Merge pull request #12169 from MrPetovan/bug/7574-notifications-deleted-users

Centralize config.admin_email management in Model\User
This commit is contained in:
Philipp 2022-11-15 00:08:07 +01:00 committed by GitHub
commit 8dfd560b52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 510 additions and 496 deletions

View File

@ -80,7 +80,7 @@ CREATE TABLE IF NOT EXISTS `user` (
`pwdreset` varchar(255) COMMENT 'Password reset request token',
`pwdreset_time` datetime COMMENT 'Timestamp of the last password reset request',
`maxreq` int unsigned NOT NULL DEFAULT 10 COMMENT '',
`expire` int unsigned NOT NULL DEFAULT 0 COMMENT '',
`expire` int unsigned NOT NULL DEFAULT 0 COMMENT 'Delay in days before deleting user-related posts. Scope is controlled by pConfig.',
`account_removed` boolean NOT NULL DEFAULT '0' COMMENT 'if 1 the account is removed',
`account_expired` boolean NOT NULL DEFAULT '0' COMMENT '',
`account_expires_on` datetime NOT NULL DEFAULT '0001-01-01 00:00:00' COMMENT 'timestamp when account expires and will be deleted',

View File

@ -7,7 +7,7 @@ Fields
------
| Field | Description | Type | Null | Key | Default | Extra |
| ------------------------ | --------------------------------------------------------- | ------------------ | ---- | --- | ------------------- | -------------- |
| ------------------------ | --------------------------------------------------------------------------------- | ------------------ | ---- | --- | ------------------- | -------------- |
| uid | sequential ID | mediumint unsigned | NO | PRI | NULL | auto_increment |
| parent-uid | The parent user that has full control about this user | mediumint unsigned | YES | | NULL | |
| guid | A unique identifier for this user | varchar(64) | NO | | | |
@ -42,7 +42,7 @@ Fields
| pwdreset | Password reset request token | varchar(255) | YES | | NULL | |
| pwdreset_time | Timestamp of the last password reset request | datetime | YES | | NULL | |
| maxreq | | int unsigned | NO | | 10 | |
| expire | | int unsigned | NO | | 0 | |
| expire | Delay in days before deleting user-related posts. Scope is controlled by pConfig. | int unsigned | NO | | 0 | |
| account_removed | if 1 the account is removed | boolean | NO | | 0 | |
| account_expired | | boolean | NO | | 0 | |
| account_expires_on | timestamp when account expires and will be deleted | datetime | NO | | 0001-01-01 00:00:00 | |

View File

@ -34,7 +34,7 @@ function lostpass_post(App $a)
DI::baseUrl()->redirect();
}
$condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0', $loginame, $loginame];
$condition = ['(`email` = ? OR `nickname` = ?) AND `verified` = 1 AND `blocked` = 0 AND `account_removed` = 0 AND `account_expired` = 0', $loginame, $loginame];
$user = DBA::selectFirst('user', ['uid', 'username', 'nickname', 'email', 'language'], $condition);
if (!DBA::isResult($user)) {
DI::sysmsg()->addNotice(DI::l10n()->t('No valid account found.'));

View File

@ -27,6 +27,7 @@ use Friendica\App\BaseURL;
use Friendica\Capabilities\ICanCreateResponses;
use Friendica\Core\Config\Factory\Config;
use Friendica\Core\Session\Capability\IHandleUserSessions;
use Friendica\Model\User;
use Friendica\Module\Maintenance;
use Friendica\Security\Authentication;
use Friendica\Core\Config\ValueObject\Cache;
@ -164,14 +165,16 @@ class App
* Check if current user has admin role.
*
* @return bool true if user is an admin
* @throws Exception
*/
public function isSiteAdmin(): bool
{
$admin_email = $this->config->get('config', 'admin_email');
$adminlist = explode(',', str_replace(' ', '', $admin_email));
return $this->session->getLocalUserId() && $admin_email && $this->database->exists('user', ['uid' => $this->getLoggedInUserId(), 'email' => $adminlist]);
return
$this->session->getLocalUserId()
&& $this->database->exists('user', [
'uid' => $this->getLoggedInUserId(),
'email' => User::getAdminEmailList()
]);
}
/**

