Skip to content
Next
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Switch to GitLab Next
Sign in / Register
Toggle navigation
Minds Backend - Engine
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Locked Files
Issues
133
Issues
133
List
Boards
Labels
Service Desk
Milestones
Merge Requests
28
Merge Requests
28
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Packages
Packages
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Minds
Minds Backend - Engine
Commits
bdbd8404
Commit
bdbd8404
authored
2 hours ago
by
Mark Harding
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
(fix): acl issues
parent
428fef1c
epic/ReportingAndModeration
1 merge request
!100
Epic/reporting and moderation
Pipeline
#61855477
failed with stages
in 4 minutes and 47 seconds
Changes
6
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
45 additions
and
9 deletions
+45
-9
Resolver.php
Core/Entities/Resolver.php
+2
-2
Manager.php
Core/Reports/Appeals/Manager.php
+9
-1
Manager.php
Core/Reports/Jury/Manager.php
+9
-1
Manager.php
Core/Reports/Manager.php
+11
-3
Manager.php
Core/Reports/Verdict/Manager.php
+2
-2
ACL.php
Core/Security/ACL.php
+12
-0
No files found.
Core/Entities/Resolver.php
View file @
bdbd8404
...
...
@@ -128,8 +128,8 @@ class Resolver
// Filter out forbidden entities
$sorted
=
array_filter
(
$sorted
,
function
(
$entity
)
{
return
$this
->
acl
->
read
(
$entity
,
$this
->
user
)
&&
!
Flags
::
shouldFail
(
$entity
);
return
$this
->
acl
->
read
(
$entity
,
$this
->
user
)
;
//
&& !Flags::shouldFail($entity);
});
// Filter out pending activities
...
...
This diff is collapsed.
Click to expand it.
Core/Reports/Appeals/Manager.php
View file @
bdbd8404
...
...
@@ -13,6 +13,7 @@ use Minds\Entities\DenormalizedEntity;
use
Minds\Entities\NormalizedEntity
;
use
Minds\Core\Entities\Resolver
as
EntitiesResolver
;
use
Minds\Common\Urn
;
use
Minds\Core\Security\ACL
;
class
Manager
{
...
...
@@ -29,17 +30,22 @@ class Manager
/** @var Delegates\SummonDelegate $summonDelegate */
private
$summonDelegate
;
/** @var ACL $acl */
private
$acl
;
public
function
__construct
(
$repository
=
null
,
$entitiesResolver
=
null
,
$notificationDelegate
=
null
,
$summonDelegate
=
null
$summonDelegate
=
null
,
$acl
=
null
)
{
$this
->
repository
=
$repository
?:
new
Repository
;
$this
->
entitiesResolver
=
$entitiesResolver
?:
new
EntitiesResolver
;
$this
->
notificationDelegate
=
$notificationDelegate
?:
new
Delegates\NotificationDelegate
;
$this
->
summonDelegate
=
$summonDelegate
?:
new
Delegates\SummonDelegate
();
$this
->
acl
=
$acl
?:
new
ACL
();
}
/**
...
...
@@ -59,9 +65,11 @@ class Manager
if
(
$opts
[
'hydrate'
])
{
foreach
(
$response
as
$appeal
)
{
$report
=
$appeal
->
getReport
();
$ignore
=
$this
->
acl
->
setIgnore
(
true
);
$entity
=
$this
->
entitiesResolver
->
single
(
(
new
Urn
())
->
setUrn
(
$report
->
getEntityUrn
())
);
$this
->
acl
->
setIgnore
(
$ignore
);
// Restore ACL
$report
->
setEntity
(
$entity
);
$appeal
->
setReport
(
$report
);
}
...
...
This diff is collapsed.
Click to expand it.
Core/Reports/Jury/Manager.php
View file @
bdbd8404
...
...
@@ -16,6 +16,7 @@ use Minds\Common\Urn;
use
Minds\Core\Entities\Resolver
as
EntitiesResolver
;
use
Minds\Core\Reports\Summons\SummonsNotFoundException
;
use
Minds\Core\Reports\Summons\Summon
as
SummonsEntity
;
use
Minds\Core\Security\ACL
;
class
Manager
{
...
...
@@ -32,6 +33,9 @@ class Manager
/** @var SummonsManager $summonsManager */
private
$summonsManager
;
/** @var ACL $acl */
private
$acl
;
/** @var string $juryType */
private
$juryType
;
...
...
@@ -42,13 +46,15 @@ class Manager
$repository
=
null
,
$entitiesResolver
=
null
,
$verdictManager
=
null
,
$summonsManager
=
null
$summonsManager
=
null
,
$acl
=
null
)
{
$this
->
repository
=
$repository
?:
new
Repository
;
$this
->
entitiesResolver
=
$entitiesResolver
?:
new
EntitiesResolver
;
$this
->
verdictManager
=
$verdictManager
?:
Di
::
_
()
->
get
(
'Moderation\Verdict\Manager'
);
$this
->
summonsManager
=
$summonsManager
?:
Di
::
_
()
->
get
(
'Moderation\Summons\Manager'
);
$this
->
acl
=
$acl
?:
new
ACL
;
}
/**
...
