Friendica/friendica
Friendica/friendica
1
0
Fork 1
mirror of https://git.friendi.ca/friendica/friendica.git synced 2025-06-08 11:54:32 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Tighten profile restriction feature

Browse source 
- Prevent feed access to restricted profiles
- Rework display of restricted profiles with a redirect to the profile/restricted route
- Normalize permission checking with IHandleUserSession->isAuthenticated
- Remove unusable "nocache" parameter in feed module because session isn't initialized
- Reword setting name and description
This commit is contained in:
Hypolite Petovan 2022-11-30 13:50:52 -05:00
parent 0d53c69610
commit b83526ad0b
16 changed files with 135 additions and 84 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/Module/Update/Profile.php
View file

@ -49,7 +49,7 @@ class Profile extends BaseModule
$is_owner = DI::userSession()->getLocalUserId() == $a->getProfileOwner();
$last_updated_key = "profile:" . $a->getProfileOwner() . ":" . DI::userSession()->getLocalUserId() . ":" . $remote_contact;
if (!$is_owner && !$remote_contact) {
if (!DI::userSession()->isAuthenticated()) {
$user = User::getById($a->getProfileOwner(), ['hidewall']);
if ($user['hidewall']) {
throw new ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.'));