mirror of
https://github.com/openvk/openvk
synced 2025-04-20 23:23:05 +03:00
&
This commit is contained in:
lalka2018
parent
8a8b44e869
commit
fea4ce0498
14 changed files with 132 additions and 101 deletions
|
|
@ -14,25 +14,22 @@ final class Friends extends VKAPIRequestHandler
|
|||
|
||||
$this->requireUser();
|
||||
|
||||
if ($user_id == 0) {
|
||||
if ($user_id == 0) {
|
||||
$user_id = $this->getUser()->getId();
|
||||
}
|
||||
|
||||
$user = $users->get($user_id);
|
||||
|
||||
if(!$user || $user->isDeleted())
|
||||
$this->fail(100, "Invalid user");
|
||||
|
||||
if(!$user->getPrivacyPermission("friends.read", $this->getUser()))
|
||||
$this->fail(15, "Access denied: this user chose to hide his friends.");
|
||||
|
||||
if(!$user->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access denied");
|
||||
$user = $users->get($user_id);
|
||||
|
||||
foreach($user->getFriends($offset, $count) as $friend) {
|
||||
$friends[$i] = $friend->getId();
|
||||
$i++;
|
||||
}
|
||||
if(!$user || $user->isDeleted())
|
||||
$this->fail(100, "Invalid user");
|
||||
|
||||
if(!$user->getPrivacyPermission("friends.read", $this->getUser()))
|
||||
$this->fail(15, "Access denied: this user chose to hide his friends.");
|
||||
|
||||
foreach($user->getFriends($offset, $count) as $friend) {
|
||||
$friends[$i] = $friend->getId();
|
||||
$i++;
|
||||
}
|
||||
|
||||
$response = $friends;
|
||||
|
||||
|
|
|
|||
|
|
@ -19,14 +19,11 @@ final class Groups extends VKAPIRequestHandler
|
|||
$users = new UsersRepo;
|
||||
$user = $users->get($user_id);
|
||||
|
||||
if(is_null($user) || $user->isDeleted())
|
||||
if(is_null($user) || $user->isDeleted())
|
||||
$this->fail(15, "Access denied");
|
||||
|
||||
if(!$user->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access denied");
|
||||
|
||||
if(!$user->getPrivacyPermission('groups.read', $this->getUser()))
|
||||
$this->fail(15, "Access denied: this user chose to hide his groups.");
|
||||
if(!$user->getPrivacyPermission('groups.read', $this->getUser()))
|
||||
$this->fail(15, "Access denied: this user chose to hide his groups.");
|
||||
|
||||
foreach($user->getClubs($offset, $filter == "admin", $count, true) as $club)
|
||||
$clbs[] = $club;
|
||||
|
|
@ -406,9 +403,15 @@ final class Groups extends VKAPIRequestHandler
|
|||
];
|
||||
|
||||
foreach($filds as $fild) {
|
||||
$canView = $member->canBeViewedBy($this->getUser());
|
||||
switch($fild) {
|
||||
case "bdate":
|
||||
$arr->items[$i]->bdate = $member->getBirthday()->format('%e.%m.%Y');
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->bdate = "01.01.1970";
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->bdate = $member->getBirthday() ? $member->getBirthday()->format('%e.%m.%Y') : NULL;
|
||||
break;
|
||||
case "can_post":
|
||||
$arr->items[$i]->can_post = $club->canBeModifiedBy($member);
|
||||
|
|
@ -429,6 +432,11 @@ final class Groups extends VKAPIRequestHandler
|
|||
$arr->items[$i]->connections = 1;
|
||||
break;
|
||||
case "contacts":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->contacts = "secret@gmail.com";
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->contacts = $member->getContactEmail();
|
||||
break;
|
||||
case "country":
|
||||
|
|
@ -444,15 +452,30 @@ final class Groups extends VKAPIRequestHandler
|
|||
$arr->items[$i]->has_mobile = false;
|
||||
break;
|
||||
case "last_seen":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->last_seen = 0;
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->last_seen = $member->getOnline()->timestamp();
|
||||
break;
|
||||
case "lists":
|
||||
