Returning entities and handling logged out users

42a5e30d · Brian Hatchet · 5290452c · 42a5e30d · 42a5e30d · 42a5e30d
Commit 42a5e30d authored 16 minutes ago by Brian Hatchet
12 changed files
--- a/Controllers/api/v1/media.php
+++ b/Controllers/api/v1/media.php
@@ -92,9 +92,20 @@ class media implements Interfaces\Api, Interfaces\ApiIgnorePam
 $response['entity']['canEdit'] = $entity->canEdit(); 
 Security\ACL::$ignore = $ignore; 
 } 
+ 
+  
 } 
 } 
 
+ $currentUser = Core\Session::getLoggedinUser(); 
+ //Calculate new permissions object with the entities 
+ if (Di::_()->get('Features\Manager')->has('permissions')) { 
+ $permissionsManager = Core\Di\Di::_()->get('Permissions\Manager'); 
+ $permissions = $permissionsManager->getList(['user_guid' => $currentUser, 
+ 'entities' => [$entity]]); 
+ $response['permissions'] = $permissions->export(); 
+ } 
+  
 return Factory::response($response); 
 } 
 

--- a/Controllers/api/v1/media/recommended.php
+++ b/Controllers/api/v1/media/recommended.php
@@ -112,9 +112,19 @@ class recommended implements Interfaces\Api
 
 // Trim to correct length 
 $entities = array_slice($entities, 0, $limit); 
+ $permissions = null; 
+ $currentUser = Core\Session::getLoggedinUser(); 
+ //Calculate new permissions object with the entities 
+ if (Di::_()->get('Features\Manager')->has('permissions')) { 
+ $permissionsManager = Core\Di\Di::_()->get('Permissions\Manager'); 
+ $permissions = $permissionsManager->getList(['user_guid' => $currentUser, 
+ 'entities' => $entities]); 
+ } 
+ 
 
 return Factory::response([ 
- 'entities' => Factory::exportable($entities) 
+ 'entities' => Factory::exportable($entities), 
+ 'permissions' => $permissions, 
 ]); 
 } 
 

--- a/Controllers/api/v2/entities.php
+++ b/Controllers/api/v2/entities.php
@@ -13,12 +13,15 @@ use Minds\Common\Urn;
 use Minds\Core\Entities\Resolver; 
 use Minds\Core\Session; 
 use Minds\Interfaces; 
+use Minds\Core\Di\Di; 
 
 class entities implements Interfaces\Api 
 { 
 /** 
- * Equivalent to HTTP GET method 
- * @param array $pages 
+ * Equivalent to HTTP GET method. 
+ * 
+ * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function get($pages) 
@@ -31,20 +34,31 @@ class entities implements Interfaces\Api
 ->setUser(Session::getLoggedinUser() ?: null) 
 ->setUrns($urns) 
 ->setOpts([ 
- 'asActivities' => $asActivities 
+ 'asActivities' => $asActivities, 
 ]); 
 
 $entities = $resolver->fetch(); 
 
+ $permissions = null; 
+ //Calculate new permissions object with the entities 
+ if (Di::_()->get('Features\Manager')->has('permissions')) { 
+ $permissionsManager = Di::_()->get('Permissions\Manager'); 
+ $permissions = $permissionsManager->getList(['user_guid' => Session::getLoggedInUserGuid(), 
+ 'entities' => $entities]); 
+ } 
+ 
 // Return 
 return Factory::response([ 
 'entities' => Exportable::_(array_values($entities)), 
+ 'permissions' => $permissions, 
 ]); 
 } 
 
 /** 
- * Equivalent to HTTP POST method 
- * @param array $pages 
+ * Equivalent to HTTP POST method. 
+ * 
+ * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function post($pages) 
@@ -53,8 +67,10 @@ class entities implements Interfaces\Api
 } 
 
 /** 
- * Equivalent to HTTP PUT method 
- * @param array $pages 
+ * Equivalent to HTTP PUT method. 
+ * 
+ * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function put($pages) 
@@ -63,8 +79,10 @@ class entities implements Interfaces\Api
 } 
 
