wordpress-activitypub/includes/collection/class-users.php

<?php
namespace Activitypub\Collection;

use WP_Error;
use WP_User_Query;
use Activitypub\Model\User;
use Activitypub\Model\Blog_User;
use Activitypub\Model\Application_User;

use function Activitypub\get_rest_url_by_path;
use function Activitypub\url_to_authorid;
use function Activitypub\is_user_disabled;

class Users {
	/**
	 * The ID of the Blog User
	 *
	 * @var int
	 */
	const BLOG_USER_ID = 0;

	/**
	 * The ID of the Application User
	 *
	 * @var int
	 */
	const APPLICATION_USER_ID = -1;

	/**
	 * Get the User by ID
	 *
	 * @param int $user_id The User-ID.
	 *
	 * @return \Acitvitypub\Model\User The User.
	 */
	public static function get_by_id( $user_id ) {
		if ( is_string( $user_id ) || is_numeric( $user_id ) ) {
			$user_id = (int) $user_id;
		}

		if ( is_user_disabled( $user_id ) ) {
			return new WP_Error(
				'activitypub_user_not_found',
				\__( 'User not found', 'activitypub' ),
				array( 'status' => 404 )
			);
		}

		if ( self::BLOG_USER_ID === $user_id ) {
			return Blog_User::from_wp_user( $user_id );
		} elseif ( self::APPLICATION_USER_ID === $user_id ) {
			return Application_User::from_wp_user( $user_id );
		} elseif ( $user_id > 0 ) {
			return User::from_wp_user( $user_id );
		}

		return new WP_Error(
			'activitypub_user_not_found',
			\__( 'User not found', 'activitypub' ),
			array( 'status' => 404 )
		);
	}

	/**
	 * Get the User by username.
	 *
	 * @param string $username The User-Name.
	 *
	 * @return \Acitvitypub\Model\User The User.
	 */
	public static function get_by_username( $username ) {
		// check for blog user.
		if ( Blog_User::get_default_username() === $username ) {
			return self::get_by_id( self::BLOG_USER_ID );
		}

		if ( get_option( 'activitypub_blog_user_identifier' ) === $username ) {
			return self::get_by_id( self::BLOG_USER_ID );
		}

		// check for application user.
		if ( 'application' === $username ) {
			return self::get_by_id( self::APPLICATION_USER_ID );
		}

		// check for 'activitypub_username' meta
		$user = new WP_User_Query(
			array(
				'number'         => 1,
				'hide_empty'     => true,
				'fields'         => 'ID',
				// phpcs:ignore WordPress.DB.SlowDBQuery.slow_db_query_meta_query
				'meta_query' => array(
					'relation' => 'OR',
					array(
						'key'     => 'activitypub_user_identifier',
						'value'   => $username,
						'compare' => 'LIKE',
					),
				),
			)
		);

		if ( $user->results ) {
			return self::get_by_id( $user->results[0] );
		}

		$username = str_replace( array( '*', '%' ), '', $username );

		// check for login or nicename.
		$user = new WP_User_Query(
			array(
				'search'         => $username,
				'search_columns' => array( 'user_login', 'user_nicename' ),
				'number'         => 1,
				'hide_empty'     => true,
				'fields'         => 'ID',
			)
		);

		if ( $user->results ) {
			return self::get_by_id( $user->results[0] );
		}

		return new WP_Error(
			'activitypub_user_not_found',
			\__( 'User not found', 'activitypub' ),
			array( 'status' => 404 )
		);
	}

	/**
	 * Get the User by resource.
	 *
	 * @param string $resource The User-Resource.
	 *
	 * @return \Acitvitypub\Model\User The User.
	 */
	public static function get_by_resource( $resource ) {
		$scheme = 'acct';
		$match = array();
		// try to extract the scheme and the host
		if ( preg_match( '/^([a-zA-Z^:]+):(.*)$/i', $resource, $match ) ) {
			// extract the scheme
			$scheme = esc_attr( $match[1] );
		}

		switch ( $scheme ) {
			// check for http(s) URIs
			case 'http':
			case 'https':
				$url_parts = wp_parse_url( $resource );

