Skip to content

Minds Backend - Engine
Minds Backend - Engine
Source
Select Git revision
...
Target
Select Git revision
 
Commits (2)
Hide whitespace changes
Inline Side-by-side
Showing with 45 additions and 136 deletions
Controllers/api/v2/feeds.php
View file @ 9b4c685a
......@@ -145,6 +145,7 @@ class feeds implements Interfaces\Api
/** @var Core\Feeds\Top\Entities $entities */
$entities = new Core\Feeds\Top\Entities();
$entities->setActor($currentUser);
$opts = [
'cache_key' => Core\Session::getLoggedInUserGuid(),
......
Controllers/api/v2/feeds/container.php
View file @ 9b4c685a
......@@ -110,6 +110,7 @@ class container implements Interfaces\Api
/** @var Core\Feeds\Top\Entities $entities */
$entities = new Core\Feeds\Top\Entities();
$entities->setActor($currentUser);
$isOwner = false;
......
Controllers/api/v2/feeds/subscribed.php
View file @ 9b4c685a
......@@ -90,6 +90,7 @@ class subscribed implements Interfaces\Api
/** @var Core\Feeds\Top\Entities $entities */
$entities = new Core\Feeds\Top\Entities();
$entities->setActor($currentUser);
$opts = [
'cache_key' => $currentUser->guid,
......
Core/Entities/Resolver.php
View file @ 9b4c685a
......@@ -12,7 +12,6 @@ use Minds\Core\Entities\Delegates\EntityGuidResolverDelegate;
use Minds\Core\Entities\Delegates\BoostGuidResolverDelegate;
use Minds\Core\Entities\Delegates\ResolverDelegate;
use Minds\Core\Security\ACL;
use Minds\Entities\Activity;
use Minds\Entities\User;
use Minds\Helpers\Flags;
......@@ -132,15 +131,6 @@ class Resolver
//&& !Flags::shouldFail($entity);
});
// Filter out pending activities
$sorted = array_filter($sorted, function($entity) {
$isOwner = $this->user && $this->user->guid == $entity->owner_guid;
$isPending = $entity instanceof Activity && $entity->getPending();
return $isOwner || !$isPending;
});
//
return $sorted;
......
Core/Feeds/Top/Entities.php
View file @ 9b4c685a
......@@ -10,6 +10,7 @@ namespace Minds\Core\Feeds\Top;
use Minds\Core\Blogs\Blog;
use Minds\Core\Di\Di;
use Minds\Core\EntitiesBuilder;
use Minds\Core\Security\ACL;
use Minds\Entities\Activity;
use Minds\Entities\Group;
use Minds\Entities\Image;
......@@ -21,12 +22,23 @@ class Entities
/** @var EntitiesBuilder */
protected $entitiesBuilder;
/** @var ACL */
protected $acl;
/** @var User */
protected $actor = null;
public function __construct($entitiesBuilder = null)
/**
* Entities constructor.
* @param EntitiesBuilder $entitiesBuilder
* @param ACL $acl
*/
public function __construct(
$entitiesBuilder = null, $acl = null
)
{
$this->entitiesBuilder = $entitiesBuilder ?: Di::_()->get('EntitiesBuilder');
$this->acl = $acl ?: ACL::_();
}
/**
......@@ -45,10 +57,7 @@ class Entities
*/
public function filter($entity)
{
$isOwner = $this->actor && $entity->owner_guid && $this->actor->guid == $entity->owner_guid;
$isPending = $entity instanceof Activity && $entity->pending;
return $isOwner || ($entity->getAccessId() > 0 && !$isPending);
return $this->acl->read($entity, $this->actor ?: null);
}
/**
......
Core/Groups/Events.php
View file @ 9b4c685a
......@@ -36,8 +36,14 @@ class Events
$group = $entity->getContainerEntity();
if ($group instanceof GroupEntity) {
/** @var Membership $membership */
$membership = Membership::_($group);
if ($entity instanceof Activity && $entity->getPending()) {
$e->setResponse($group->isOwner($user->guid));
return;
}
$e->setResponse($group->isPublic() || $membership->isMember($user->guid));
}
});
......