 /** 
- * Equivalent to HTTP DELETE method 
- * @param array $pages 
+ * Equivalent to HTTP DELETE method. 
+ * 
+ * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function delete($pages) 

--- a/Controllers/api/v2/feeds.php
+++ b/Controllers/api/v2/feeds.php
@@ -13,8 +13,10 @@ use Minds\Interfaces;
 class feeds implements Interfaces\Api 
 { 
 /** 
- * Gets a list of suggested hashtags, including the ones the user has opted in 
+ * Gets a list of suggested hashtags, including the ones the user has opted in. 
+ * 
 * @param array $pages 
+ * 
 * @throws \Exception 
 */ 
 public function get($pages) 
@@ -29,7 +31,7 @@ class feeds implements Interfaces\Api
 if (!$filter) { 
 return Factory::response([ 
 'status' => 'error', 
- 'message' => 'Invalid filter' 
+ 'message' => 'Invalid filter', 
 ]); 
 } 
 
@@ -38,7 +40,7 @@ class feeds implements Interfaces\Api
 if (!$algorithm) { 
 return Factory::response([ 
 'status' => 'error', 
- 'message' => 'Invalid algorithm' 
+ 'message' => 'Invalid algorithm', 
 ]); 
 } 
 
@@ -72,8 +74,6 @@ class feeds implements Interfaces\Api
 $period = '1y'; 
 } 
 
- // 
- 
 $hardLimit = 600; 
 
 if ($currentUser && $currentUser->isAdmin()) { 
@@ -105,8 +105,6 @@ class feeds implements Interfaces\Api
 ]); 
 } 
 
- // 
- 
 $hashtag = null; 
 if (isset($_GET['hashtag'])) { 
 $hashtag = strtolower($_GET['hashtag']); 
@@ -132,7 +130,7 @@ class feeds implements Interfaces\Api
 if (!$container || !Core\Security\ACL::_()->read($container)) { 
 return Factory::response([ 
 'status' => 'error', 
- 'message' => 'Forbidden' 
+ 'message' => 'Forbidden', 
 ]); 
 } 
 } 
@@ -198,13 +196,23 @@ class feeds implements Interfaces\Api
 } 
 } 
 
+ $permissions = null; 
+ //Calculate new permissions object with the entities 
+ if (Di::_()->get('Features\Manager')->has('permissions')) { 
+ $permissionsManager = Core\Di\Di::_()->get('Permissions\Manager'); 
+ $permissions = $permissionsManager->getList(['user_guid' => $currentUser, 
+ 'entities' => $result->toArray(), ]); 
+ } 
+ 
 return Factory::response([ 
 'status' => 'success', 
 'entities' => Exportable::_($result), 
 'load-next' => $limit + $offset, 
+ 'permissions' => $permissions, 
 ]); 
 } catch (\Exception $e) { 
 error_log($e); 
+ 
 return Factory::response(['status' => 'error', 'message' => $e->getMessage()]); 
 } 
 } 

--- a/Controllers/api/v2/feeds/container.php
+++ b/Controllers/api/v2/feeds/container.php
@@ -13,9 +13,12 @@ use Minds\Interfaces;
 class container implements Interfaces\Api 
 { 
 /** 
- * Equivalent to HTTP GET method 
+ * Equivalent to HTTP GET method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
+ * 
 * @throws \Exception 
 */ 
 public function get($pages) 
@@ -23,8 +26,6 @@ class container implements Interfaces\Api
 /** @var User $currentUser */ 
 $currentUser = Core\Session::getLoggedinUser(); 
 
- // 
- 
 $container_guid = $pages[0] ?? null; 
 
 if (!$container_guid) { 
@@ -59,8 +60,6 @@ class container implements Interfaces\Api
 break; 
 } 
 
- // 
- 
 $hardLimit = 5000; 
 $offset = 0; 
 
@@ -87,8 +86,6 @@ class container implements Interfaces\Api
 ]); 
 } 
 
- // 
- 
 $sync = (bool) ($_GET['sync'] ?? false); 
 