$arr->items[$i]->lists = "";
|
||||
break;
|
||||
case "online":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->online = false;
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->online = $member->isOnline();
|
||||
break;
|
||||
case "online_mobile":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->online_mobile = false;
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->online_mobile = $member->getOnlinePlatform() == "android" || $member->getOnlinePlatform() == "iphone" || $member->getOnlinePlatform() == "mobile";
|
||||
break;
|
||||
case "photo_100":
|
||||
|
|
@ -483,12 +506,27 @@ final class Groups extends VKAPIRequestHandler
|
|||
$arr->items[$i]->schools = 0;
|
||||
break;
|
||||
case "sex":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->sex = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->sex = $member->isFemale() ? 1 : 2;
|
||||
break;
|
||||
case "site":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->site = NULL;
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->site = $member->getWebsite();
|
||||
break;
|
||||
case "status":
|
||||
if(!$canView) {
|
||||
$arr->items[$i]->status = "r";
|
||||
break;
|
||||
}
|
||||
|
||||
$arr->items[$i]->status = $member->getStatus();
|
||||
break;
|
||||
case "universities":
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ final class Likes extends VKAPIRequestHandler
|
|||
if(is_null($postable) || $postable->isDeleted())
|
||||
$this->fail(100, "One of the parameters specified was missing or invalid: object not found");
|
||||
|
||||
if(method_exists($postable, "canBeViewedBy") && !$postable->canBeViewedBy($this->getUser() ?? NULL)) {
|
||||
if(!$postable->canBeViewedBy($this->getUser() ?? NULL)) {
|
||||
$this->fail(2, "Access to postable denied");
|
||||
}
|
||||
|
||||
|
|
@ -89,7 +89,7 @@ final class Likes extends VKAPIRequestHandler
|
|||
if(is_null($postable) || $postable->isDeleted())
|
||||
$this->fail(100, "One of the parameters specified was missing or invalid: object not found");
|
||||
|
||||
if(method_exists($postable, "canBeViewedBy") && !$postable->canBeViewedBy($this->getUser() ?? NULL)) {
|
||||
if(!$postable->canBeViewedBy($this->getUser() ?? NULL)) {
|
||||
$this->fail(2, "Access to postable denied");
|
||||
}
|
||||
|
||||
|
|
@ -111,7 +111,7 @@ final class Likes extends VKAPIRequestHandler
|
|||
if(is_null($user) || $user->isDeleted())
|
||||
$this->fail(100, "One of the parameters specified was missing or invalid: user not found");
|
||||
|
||||
if(method_exists($user, "canBeViewedBy") && !$user->canBeViewedBy($this->getUser())) {
|
||||
if(!$user->canBeViewedBy($this->getUser())) {
|
||||
$this->fail(1984, "Access denied: you can't see this user");
|
||||
}
|
||||
|
||||
|
|
@ -181,6 +181,9 @@ final class Likes extends VKAPIRequestHandler
|
|||
if(!$object || $object->isDeleted())
|
||||
$this->fail(56, "Invalid postable");
|
||||
|
||||
if(!$object->canBeViewedBy($this->getUser()))
|
||||
$this->fail(665, "Access to postable denied");
|
||||
|
||||
$res = (object)[
|
||||
"count" => $object->getLikesCount(),
|
||||
"items" => []
|
||||
|
|
|
|||
|
|
@ -307,9 +307,6 @@ final class Photos extends VKAPIRequestHandler
|
|||
if(!$user->getPrivacyPermission('photos.read', $this->getUser()))
|
||||
$this->fail(21, "This user chose to hide his albums.");
|
||||
|
||||
if(!$user->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access denied");
|
||||
|
||||
$albums = array_slice(iterator_to_array((new Albums)->getUserAlbums($user, 1, $count + $offset)), $offset);
|
||||
|
||||
foreach($albums as $album) {
|
||||
|
