From 39cc1c11ec596176e842cc98e6a54337e3c04d7e Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 26 Feb 2024 09:01:03 +0100 Subject: New feature: shareable user query (#6052) * New feature: shareable user query Share the output of a user query by RSS / HTML / OPML with other people through unique URLs. Replaces the global admin token, which was the only option (but unsafe) to share RSS outputs with other people. Also add a new HTML output for people without an RSS reader. fix https://github.com/FreshRSS/FreshRSS/issues/3066#issuecomment-648977890 fix https://github.com/FreshRSS/FreshRSS/issues/3178#issuecomment-769435504 * Remove unused method * Fix token saving * Implement HTML view * Update i18n for master token * Revert i18n get_favorite * Fix missing i18n for user queries from before this PR * Remove irrelevant tests * Add link to RSS version * Fix getGet * Fix getState * Fix getSearch * Alternative getSearch * Default getOrder * Explicit default state * Fix test * Add OPML sharing * Remove many redundant SQL queries from original implementation of user queries * Fix article tags * Use default user settings * Prepare public search * Fixes * Allow user search on article tags * Implement user search * Revert filter bug * Revert wrong SQL left outer join change * Implement checkboxes * Safe check of OPML * Fix label * Remove RSS button to favour new sharing method That sharing button was using a global admin token * First version of HTTP 304 * Disallow some recusrivity fix https://github.com/FreshRSS/FreshRSS/issues/6086 * Draft of nav * Minor httpConditional * Add support for offset for pagination * Fix offset pagination * Fix explicit order ASC * Add documentation * Help links i18n * Note about deprecated master token * Typo * Doc about format --- app/Controllers/configureController.php | 56 ++++++++++++++++----------------- 1 file changed, 28 insertions(+), 28 deletions(-) (limited to 'app/Controllers/configureController.php') diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index 8db36a899..e7f877428 100644 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -301,12 +301,8 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { public function queriesAction(): void { FreshRSS_View::appendScript(Minz_Url::display('/scripts/draggable.js?' . @filemtime(PUBLIC_PATH . '/scripts/draggable.js'))); - $category_dao = FreshRSS_Factory::createCategoryDao(); - $feed_dao = FreshRSS_Factory::createFeedDao(); - $tag_dao = FreshRSS_Factory::createTagDao(); - if (Minz_Request::isPost()) { - /** @var array $params */ + /** @var array $params */ $params = Minz_Request::paramArray('queries'); $queries = []; @@ -318,7 +314,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { if (!empty($query['search'])) { $query['search'] = urldecode($query['search']); } - $queries[$key] = (new FreshRSS_UserQuery($query, $feed_dao, $category_dao, $tag_dao))->toArray(); + $queries[$key] = (new FreshRSS_UserQuery($query, FreshRSS_Context::categories(), FreshRSS_Context::labels()))->toArray(); } FreshRSS_Context::userConf()->queries = $queries; FreshRSS_Context::userConf()->save(); @@ -327,13 +323,13 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { } else { $this->view->queries = []; foreach (FreshRSS_Context::userConf()->queries as $key => $query) { - $this->view->queries[intval($key)] = new FreshRSS_UserQuery($query, $feed_dao, $category_dao, $tag_dao); + $this->view->queries[intval($key)] = new FreshRSS_UserQuery($query, FreshRSS_Context::categories(), FreshRSS_Context::labels()); } } - $this->view->categories = $category_dao->listCategories(false) ?: []; - $this->view->feeds = $feed_dao->listFeeds(); - $this->view->tags = $tag_dao->listTags() ?: []; + $this->view->categories = FreshRSS_Context::categories(); + $this->view->feeds = FreshRSS_Context::feeds(); + $this->view->tags = FreshRSS_Context::labels(); if (Minz_Request::paramTernary('id') !== null) { $id = Minz_Request::paramInt('id'); @@ -363,20 +359,21 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { return; } - $category_dao = FreshRSS_Factory::createCategoryDao(); - $feed_dao = FreshRSS_Factory::createFeedDao(); - $tag_dao = FreshRSS_Factory::createTagDao(); - - $query = new FreshRSS_UserQuery(FreshRSS_Context::userConf()->queries[$id], $feed_dao, $category_dao, $tag_dao); + $query = new FreshRSS_UserQuery(FreshRSS_Context::userConf()->queries[$id], FreshRSS_Context::categories(), FreshRSS_Context::labels()); $this->view->query = $query; $this->view->queryId = $id; - $this->view->categories = $category_dao->listCategories(false) ?: []; - $this->view->feeds = $feed_dao->listFeeds(); - $this->view->tags = $tag_dao->listTags() ?: []; + $this->view->categories = FreshRSS_Context::categories(); + $this->view->feeds = FreshRSS_Context::feeds(); + $this->view->tags = FreshRSS_Context::labels(); if (Minz_Request::isPost()) { $params = array_filter(Minz_Request::paramArray('query')); $queryParams = []; + $name = Minz_Request::paramString('name') ?: _t('conf.query.number', $id + 1); + if ('' === $name) { + $name = _t('conf.query.number', $id + 1); + } + $queryParams['name'] = $name; if (!empty($params['get']) && is_string($params['get'])) { $queryParams['get'] = htmlspecialchars_decode($params['get'], ENT_QUOTES); } @@ -389,15 +386,21 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { if (!empty($params['state']) && is_array($params['state'])) { $queryParams['state'] = (int)(array_sum($params['state'])); } - $name = Minz_Request::paramString('name') ?: _t('conf.query.number', $id + 1); - if ('' === $name) { - $name = _t('conf.query.number', $id + 1); + if (empty($params['token']) || !is_string($params['token'])) { + $queryParams['token'] = FreshRSS_UserQuery::generateToken($name); + } else { + $queryParams['token'] = $params['token']; + } + if (!empty($params['shareRss']) && ctype_digit($params['shareRss'])) { + $queryParams['shareRss'] = (bool)$params['shareRss']; + } + if (!empty($params['shareOpml']) && ctype_digit($params['shareOpml'])) { + $queryParams['shareOpml'] = (bool)$params['shareOpml']; } - $queryParams['name'] = $name; $queryParams['url'] = Minz_Url::display(['params' => $queryParams]); $queries = FreshRSS_Context::userConf()->queries; - $queries[$id] = (new FreshRSS_UserQuery($queryParams, $feed_dao, $category_dao, $tag_dao))->toArray(); + $queries[$id] = (new FreshRSS_UserQuery($queryParams, FreshRSS_Context::categories(), FreshRSS_Context::labels()))->toArray(); FreshRSS_Context::userConf()->queries = $queries; FreshRSS_Context::userConf()->save(); @@ -433,18 +436,15 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { * lean data. */ public function bookmarkQueryAction(): void { - $category_dao = FreshRSS_Factory::createCategoryDao(); - $feed_dao = FreshRSS_Factory::createFeedDao(); - $tag_dao = FreshRSS_Factory::createTagDao(); $queries = []; foreach (FreshRSS_Context::userConf()->queries as $key => $query) { - $queries[$key] = (new FreshRSS_UserQuery($query, $feed_dao, $category_dao, $tag_dao))->toArray(); + $queries[$key] = (new FreshRSS_UserQuery($query, FreshRSS_Context::categories(), FreshRSS_Context::labels()))->toArray(); } $params = $_GET; unset($params['rid']); $params['url'] = Minz_Url::display(['params' => $params]); $params['name'] = _t('conf.query.number', count($queries) + 1); - $queries[] = (new FreshRSS_UserQuery($params, $feed_dao, $category_dao, $tag_dao))->toArray(); + $queries[] = (new FreshRSS_UserQuery($params, FreshRSS_Context::categories(), FreshRSS_Context::labels()))->toArray(); FreshRSS_Context::userConf()->queries = $queries; FreshRSS_Context::userConf()->save(); -- cgit v1.2.3