mirror of
https://code.castopod.org/adaures/castopod
synced 2025-05-14 18:25:46 +00:00
2f525c0f6e
- add "ActivityPub" library to handle server to server federation and basic
client to server protocols using activitypub:
- add webfinger endpoint to look for actor
- add actor definition with inbox / outbox / followers
- remote follow an actor
- create notes with possible preview cards
- interract with favourites, reblogs and replies
- block incoming actors and/or domains
- broadcast/schedule activities to fediverse followers using a cron task
- For castopod, the podcast is the actor:
- overwrite the activitypub library for castopod's specific needs
- perform basic interactions administrating a podcast to interact with fediverse users:
- create notes with episode attachment
- favourite and share a note + reply
- add specific castopod_namespaces for podcasts and episodes definitions
- overwrite CodeIgniter's Route service to include alternate-content option for
activitystream requests
- update episode publication logic:
- remove publication inputs in create / edit episode form
- publish / schedule or unpublish an episode after creation
- the podcaster publishes a note when publishing an episode
- Javascript / Typescript modules:
- fix Dropdown.ts to keep dropdown menu in foreground
- add Modal.ts for funding links modal
- add Toggler.ts to toggle various css states in ui
- User Interface:
- update tailwindcss to v2
- use castopod's pine and rose colors
- update public layout to a 3 column layout
- add pages in public for podcast activity, episode list and notes
- update episode page to include linked notes
- remove previous and next episodes from episode pages
- show different public views depending on whether user is authenticated or not
- use Kumbh Sans and Montserrat fonts
- update CodeIgniter's config files
- with CodeIgniter's new requirements, update docker environments are now based on
php v7.3 image
- move Image entity to Libraries
- update composer and npm packages to latest versions
closes #69 #65 #85, fixes #51 #91 #92 #88
116 lines
3.6 KiB
PHP
116 lines
3.6 KiB
PHP
<?php
|
|
|
|
namespace App\Filters;
|
|
|
|
use App\Models\PodcastModel;
|
|
use Config\Services;
|
|
use CodeIgniter\HTTP\RequestInterface;
|
|
use CodeIgniter\HTTP\ResponseInterface;
|
|
use CodeIgniter\Filters\FilterInterface;
|
|
use Myth\Auth\Exceptions\PermissionException;
|
|
|
|
class PermissionFilter implements FilterInterface
|
|
{
|
|
/**
|
|
* Do whatever processing this filter needs to do.
|
|
* By default it should not return anything during
|
|
* normal execution. However, when an abnormal state
|
|
* is found, it should return an instance of
|
|
* CodeIgniter\HTTP\Response. If it does, script
|
|
* execution will end and that Response will be
|
|
* sent back to the client, allowing for error pages,
|
|
* redirects, etc.
|
|
*
|
|
* @param \CodeIgniter\HTTP\RequestInterface $request
|
|
* @param array|null $params
|
|
*
|
|
* @return mixed
|
|
*/
|
|
public function before(RequestInterface $request, $params = null)
|
|
{
|
|
if (!function_exists('logged_in')) {
|
|
helper('auth');
|
|
}
|
|
|
|
if (empty($params)) {
|
|
return;
|
|
}
|
|
|
|
$authenticate = Services::authentication();
|
|
|
|
// if no user is logged in then send to the login form
|
|
if (!$authenticate->check()) {
|
|
session()->set('redirect_url', current_url());
|
|
return redirect('login');
|
|
}
|
|
|
|
helper('misc');
|
|
$authorize = Services::authorization();
|
|
$router = Services::router();
|
|
$routerParams = $router->params();
|
|
$result = false;
|
|
|
|
// Check if user has at least one of the permissions
|
|
foreach ($params as $permission) {
|
|
// check if permission is for a specific podcast
|
|
if (
|
|
(startsWith($permission, 'podcast-') ||
|
|
startsWith($permission, 'podcast_episodes-')) &&
|
|
count($routerParams) > 0
|
|
) {
|
|
if (
|
|
$groupId = (new PodcastModel())->getContributorGroupId(
|
|
$authenticate->id(),
|
|
$routerParams[0]
|
|
)
|
|
) {
|
|
if ($authorize->groupHasPermission($permission, $groupId)) {
|
|
$result = true;
|
|
break;
|
|
}
|
|
}
|
|
} elseif (
|
|
$authorize->hasPermission($permission, $authenticate->id())
|
|
) {
|
|
$result = true;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!$result) {
|
|
if ($authenticate->silent()) {
|
|
$redirectURL = session('redirect_url') ?? '/';
|
|
unset($_SESSION['redirect_url']);
|
|
return redirect()
|
|
->to($redirectURL)
|
|
->with('error', lang('Auth.notEnoughPrivilege'));
|
|
} else {
|
|
throw new PermissionException(lang('Auth.notEnoughPrivilege'));
|
|
}
|
|
}
|
|
}
|
|
|
|
//--------------------------------------------------------------------
|
|
|
|
/**
|
|
* Allows After filters to inspect and modify the response
|
|
* object as needed. This method does not allow any way
|
|
* to stop execution of other after filters, short of
|
|
* throwing an Exception or Error.
|
|
*
|
|
* @param \CodeIgniter\HTTP\RequestInterface $request
|
|
* @param \CodeIgniter\HTTP\ResponseInterface $response
|
|
* @param array|null $arguments
|
|
*
|
|
* @return void
|
|
*/
|
|
public function after(
|
|
RequestInterface $request,
|
|
ResponseInterface $response,
|
|
$arguments = null
|
|
) {
|
|
}
|
|
|
|
//--------------------------------------------------------------------
|
|
}
|