				// check for http(s)://blog.example.com/@username
				if (
					isset( $url_parts['path'] ) &&
					str_starts_with( $url_parts['path'], '/@' )
				) {
					$identifier = str_replace( '/@', '', $url_parts['path'] );
					$identifier = untrailingslashit( $identifier );

					return self::get_by_username( $identifier );
				}

				// check for http(s)://blog.example.com/author/username
				$user_id = url_to_authorid( $resource );

				if ( $user_id ) {
					return self::get_by_id( $user_id );
				}

				// check for http(s)://blog.example.com/
				if (
					self::normalize_url( site_url() ) === self::normalize_url( $resource ) ||
					self::normalize_url( home_url() ) === self::normalize_url( $resource )
				) {
					return self::get_by_id( self::BLOG_USER_ID );
				}

				// check for application actor
				if ( self::normalize_url( get_rest_url_by_path( 'application' ) ) === self::normalize_url( $resource ) ) {
					return self::get_by_id( self::APPLICATION_USER_ID );
				}

				return new WP_Error(
					'activitypub_no_user_found',
					\__( 'User not found', 'activitypub' ),
					array( 'status' => 404 )
				);
			// check for acct URIs
			case 'acct':
				$resource   = \str_replace( 'acct:', '', $resource );
				$identifier = \substr( $resource, 0, \strrpos( $resource, '@' ) );
				$host       = self::normalize_host( \substr( \strrchr( $resource, '@' ), 1 ) );
				$blog_host  = self::normalize_host( \wp_parse_url( \home_url( '/' ), \PHP_URL_HOST ) );

				if ( $blog_host !== $host ) {
					return new WP_Error(
						'activitypub_wrong_host',
						\__( 'Resource host does not match blog host', 'activitypub' ),
						array( 'status' => 404 )
					);
				}

				// prepare wildcards https://github.com/mastodon/mastodon/issues/22213
				if ( in_array( $identifier, array( '_', '*', '' ), true ) ) {
					return self::get_by_id( self::BLOG_USER_ID );
				}

				return self::get_by_username( $identifier );
			default:
				return new WP_Error(
					'activitypub_wrong_scheme',
					\__( 'Wrong scheme', 'activitypub' ),
					array( 'status' => 404 )
				);
		}
	}

	/**
	 * Get the User by resource.
	 *
	 * @param string $resource The User-Resource.
	 *
	 * @return \Acitvitypub\Model\User The User.
	 */
	public static function get_by_various( $id ) {
		if ( is_numeric( $id ) ) {
			return self::get_by_id( $id );
		} elseif (
			// is URL
			filter_var( $id, FILTER_VALIDATE_URL ) ||
			// is acct
			str_starts_with( $id, 'acct:' )
		) {
			return self::get_by_resource( $id );
		} else {
			return self::get_by_username( $id );
		}
	}

	/**
	 * Normalize a host.
	 *
	 * @param string $host The host.
	 *
	 * @return string The normalized host.
	 */
	public static function normalize_host( $host ) {
		return \str_replace( 'www.', '', $host );
	}

	/**
	 * Normalize a URL.
	 *
	 * @param string $url The URL.
	 *
	 * @return string The normalized URL.
	 */
	public static function normalize_url( $url ) {
		$url = \untrailingslashit( $url );
		$url = \str_replace( 'https://', '', $url );
		$url = \str_replace( 'http://', '', $url );
		$url = \str_replace( 'www.', '', $url );

		return $url;
	}

	/**
	 * Get the User collection.
	 *
	 * @return array The User collection.
	 */
	public static function get_collection() {
		$users = \get_users(
			array(
				'capability__in' => array( 'publish_posts' ),
			)
		);