|
@ -365,9 +362,8 @@ final class Photos extends VKAPIRequestHandler
|
|||
$this->requireUser();
|
||||
$this->willExecuteWriteAction();
|
||||
|
||||
if($user_id == 0 && $group_id == 0 || $user_id > 0 && $group_id > 0) {
|
||||
if($user_id == 0 && $group_id == 0 || $user_id > 0 && $group_id > 0)
|
||||
$this->fail(21, "Select user_id or group_id");
|
||||
}
|
||||
|
||||
if($user_id > 0) {
|
||||
$us = (new UsersRepo)->get($user_id);
|
||||
|
|
@ -376,15 +372,11 @@ final class Photos extends VKAPIRequestHandler
|
|||
|
||||
if(!$us->getPrivacyPermission('photos.read', $this->getUser()))
|
||||
$this->fail(21, "This user chose to hide his albums.");
|
||||
|
||||
if(!$us->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access dennieeeddd");
|
||||
|
||||
return (new Albums)->getUserAlbumsCount($us);
|
||||
}
|
||||
|
||||
if($group_id > 0)
|
||||
{
|
||||
if($group_id > 0) {
|
||||
$cl = (new Clubs)->get($group_id);
|
||||
if(!$cl) {
|
||||
$this->fail(21, "Invalid club");
|
||||
|
|
@ -409,14 +401,8 @@ final class Photos extends VKAPIRequestHandler
|
|||
if(!$photo || $photo->isDeleted())
|
||||
$this->fail(21, "Invalid photo");
|
||||
|
||||
if($photo->getOwner()->isDeleted())
|
||||
$this->fail(21, "Owner of this photo is deleted");
|
||||
|
||||
if(!$photo->getOwner()->getPrivacyPermission('photos.read', $this->getUser()))
|
||||
$this->fail(21, "This user chose to hide his photos.");
|
||||
|
||||
if(!$photo->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access denied...");
|
||||
$this->fail(15, "Access denied");
|
||||
|
||||
$res[] = $photo->toVkApiStruct($photo_sizes, $extended);
|
||||
}
|
||||
|
|
@ -523,7 +509,7 @@ final class Photos extends VKAPIRequestHandler
|
|||
$this->fail(21, "Invalid photo");
|
||||
|
||||
if($photo->isDeleted())
|
||||
$this->fail(21, "Photo already deleted");
|
||||
$this->fail(21, "Photo is already deleted");
|
||||
|
||||
$photo->delete();
|
||||
} else {
|
||||
|
|
@ -535,17 +521,14 @@ final class Photos extends VKAPIRequestHandler
|
|||
|
||||
$phot = (new PhotosRepo)->getByOwnerAndVID((int)$id[0], (int)$id[1]);
|
||||
|
||||
if($this->getUser()->getId() !== $phot->getOwner()->getId()) {
|
||||
if($this->getUser()->getId() !== $phot->getOwner()->getId())
|
||||
$this->fail(21, "You can't delete another's photo");
|
||||
}
|
||||
|
||||
if(!$phot) {
|
||||
if(!$phot)
|
||||
$this->fail(21, "Invalid photo");
|
||||
}
|
||||
|
||||
if($phot->isDeleted()) {
|
||||
if($phot->isDeleted())
|
||||
$this->fail(21, "Photo already deleted");
|
||||
}
|
||||
|
||||
$phot->delete();
|
||||
}
|
||||
|
|
@ -565,17 +548,11 @@ final class Photos extends VKAPIRequestHandler
|
|||
$this->willExecuteWriteAction();
|
||||
|
||||
$comment = (new CommentsRepo)->get($comment_id);
|
||||
if(!$comment) {
|
||||
if(!$comment)
|
||||
$this->fail(21, "Invalid comment");
|
||||
}
|
||||
|
||||
if(!$comment->canBeModifiedBy($this->getUser())) {
|
||||
$this->fail(21, "Forbidden");
|
||||
}
|
||||
|
||||
if($comment->isDeleted()) {
|
||||
$this->fail(4, "Comment already deleted");
|
||||
}
|
||||
if(!$comment->canBeModifiedBy($this->getUser()))
|
||||
$this->fail(21, "Access denied");
|
||||
|
||||
$comment->delete();
|
||||
|
||||
|
|
@ -592,14 +569,11 @@ final class Photos extends VKAPIRequestHandler
|
|||
|
||||
$photo = (new PhotosRepo)->getByOwnerAndVID($owner_id, $photo_id);
|
||||
|
||||
if(!$photo)
|
||||
$this->fail(180, "Photo not found");
|
||||
|
||||
if($photo->isDeleted())
|
||||
$this->fail(189, "Photo is deleted");
|
||||
if(!$photo || $photo->isDeleted())
|
||||
$this->fail(180, "Invalid photo");
