Can create posts for groups.

2025-11-04 12:14:12 +00:00 · 2018-07-16 14:38:07 +02:00
parent 770fa95eb7
commit cd772c03c3
6 changed files with 189 additions and 47 deletions
--- a/RestControllers/PostsController.php
+++ b/RestControllers/PostsController.php
@@ -99,7 +99,11 @@ class PostsController {
 			Rest_fatal_error(500, "Couldn't retrieve post informations !");
 		//Check if we can get the comments of the post
-		if(components()->user->allowComments($postInfos->get_user_page_id()))
+		$load_comments = TRUE;
 		if($postInfos->get_kind_page() == Posts::PAGE_KIND_USER)
 			$load_comments = components()->user->allowComments($postInfos->get_user_page_id());
 		if($load_comments)
 			$postInfos->set_comments(components()->comments->get($postInfos->get_id()));
 		//Parse post informations
@@ -142,6 +146,20 @@ class PostsController {
 				break;
 			//In case of group
 			case "group":
 				//Save the values
 				$kind_page = Posts::PAGE_KIND_GROUP;
 				$kind_page_id = getPostGroupIdWithAccess("kind-id", GroupInfo::MEMBER_ACCESS);
 				//Check whether the user is authorized to create posts on the page or not
 				if(!components()->groups->canUserCreatePost(userID, $kind_page_id))
 					Rest_fatal_error(401, "You are not authorized to create posts on this group!");
 				break;	
 			//Unsupported kind of page
 			default:
 				Rest_fatal_error(500, "Unsupported kind of page !");
@@ -349,13 +367,19 @@ class PostsController {
 		if($postID < 0)
 			Rest_fatal_error(400, "Couldn't create post !");
-		//Create a notification
+		
-		$notification = new Notification();
+		if($post->get_kind_page() == Posts::PAGE_KIND_USER){
-		$notification->set_from_user_id(userID);
+
-		$notification->set_on_elem_id($postID);
+			//Create a notification
-		$notification->set_on_elem_type(Notification::POST);
+			$notification = new Notification();
-		$notification->set_type(Notification::ELEM_CREATED);
+			$notification->set_from_user_id(userID);
-		components()->notifications->push($notification);
+			$notification->set_on_elem_id($postID);
 			$notification->set_on_elem_type(Notification::POST);
 			$notification->set_type(Notification::ELEM_CREATED);
 			components()->notifications->push($notification);
 		}
 		//Success
 		return array(
--- a/classes/components/GroupsComponent.php
+++ b/classes/components/GroupsComponent.php
@@ -526,6 +526,40 @@ class GroupsComponent {
 		return GroupInfo::NO_ACCESS;
 	}
 	/**
 	 * Check whether a user can create posts or not on a group
 	 * 
 	 * @param int $userID The related user ID
 	 * @param int $groupID The ID of the target group
 	 * @return bool TRUE if the user is authorized / FALSE else
 	 */
 	public function canUserCreatePost(int $userID, int $groupID) : bool {
 		//Get the membership level of the user over the post
 		$membership_level = $this->getMembershipLevel($userID, $groupID);
 		//Moderators + administrators : can always create posts
 		if($membership_level == GroupMember::ADMINISTRATOR
 			|| $membership_level == GroupMember::MODERATOR)
 			return TRUE;
 		if($membership_level == GroupMember::MEMBER) {
 			//Get information about the group to check whether all the members of
 			//the group are authorized to create posts or not
 			$group = $this->get_advanced_info($groupID);
 			if($group->get_posts_level() == GroupInfo::POSTS_LEVEL_ALL_MEMBERS)
 				return TRUE;
 		}
 		//Other members can not create posts
 		return FALSE;
 	}
 	/**
 	 * Delete current group logo (if any)
 	 * 
--- a/classes/components/notifications.php
+++ b/classes/components/notifications.php
@@ -101,10 +101,20 @@ class notificationComponent {
 				return false;
 			//Update post informations
-			$notification->set_from_container_type(Notification::USER_PAGE);
+			if($info_post->get_kind_page() == Posts::PAGE_KIND_USER){
-			$notification->set_from_container_id($info_post->get_user_page_id());
+				$notification->set_from_container_type(Notification::USER_PAGE);
 				$notification->set_from_container_id($info_post->get_user_page_id());