...
@@ -121,9 +127,11 @@ class Manager
{
$report
=
$this
->
repository
->
get
(
$urn
);
if
(
$report
)
{
$ignore
=
$this
->
acl
->
setIgnore
(
true
);
$entity
=
$this
->
entitiesResolver
->
single
(
(
new
Urn
())
->
setUrn
(
$report
->
getEntityUrn
())
);
$this
->
acl
->
setIgnore
(
$ignore
);
$report
->
setEntity
(
$entity
);
}
return
$report
;
...
...
This diff is collapsed.
Click to expand it.
Core/Reports/Manager.php
View file @
bdbd8404
...
...
@@ -13,6 +13,7 @@ use Minds\Entities\DenormalizedEntity;
use
Minds\Entities\NormalizedEntity
;
use
Minds\Core\Entities\Resolver
as
EntitiesResolver
;
use
Minds\Common\Urn
;
use
Minds\Core\Security\ACL
;
class
Manager
{
...
...
@@ -26,15 +27,20 @@ class Manager
/** @var EntitiesResolver $entitiesResolver */
private
$entitiesResolver
;
/** @var ACL $acl */
private
$acl
;
public
function
__construct
(
$repository
=
null
,
$preFeb2019Repository
=
null
,
$entitiesResolver
=
null
$entitiesResolver
=
null
,
$acl
=
null
)
{
$this
->
repository
=
$repository
?:
new
Repository
;
$this
->
preFeb2019Repository
=
$preFeb2019Repository
?:
new
PreFeb2019Repository
();
$this
->
entitiesResolver
=
$entitiesResolver
?:
new
EntitiesResolver
;
$this
->
acl
=
$acl
?:
new
ACL
;
}
/**
...
...
@@ -49,13 +55,13 @@ class Manager
$response
=
$this
->
repository
->
getList
(
$opts
);
$response
=
$this
->
repository
->
getList
(
$opts
);
if
(
$opts
[
'hydrate'
])
{
foreach
(
$response
as
$report
)
{
$ignore
=
$this
->
acl
->
setIgnore
(
true
);
$entity
=
$this
->
entitiesResolver
->
single
(
(
new
Urn
())
->
setUrn
(
$report
->
getEntityUrn
())
);
$this
->
acl
->
setIgnore
(
$ignore
);
$report
->
setEntity
(
$entity
);
}
}
...
...
@@ -71,9 +77,11 @@ class Manager
public
function
getReport
(
$urn
)
{
$report
=
$this
->
repository
->
get
(
$urn
);
$ignore
=
$this
->
acl
->
setIgnore
(
true
);
$entity
=
$this
->
entitiesResolver
->
single
(
(
new
Urn
())
->
setUrn
(
$report
->
getEntityUrn
())
);
$this
->
acl
->
setIgnore
(
$ignore
);
$report
->
setEntity
(
$entity
);
return
$report
;
}
...
...
This diff is collapsed.
Click to expand it.
Core/Reports/Verdict/Manager.php
View file @
bdbd8404
...
...
@@ -112,10 +112,10 @@ class Manager
$verdict
->
setTimestamp
(
time
());
if
(
$verdict
->
isUpheld
()
===
null
)
{
error_log
(
"
{
$verdict
->
getReport
()
->
getEntity
Guid
()
}
not actionable"
);
error_log
(
"
{
$verdict
->
getReport
()
->
getEntity
Urn
()
}
not actionable"
);
return
false
;
}
else
{
error_log
(
"
{
$verdict
->
getReport
()
->
getEntity
Guid
()
}
decided with
{
$verdict
->
getAction
()
}
"
);
error_log
(
"
{
$verdict
->
getReport
()
->
getEntity
Urn
()
}
decided with
{
$verdict
->
getAction
()
}
"
);
return
$this
->
cast
(
$verdict
);
}
}
...
...
This diff is collapsed.
Click to expand it.
Core/Security/ACL.php
View file @
bdbd8404
...
...
@@ -7,6 +7,7 @@ namespace Minds\Core\Security;
use
Minds\Core
;
use
Minds\Entities
;
use
Minds\Core\Security\RateLimits\Manager
as
RateLimitsManager
;
use
Minds\Helpers\Flags
;
class
ACL
{
...
...
@@ -29,9 +30,16 @@ class ACL
ACL\Block
::
_
()
->
listen
();
}
/**
* Override the ACL and return the previous status
* @param boolean $ignore
* @return boolean
*/
public
function
setIgnore
(
$ignore
=
false
)
{
$previous
=
self
::
$ignore
;
self
::
$ignore
=
$ignore
;
return
$previous
;
}
/**
...
...
@@ -51,6 +59,10 @@ class ACL
return
true
;
}
if
(
Flags
::
shouldFail
(
$entity
))
{
return
false
;
}
// If logged out and public and not container
if
(
!
Core\Session
::
isLoggedIn
())
{
if
(
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment