamp(), @@ -44,16 +45,16 @@ final class Polls extends VKAPIRequestHandler "can_vote" => $poll->canVote($this->getUser()), "can_report" => false, "can_share" => true, - "created" => 0, + "created" => $poll->getAttachedPost()->getPublicationTime()->timestamp(), "id" => $poll->getId(), - "owner_id" => $poll->getOwner()->getId(), + "owner_id" => $ownerr, "question" => $poll->getTitle(), "votes" => $poll->getVoterCount(), "disable_unvote" => $poll->isRevotable(), "anonymous" => $poll->isAnonymous(), "answer_ids" => $userVote, "answers" => $answers, - "author_id" => $poll->getOwner()->getId(), + "author_id" => $ownerr, ]; if ($extended) { diff --git a/VKAPI/Handlers/Wall.php b/VKAPI/Handlers/Wall.php index 9efb56c5..956c8428 100644 --- a/VKAPI/Handlers/Wall.php +++ b/VKAPI/Handlers/Wall.php @@ -879,6 +879,7 @@ final class Wall extends VKAPIRequestHandler foreach($attachment->getUserVote($user) as $vote) $userVote[] = $vote[0]; + $ownerr = $attachment->getAttachedPost()->getOwner() instanceof User ? $attachment->getAttachedPost()->getOwner()->getId() : $attachment->getAttachedPost()->getOwner()->getId() * -1; return [ "type" => "poll", "poll" => [ @@ -890,16 +891,16 @@ final class Wall extends VKAPIRequestHandler "can_vote" => $attachment->canVote($user), "can_report" => false, "can_share" => true, - "created" => 0, + "created" => $attachment->getAttachedPost()->getPublicationTime()->timestamp(), "id" => $attachment->getId(), - "owner_id" => $attachment->getOwner()->getId(), + "owner_id" => $ownerr, "question" => $attachment->getTitle(), "votes" => $attachment->getVoterCount(), "disable_unvote" => $attachment->isRevotable(), "anonymous" => $attachment->isAnonymous(), "answer_ids" => $userVote, "answers" => $answers, - "author_id" => $attachment->getOwner()->getId(), + "author_id" => $ownerr, ] ]; } diff --git a/Web/Models/Entities/Poll.php b/Web/Models/Entities/Poll.php index 4ec48219..b8bf0855 100644 --- a/Web/Models/Entities/Poll.php +++ b/Web/Models/Entities/Poll.php @@ -4,7 +4,7 @@ use openvk\Web\Models\Exceptions\TooMuchOptionsException; use openvk\Web\Util\DateTime; use \UnexpectedValueException; use Nette\InvalidStateException; -use openvk\Web\Models\Repositories\Users; +use openvk\Web\Models\Repositories\{Users, Posts}; use Chandler\Database\DatabaseConnection; use openvk\Web\Models\Exceptions\PollLockedException; use openvk\Web\Models\Exceptions\AlreadyVotedException; @@ -293,8 +293,18 @@ class Poll extends Attachable } } + function getAttachedPost() + { + $post = DatabaseConnection::i()->getContext()->table("attachments") + ->where( + ["attachable_type" => static::class, + "attachable_id" => $this->getId()])->fetch(); + + return (new Posts)->get($post->target_id); + } + function canBeViewedBy(?User $user = NULL): bool { - return $this->getOwner()->canBeViewedBy($user); + return $this->getAttachedPost()->canBeViewedBy($user); } }