View File

@ -26,6 +26,7 @@ use Friendica\App\Mode;
use Friendica\Database\DBA;
use Friendica\Database\DBStructure;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Network\HTTPException\InternalServerErrorException;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Strings;
@ -289,30 +290,16 @@ class Update
* @return void
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
private static function updateFailed(int $update_id, string $error_message) {
//send the administrators an e-mail
$condition = ['email' => explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email'))), 'parent-uid' => 0];
$adminlist = DBA::select('user', ['uid', 'language', 'email'], $condition, ['order' => ['uid']]);
// No valid result?
if (!DBA::isResult($adminlist)) {
private static function updateFailed(int $update_id, string $error_message)
{
$adminEmails = User::getAdminListForEmailing(['uid', 'language', 'email']);
if (!$adminEmails) {
Logger::warning('Cannot notify administrators .', ['update' => $update_id, 'message' => $error_message]);
// Don't continue
return;
}
$sent = [];
// every admin could had different language
while ($admin = DBA::fetch($adminlist)) {
if (in_array($admin['email'], $sent)) {
continue;
}
$sent[] = $admin['email'];
$lang = $admin['language'] ?? 'en';
$l10n = DI::l10n()->withLang($lang);
foreach($adminEmails as $admin) {
$l10n = DI::l10n()->withLang($admin['language'] ?: 'en');
$preamble = Strings::deindent($l10n->t("
The friendica developers released update %s recently,
@ -343,22 +330,8 @@ class Update
*/
private static function updateSuccessful(int $from_build, int $to_build)
{
//send the administrators an e-mail
$condition = ['email' => explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email'))), 'parent-uid' => 0];
$adminlist = DBA::select('user', ['uid', 'language', 'email'], $condition, ['order' => ['uid']]);
if (DBA::isResult($adminlist)) {
$sent = [];
// every admin could had different language
while ($admin = DBA::fetch($adminlist)) {
if (in_array($admin['email'], $sent)) {
continue;
}
$sent[] = $admin['email'];
$lang = (($admin['language']) ? $admin['language'] : 'en');
$l10n = DI::l10n()->withLang($lang);
foreach(User::getAdminListForEmailing(['uid', 'language', 'email']) as $admin) {
$l10n = DI::l10n()->withLang($admin['language'] ?: 'en');
$preamble = Strings::deindent($l10n->t('
The friendica database was successfully updated from %s to %s.',
@ -372,7 +345,6 @@ class Update
->build();
DI::emailer()->send($email);
}
}
Logger::debug('Database structure update successful.');
}

View File

@ -164,25 +164,16 @@ class Nodeinfo
*
* @param IManageConfigValues $config Configuration instance
* @return array Organization information
* @throws \Exception
*/
public static function getOrganization(IManageConfigValues $config): array
{
$organization = [
'name' => null,
'contact' => null,
'account' => null
$administrator = User::getFirstAdmin(['username', 'email', 'nickname']);
return [
'name' => $administrator['username'] ?? null,
'contact' => $administrator['email'] ?? null,
'account' => $administrator['nickname'] ?? '' ? DI::baseUrl()->get() . '/profile/' . $administrator['nickname'] : null,
];
if (!empty($config->get('config', 'admin_email'))) {
$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email')));
$organization['contact'] = $adminList[0];
$administrator = User::getByEmail($adminList[0], ['username', 'nickname']);
if (!empty($administrator)) {
$organization['name'] = $administrator['username'];
$organization['account'] = DI::baseUrl()->get() . '/profile/' . $administrator['nickname'];
}
}
return $organization;
}
}

