Lanmikeman/openvk
Lanmikeman/openvk
1
1
Fork 0
mirror of https://github.com/openvk/openvk synced 2025-05-05 08:36:38 +03:00
Code Issues Projects Releases Packages Wiki Activity
openvk/Web/Presenters/PhotosPresenter.php
mrilyew 1d06a41b39
fix: resolve issues related to API listens field, anonymous notifications, and UX bugs (#1279) 
- Исправлено #1278 по идее
- Добавил поле listens в апи (показывается только для своих треков)
- Исправлен старинный баг, связанный с анонимкой (в уведомлении виден
реальный автор)
- Было неправильно добавлять ссылку на "избранное" в навигационное меню,
поэтому она перенесена в настройки на довольно логичное место
- Удалены некоторые импульсивности в коде и некоторые баги ux

---------

Co-authored-by: Alexander Minkin <weryskok@gmail.com>
2025-05-03 16:53:14 +03:00

443 lines
16 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
declare(strict_types=1);
namespace openvk\Web\Presenters;
use openvk\Web\Models\Entities\{Club, Photo, Album, User};
use openvk\Web\Models\Repositories\{Photos, Albums, Users, Clubs};
use Nette\InvalidStateException as ISE;
final class PhotosPresenter extends OpenVKPresenter
{
private $users;
private $photos;
private $albums;
protected $presenterName = "photos";
public function __construct(Photos $photos, Albums $albums, Users $users)
{
$this->users = $users;
$this->photos = $photos;
$this->albums = $albums;
parent::__construct();
}
public function renderAlbumList(int $owner): void
{
if ($owner > 0) {
$user = $this->users->get($owner);
if (!$user) {
$this->notFound();
}
if (!$user->getPrivacyPermission('photos.read', $this->user->identity ?? null)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
$this->template->albums = $this->albums->getUserAlbums($user, (int) ($this->queryParam("p") ?? 1));
$this->template->count = $this->albums->getUserAlbumsCount($user);
$this->template->owner = $user;
$this->template->canEdit = false;
if (!is_null($this->user)) {
$this->template->canEdit = $this->user->id === $user->getId();
}
} else {
$club = (new Clubs())->get(abs($owner));
if (!$club) {
$this->notFound();
}
$this->template->albums = $this->albums->getClubAlbums($club, (int) ($this->queryParam("p") ?? 1));
$this->template->count = $this->albums->getClubAlbumsCount($club);
$this->template->owner = $club;
$this->template->canEdit = false;
if (!is_null($this->user)) {
$this->template->canEdit = $club->canBeModifiedBy($this->user->identity);
}
}
$this->template->paginatorConf = (object) [
"count" => $this->template->count,
"page" => (int) ($this->queryParam("p") ?? 1),
"amount" => null,
"perPage" => OPENVK_DEFAULT_PER_PAGE,
];
}
public function renderCreateAlbum(): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
if (!is_null($gpid = $this->queryParam("gpid"))) {
$club = (new Clubs())->get((int) $gpid);
if (!$club->canBeModifiedBy($this->user->identity)) {
$this->notFound();
}
$this->template->club = $club;
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if (empty($this->postParam("name")) || mb_strlen(trim($this->postParam("name"))) === 0) {
$this->flashFail("err", tr("error"), tr("error_segmentation"));
} elseif (strlen($this->postParam("name")) > 36) {
$this->flashFail("err", tr("error"), tr("error_data_too_big", "name", 36, "bytes"));
}
$album = new Album();
$album->setOwner(isset($club) ? $club->getId() * -1 : $this->user->id);
$album->setName($this->postParam("name"));
$album->setDescription($this->postParam("desc"));
$album->setCreated(time());
$album->save();
if (isset($club)) {
$this->redirect("/album-" . $album->getOwner()->getId() . "_" . $album->getId());
} else {
$this->redirect("/album" . $album->getOwner()->getId() . "_" . $album->getId());
}
}
}
public function renderEditAlbum(int $owner, int $id): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$album = $this->albums->get($id);
if (!$album) {
$this->notFound();
}
if ($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) {
$this->notFound();
}
if (is_null($this->user) || !$album->canBeModifiedBy($this->user->identity) || $album->isDeleted()) {
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
}
$this->template->album = $album;
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if (strlen($this->postParam("name")) > 36) {
$this->flashFail("err", tr("error"), tr("error_data_too_big", "name", 36, "bytes"));
}
