keith/friendica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

We can now delegate again like before

Browse source
This commit is contained in:
Michael 2018-02-08 22:18:34 +00:00
parent e651af2a0f
commit d42f86e218
4 changed files with 58 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
boot.php
View file

@ -39,7 +39,7 @@ define('FRIENDICA_PLATFORM', 'Friendica');
define('FRIENDICA_CODENAME', 'Asparagus'); define('FRIENDICA_CODENAME', 'Asparagus');
define('FRIENDICA_VERSION', '3.6-dev'); define('FRIENDICA_VERSION', '3.6-dev');
define('DFRN_PROTOCOL_VERSION', '2.23'); define('DFRN_PROTOCOL_VERSION', '2.23');
define('DB_UPDATE_VERSION', 1251); define('DB_UPDATE_VERSION', 1252);
define('NEW_UPDATE_ROUTINE_VERSION', 1170); define('NEW_UPDATE_ROUTINE_VERSION', 1170);
/** /**

33
include/security.php
View file

@ -107,12 +107,35 @@ function authenticate_success($user_record, $login_initial = false, $interactive
} }
} }
$r = dba::select('user', ['uid', 'username', 'nickname'], if ($master_record['parent-uid'] == 0) {
['password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false]); // First add our own entry
if (DBM::is_result($r)) { $a->identities = [['uid' => $master_record['uid'],
$a->identities = dba::inArray($r); 'username' => $master_record['username'],
'nickname' => $master_record['nickname']]];
// Then add all the children
$r = dba::select('user', ['uid', 'username', 'nickname'],
['parent-uid' => $master_record['uid'], 'account_removed' => false]);
if (DBM::is_result($r)) {
$a->identities = array_merge($a->identities, dba::inArray($r));
}
} else { } else {
// Just ensure that the array is always defined
$a->identities = []; $a->identities = [];
// First entry is our parent
$r = dba::select('user', ['uid', 'username', 'nickname'],
['uid' => $master_record['parent-uid'], 'account_removed' => false]);
if (DBM::is_result($r)) {
$a->identities = dba::inArray($r);
}
// Then add all siblings
$r = dba::select('user', ['uid', 'username', 'nickname'],
['parent-uid' => $master_record['parent-uid'], 'account_removed' => false]);
if (DBM::is_result($r)) {
$a->identities = array_merge($a->identities, dba::inArray($r));
}
} }
$r = dba::p("SELECT `user`.`uid`, `user`.`username`, `user`.`nickname` $r = dba::p("SELECT `user`.`uid`, `user`.`username`, `user`.`nickname`
@ -146,7 +169,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
// Set the login date for all identities of the user // Set the login date for all identities of the user
dba::update('user', ['login_date' => DateTimeFormat::utcNow()], dba::update('user', ['login_date' => DateTimeFormat::utcNow()],
['password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false]); ['parent-uid' => $master_record['uid'], 'account_removed' => false]);
} }
if ($login_initial) { if ($login_initial) {

34
mod/manage.php
View file

@ -35,8 +35,8 @@ function manage_post(App $a) {
$submanage = $r; $submanage = $r;
$identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0); $identity = (x($_POST['identity']) ? intval($_POST['identity']) : 0);
if (! $identity) { if (!$identity) {
return; return;
} }
@ -57,14 +57,36 @@ function manage_post(App $a) {
intval($limited_id) intval($limited_id)
); );
} else { } else {
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1", // Check if the target user is one of our children
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1",
intval($identity), intval($identity),
dbesc($orig_record['email']), dbesc($orig_record['uid'])
dbesc($orig_record['password'])
); );
// Check if the target user is one of our siblings
if (!DBM::is_result($r) && ($orig_record['parent-uid'] != 0)) {
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1",
intval($identity),
dbesc($orig_record['parent-uid'])
);
}
// Check if it's our parent
if (!DBM::is_result($r) && ($orig_record['parent-uid'] != 0) && ($orig_record['parent-uid'] == $identity)) {
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($identity)
);
}
// Finally check if it's out own user
if (!DBM::is_result($r) && ($orig_record['uid'] != 0) && ($orig_record['uid'] == $identity)) {
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($identity)
);
}
} }
if (! DBM::is_result($r)) { if (!DBM::is_result($r)) {
return; return;
} }

1
src/Database/DBStructure.php
View file

@ -1707,6 +1707,7 @@ class DBStructure
"comment" => "The local users", "comment" => "The local users",
"fields" => [ "fields" => [
"uid" => ["type" => "mediumint", "not null" => "1", "extra" => "auto_increment", "primary" => "1", "comment" => ""], "uid" => ["type" => "mediumint", "not null" => "1", "extra" => "auto_increment", "primary" => "1", "comment" => ""],
"parent-uid" => ["type" => "mediumint", "not null" => "1", "default" => "0", "relation" => ["user" => "uid"], "comment" => "The parent user that has full control about this user"],
"guid" => ["type" => "varchar(64)", "not null" => "1", "default" => "", "comment" => ""], "guid" => ["type" => "varchar(64)", "not null" => "1", "default" => "", "comment" => ""],
"username" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""], "username" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
"password" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""], "password" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],