 			}
 			else if($info_post->get_kind_page() == Posts::PAGE_KIND_GROUP){
 				$notification->set_from_container_type(Notification::GROUP_PAGE);
 				$notification->set_from_container_id($info_post->get_group_id());
 			}
 			else
 				throw new Exception("Unsupported page kind: ".$info_post->get_kind_page());
 			//Check if the notification is private or not
 			//Private posts
 			if($info_post->get_visibility_level() == Posts::VISIBILITY_USER){
 				//Push the notification only to the user, and only if it is not him
@@ -117,7 +127,9 @@ class notificationComponent {
 				//Push the notification
 				return $this->push_private($notification);
 			}
-			else {
+
 			//For the posts on user pages
 			else if($notification->get_from_container_type() == Notification::USER_PAGE) {
 				//Get the list of friends of the user
 				$friendslist = components()->friends->getList($notification->get_from_user_id());
@@ -146,6 +158,17 @@ class notificationComponent {
 			}
 			//For the posts on groups
 			else if($notification->get_from_container_type() == Notification::GROUP_PAGE){
 				//TODO : implement
 				return TRUE;
 			}
 			//Unimplemented scenario
 			else {
 				throw new Exception("Notification scenarios not implemented!");
 			}
 		}
 		//Handles friendship request notifications
--- a/classes/components/posts.php
+++ b/classes/components/posts.php
@@ -39,6 +39,7 @@ class Posts {
 	 */
 	//Post on user page
 	const PAGE_KIND_USER = "user";
 	const PAGE_KIND_GROUP = "group";
 	/**
 	 * Kinds of post
@@ -333,53 +334,83 @@ class Posts {
 		//Check if the user is the owner of the post
 		if($post_info->get_userID() == $userID)
 			return $this::FULL_ACCESS;
 		//Check if the post was made on the user page
 		if($post_info->get_user_page_id() == $userID)
 			return $this::INTERMEDIATE_ACCESS;
 		//Check if the post is private
 		if($post_info->get_visibility_level() == $this::VISIBILITY_USER)
 			return $this::NO_ACCESS;
-		//Check if the post is for friends only
+		//Special checks if the posts belongs to a user's page
-		if($post_info->get_visibility_level() == $this::VISIBILITY_FRIENDS){
+		if($post_info->get_kind_page() == Posts::PAGE_KIND_USER){
-			//Check if user is signed in
+			//Check if the post was made on the user page
-			if($userID == 0)
+			if($post_info->get_user_page_id() == $userID)
 				return $this::INTERMEDIATE_ACCESS;
 			//Check if the post is private
 			if($post_info->get_visibility_level() == $this::VISIBILITY_USER)
 				return $this::NO_ACCESS;
-			//Check if this user and the owner of the page are friends or not
+			//Check if the post is for friends only
-			else if(!CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
+			if($post_info->get_visibility_level() == $this::VISIBILITY_FRIENDS){
 				return $this::NO_ACCESS;
 			else
 				//User can access the post
 				return $this::BASIC_ACCESS;
 		}
-		//Check if the post is public
+				//Check if user is signed in
-		if($post_info->get_visibility_level() == $this::VISIBILITY_PUBLIC){
+				if($userID == 0)
-
+					return $this::NO_ACCESS;
-			//Check if the two personns are friend
+				
-			if($userID != 0){
+				//Check if this user and the owner of the page are friends or not
-				if(CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
+				else if(!CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
 					return $this::NO_ACCESS;
 				else
 					//User can access the post
 					return $this::BASIC_ACCESS;
 			}
-			//Get user visibility level
+			//Check if the post is public
-			$visibilityLevel = CS::get()->components->user->getVisibility($post_info->get_user_page_id());
+			if($post_info->get_visibility_level() == $this::VISIBILITY_PUBLIC){
-			//If the page is open, access is free
+				//Check if the two personns are friend
-			if($visibilityLevel == UserComponent::USER_PAGE_OPEN)
+				if($userID != 0){
 					if(CS::get()->components->friends->are_friend($userID, $post_info->get_user_page_id()))
 						return $this::BASIC_ACCESS;