Spec/Core/Feeds/Top/EntitiesSpec.php
View file @ 9b4c685a
......@@ -5,6 +5,7 @@ namespace Spec\Minds\Core\Feeds\Top;
use Minds\Core\Blogs\Blog;
use Minds\Core\EntitiesBuilder;
use Minds\Core\Feeds\Top\Entities;
use Minds\Core\Security\ACL;
use Minds\Entities\Activity;
use Minds\Entities\Image;
use Minds\Entities\User;
......@@ -17,10 +18,17 @@ class EntitiesSpec extends ObjectBehavior
/** @var EntitiesBuilder */
protected $entitiesBuilder;
function let(EntitiesBuilder $entitiesBuilder)
/** @var ACL */
protected $acl;
function let(
EntitiesBuilder $entitiesBuilder,
ACL $acl
)
{
$this->beConstructedWith($entitiesBuilder, $acl);
$this->entitiesBuilder = $entitiesBuilder;
$this->beConstructedWith($entitiesBuilder);
$this->acl = $acl;
}
function it_is_initializable()
......@@ -28,44 +36,14 @@ class EntitiesSpec extends ObjectBehavior
$this->shouldHaveType(Entities::class);
}
function it_should_filter_a_public_entity_if_guest(
Activity $activity
)
{
$activity->getAccessID()
->shouldBeCalled()
->willReturn(2);
$activity->get('pending')
->shouldBeCalled()
->willReturn(false);
$this
->setActor(null)
->filter($activity)
->shouldReturn(true);
}
function it_should_filter_a_public_entity_logged_in(
function it_should_filter_a_readable_entity(
User $actor,
Activity $activity
)
{
$actor->get('guid')
->shouldBeCalled()
->willReturn(1000);
$activity->get('owner_guid')
->shouldBeCalled()
->willReturn(1001);
$activity->getAccessID()
$this->acl->read($activity, $actor)
->shouldBeCalled()
->willReturn(2);
$activity->get('pending')
->shouldBeCalled()
->willReturn(false);
->willReturn(true);
$this
->setActor($actor)
......@@ -73,123 +51,46 @@ class EntitiesSpec extends ObjectBehavior
->shouldReturn(true);
}
function it_should_filter_an_unlisted_entity_if_owner(
function it_should_filter_out_a_unreadable_entity(
User $actor,
Activity $activity
)
{
$actor->get('guid')
->shouldBeCalled()
->willReturn(1000);
$activity->get('owner_guid')
->shouldBeCalled()
->willReturn(1000);
$activity->get('pending')
$this->acl->read($activity, $actor)
->shouldBeCalled()
->willReturn(false);
$this
->setActor($actor)
->filter($activity)
->shouldReturn(true);
}
function it_should_filter_out_an_unlisted_entity_if_guest(
Activity $activity
)
{
$activity->getAccessID()
->shouldBeCalled()
->willReturn(0);
$activity->get('pending')
->shouldBeCalled()
->willReturn(false);
$this
->setActor(null)
->filter($activity)
->shouldReturn(false);
}
function it_should_filter_out_an_unlisted_entity_if_not_owner(
User $actor,
Activity $activity
)
{
$actor->get('guid')
->shouldBeCalled()
->willReturn(1000);
$activity->get('owner_guid')
->shouldBeCalled()
->willReturn(1001);
$activity->getAccessID()
->shouldBeCalled()
->willReturn(0);
$activity->get('pending')
->shouldBeCalled()
->willReturn(false);
$this
->setActor($actor)
->filter($activity)
->shouldReturn(false);
}
function it_should_filter_a_pending_group_activity_if_owner(
User $actor,
function it_should_filter_a_readable_entity_being_guest(
Activity $activity
)
{
$actor->get('guid')
->shouldBeCalled()
->willReturn(1000);
$activity->get('owner_guid')
->shouldBeCalled()
->willReturn(1000);
$activity->getAccessID()
->willReturn(2000);
$activity->get('pending')
$this->acl->read($activity, null)
->shouldBeCalled()
->willReturn(true);
$this
->setActor($actor)
->setActor(null)
->filter($activity)
->shouldReturn(true);
}
function it_should_filter_out_a_pending_group_activity_if_not_owner(
User $actor,
function it_should_filter_out_a_unreadable_entity_being_guest(
Activity $activity
)
{
$actor->get('guid')
$this->acl->read($activity, null)
->shouldBeCalled()
->willReturn(1000);
$activity->get('owner_guid')
->shouldBeCalled()
->willReturn(1001);
$activity->getAccessID()
->shouldBeCalled()
->willReturn(2000);
$activity->get('pending')
->shouldBeCalled()
->willReturn(true);
->willReturn(false);
$this
->setActor($actor)
->setActor(null)
->filter($activity)
->shouldReturn(false);
}
......