View File

@ -178,11 +178,15 @@ class UserNotification
return;
}
$user = User::getById($uid, ['account-type']);
$user = User::getById($uid, ['account-type', 'account_removed', 'account_expired']);
if (in_array($user['account-type'], [User::ACCOUNT_TYPE_COMMUNITY, User::ACCOUNT_TYPE_RELAY])) {
return;
}
if ($user['account_removed'] || $user['account_expired']) {
return;
}
$author = Contact::getById($item['author-id'], ['contact-type']);
if (empty($author)) {
return;

View File

@ -265,7 +265,7 @@ class User
// List of possible actor names
$possible_accounts = ['friendica', 'actor', 'system', 'internal'];
foreach ($possible_accounts as $name) {
if (!DBA::exists('user', ['nickname' => $name, 'account_removed' => false, 'expire' => false]) &&
if (!DBA::exists('user', ['nickname' => $name, 'account_removed' => false, 'account_expired' => false]) &&
!DBA::exists('userd', ['username' => $name])) {
DI::config()->set('system', 'actor_name', $name);
return $name;
@ -381,17 +381,15 @@ class User
*
* @param array $fields
* @return array user
* @throws Exception
*/
public static function getFirstAdmin(array $fields = []) : array
{
if (!empty(DI::config()->get('config', 'admin_nickname'))) {
return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
} elseif (!empty(DI::config()->get('config', 'admin_email'))) {
$adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
return self::getByEmail($adminList[0], $fields);
} else {
return [];
}
return self::getAdminList()[0] ?? [];
}
/**
@ -1054,12 +1052,9 @@ class User
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
if (DI::config()->get('config', 'admin_email') && strlen($openid_url)) {
$adminlist = explode(',', str_replace(' ', '', strtolower(DI::config()->get('config', 'admin_email'))));
if (in_array(strtolower($email), $adminlist)) {
if (strlen($openid_url) && in_array(strtolower($email), self::getAdminEmailList())) {
throw new Exception(DI::l10n()->t('Cannot use that email.'));
}
}
$nickname = $data['nickname'] = strtolower($nickname);
@ -1783,4 +1778,64 @@ class User
return DBA::selectToArray('owner-view', [], $condition, $param);
}
/**
* Returns a list of lowercase admin email addresses from the comma-separated list in the config
*
* @return array
*/
public static function getAdminEmailList(): array
{
$adminEmails = strtolower(str_replace(' ', '', DI::config()->get('config', 'admin_email')));
if (!$adminEmails) {
return [];
}
return explode(',', $adminEmails);
}
/**
* Returns the complete list of admin user accounts
*
* @param array $fields
* @return array
* @throws Exception
*/
public static function getAdminList(array $fields = []): array
{
$condition = [
'email' => self::getAdminEmailList(),
'parent-uid' => 0,
'blocked' => 0,
'verified' => true,
'account_removed' => false,
'account_expired' => false,
];
return DBA::selectToArray('user', $fields, $condition, ['order' => ['uid']]);
}
/**
* Return a list of admin user accounts where each unique email address appears only once.
*
* This method is meant for admin notifications that do not need to be sent multiple times to the same email address.
*
* @param array $fields
* @return array
* @throws Exception
*/
public static function getAdminListForEmailing(array $fields = []): array
{
return array_filter(self::getAdminList($fields), function ($user) {
static $emails = [];
if (in_array($user['email'], $emails)) {
return false;
}
$emails[] = $user['email'];
return true;
});
}
}

View File

@ -23,6 +23,7 @@ namespace Friendica\Module\Api\GNUSocial\GNUSocial;
use Friendica\App;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Module\BaseApi;
use Friendica\Module\Register;
@ -42,7 +43,7 @@ class Config extends BaseApi
'logo' => DI::baseUrl() . '/images/friendica-64.png',
'fancy' => true,
'language' => DI::config()->get('system', 'language'),
'email' => DI::config()->get('config', 'admin_email'),
'email' => implode(',', User::getAdminEmailList()),
'broughtby' => '',
'broughtbyurl' => '',
'timezone' => DI::config()->get('system', 'default_timezone'),