 				}
 				//Get user visibility level
 				$visibilityLevel = CS::get()->components->user->getVisibility($post_info->get_user_page_id());
 				//If the page is open, access is free
 				if($visibilityLevel == UserComponent::USER_PAGE_OPEN)
 					return $this::BASIC_ACCESS;
 				//Else check if the user is signed in and the page is public 
 				else if($userID != 0 AND $visibilityLevel == UserComponent::USER_PAGE_PUBLIC)
 					return $this::BASIC_ACCESS;
 				else
 					return $this::NO_ACCESS;
 			}
 		}
 		//Checks if the posts belongs to a group's page
 		if($post_info->get_kind_page() == Posts::PAGE_KIND_GROUP){
 			//Get the access level of the user over the group
 			$access_level = components()->groups->getMembershipLevel($userID, $post_info->get_group_id());
 			//Moderators and administrators can delete all the posts of the group
 			if($access_level < GroupMember::MEMBER)
 				return $this::INTERMEDIATE_ACCESS;
 			//Members of a group can see all the posts of the group
 			if($access_level == GroupMember::MEMBER)
 				return $this::BASIC_ACCESS;
-			
+				
-			//Else check if the user is signed in and the page is public 
+			//Check if the post is public or not
-			else if($userID != 0 AND $visibilityLevel == UserComponent::USER_PAGE_PUBLIC)
+			if($post_info->get_visibility_level() != Posts::VISIBILITY_PUBLIC)
 				return $this::BASIC_ACCESS;
 			else
 				return $this::NO_ACCESS;
 			//Check if the group is open or not
 			if(!components()->groups->is_open($post_info->get_group_id()))
 				return $this::NO_ACCESS;
 			// Post public + open group > basic access
 			return $this::BASIC_ACCESS;
 		}
 		//Not implemented
@@ -417,6 +448,14 @@ class Posts {
 			//Determine who is creating the post
 			$post_user_id = $post->get_kind_page_id();
 			$post_friend_id = $post->get_kind_page_id() == $post->get_userID() ? 0 : $post->get_userID();
 			$post_group_id = 0;
 		}
 		else if($post->get_kind_page() == $this::PAGE_KIND_GROUP){
 			$post_user_id = $post->get_userID();
 			$post_friend_id = 0;
 			$post_group_id = $post->get_kind_page_id();
 		}
 		else {
@@ -427,6 +466,7 @@ class Posts {
 		$data = array(
 			"ID_personne" => $post_user_id,
 			"ID_amis" => $post_friend_id,
 			"group_id" => $post_group_id,
 			"date_envoi" => mysql_date(),
 			"time_insert" => time(),
 			"texte" => $post->has_content() ? $post->get_content() : "",
@@ -688,7 +728,11 @@ class Posts {
 		//General information
 		$post->set_id($entry["ID"]);
 		$post->set_userID($entry["ID_amis"] == 0 ? $entry["ID_personne"] : $entry["ID_amis"]);
 		//Determine the kind of target page and its ID
 		$post->set_user_page_id($entry["ID_personne"]);
 		$post->set_group_id($entry["group_id"]);
 		$post->set_time_sent($entry["time_insert"] == null ? strtotime($entry["date_envoi"]) : $entry["time_insert"]);
 		$post->set_content($entry["texte"]);
 		$post->set_visibility_level($entry["niveau_visibilite"]);
--- a/classes/models/Notification.php
+++ b/classes/models/Notification.php
@@ -11,6 +11,7 @@ class Notification {
 	 * Elements type
 	 */
 	const USER_PAGE = "user_page";
 	const GROUP_PAGE = "group_page";
 	const CONVERSATION = "conversation";
 	const CONVERSATION_MESSAGE = "conversation_message";
 	const POST = "post";
--- a/classes/models/Post.php
+++ b/classes/models/Post.php
@@ -75,6 +75,22 @@ class Post extends BaseUniqueObjectFromUser {
 		return $this->kind_page == Posts::PAGE_KIND_USER ? $this->kind_page_id : 0;
 	}
 	//Set and get the target group ID
 	public function set_group_id(int $group_id){
 		if($group_id > 0){
 			$this->set_kind_page(Posts::PAGE_KIND_GROUP);
 			$this->kind_page_id = $group_id;
 		}
 	}
 	public function has_group_id() : bool {
 		return $this->kind_page_id > 0 && $this->kind_page == Posts::PAGE_KIND_GROUP;
 	}
 	public function get_group_id() : int {
 		return $this->kind_page == Posts::PAGE_KIND_GROUP ? $this->kind_page_id : 0;
 	}
 	//Set and get content
 	public function set_content(string $content){