|
||||
|
||||
if(!$photo->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access to photo denied.");
|
||||
$this->fail(15, "Access to photo denied");
|
||||
|
||||
$comment = new Comment;
|
||||
$comment->setOwner($this->getUser()->getId());
|
||||
|
|
@ -671,11 +645,10 @@ final class Photos extends VKAPIRequestHandler
|
|||
if(!$user->getPrivacyPermission('photos.read', $this->getUser()))
|
||||
$this->fail(21, "This user chose to hide his albums.");
|
||||
|
||||
if(!$user->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access denied");
|
||||
|
||||
$photos = array_slice(iterator_to_array((new PhotosRepo)->getEveryUserPhoto($user, 1, $count + $offset)), $offset);
|
||||
$res = [];
|
||||
$res = [
|
||||
"items" => [],
|
||||
];
|
||||
|
||||
foreach($photos as $photo) {
|
||||
if(!$photo || $photo->isDeleted()) continue;
|
||||
|
|
@ -715,4 +688,4 @@ final class Photos extends VKAPIRequestHandler
|
|||
|
||||
return $res;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,10 @@ final class Status extends VKAPIRequestHandler
|
|||
$this->fail(501, "Group statuses are not implemented");
|
||||
else {
|
||||
$user = (new UsersRepo)->get($user_id);
|
||||
|
||||
if(!$user || $user->isDeleted() || !$user->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Invalid user");
|
||||
|
||||
$audioStatus = $user->getCurrentAudioStatus();
|
||||
if($audioStatus) {
|
||||
return [
|
||||
|
|
|
|||
|
|
@ -54,8 +54,8 @@ final class Users extends VKAPIRequestHandler
|
|||
];
|
||||
|
||||
$flds = explode(',', $fields);
|
||||
|
||||
foreach($flds as $field) {
|
||||
$canView = $usr->canBeViewedBy($this->getUser());
|
||||
foreach($flds as $field) {
|
||||
switch($field) {
|
||||
case "verified":
|
||||
$response[$i]->verified = intval($usr->isVerified());
|
||||
|
|
@ -149,7 +149,7 @@ final class Users extends VKAPIRequestHandler
|
|||
];
|
||||
}
|
||||
case "music":
|
||||
if(!$usr->canBeViewedBy($this->getUser())) {
|
||||
if(!$canView) {
|
||||
$response[$i]->music = "secret";
|
||||
break;
|
||||
}
|
||||
|
|
@ -157,7 +157,7 @@ final class Users extends VKAPIRequestHandler
|
|||
$response[$i]->music = $usr->getFavoriteMusic();
|
||||
break;
|
||||
case "movies":
|
||||
if(!$usr->canBeViewedBy($this->getUser())) {
|
||||
if(!$canView) {
|
||||
$response[$i]->movies = "secret";
|
||||
break;
|
||||
}
|
||||
|
|
@ -165,7 +165,7 @@ final class Users extends VKAPIRequestHandler
|
|||
$response[$i]->movies = $usr->getFavoriteFilms();
|
||||
break;
|
||||
case "tv":
|
||||
if(!$usr->canBeViewedBy($this->getUser())) {
|
||||
if(!$canView) {
|
||||
$response[$i]->tv = "secret";
|
||||
break;
|
||||
}
|
||||
|
|
@ -173,7 +173,7 @@ final class Users extends VKAPIRequestHandler
|
|||
$response[$i]->tv = $usr->getFavoriteShows();
|
||||
break;
|
||||
case "books":
|
||||
if(!$usr->canBeViewedBy($this->getUser())) {
|
||||
if(!$canView) {
|
||||
$response[$i]->books = "secret";
|
||||
break;
|
||||
}
|
||||
|
|
@ -181,7 +181,7 @@ final class Users extends VKAPIRequestHandler
|
|||
$response[$i]->books = $usr->getFavoriteBooks();
|
||||
break;
|
||||
case "city":
|
||||
if(!$usr->canBeViewedBy($this->getUser())) {
|
||||
if(!$canView) {
|
||||
$response[$i]->city = "Воскресенск";
|
||||
break;
|
||||
}
|
||||
|
|
@ -189,7 +189,7 @@ final class Users extends VKAPIRequestHandler
|
|||
$response[$i]->city = $usr->getCity();
|
||||
break;
|
||||
case "interests":
|
||||
if(!$usr->canBeViewedBy($this->getUser())) {
|
||||
if(!$canView) {
|
||||
$response[$i]->interests = "secret";
|
||||
break;
|
||||
}
|
||||
|
|