		$return = array();

		foreach ( $users as $user ) {
			$return[] = User::from_wp_user( $user->ID );
		}

		return $return;
	}
}
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`<?php`
use collection instead of factory 2023-07-03 11:20:44 +02:00			`namespace Activitypub\Collection;`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00
			`use WP_Error;`
			`use WP_User_Query;`
			`use Activitypub\Model\User;`
			`use Activitypub\Model\Blog_User;`
updated signature feature to new structure 2023-06-01 11:45:07 +02:00			`use Activitypub\Model\Application_User;`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00
Announce all posts through the application actor 2023-12-23 09:52:03 +01:00			`use function Activitypub\get_rest_url_by_path;`
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`use function Activitypub\url_to_authorid;`
some refactorings 2023-07-11 09:09:37 +02:00			`use function Activitypub\is_user_disabled;`

use collection instead of factory 2023-07-03 11:20:44 +02:00			`class Users {`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`/**`
			`* The ID of the Blog User`
			`*`
			`* @var int`
			`*/`
			`const BLOG_USER_ID = 0;`

			`/**`
			`* The ID of the Application User`
			`*`
			`* @var int`
			`*/`
			`const APPLICATION_USER_ID = -1;`

			`/**`
			`* Get the User by ID`
			`*`
			`* @param int $user_id The User-ID.`
			`*`
			`* @return \Acitvitypub\Model\User The User.`
			`*/`
			`public static function get_by_id( $user_id ) {`
check if a user is enabled or not 2023-06-21 17:10:52 +02:00			`if ( is_string( $user_id ) \|\| is_numeric( $user_id ) ) {`
			`$user_id = (int) $user_id;`
			`}`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00
some refactorings 2023-07-11 09:09:37 +02:00			`if ( is_user_disabled( $user_id ) ) {`
			`return new WP_Error(`
			`'activitypub_user_not_found',`
			`\__( 'User not found', 'activitypub' ),`
			`array( 'status' => 404 )`
			`);`
			`}`

transform users to actors 2023-06-28 14:22:27 +02:00			`if ( self::BLOG_USER_ID === $user_id ) {`
			`return Blog_User::from_wp_user( $user_id );`
			`} elseif ( self::APPLICATION_USER_ID === $user_id ) {`
			`return Application_User::from_wp_user( $user_id );`
			`} elseif ( $user_id > 0 ) {`
			`return User::from_wp_user( $user_id );`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`}`
check if a user is enabled or not 2023-06-21 17:10:52 +02:00
			`return new WP_Error(`
			`'activitypub_user_not_found',`
			`\__( 'User not found', 'activitypub' ),`
			`array( 'status' => 404 )`
			`);`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`}`

			`/**`
			`* Get the User by username.`
			`*`
			`* @param string $username The User-Name.`
			`*`
			`* @return \Acitvitypub\Model\User The User.`
			`*/`
			`public static function get_by_username( $username ) {`
			`// check for blog user.`
generate default username 2023-05-30 11:22:20 +02:00			`if ( Blog_User::get_default_username() === $username ) {`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`return self::get_by_id( self::BLOG_USER_ID );`
			`}`

check for option field 2023-06-28 16:42:33 +02:00			`if ( get_option( 'activitypub_blog_user_identifier' ) === $username ) {`
			`return self::get_by_id( self::BLOG_USER_ID );`
			`}`

Added settings for blog-wide user 2023-05-26 16:08:08 +02:00			`// check for application user.`
updated signature feature to new structure 2023-06-01 11:45:07 +02:00			`if ( 'application' === $username ) {`
Added settings for blog-wide user 2023-05-26 16:08:08 +02:00			`return self::get_by_id( self::APPLICATION_USER_ID );`
			`}`

prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`// check for 'activitypub_username' meta`
			`$user = new WP_User_Query(`
			`array(`
			`'number' => 1,`
			`'hide_empty' => true,`
			`'fields' => 'ID',`
Add/small improvements (#384) * flush rewrite rules after migration * some activity improvements * equate usernames with and without `.` Can we equate `@notiz.blog@notiz.blog` with `@notizblog@notiz.blog`? * better NodeInfo compatibility check * fix `extract_name_from_uri` * reset user check * re-added action * fix check 2023-07-31 20:15:11 +02:00			`// phpcs:ignore WordPress.DB.SlowDBQuery.slow_db_query_meta_query`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`'meta_query' => array(`
			`'relation' => 'OR',`
			`array(`
Added settings for blog-wide user 2023-05-26 16:08:08 +02:00			`'key' => 'activitypub_user_identifier',`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`'value' => $username,`
			`'compare' => 'LIKE',`
			`),`
			`),`
			`)`
			`);`