 $fromTimestamp = $_GET['from_timestamp'] ?? 0; 
@@ -154,20 +151,32 @@ class container implements Interfaces\Api
 } 
 } 
 
+ $permissions = null; 
+ //Calculate new permissions object with the entities 
+ if (Di::_()->get('Features\Manager')->has('permissions')) { 
+ $permissionsManager = Core\Di\Di::_()->get('Permissions\Manager'); 
+ $permissions = $permissionsManager->getList(['user_guid' => Core\Session::getLoggedInUserGuid(), 
+ 'entities' => $result->toArray(), ]); 
+ } 
+ 
 return Factory::response([ 
 'status' => 'success', 
 'entities' => Exportable::_($result), 
 'load-next' => $result->getPagingToken(), 
+ 'permissions' => $permissions, 
 ]); 
 } catch (\Exception $e) { 
 error_log($e); 
+ 
 return Factory::response(['status' => 'error', 'message' => $e->getMessage()]); 
 } 
 } 
 
 /** 
- * Equivalent to HTTP POST method 
+ * Equivalent to HTTP POST method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function post($pages) 
@@ -176,8 +185,10 @@ class container implements Interfaces\Api
 } 
 
 /** 
- * Equivalent to HTTP PUT method 
+ * Equivalent to HTTP PUT method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function put($pages) 
@@ -186,8 +197,10 @@ class container implements Interfaces\Api
 } 
 
 /** 
- * Equivalent to HTTP DELETE method 
+ * Equivalent to HTTP DELETE method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function delete($pages) 

--- a/Controllers/api/v2/feeds/subscribed.php
+++ b/Controllers/api/v2/feeds/subscribed.php
@@ -6,16 +6,18 @@ use Minds\Api\Exportable;
 use Minds\Api\Factory; 
 use Minds\Core; 
 use Minds\Core\Di\Di; 
-use Minds\Entities\Factory as EntitiesFactory; 
 use Minds\Entities\User; 
 use Minds\Interfaces; 
 
 class subscribed implements Interfaces\Api 
 { 
 /** 
- * Equivalent to HTTP GET method 
+ * Equivalent to HTTP GET method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
+ * 
 * @throws \Exception 
 */ 
 public function get($pages) 
@@ -41,8 +43,6 @@ class subscribed implements Interfaces\Api
 break; 
 } 
 
- // 
- 
 $hardLimit = 5000; 
 $offset = 0; 
 
@@ -69,8 +69,6 @@ class subscribed implements Interfaces\Api
 ]); 
 } 
 
- // 
- 
 $sync = (bool) ($_GET['sync'] ?? false); 
 
 $fromTimestamp = $_GET['from_timestamp'] ?? 0; 
@@ -121,32 +119,33 @@ class subscribed implements Interfaces\Api
 $result = $result->map([$entities, 'cast']); 
 } 
 } 
-  
 
 $permissions = null; 
 //Calculate new permissions object with the entities 
 if (Di::_()->get('Features\Manager')->has('permissions')) { 
 $permissionsManager = Core\Di\Di::_()->get('Permissions\Manager'); 
- $permissions = $permissionsManager->getList(['user_guid' => Core\Session::getLoggedInUserGuid(), 
+ $permissions = $permissionsManager->getList(['user_guid' => $currentUser, 
 'entities' => $result->toArray()]); 
- $response['permissions'] = $permissions; 
 } 
 
 return Factory::response([ 
 'status' => 'success', 
 'entities' => Exportable::_($result), 
 'load-next' => $result->getPagingToken(), 
- 'permissions' => $permissions 
+ 'permissions' => $permissions, 
 ]); 
 } catch (\Exception $e) { 
 error_log($e); 
+ 
 return Factory::response(['status' => 'error', 'message' => $e->getMessage()]); 
 } 
 } 
 
 /** 
- * Equivalent to HTTP POST method 
+ * Equivalent to HTTP POST method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function post($pages) 
@@ -155,8 +154,10 @@ class subscribed implements Interfaces\Api
 } 
 