$album->setName((empty($this->postParam("name")) || mb_strlen(trim($this->postParam("name"))) === 0) ? $album->getName() : $this->postParam("name"));
$album->setDescription(empty($this->postParam("desc")) ? null : $this->postParam("desc"));
$album->setEdited(time());
$album->save();
$this->flash("succ", tr("changes_saved"), tr("new_data_accepted"));
}
}
public function renderDeleteAlbum(int $owner, int $id): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$this->assertNoCSRF();
$album = $this->albums->get($id);
if (!$album) {
$this->notFound();
}
if ($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) {
$this->notFound();
}
if (is_null($this->user) || !$album->canBeModifiedBy($this->user->identity)) {
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
}
$name = $album->getName();
$owner = $album->getOwner();
$album->delete();
$this->flash("succ", tr("album_is_deleted"), tr("album_x_is_deleted", $name));
$this->redirect("/albums" . ($owner instanceof Club ? "-" : "") . $owner->getId());
}
public function renderAlbum(int $owner, int $id): void
{
$album = $this->albums->get($id);
if (!$album) {
$this->notFound();
}
if ($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) {
$this->notFound();
}
if (!$album->canBeViewedBy($this->user->identity)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
if ($owner > 0 /* bc we currently don't have perms for clubs */) {
$ownerObject = (new Users())->get($owner);
if (!$ownerObject->getPrivacyPermission('photos.read', $this->user->identity ?? null)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
}
$this->template->album = $album;
$this->template->photos = iterator_to_array($album->getPhotos((int) ($this->queryParam("p") ?? 1), 20));
$this->template->paginatorConf = (object) [
"count" => $album->getPhotosCount(),
"page" => (int) ($this->queryParam("p") ?? 1),
"amount" => sizeof($this->template->photos),
"perPage" => 20,
"atBottom" => true,
];
}
public function renderPhoto(int $ownerId, int $photoId): void
{
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
if (!$photo || $photo->isDeleted()) {
$this->notFound();
}
if (!$photo->canBeViewedBy($this->user->identity)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
if (!is_null($this->queryParam("from"))) {
if (preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) {
$album = $this->albums->get((int) $matches[1]);
if ($album) {
if ($album->hasPhoto($photo) && !$album->isDeleted()) {
$this->template->album = $album;
}
}
}
}
$this->template->photo = $photo;
$this->template->cCount = $photo->getCommentsCount();
$this->template->cPage = (int) ($this->queryParam("p") ?? 1);
$this->template->comments = iterator_to_array($photo->getComments($this->template->cPage));
$this->template->owner = $photo->getOwner();
}
public function renderAbsolutePhoto($id): void
{
$id = (int) base_convert((string) $id, 32, 10);
$photo = $this->photos->get($id);
if (!$photo || $photo->isDeleted()) {
$this->notFound();
}
$this->template->_template = "Photos/Photo.xml";
$this->renderPhoto($photo->getOwner(true)->getId(), $photo->getVirtualId());
}
public function renderThumbnail($id, $size): void
{
$photo = $this->photos->get($id);
if (!$photo || $photo->isDeleted()) {
$this->notFound();
}
if (!$photo->forceSize($size)) {
chandler_http_panic(588, "Gone", "This thumbnail cannot be generated due to server misconfiguration");
}
$this->redirect($photo->getURLBySizeId($size), 8);
}
public function renderEditPhoto(int $ownerId, int $photoId): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
if (!$photo) {
$this->notFound();
}
if (is_null($this->user) || $this->user->id != $ownerId) {
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$photo->setDescription(empty($this->postParam("desc")) ? null : $this->postParam("desc"));
$photo->save();
$this->flash("succ", tr("changes_saved"), tr("new_description_will_appear"));
$this->redirect("/photo" . $photo->getPrettyId());
}
$this->template->photo = $photo;
}
public function renderUploadPhoto(): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction(true);
if (is_null($this->queryParam("album"))) {
$album = $this->albums->getUserWallAlbum($this->user->identity);
} else {
[$owner, $id] = explode("_", $this->queryParam("album"));
$album = $this->albums->get((int) $id);
}
if (!$album) {
$this->flashFail("err", tr("error"), tr("error_adding_to_deleted"), 500, true);