			`if ( $user->results ) {`
			`return self::get_by_id( $user->results[0] );`
			`}`

WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`$username = str_replace( array( '*', '%' ), '', $username );`

prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`// check for login or nicename.`
			`$user = new WP_User_Query(`
			`array(`
			`'search' => $username,`
			`'search_columns' => array( 'user_login', 'user_nicename' ),`
			`'number' => 1,`
			`'hide_empty' => true,`
			`'fields' => 'ID',`
			`)`
			`);`

			`if ( $user->results ) {`
			`return self::get_by_id( $user->results[0] );`
			`}`

			`return new WP_Error(`
			`'activitypub_user_not_found',`
			`\__( 'User not found', 'activitypub' ),`
			`array( 'status' => 404 )`
			`);`
			`}`

			`/**`
			`* Get the User by resource.`
			`*`
			`* @param string $resource The User-Resource.`
			`*`
			`* @return \Acitvitypub\Model\User The User.`
			`*/`
			`public static function get_by_resource( $resource ) {`
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`$scheme = 'acct';`
			`$match = array();`
			`// try to extract the scheme and the host`
			`if ( preg_match( '/^([a-zA-Z^:]+):(.*)$/i', $resource, $match ) ) {`
			`// extract the scheme`
			`$scheme = esc_attr( $match[1] );`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`}`

WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`switch ( $scheme ) {`
			`// check for http(s) URIs`
			`case 'http':`
			`case 'https':`
			`$url_parts = wp_parse_url( $resource );`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`// check for http(s)://blog.example.com/@username`
			`if (`
			`isset( $url_parts['path'] ) &&`
			`str_starts_with( $url_parts['path'], '/@' )`
			`) {`
			`$identifier = str_replace( '/@', '', $url_parts['path'] );`
			`$identifier = untrailingslashit( $identifier );`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`return self::get_by_username( $identifier );`
			`}`

			`// check for http(s)://blog.example.com/author/username`
			`$user_id = url_to_authorid( $resource );`

			`if ( $user_id ) {`
			`return self::get_by_id( $user_id );`
			`}`

			`// check for http(s)://blog.example.com/`
			`if (`
			`self::normalize_url( site_url() ) === self::normalize_url( $resource ) \|\|`
			`self::normalize_url( home_url() ) === self::normalize_url( $resource )`
			`) {`
			`return self::get_by_id( self::BLOG_USER_ID );`
			`}`

Announce all posts through the application actor 2023-12-23 09:52:03 +01:00			`// check for application actor`
			`if ( self::normalize_url( get_rest_url_by_path( 'application' ) ) === self::normalize_url( $resource ) ) {`
			`return self::get_by_id( self::APPLICATION_USER_ID );`
			`}`

WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`return new WP_Error(`
			`'activitypub_no_user_found',`
			`\__( 'User not found', 'activitypub' ),`
			`array( 'status' => 404 )`
			`);`
			`// check for acct URIs`
			`case 'acct':`
			`$resource = \str_replace( 'acct:', '', $resource );`
			`$identifier = \substr( $resource, 0, \strrpos( $resource, '@' ) );`
			`$host = self::normalize_host( \substr( \strrchr( $resource, '@' ), 1 ) );`
			`$blog_host = self::normalize_host( \wp_parse_url( \home_url( '/' ), \PHP_URL_HOST ) );`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`if ( $blog_host !== $host ) {`
			`return new WP_Error(`
			`'activitypub_wrong_host',`
			`\__( 'Resource host does not match blog host', 'activitypub' ),`
			`array( 'status' => 404 )`
			`);`
			`}`

