james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

use Permissions for Favourites / Artist / Relationships, and also check image lock when sending ImageInfoSet instead of getting each receiver to check it

Browse Source
This commit is contained in:
Shish 2020-02-08 00:24:13 +00:00
parent c6d50f417f
commit 0b304bdf2e
12 changed files with 44 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/permissions.php
View File

@ -31,6 +31,8 @@ abstract class Permissions
public const EDIT_IMAGE_OWNER = "edit_image_owner"; public const EDIT_IMAGE_OWNER = "edit_image_owner";
public const EDIT_IMAGE_LOCK = "edit_image_lock"; public const EDIT_IMAGE_LOCK = "edit_image_lock";
public const EDIT_IMAGE_TITLE = "edit_image_title"; public const EDIT_IMAGE_TITLE = "edit_image_title";
public const EDIT_IMAGE_RELATIONSHIPS = "edit_image_relationships";
public const EDIT_IMAGE_ARTIST = "edit_image_artist";
public const BULK_EDIT_IMAGE_TAG = "bulk_edit_image_tag"; public const BULK_EDIT_IMAGE_TAG = "bulk_edit_image_tag";
public const BULK_EDIT_IMAGE_SOURCE = "bulk_edit_image_source"; public const BULK_EDIT_IMAGE_SOURCE = "bulk_edit_image_source";
public const DELETE_IMAGE = "delete_image"; public const DELETE_IMAGE = "delete_image";
@ -77,6 +79,8 @@ abstract class Permissions
public const RESCAN_MEDIA = "rescan_media"; public const RESCAN_MEDIA = "rescan_media";
public const SEE_IMAGE_VIEW_COUNTS = "see_image_view_counts"; public const SEE_IMAGE_VIEW_COUNTS = "see_image_view_counts";
public const EDIT_FAVOURITES = "edit_favourites";
public const ARTISTS_ADMIN = "artists_admin"; public const ARTISTS_ADMIN = "artists_admin";
public const BLOTTER_ADMIN = "blotter_admin"; public const BLOTTER_ADMIN = "blotter_admin";
public const FORUM_ADMIN = "forum_admin"; public const FORUM_ADMIN = "forum_admin";

4
core/polyfills.php
View File

@ -162,7 +162,9 @@ function stream_file(string $file, int $start, int $end): void
$buffer = $end - $p + 1; $buffer = $end - $p + 1;
} }
echo fread($fp, $buffer); echo fread($fp, $buffer);
if(!defined("UNITTEST")) @ob_flush(); if (!defined("UNITTEST")) {
@ob_flush();
}
flush(); flush();
// After flush, we can tell if the client browser has disconnected. // After flush, we can tell if the client browser has disconnected.

7
core/userclass.php
View File

@ -100,6 +100,8 @@ new UserClass("base", null, [
Permissions::EDIT_IMAGE_OWNER => false, Permissions::EDIT_IMAGE_OWNER => false,
Permissions::EDIT_IMAGE_LOCK => false, Permissions::EDIT_IMAGE_LOCK => false,
Permissions::EDIT_IMAGE_TITLE => false, Permissions::EDIT_IMAGE_TITLE => false,
Permissions::EDIT_IMAGE_RELATIONSHIPS => false,
Permissions::EDIT_IMAGE_ARTIST => false,
Permissions::BULK_EDIT_IMAGE_TAG => false, Permissions::BULK_EDIT_IMAGE_TAG => false,
Permissions::BULK_EDIT_IMAGE_SOURCE => false, Permissions::BULK_EDIT_IMAGE_SOURCE => false,
Permissions::DELETE_IMAGE => false, Permissions::DELETE_IMAGE => false,
@ -146,6 +148,8 @@ new UserClass("base", null, [
Permissions::RESCAN_MEDIA => false, Permissions::RESCAN_MEDIA => false,
Permissions::SEE_IMAGE_VIEW_COUNTS => false, Permissions::SEE_IMAGE_VIEW_COUNTS => false,
Permissions::EDIT_FAVOURITES => false,
Permissions::ARTISTS_ADMIN => false, Permissions::ARTISTS_ADMIN => false,
Permissions::BLOTTER_ADMIN => false, Permissions::BLOTTER_ADMIN => false,
Permissions::FORUM_ADMIN => false, Permissions::FORUM_ADMIN => false,
@ -175,8 +179,11 @@ new UserClass("user", "base", [
Permissions::EDIT_IMAGE_TAG => true, Permissions::EDIT_IMAGE_TAG => true,
Permissions::EDIT_IMAGE_SOURCE => true, Permissions::EDIT_IMAGE_SOURCE => true,
Permissions::EDIT_IMAGE_TITLE => true, Permissions::EDIT_IMAGE_TITLE => true,
Permissions::EDIT_IMAGE_RELATIONSHIPS => true,
Permissions::EDIT_IMAGE_ARTIST => true,
Permissions::CREATE_IMAGE_REPORT => true, Permissions::CREATE_IMAGE_REPORT => true,
Permissions::EDIT_IMAGE_RATING => true, Permissions::EDIT_IMAGE_RATING => true,
Permissions::EDIT_FAVOURITES => true,
Permissions::SEND_PM => true, Permissions::SEND_PM => true,
Permissions::READ_PM => true, Permissions::READ_PM => true,
]); ]);