 /** 
- * Equivalent to HTTP PUT method 
+ * Equivalent to HTTP PUT method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function put($pages) 
@@ -165,8 +166,10 @@ class subscribed implements Interfaces\Api
 } 
 
 /** 
- * Equivalent to HTTP DELETE method 
+ * Equivalent to HTTP DELETE method. 
+ * 
 * @param array $pages 
+ * 
 * @return mixed|null 
 */ 
 public function delete($pages) 

--- a/Core/Permissions/Delegates/BaseRoleCalculator.php
+++ b/Core/Permissions/Delegates/BaseRoleCalculator.php
@@ -12,7 +12,7 @@ abstract class BaseRoleCalculator
 /** @var User */ 
 protected $user; 
 
- public function __construct(User $user, Roles $roles = null) 
+ public function __construct(User $user = null, Roles $roles = null) 
 { 
 $this->roles = $roles ?: new Roles(); 
 $this->user = $user; 

--- a/Core/Permissions/Delegates/ChannelRoleCalculator.php
+++ b/Core/Permissions/Delegates/ChannelRoleCalculator.php
@@ -22,18 +22,20 @@ class ChannelRoleCalculator extends BaseRoleCalculator
 */ 
 public function calculate($entity) 
 { 
- if (isset($this->channels[$entity->getOwnerGUID()])) { 
- return $this->channels[$entity->getOwnerGUID()]; 
+ if (isset($this->channels[$entity->getOwnerGuid()])) { 
+ return $this->channels[$entity->getOwnerGuid()]; 
 } 
 $role = null; 
- if ($entity->getOwnerGUID() === $this->user->getGUID()) { 
+ if ($this->user === null) { 
+ $role = $this->roles->getRole(Roles::ROLE_LOGGED_OUT); 
+ } elseif ($entity->getOwnerGuid() === $this->user->getGuid()) { 
 $role = $this->roles->getRole(Roles::ROLE_CHANNEL_OWNER); 
- } elseif ($this->user->isSubscribed($entity->getOwnerGUID())) { 
+ } elseif ($this->user->isSubscribed($entity->getOwnerGuid())) { 
 $role = $this->roles->getRole(Roles::ROLE_CHANNEL_SUBSCRIBER); 
 } else { 
 $role = $this->roles->getRole(Roles::ROLE_CHANNEL_NON_SUBSCRIBER); 
 } 
- $this->channels[$entity->getOwnerGUID()] = $role; 
+ $this->channels[$entity->getOwnerGuid()] = $role; 
 
 return $role; 
 } 

--- a/Core/Permissions/Delegates/GroupRoleCalculator.php
+++ b/Core/Permissions/Delegates/GroupRoleCalculator.php
@@ -17,7 +17,7 @@ class GroupRoleCalculator extends BaseRoleCalculator
 /** @var array */ 
 private $groups = []; 
 
- public function __construct(User $user, Roles $roles, EntitiesBuilder $entitiesBuilder = null) 
+ public function __construct(User $user = null, Roles $roles, EntitiesBuilder $entitiesBuilder = null) 
 { 
 parent::__construct($user, $roles); 
 $this->entitiesBuilder = $entitiesBuilder ?: Di::_()->get('EntitiesBuilder'); 
@@ -39,7 +39,9 @@ class GroupRoleCalculator extends BaseRoleCalculator
 } 
 $group = $this->entitiesBuilder->single($entity->getAccessId()); 
 $role = null; 
- if ($group->isCreator($this->user)) { 
+ if ($this->user === null) { 
+ $role = $this->roles->getRole(Roles::ROLE_LOGGED_OUT); 
+ } elseif ($group->isCreator($this->user)) { 
 $role = $this->roles->getRole(Roles::ROLE_GROUP_OWNER); 
 } elseif ($group->isOwner($this->user)) { 
 $role = $this->roles->getRole(Roles::ROLE_GROUP_ADMIN); 

--- a/Core/Permissions/Manager.php
+++ b/Core/Permissions/Manager.php
@@ -36,18 +36,18 @@ class Manager
 'entities' => [], 
 ], $opts); 
 