@ -197,18 +197,43 @@ final class Users extends VKAPIRequestHandler
|
|||
$response[$i]->interests = $usr->getInterests();
|
||||
break;
|
||||
case "quotes":
|
||||
$response[$i]->interests = $usr->getFavoriteQuote();
|
||||
if(!$canView) {
|
||||
$response[$i]->quotes = "secret";
|
||||
break;
|
||||
}
|
||||
|
||||
$response[$i]->quotes = $usr->getFavoriteQuote();
|
||||
break;
|
||||
case "email":
|
||||
$response[$i]->interests = $usr->getEmail();
|
||||
if(!$canView) {
|
||||
$response[$i]->email = "secret@gmail.com";
|
||||
break;
|
||||
}
|
||||
|
||||
$response[$i]->email = $usr->getContactEmail();
|
||||
break;
|
||||
case "telegram":
|
||||
$response[$i]->interests = $usr->getTelegram();
|
||||
if(!$canView) {
|
||||
$response[$i]->telegram = "@secret";
|
||||
break;
|
||||
}
|
||||
|
||||
$response[$i]->telegram = $usr->getTelegram();
|
||||
break;
|
||||
case "about":
|
||||
$response[$i]->interests = $usr->getDescription();
|
||||
if(!$canView) {
|
||||
$response[$i]->about = "secret";
|
||||
break;
|
||||
}
|
||||
|
||||
$response[$i]->about = $usr->getDescription();
|
||||
break;
|
||||
case "rating":
|
||||
if(!$canView) {
|
||||
$response[$i]->rating = 22;
|
||||
break;
|
||||
}
|
||||
|
||||
$response[$i]->rating = $usr->getRating();
|
||||
break;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,23 +36,16 @@ final class Video extends VKAPIRequestHandler
|
|||
];
|
||||
} else {
|
||||
if ($owner_id > 0)
|
||||
$user = (new UsersRepo)->get($owner_id);
|
||||
$user = (new UsersRepo)->get($owner_id);
|
||||
else
|
||||
$this->fail(1, "Not implemented");
|
||||
|
||||
if(!$user->getPrivacyPermission('videos.read', $this->getUser())) {
|
||||
$this->fail(20, "Access denied: this user chose to hide his videos");
|
||||
}
|
||||
|
||||
if(!$user || $user->isDeleted())
|
||||
$this->fail(14, "Invalid user");
|
||||
|
||||
if(!$user->getPrivacyPermission('videos.read', $this->getUser()))
|
||||
$this->fail(21, "This user chose to hide his videos.");
|
||||
|
||||
if(!$user->canBeViewedBy($this->getUser()))
|
||||
$this->fail(15, "Access denied");
|
||||
|
||||
$videos = (new VideosRepo)->getByUser($user, $offset + 1, $count);
|
||||
$videosCount = (new VideosRepo)->getUserVideosCount($user);
|
||||
|
||||
|
|
|
|||
|
|
@ -508,6 +508,9 @@ class User extends RowModel
|
|||
else if($user->getId() === $this->getId())
|
||||
return true;
|
||||
|
||||
if($permission != "messages.write" && !$this->canBeViewedBy($user))
|
||||
return false;
|
||||
|
||||
switch($permStatus) {
|
||||
case User::PRIVACY_ONLY_FRIENDS:
|
||||
return $this->getSubscriptionStatus($user) === User::SUBSCRIPTION_MUTUAL;
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ final class NotesPresenter extends OpenVKPresenter
|
|||
{
|
||||
$user = (new Users)->get($owner);
|
||||
if(!$user) $this->notFound();
|
||||
if(!$user->getPrivacyPermission('notes.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
|
||||
if(!$user->getPrivacyPermission('notes.read', $this->user->identity ?? NULL))
|
||||
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
||||
|
||||
$this->template->notes = $this->notes->getUserNotes($user, (int)($this->queryParam("p") ?? 1));
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ final class PhotosPresenter extends OpenVKPresenter
|
|||
if($owner > 0) {
|
||||
$user = $this->users->get($owner);
|
||||
if(!$user) $this->notFound();
|
||||
if (!$user->getPrivacyPermission('photos.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
|
||||
if (!$user->getPrivacyPermission('photos.read', $this->user->identity ?? NULL))
|
||||
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