2
ext/artists/main.php
View File

@ -26,7 +26,7 @@ class Artists extends Extension
public function onImageInfoSet(ImageInfoSetEvent $event) public function onImageInfoSet(ImageInfoSetEvent $event)
{ {
global $user; global $user;
if (isset($_POST["tag_edit__author"])) { if ($user->can(Permissions::EDIT_IMAGE_ARTIST) && isset($_POST["tag_edit__author"])) {
send_event(new AuthorSetEvent($event->image, $user, $_POST["tag_edit__author"])); send_event(new AuthorSetEvent($event->image, $user, $_POST["tag_edit__author"]));
} }
} }

1
ext/favorites/main.php
View File

@ -82,6 +82,7 @@ class Favorites extends Extension
{ {
global $user; global $user;
if ( if (
$user->can(Permissions::EDIT_FAVOURITES) &&
in_array('favorite_action', $_POST) && in_array('favorite_action', $_POST) &&
(($_POST['favorite_action'] == "set") || ($_POST['favorite_action'] == "unset")) (($_POST['favorite_action'] == "set") || ($_POST['favorite_action'] == "unset"))
) { ) {

8
ext/index/main.php
View File

@ -131,14 +131,6 @@ class Index extends Extension
$event->panel->add_block($sb); $event->panel->add_block($sb);
} }
public function onImageInfoSet(ImageInfoSetEvent $event)
{
global $cache;
if (SPEED_HAX) {
$cache->delete("thumb-block:{$event->image->id}");
}
}
public function onPageNavBuilding(PageNavBuildingEvent $event) public function onPageNavBuilding(PageNavBuildingEvent $event)
{ {
$event->add_nav_link("posts", new Link('post/list'), "Posts", NavLink::is_active(["post","view"]), 20); $event->add_nav_link("posts", new Link('post/list'), "Posts", NavLink::is_active(["post","view"]), 20);

5
ext/livefeed/main.php
View File

@ -40,11 +40,6 @@ class LiveFeed extends Extension
); );
} }
public function onImageInfoSet(ImageInfoSetEvent $event)
{
# $this->msg("Image info set");
}
public function get_priority(): int public function get_priority(): int
{ {
return 99; return 99;

13
ext/relationships/main.php
View File

@ -48,11 +48,14 @@ class Relationships extends Extension
public function onImageInfoSet(ImageInfoSetEvent $event) public function onImageInfoSet(ImageInfoSetEvent $event)
{ {
if (isset($_POST['tag_edit__tags']) ? !preg_match('/parent[=|:]/', $_POST["tag_edit__tags"]) : true) { //Ignore tag_edit__parent if tags contain parent metatag global $user;
if (isset($_POST["tag_edit__parent"]) ? ctype_digit($_POST["tag_edit__parent"]) : false) { if ($user->can(Permissions::EDIT_IMAGE_RELATIONSHIPS)) {
send_event(new ImageRelationshipSetEvent($event->image->id, (int) $_POST["tag_edit__parent"])); if (isset($_POST['tag_edit__tags']) ? !preg_match('/parent[=|:]/', $_POST["tag_edit__tags"]) : true) { //Ignore tag_edit__parent if tags contain parent metatag
} else { if (isset($_POST["tag_edit__parent"]) ? ctype_digit($_POST["tag_edit__parent"]) : false) {
$this->remove_parent($event->image->id); send_event(new ImageRelationshipSetEvent($event->image->id, (int) $_POST["tag_edit__parent"]));
} else {
$this->remove_parent($event->image->id);
}
} }
} }
} }