- if ($opts['user_guid'] === null) { 
- throw new \InvalidArgumentException('user_guid is required'); 
+ //Null user results in logged out permissions 
+ $user = null; 
+ if ($opts['user_guid'] !== null) { 
+ $user = $this->entitiesBuilder->single($opts['user_guid']); 
+ if ($user->getType() !== 'user') { 
+ throw new \InvalidArgumentException('Entity is not a user'); 
+ } 
 } 
- 
- $user = $this->entitiesBuilder->single($opts['user_guid']); 
+  
 $entities = $this->entitiesBuilder->get($opts); 
 $entities = array_merge($entities, $opts['entities']); 
 
- if ($user->getType() !== 'user') { 
- throw new \InvalidArgumentException('Entity is not a user'); 
- } 
- 
 /** @var Permissions */ 
 $permissions = new Permissions($user); 
 if (is_array($entities)) { 

--- a/Core/Permissions/Permissions.php
+++ b/Core/Permissions/Permissions.php
@@ -12,16 +12,7 @@ use Minds\Common\Access;
 use Minds\Core\Di\Di; 
 use Minds\Exceptions\ImmutableException; 
 
-<<<<<<< HEAD 
 class Permissions implements \JsonSerializable 
-======= 
-/** 
-* Class Permissions 
-* @method Permissions setAllowComments(bool $allowComments) 
-* @method bool getAllowComments(); 
-*/ 
-class Permissions 
->>>>>>> origin/master 
 { 
 use MagicAttributes; 
 
@@ -42,22 +33,24 @@ class Permissions
 /** @var EntitiesBuilder */ 
 private $entitiesBuilder; 
 
- public function setUser(User $user) 
+ public function setUser(User $user = null) 
 { 
 throw new ImmutableException('User can only be set in the constructor'); 
 } 
 
- public function __construct(User $user, Roles $roles = null, EntitiesBuilder $entitiesBuilder = null) 
+ public function __construct(User $user = null, Roles $roles = null, EntitiesBuilder $entitiesBuilder = null) 
 { 
- $this->roles = $roles ?: new Roles(); 
- $this->user = $user; 
- $this->isAdmin = $user->isAdmin(); 
- $this->isBanned = $user->isBanned(); 
 $this->groups = []; 
 $this->channels = []; 
 $this->entities = []; 
+ $this->roles = $roles ?: new Roles(); 
+ $this->user = $user; 
+ if ($this->user) { 
+ $this->isAdmin = $user->isAdmin(); 
+ $this->isBanned = $user->isBanned(); 
+ $this->channels[$user->getGuid()] = $user; 
+ } 
 $this->entitiesBuilder = $entitiesBuilder ?: Di::_()->get('EntitiesBuilder'); 
- $this->channels[$user->getGUID()] = $user; 
 $this->channelRoleCalculator = new ChannelRoleCalculator($this->user, $this->roles); 
 $this->groupRoleCalculator = new GroupRoleCalculator($this->user, $this->roles, $entitiesBuilder); 
 } 
@@ -81,6 +74,7 @@ class Permissions
 private function getRoleForEntity($entity) 
 { 
 $role = null; 
+ 
 //Access id is the best way to determine what the parent entity is 
 //Any of the access flags are a channel 
 //Anything else is a group guid 
@@ -113,7 +107,9 @@ class Permissions
 public function export() 
 { 
 $export = []; 
- $export['user'] = $this->user->export(); 
+ if ($this->user) { 
+ $export['user'] = $this->user->export(); 
+ } 
 $export['channels'] = $this->getChannels(); 
 $export['groups'] = $this->getGroups(); 
 $export['entities'] = $this->entities; 

--- a/Core/Permissions/Roles/Roles.php
+++ b/Core/Permissions/Roles/Roles.php
@@ -60,5 +60,6 @@ class Roles extends Rbac
 $this->addRole(new GroupNonSubscriberRole()); 
 $this->addRole(new GroupOwnerRole()); 
 $this->addRole(new GroupSubscriberRole()); 
+ $this->addRole(new LoggedOutRole()); 
 } 
 }