			`// prepare wildcards https://github.com/mastodon/mastodon/issues/22213`
			`if ( in_array( $identifier, array( '_', '*', '' ), true ) ) {`
			`return self::get_by_id( self::BLOG_USER_ID );`
			`}`

			`return self::get_by_username( $identifier );`
			`default:`
			`return new WP_Error(`
			`'activitypub_wrong_scheme',`
			`\__( 'Wrong scheme', 'activitypub' ),`
			`array( 'status' => 404 )`
			`);`
			`}`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`}`

			`/**`
			`* Get the User by resource.`
			`*`
			`* @param string $resource The User-Resource.`
			`*`
			`* @return \Acitvitypub\Model\User The User.`
			`*/`
			`public static function get_by_various( $id ) {`
			`if ( is_numeric( $id ) ) {`
			`return self::get_by_id( $id );`
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`} elseif (`
			`// is URL`
			`filter_var( $id, FILTER_VALIDATE_URL ) \|\|`
			`// is acct`
			`str_starts_with( $id, 'acct:' )`
			`) {`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`return self::get_by_resource( $id );`
			`} else {`
			`return self::get_by_username( $id );`
			`}`
			`}`
normalizing 2023-06-21 15:46:34 +02:00
			`/**`
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`* Normalize a host.`
normalizing 2023-06-21 15:46:34 +02:00			`*`
			`* @param string $host The host.`
			`*`
			`* @return string The normalized host.`
			`*/`
			`public static function normalize_host( $host ) {`
			`return \str_replace( 'www.', '', $host );`
			`}`
update endpoints (#390) * add collection endpoint * show featured posts * more consistant wording * backwards compatibility with php7.x * compatibility with php5.6 * use ACTIVITYPUB_AUTHORIZED_FETCH instead because the ACTIVITYPUB_SECURE_MODE could be misinterpreted with disabling the security mechanisms completely. * the blog user follows all authors of a blog if not in single_user mode * phpdoc * adding changes based on feedback from @jeherve * global namespace * better hashtag handling should also fix #373 #239 thanks @jeherve for help and feedback! * fix workflow 2023-08-09 13:07:30 +02:00
WebFinger: Add support for URLs (#594) * add support for URLs * phpcs * simplify vars 2023-12-11 10:28:41 +01:00			`/**`
			`* Normalize a URL.`
			`*`
			`* @param string $url The URL.`
			`*`
			`* @return string The normalized URL.`
			`*/`
			`public static function normalize_url( $url ) {`
			`$url = \untrailingslashit( $url );`
			`$url = \str_replace( 'https://', '', $url );`
			`$url = \str_replace( 'http://', '', $url );`
			`$url = \str_replace( 'www.', '', $url );`

			`return $url;`
			`}`

update endpoints (#390) * add collection endpoint * show featured posts * more consistant wording * backwards compatibility with php7.x * compatibility with php5.6 * use ACTIVITYPUB_AUTHORIZED_FETCH instead because the ACTIVITYPUB_SECURE_MODE could be misinterpreted with disabling the security mechanisms completely. * the blog user follows all authors of a blog if not in single_user mode * phpdoc * adding changes based on feedback from @jeherve * global namespace * better hashtag handling should also fix #373 #239 thanks @jeherve for help and feedback! * fix workflow 2023-08-09 13:07:30 +02:00			`/**`
			`* Get the User collection.`
			`*`
			`* @return array The User collection.`
			`*/`
			`public static function get_collection() {`
			`$users = \get_users(`
			`array(`
			`'capability__in' => array( 'publish_posts' ),`
			`)`
			`);`

			`$return = array();`

			`foreach ( $users as $user ) {`
			`$return[] = User::from_wp_user( $user->ID );`
			`}`

			`return $return;`
			`}`
prepare pseudo users like a blog wide user. this allows also other constructs like tag oder category users fix #1 2023-05-24 16:32:00 +02:00			`}`