6
ext/rule34/main.php
View File

@ -19,6 +19,12 @@ class Rule34 extends Extension
$database->execute("NOTIFY shm_image_bans, '{$event->image->hash}';"); $database->execute("NOTIFY shm_image_bans, '{$event->image->hash}';");
} }
public function onImageInfoSet(ImageInfoSetEvent $event)
{
global $cache;
$cache->delete("thumb-block:{$event->image->id}");
}
public function onImageInfoBoxBuilding(ImageInfoBoxBuildingEvent $event) public function onImageInfoBoxBuilding(ImageInfoBoxBuildingEvent $event)
{ {
global $config; global $config;

16
ext/tag_edit/main.php
View File

@ -171,10 +171,10 @@ class TagEdit extends Extension
throw new NullUserException("Error: No user with that name was found."); throw new NullUserException("Error: No user with that name was found.");
} }
} }
if ($this->can_tag($event->image) && isset($_POST['tag_edit__tags'])) { if ($user->can(Permissions::EDIT_IMAGE_TAG) && isset($_POST['tag_edit__tags'])) {
send_event(new TagSetEvent($event->image, Tag::explode($_POST['tag_edit__tags']))); send_event(new TagSetEvent($event->image, Tag::explode($_POST['tag_edit__tags'])));
} }
if ($this->can_source($event->image) && isset($_POST['tag_edit__source'])) { if ($user->can(Permissions::EDIT_IMAGE_SOURCE) && isset($_POST['tag_edit__source'])) {
if (isset($_POST['tag_edit__tags']) ? !preg_match('/source[=|:]/', $_POST["tag_edit__tags"]) : true) { if (isset($_POST['tag_edit__tags']) ? !preg_match('/source[=|:]/', $_POST["tag_edit__tags"]) : true) {
send_event(new SourceSetEvent($event->image, $_POST['tag_edit__source'])); send_event(new SourceSetEvent($event->image, $_POST['tag_edit__source']));
} }
@ -270,18 +270,6 @@ class TagEdit extends Extension
} }
} }
private function can_tag(Image $image): bool
{
global $user;
return ($user->can(Permissions::EDIT_IMAGE_TAG) || !$image->is_locked());
}
private function can_source(Image $image): bool
{
global $user;
return ($user->can(Permissions::EDIT_IMAGE_SOURCE) || !$image->is_locked());
}
private function mass_tag_edit(string $search, string $replace) private function mass_tag_edit(string $search, string $replace)
{ {
global $database; global $database;

7
ext/tag_history/test.php
View File

@ -4,15 +4,15 @@ class TagHistoryTest extends ShimmiePHPUnitTestCase
public function testTagHistory() public function testTagHistory()
{ {
$this->log_in_as_admin(); $this->log_in_as_admin();
$image_id = $this->post_image("tests/pbx_screenshot.jpg", "pbx"); $image_id = $this->post_image("tests/pbx_screenshot.jpg", "old_tag");
$image = Image::by_id($image_id); $image = Image::by_id($image_id);
// Original // Original
$this->get_page("post/view/$image_id"); $this->get_page("post/view/$image_id");
$this->assert_title("Image $image_id: pbx"); $this->assert_title("Image $image_id: old_tag");
// Modified // Modified
send_event(new TagSetEvent($image, ["new"])); send_event(new TagSetEvent($image, ["new_tag"]));
// FIXME // FIXME
// $this->click("View Tag History"); // $this->click("View Tag History");
@ -23,5 +23,6 @@ class TagHistoryTest extends ShimmiePHPUnitTestCase
$this->get_page("tag_history/all/1"); $this->get_page("tag_history/all/1");
$this->assert_title("Global Tag History"); $this->assert_title("Global Tag History");
$this->assert_text("new_tag");
} }
} }

13
ext/view/main.php
View File

@ -74,11 +74,14 @@ class ViewImage extends Extension
} }
$image_id = int_escape($_POST['image_id']); $image_id = int_escape($_POST['image_id']);
$image = Image::by_id($image_id);
send_event(new ImageInfoSetEvent(Image::by_id($image_id))); if (!$image->is_locked()) {
send_event(new ImageInfoSetEvent($image));
$page->set_mode(PageMode::REDIRECT); $page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link("post/view/$image_id", url_escape(@$_POST['query']))); $page->set_redirect(make_link("post/view/$image_id", url_escape(@$_POST['query'])));
} else {
$this->theme->display_error(403, "Image Locked", "An admin has locked this image");
}
} }
} }