mirror of
https://github.com/openvk/openvk
synced 2025-04-23 08:33:02 +03:00
Fix getting voters in anonymous posts and use c...
...anBeEditedBy instead of checking user's id
This commit is contained in:
lalka2016
parent
b700627123
commit
cb7d491413
4 changed files with 31 additions and 5 deletions
|
|
@ -114,6 +114,9 @@ final class Polls extends VKAPIRequestHandler
|
||||||
if(!$poll)
|
if(!$poll)
|
||||||
$this->fail(251, "Invalid poll");
|
$this->fail(251, "Invalid poll");
|
||||||
|
|
||||||
|
if($poll->isAnonymous())
|
||||||
|
$this->fail(251, "Access denied: poll is anonymous.");
|
||||||
|
|
||||||
$voters = array_slice($poll->getVoters($answer_ids, 1, $offset + $count), $offset);
|
$voters = array_slice($poll->getVoters($answer_ids, 1, $offset + $count), $offset);
|
||||||
$res = (object)[
|
$res = (object)[
|
||||||
"answer_id" => $answer_ids,
|
"answer_id" => $answer_ids,
|
||||||
|
|
|
||||||
|
|
@ -120,7 +120,7 @@ final class Wall extends VKAPIRequestHandler
|
||||||
"post_type" => "post",
|
"post_type" => "post",
|
||||||
"text" => $post->getText(false),
|
"text" => $post->getText(false),
|
||||||
"copy_history" => $repost,
|
"copy_history" => $repost,
|
||||||
"can_edit" => $post->getOwner(false)->getId() == $this->getUser()->getId(),
|
"can_edit" => $post->canBeEditedBy($this->getUser()),
|
||||||
"can_delete" => $post->canBeDeletedBy($this->getUser()),
|
"can_delete" => $post->canBeDeletedBy($this->getUser()),
|
||||||
"can_pin" => $post->canBePinnedBy($this->getUser()),
|
"can_pin" => $post->canBePinnedBy($this->getUser()),
|
||||||
"can_archive" => false, # TODO MAYBE
|
"can_archive" => false, # TODO MAYBE
|
||||||
|
|
@ -295,7 +295,7 @@ final class Wall extends VKAPIRequestHandler
|
||||||
"post_type" => "post",
|
"post_type" => "post",
|
||||||
"text" => $post->getText(false),
|
"text" => $post->getText(false),
|
||||||
"copy_history" => $repost,
|
"copy_history" => $repost,
|
||||||
"can_edit" => $post->getOwner(false)->getId() == $this->getUser()->getId(),
|
"can_edit" => $post->canBeEditedBy($this->getUser()),
|
||||||
"can_delete" => $post->canBeDeletedBy($user),
|
"can_delete" => $post->canBeDeletedBy($user),
|
||||||
"can_pin" => $post->canBePinnedBy($user),
|
"can_pin" => $post->canBePinnedBy($user),
|
||||||
"can_archive" => false, # TODO MAYBE
|
"can_archive" => false, # TODO MAYBE
|
||||||
|
|
@ -805,7 +805,7 @@ final class Wall extends VKAPIRequestHandler
|
||||||
if(empty($message) && empty($attachments))
|
if(empty($message) && empty($attachments))
|
||||||
$this->fail(100, "Required parameter 'message' missing.");
|
$this->fail(100, "Required parameter 'message' missing.");
|
||||||
|
|
||||||
if($post->getOwner(false)->getId() != $this->getUser()->getId())
|
if(!$post->canBeEditedBy($this->getUser()))
|
||||||
$this->fail(7, "Access to editing denied");
|
$this->fail(7, "Access to editing denied");
|
||||||
|
|
||||||
if(!empty($message))
|
if(!empty($message))
|
||||||
|
|
@ -814,6 +814,7 @@ final class Wall extends VKAPIRequestHandler
|
||||||
$post->setEdited(time());
|
$post->setEdited(time());
|
||||||
$post->save(true);
|
$post->save(true);
|
||||||
|
|
||||||
|
# todo добавить такое в веб версию
|
||||||
if(!empty($attachments)) {
|
if(!empty($attachments)) {
|
||||||
$attachs = parseAttachments($attachments);
|
$attachs = parseAttachments($attachments);
|
||||||
$newAttachmentsCount = sizeof($attachs);
|
$newAttachmentsCount = sizeof($attachs);
|
||||||
|
|
@ -849,8 +850,8 @@ final class Wall extends VKAPIRequestHandler
|
||||||
if(!$comment || $comment->isDeleted())
|
if(!$comment || $comment->isDeleted())
|
||||||
$this->fail(102, "Invalid comment");
|
$this->fail(102, "Invalid comment");
|
||||||
|
|
||||||
if($comment->getOwner()->getId() != $this->getUser()->getId())
|
if(!$comment->canBeEditedBy($this->getUser()))
|
||||||
$this->fail(15, "Access to comment denied");
|
$this->fail(15, "Access to editing comment denied");
|
||||||
|
|
||||||
if(!empty($message))
|
if(!empty($message))
|
||||||
$comment->setContent($message);
|
$comment->setContent($message);
|
||||||
|
|
|
||||||
|
|
@ -103,4 +103,12 @@ class Comment extends Post
|
||||||
|
|
||||||
return $res;
|
return $res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function canBeEditedBy(?User $user = NULL): bool
|
||||||
|
{
|
||||||
|
if(!$user)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
return $user->getId() == $this->getOwner(false)->getId();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -263,5 +263,19 @@ class Post extends Postable
|
||||||
return $res;
|
return $res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function canBeEditedBy(?User $user = NULL): bool
|
||||||
|
{
|
||||||
|
if(!$user)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
if($this->isDeactivationMessage() || $this->isUpdateAvatarMessage())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
if($this->getTargetWall() > 0)
|
||||||
|
return $this->getPublicationTime()->timestamp() + WEEK > time() && $user->getId() == $this->getOwner(false)->getId();
|
||||||
|
|
||||||
|
return $user->getId() == $this->getOwner(false)->getId();
|
||||||
|
}
|
||||||
|
|
||||||
use Traits\TRichText;
|
use Traits\TRichText;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue