Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
When not logged in, only display public instance posts
  • Loading branch information
ginatrapani committed Sep 10, 2012
1 parent 1d57776 commit 72f0d18
Show file tree
Hide file tree
Showing 5 changed files with 65 additions and 8 deletions.
14 changes: 14 additions & 0 deletions tests/TestOfInstanceMySQLDAO.php
Expand Up @@ -663,6 +663,20 @@ public function testIsUserConfigured(){
$this->assertFalse($result);
}

public function testIsInstancePublic(){
// Test private instance
$result = $this->DAO->isInstancePublic("jack", "twitter");
$this->assertFalse($result);

// Test public instance
$result = $this->DAO->isInstancePublic("stuart", "twitter");
$this->assertTrue($result);

// Test non-existent instance
$result = $this->DAO->isInstancePublic("no one", "facebook");
$this->assertFalse($result);
}

public function testGetByUserAndViewerId() {
$this->DAO = new InstanceMySQLDAO();
$builders[] = FixtureBuilder::build('instances', array('network_user_id'=>17,
Expand Down
23 changes: 17 additions & 6 deletions tests/TestOfPostController.php
Expand Up @@ -63,19 +63,24 @@ public function testControlNoPostID() {
$this->assertPattern( "/Post not specified/", $results);
}

public function testControlExistingPublicPostID() {
public function testControlExistingPostIDByPublicInstance() {
$instance_builder = FixtureBuilder::build('instances', array('network_user_id'=>'10', 'network_username'=>'ev',
'is_public'=>1, 'network'=>'twitter'));
$post_builder = FixtureBuilder::build('posts', array('post_id'=>'1001', 'author_user_id'=>'10',
'author_username'=>'ev', 'post_text'=>'This is a test post', 'retweet_count_cache'=>'5', 'network'=>'twitter',
'is_protected'=>0));
$user_builder = FixtureBuilder::build('users', array('user_id'=>'10', 'username'=>'ev', 'is_protected'=>'0',
$user_builder = FixtureBuilder::build('users', array('user_id'=>'10', 'username'=>'ev', 'is_protected'=>0,
'network'=>'twitter'));
$_GET["t"] = '1001';
$controller = new PostController(true);
$results = $controller->go();
//sleep(1000);
$this->assertPattern( "/This is a test post/", $results);
}

public function testControlExistingPublicPostIDWithLink() {
public function testControlExistingPostIDByPublicInstanceWithLink() {
$instance_builder = FixtureBuilder::build('instances', array('network_user_id'=>'10', 'network_username'=>'ev',
'is_public'=>1, 'network'=>'twitter'));
$post_builder = FixtureBuilder::build('posts', array('id'=>1, 'post_id'=>'1001', 'author_user_id'=>'10',
'author_username'=>'ev', 'post_text'=>'This is a test post', 'retweet_count_cache'=>'5', 'network'=>'twitter',
'is_protected'=>0));
Expand Down Expand Up @@ -301,10 +306,10 @@ public function testNotLoggedInPostWithViewsSpecified() {
public function testLoggedInPostWithViewsSpecified() {
$builders = $this->buildPublicPostWithMixedAccessResponses();
$owner_builder = FixtureBuilder::build('owners', array('email'=>'me@example.com', 'is_admin'=>0));
$i_data = array('id' => 1, 'network_username' => 'mojojojo', 'network_user_id' =>'20', 'network'=>'twitter');
$i_data = array('id'=>2, 'network_username' => 'mojojojo', 'network_user_id' =>'20', 'network'=>'twitter');
$instances_builder = FixtureBuilder::build('instances', $i_data);

$oi_data = array('owner_id' => 1, 'instance_id' => 1);
$oi_data = array('owner_id' => 1, 'instance_id' => 2);
$oinstances_builder = FixtureBuilder::build('owner_instances', $oi_data);

$follows_builder = FixtureBuilder::build('follows', array('user_id'=>'13', 'follower_id'=>'20',
Expand Down Expand Up @@ -360,6 +365,8 @@ public function testCleanXSS() {
}

public function testControlWithNonExistentPluginActivated() {
$data[] = FixtureBuilder::build('instances', array('network_user_id'=>'10', 'network_username'=>'ev',
'is_public'=>1, 'network'=>'twitter'));
$data[] = FixtureBuilder::build('posts', array('post_id'=>'1001', 'author_user_id'=>'10',
'author_username'=>'ev', 'post_text'=>'This is a test post', 'retweet_count_cache'=>'5', 'network'=>'twitter',
'is_protected'=>0));
Expand All @@ -385,6 +392,10 @@ private function buildPublicPostWithMixedAccessResponses($with_xss = false) {
if ($with_xss) {
$post_text .= "<script>alert('wa');</script>";
}

$instance_builder = FixtureBuilder::build('instances', array('network_user_id'=>'10', 'network_username'=>'ev',
'is_public'=>1, 'network'=>'twitter'));

$post_builder = FixtureBuilder::build('posts', array('post_id'=>'1001', 'author_user_id'=>'10',
'author_username'=>'ev', 'post_text'=>$post_text, 'retweet_count_cache'=>'5', 'network'=>'twitter',
'is_protected'=>'0'));
Expand Down Expand Up @@ -430,6 +441,6 @@ private function buildPublicPostWithMixedAccessResponses($with_xss = false) {
return array($post_builder, $original_post_author_builder, $public_reply_author_builder1, $reply_builder1,
$public_reply_author_builder2, $reply_builder2, $private_reply_author_builder1, $reply_builder3,
$private_retweet_author_builder1, $retweet_builder1, $private_retweet_author_builder2, $retweet_builder2,
$public_retweet_author_builder1, $retweet_builder3);
$public_retweet_author_builder1, $retweet_builder3, $instance_builder);
}
}
10 changes: 8 additions & 2 deletions webapp/_lib/controller/class.PostController.php
Expand Up @@ -57,8 +57,14 @@ public function control() {
}

$viewer_has_access_to_post = false;
if ( !$post->is_protected ) {
$viewer_has_access_to_post = true;
if ( !$post->is_protected ) { // post is public
if ($this->isLoggedIn()) { // user is logged in
$viewer_has_access_to_post = true;
} else { //not logged in
$instance_dao = DAOFactory::getDAO('InstanceDAO');
$viewer_has_access_to_post = $instance_dao->isInstancePublic($post->author_username,
$post->network);
}
} elseif ($this->isLoggedIn()) {
$owner_dao = DAOFactory::getDAO('OwnerDAO');
$owner = $owner_dao->getByEmail($this->getLoggedInUser());
Expand Down
18 changes: 18 additions & 0 deletions webapp/_lib/dao/class.InstanceMySQLDAO.php
Expand Up @@ -540,6 +540,24 @@ public function isUserConfigured($username, $network) {
return $this->getDataIsReturned($ps);
}

public function isInstancePublic($username, $network) {
$q = "SELECT is_public ";
$q .= "FROM ".$this->getTableName()." ";
$q .= "WHERE network_username = :username AND network = :network ORDER BY is_public ASC LIMIT 1";
$vars = array(
':username'=>$username,
':network'=>$network
);
if ($this->profiler_enabled) Profiler::setDAOMethod(__METHOD__);
$ps = $this->execute($q, $vars);
$result = $this->getDataRowAsArray($ps);
if (isset($result['is_public'])) {
return ($result['is_public'] == 1);
} else {
return false;
}
}

public function getByUserAndViewerId($network_user_id, $viewer_id, $network = 'facebook') {
$q = "SELECT ".$this->getFieldList();
$q .= "FROM ".$this->getTableName()." ";
Expand Down
8 changes: 8 additions & 0 deletions webapp/_lib/dao/interface.InstanceDAO.php
Expand Up @@ -197,6 +197,14 @@ public function updateLastRun($id);
*/
public function isUserConfigured($username, $network);

/**
* Check if an instance is public.
* @param str $username
* @param str $network
* @return bool
*/
public function isInstancePublic($username, $network);

/**
* Get instance by user and viewer ID
* @param int $network_user_id
Expand Down

0 comments on commit 72f0d18

Please sign in to comment.