}
# Для быстрой загрузки фоток из пикера фотографий нужен альбом, но юзер не может загружать фото
# в системные альбомы, так что так.
if (is_null($this->user) || !is_null($this->queryParam("album")) && !$album->canBeModifiedBy($this->user->identity)) {
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"), 500, true);
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if ($this->queryParam("act") == "finish") {
$result = json_decode($this->postParam("photos"), true);
foreach ($result as $photoId => $description) {
$phot = $this->photos->get($photoId);
if (!$phot || $phot->isDeleted() || $phot->getOwner()->getId() != $this->user->id) {
continue;
}
if (iconv_strlen($description) > 255) {
$this->flashFail("err", tr("error"), tr("description_too_long"), 500, true);
}
$phot->setDescription($description);
$phot->save();
$album = $phot->getAlbum();
}
$this->returnJson(["success" => true,
"album" => $album->getId(),
"owner" => $album->getOwner() instanceof User ? $album->getOwner()->getId() : $album->getOwner()->getId() * -1]);
}
if (!isset($_FILES)) {
$this->flashFail("err", tr("no_photo"), tr("select_file"), 500, true);
}
$photos = [];
if ((int) $this->postParam("count") > 10) {
$this->flashFail("err", tr("no_photo"), "Too many photos (max is 7-8)", 500, true);
}
for ($i = 0; $i < $this->postParam("count"); $i++) {
try {
$photo = new Photo();
$photo->setOwner($this->user->id);
$photo->setDescription("");
$photo->setFile($_FILES["photo_" . $i]);
$photo->setCreated(time());
$photo->save();
$photos[] = [
"url" => $photo->getURLBySizeId("tiny"),
"id" => $photo->getId(),
"vid" => $photo->getVirtualId(),
"owner" => $photo->getOwner()->getId(),
"link" => $photo->getURL(),
"pretty_id" => $photo->getPrettyId(),
];
} catch (ISE $ex) {
$name = $album->getName();
$this->flashFail("err", "Неизвестная ошибка", "Не удалось сохранить фотографию в $name.", 500, true);
}
$album->addPhoto($photo);
$album->setEdited(time());
$album->save();
}
$this->returnJson(["success" => true,
"photos" => $photos]);
} else {
$this->template->album = $album;
}
}
public function renderUnlinkPhoto(int $owner, int $albumId, int $photoId): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$album = $this->albums->get($albumId);
$photo = $this->photos->get($photoId);
if (!$album || !$photo) {
$this->notFound();
}
if (!$album->hasPhoto($photo)) {
$this->notFound();
}
if (is_null($this->user) || !$album->canBeModifiedBy($this->user->identity)) {
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$this->assertNoCSRF();
$album->removePhoto($photo);
$album->setEdited(time());
$album->save();
$this->flash("succ", tr("photo_is_deleted"), tr("photo_is_deleted_desc"));
$this->redirect("/album" . $album->getPrettyId());
}
}
public function renderDeletePhoto(int $ownerId, int $photoId): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction($_SERVER["REQUEST_METHOD"] === "POST");
$this->assertNoCSRF();
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
if (!$photo) {
$this->notFound();
}
if (is_null($this->user) || $this->user->id != $ownerId) {
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
}
if (!is_null($album = $photo->getAlbum())) {
$redirect = $album->getOwner() instanceof User ? "/id0" : "/club" . $ownerId;
} else {
$redirect = "/id0";
}
$photo->isolate();
$photo->delete();
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$this->returnJson(["success" => true]);
}
$this->flash("succ", tr("photo_is_deleted"), tr("photo_is_deleted_desc"));
$this->redirect($redirect);
}
public function renderLike(int $wall, int $post_id): void
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$this->assertNoCSRF();
$photo = $this->photos->getByOwnerAndVID($wall, $post_id);
if (!$photo || $photo->isDeleted() || !$photo->canBeViewedBy($this->user->identity)) {
$this->notFound();
}
if (!is_null($this->user)) {
$photo->toggleLike($this->user->identity);
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$this->returnJson([
'success' => true,
]);
}
$this->redirect("$_SERVER[HTTP_REFERER]");
}
}
Reference in a new issue View git blame Copy permalink