||||
$this->template->albums = $this->albums->getUserAlbums($user, (int)($this->queryParam("p") ?? 1));
|
||||
$this->template->count = $this->albums->getUserAlbumsCount($user);
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ final class UserPresenter extends OpenVKPresenter
|
|||
$page = abs((int)($this->queryParam("p") ?? 1));
|
||||
if(!$user)
|
||||
$this->notFound();
|
||||
elseif (!$user->getPrivacyPermission('friends.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
|
||||
elseif (!$user->getPrivacyPermission('friends.read', $this->user->identity ?? NULL))
|
||||
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
||||
else
|
||||
$this->template->user = $user;
|
||||
|
|
@ -93,7 +93,7 @@ final class UserPresenter extends OpenVKPresenter
|
|||
$user = $this->users->get($id);
|
||||
if(!$user)
|
||||
$this->notFound();
|
||||
elseif (!$user->getPrivacyPermission('groups.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
|
||||
elseif (!$user->getPrivacyPermission('groups.read', $this->user->identity ?? NULL))
|
||||
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
||||
else {
|
||||
if($this->queryParam("act") === "managed" && $this->user->id !== $user->getId())
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ final class VideosPresenter extends OpenVKPresenter
|
|||
{
|
||||
$user = $this->users->get($id);
|
||||
if(!$user) $this->notFound();
|
||||
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
|
||||
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL))
|
||||
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
||||
|
||||
$this->template->user = $user;
|
||||
|
|
@ -43,7 +43,7 @@ final class VideosPresenter extends OpenVKPresenter
|
|||
|
||||
if(!$user) $this->notFound();
|
||||
if(!$video || $video->isDeleted()) $this->notFound();
|
||||
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL) || !$video->canBeViewedBy($this->user->identity))
|
||||
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL))
|
||||
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
||||
|
||||
$this->template->user = $user;
|
||||
|
|
|
|||
|
|
@ -238,7 +238,7 @@ final class WallPresenter extends OpenVKPresenter
|
|||
$wallOwner = ($wall > 0 ? (new Users)->get($wall) : (new Clubs)->get($wall * -1))
|
||||
?? $this->flashFail("err", tr("failed_to_publish_post"), tr("error_4"));
|
||||
|
||||
if ($wallOwner->isBanned() || !$wallOwner->canBeViewedBy($this->user->identity))
|
||||
if ($wallOwner->isBanned())
|
||||
$this->flashFail("err", tr("error"), tr("forbidden"));
|
||||
|
||||
if($wall > 0) {
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
</a>
|
||||
{/if}
|
||||
{elseif $attachment instanceof \openvk\Web\Models\Entities\Video}
|
||||
{if !$attachment->isDeleted()}
|
||||
{if $attachment->getType() === 0}
|
||||
<div class="bsdn media" data-name="{$attachment->getName()}" data-author="{$attachment->getOwner()->getCanonicalName()}">
|
||||
<video class="media" src="{$attachment->getURL()}"></video>
|
||||
|
|
@ -28,10 +27,6 @@
|
|||
<img src="/assets/packages/static/openvk/img/videoico.png" />
|
||||
<a href="/video{$attachment->getPrettyId()}" id="videoOpen" data-id="{$attachment->getId()}">{$attachment->getName()}</a>
|
||||
</div>
|
||||
|
||||
{else}
|
||||
<span style="color:gray;">{_video_is_deleted}</span>
|
||||
{/if}
|
||||
{elseif $attachment instanceof \openvk\Web\Models\Entities\Poll}
|
||||
{presenter "openvk!Poll->view", $attachment->getId()}
|
||||
{elseif $attachment instanceof \openvk\Web\Models\Entities\Note}
|
||||
|
|
|
|||
Loading…
Reference in a new issue