View File

@ -113,7 +113,7 @@ abstract class BaseUsers extends BaseModeration
protected function setupUserCallback(): \Closure
{
$adminlist = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
$adminlist = User::getAdminEmailList();
return function ($user) use ($adminlist) {
$page_types = [
User::PAGE_FLAGS_NORMAL => $this->t('Normal Account Page'),

View File

@ -352,7 +352,7 @@ class Register extends BaseModule
DI::baseUrl()->redirect();
}
} elseif (intval(DI::config()->get('config', 'register_policy')) === self::APPROVE) {
if (!strlen(DI::config()->get('config', 'admin_email'))) {
if (!User::getAdminEmailList()) {
DI::sysmsg()->addNotice(DI::l10n()->t('Your registration can not be processed.'));
DI::baseUrl()->redirect();
}
@ -387,21 +387,11 @@ class Register extends BaseModule
DI::sysmsg()->addInfo(DI::l10n()->t('Your registration is pending approval by the site owner.'));
DI::baseUrl()->redirect();
}
return;
}
private function sendNotification(array $user, string $event)
{
// send email to admins
$admins_stmt = DBA::select(
'user',
['uid', 'language', 'email'],
['email' => explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')))]
);
// send notification to admins
while ($admin = DBA::fetch($admins_stmt)) {
foreach (User::getAdminListForEmailing(['uid', 'language', 'email']) as $admin) {
DI::notify()->createFromArray([
'type' => Model\Notification\Type::SYSTEM,
'event' => $event,
@ -415,6 +405,5 @@ class Register extends BaseModule
'show_in_notification_page' => false
]);
}
DBA::close($admins_stmt);
}
}

View File

@ -113,14 +113,11 @@ class Account extends BaseSettings
$err .= DI::l10n()->t('Invalid email.');
}
// ensure new email is not the admin mail
if (DI::config()->get('config', 'admin_email')) {
$adminlist = explode(",", str_replace(" ", "", strtolower(DI::config()->get('config', 'admin_email'))));
if (in_array(strtolower($email), $adminlist)) {
if (in_array(strtolower($email), User::getAdminEmailList())) {
$err .= DI::l10n()->t('Cannot change to that email.');
$email = $user['email'];
}
}
}
if (strlen($err)) {
DI::sysmsg()->addNotice($err);

View File

@ -85,14 +85,8 @@ class RemoveMe extends BaseSettings
}
// send notification to admins so that they can clean up the backups
$admin_mails = explode(',', $this->config->get('config', 'admin_email'));
foreach ($admin_mails as $mail) {
$admin = $this->database->selectFirst('user', ['uid', 'language', 'email', 'username'], ['email' => trim($mail)]);
if (!$admin) {
continue;
}
$l10n = $this->l10n->withLang($admin['language']);
foreach (User::getAdminListForEmailing(['uid', 'language', 'email']) as $admin) {
$l10n = $this->l10n->withLang($admin['language'] ?: 'en');
$email = $this->emailer
->newSystemMail()

