diff --git a/Web/Models/Entities/User.php b/Web/Models/Entities/User.php index d96e3a4b..4418247c 100644 --- a/Web/Models/Entities/User.php +++ b/Web/Models/Entities/User.php @@ -439,7 +439,7 @@ class User extends RowModel else if($user->getId() === $this->getId()) return true; else if ((new Blacklists)->isBanned($this, $user)) { - if ($user->isAdmin()) + if ($user->isAdmin() && !OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["blacklists"]["applyToAdmins"]) return true; return false; diff --git a/Web/Presenters/PhotosPresenter.php b/Web/Presenters/PhotosPresenter.php index 508ecd51..729b94a4 100644 --- a/Web/Presenters/PhotosPresenter.php +++ b/Web/Presenters/PhotosPresenter.php @@ -139,6 +139,11 @@ final class PhotosPresenter extends OpenVKPresenter if(!$album) $this->notFound(); if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) $this->notFound(); + + if ((new Blacklists)->isBanned($album->getOwner(), $this->user->identity)) { + if (!$this->user->identity->isAdmin() OR $this->user->identity->isAdmin() AND OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["blacklists"]["applyToAdmins"]) + $this->flashFail("err", tr("forbidden"), "Пользователь внёс Вас в чёрный список."); + } if($owner > 0 /* bc we currently don't have perms for clubs */) { $ownerObject = (new Users)->get($owner); @@ -166,8 +171,10 @@ final class PhotosPresenter extends OpenVKPresenter $photo = $this->photos->getByOwnerAndVID($ownerId, $photoId); if(!$photo || $photo->isDeleted()) $this->notFound(); - if ((new Blacklists)->isBanned($photo->getOwner(), $this->user->identity)) - $this->flashFail("err", tr("forbidden"), "Пользователь внёс Вас в чёрный список."); + if ((new Blacklists)->isBanned($photo->getOwner(), $this->user->identity)) { + if (!$this->user->identity->isAdmin() OR $this->user->identity->isAdmin() AND OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["blacklists"]["applyToAdmins"]) + $this->flashFail("err", tr("forbidden"), "Пользователь внёс Вас в чёрный список."); + } if(!is_null($this->queryParam("from"))) { if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) { diff --git a/Web/Presenters/UserPresenter.php b/Web/Presenters/UserPresenter.php index d8fe419c..40231677 100644 --- a/Web/Presenters/UserPresenter.php +++ b/Web/Presenters/UserPresenter.php @@ -32,8 +32,14 @@ final class UserPresenter extends OpenVKPresenter $user = $this->users->get($id); if ($this->user->identity) - if ($this->blacklists->isBanned($user, $this->user->identity) && !$this->user->identity->isAdmin()) - $this->flashFail("err", tr("forbidden"), "Пользователь внёс Вас в чёрный список."); + if ($this->blacklists->isBanned($user, $this->user->identity)) { + if ($this->user->identity->isAdmin()) { + if (OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["blacklists"]["applyToAdmins"]) + $this->flashFail("err", tr("forbidden"), "Пользователь внёс Вас в чёрный список."); + } else { + $this->flashFail("err", tr("forbidden"), "Пользователь внёс Вас в чёрный список."); + } + } if(!$user || $user->isDeleted()) { if($user->isDeactivated()) { diff --git a/openvk-example.yml b/openvk-example.yml index 32f03edd..f682c27d 100644 --- a/openvk-example.yml +++ b/openvk-example.yml @@ -33,6 +33,8 @@ openvk: maxViolations: 50 maxViolationsAge: 120 autoban: true + blacklists: + applyToAdmins: true registration: enable: true reason: "" # reason for disabling registration