View File

@ -230,7 +230,7 @@ class Notify extends BaseRepository
}
// Ensure that the important fields are set at any time
$fields = ['nickname', 'account-type', 'notify-flags', 'language', 'username', 'email'];
$fields = ['nickname', 'account-type', 'notify-flags', 'language', 'username', 'email', 'account_removed', 'account_expired'];
$user = DBA::selectFirst('user', $fields, ['uid' => $params['uid']]);
if (!DBA::isResult($user)) {
@ -238,6 +238,10 @@ class Notify extends BaseRepository
return false;
}
if ($user['account_removed'] || $user['account_expired']) {
return false;
}
// There is no need to create notifications for forum accounts
if ($user['account-type'] == Model\User::ACCOUNT_TYPE_COMMUNITY) {
return false;
@ -525,8 +529,11 @@ class Notify extends BaseRepository
$parent_uri_id = $params['item']['parent-uri-id'] ?? null;
// Ensure that the important fields are set at any time
$fields = ['nickname'];
$fields = ['nickname', 'account_removed', 'account_expired'];
$user = Model\User::getById($params['uid'], $fields);
if ($user['account_removed'] || $user['user_expired']) {
return false;
}
$sitename = $this->config->get('config', 'sitename');
@ -711,6 +718,9 @@ class Notify extends BaseRepository
$params['otype'] = Model\Notification\ObjectType::ITEM;
$user = Model\User::getById($Notification->uid);
if ($user['account_removed'] || $user['account_expired']) {
return false;
}
$params['notify_flags'] = $user['notify-flags'];
$params['language'] = $user['language'];

View File

@ -86,7 +86,7 @@ class Instance extends BaseDataTransferObject
$this->uri = $baseUrl->get();
$this->title = $config->get('config', 'sitename');
$this->short_description = $this->description = $config->get('config', 'info');
$this->email = $config->get('config', 'admin_email');
$this->email = implode(',', User::getAdminEmailList());
$this->version = '2.8.0 (compatible; Friendica ' . App::VERSION . ')';
$this->urls = null; // Not supported
$this->stats = new Stats($config, $database);
@ -98,13 +98,10 @@ class Instance extends BaseDataTransferObject
$this->invites_enabled = false;
$this->contact_account = [];
if (!empty($config->get('config', 'admin_email'))) {
$adminList = explode(',', str_replace(' ', '', $config->get('config', 'admin_email')));
$administrator = User::getByEmail($adminList[0], ['nickname']);
if (!empty($administrator)) {
$adminContact = $database->selectFirst('contact', ['id'], ['nick' => $administrator['nickname'], 'self' => true]);
$this->contact_account = DI::mstdnAccount()->createFromContactId($adminContact['id']);
}
$administrator = User::getFirstAdmin(['nickname']);
if ($administrator) {
$adminContact = $database->selectFirst('contact', ['uri-id'], ['nick' => $administrator['nickname'], 'self' => true]);
$this->contact_account = DI::mstdnAccount()->createFromUriId($adminContact['uri-id']);
}
}
}

View File

@ -2073,13 +2073,14 @@ class Transmitter
}
if (empty($uid)) {
// Fetch the list of administrators
$admin_mail = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
// We need to use some user as a sender. It doesn't care who it will send. We will use an administrator account.
$condition = ['verified' => true, 'blocked' => false, 'account_removed' => false, 'account_expired' => false, 'email' => $admin_mail];
$first_user = DBA::selectFirst('user', ['uid'], $condition);
$uid = $first_user['uid'];
$admin = User::getFirstAdmin(['uid']);
if (!$admin) {
Logger::warning('No available admin user for transmission', ['target' => $target]);
return false;
}
$uid = $admin['uid'];
}
$condition = ['verb' => Activity::FOLLOW, 'uid' => 0, 'parent-uri' => $object,

View File

@ -136,7 +136,7 @@ return [
"pwdreset" => ["type" => "varchar(255)", "comment" => "Password reset request token"],
"pwdreset_time" => ["type" => "datetime", "comment" => "Timestamp of the last password reset request"],
"maxreq" => ["type" => "int unsigned", "not null" => "1", "default" => "10", "comment" => ""],
"expire" => ["type" => "int unsigned", "not null" => "1", "default" => "0", "comment" => ""],
"expire" => ["type" => "int unsigned", "not null" => "1", "default" => "0", "comment" => "Delay in days before deleting user-related posts. Scope is controlled by pConfig."],
"account_removed" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => "if 1 the account is removed"],
"account_expired" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => ""],
"account_expires_on" => ["type" => "datetime", "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => "timestamp when account expires and will be deleted"],

File diff suppressed because it is too large Load Diff