2018-09-24 20:47:15 +02:00
< ? php
2019-02-24 12:07:41 +01:00
namespace Activitypub ;
2023-07-20 10:57:14 +02:00
use WP_Error ;
2023-07-03 18:18:03 +02:00
use Activitypub\Http ;
use Activitypub\Activity\Activity ;
use Activitypub\Collection\Followers ;
2018-09-27 22:26:57 +02:00
/**
2018-09-30 22:51:22 +02:00
* Returns the ActivityPub default JSON - context
2018-09-27 22:26:57 +02:00
*
2018-09-30 22:51:22 +02:00
* @ return array the activitypub context
2018-09-27 22:26:57 +02:00
*/
2019-02-24 12:07:41 +01:00
function get_context () {
2023-07-03 18:18:03 +02:00
$context = Activity :: CONTEXT ;
2018-09-30 22:51:22 +02:00
2019-09-27 10:12:59 +02:00
return \apply_filters ( 'activitypub_json_context' , $context );
2018-09-27 22:26:57 +02:00
}
2018-12-08 00:02:18 +01:00
2019-02-24 12:07:41 +01:00
function safe_remote_post ( $url , $body , $user_id ) {
2023-07-03 18:18:03 +02:00
return Http :: post ( $url , $body , $user_id );
2018-12-20 11:33:08 +01:00
}
2023-05-05 20:02:12 +02:00
function safe_remote_get ( $url ) {
2023-07-03 18:18:03 +02:00
return Http :: get ( $url );
2020-02-21 11:05:17 +01:00
}
2018-12-20 11:33:08 +01:00
/**
* Returns a users WebFinger " resource "
*
2023-05-10 15:36:45 +02:00
* @ param int $user_id The User - ID .
2018-12-20 11:33:08 +01:00
*
2023-05-10 15:36:45 +02:00
* @ return string The User - Resource .
2018-12-20 11:33:08 +01:00
*/
2019-02-24 12:07:41 +01:00
function get_webfinger_resource ( $user_id ) {
2023-04-24 20:46:51 +02:00
return Webfinger :: get_user_resource ( $user_id );
2018-12-20 11:33:08 +01:00
}
/**
2023-04-24 20:46:51 +02:00
* Requests the Meta - Data from the Actors profile
2018-12-20 11:33:08 +01:00
*
2023-05-31 14:03:46 +02:00
* @ param string $actor The Actor URL .
* @ param bool $cached If the result should be cached .
2023-04-25 11:59:08 +02:00
*
2023-10-24 14:54:03 +02:00
* @ return array | WP_Error The Actor profile as array or WP_Error on failure .
2018-12-20 11:33:08 +01:00
*/
2023-05-31 14:03:46 +02:00
function get_remote_metadata_by_actor ( $actor , $cached = true ) {
2022-12-02 12:46:42 +01:00
$pre = apply_filters ( 'pre_get_remote_metadata_by_actor' , false , $actor );
if ( $pre ) {
return $pre ;
}
2022-12-09 11:59:24 +01:00
if ( preg_match ( '/^@?' . ACTIVITYPUB_USERNAME_REGEXP . '$/i' , $actor ) ) {
2022-12-09 19:05:43 +01:00
$actor = Webfinger :: resolve ( $actor );
2022-11-09 15:08:32 +01:00
}
if ( ! $actor ) {
2023-09-21 09:03:24 +02:00
return new WP_Error ( 'activitypub_no_valid_actor_identifier' , \__ ( 'The "actor" identifier is not valid' , 'activitypub' ), array ( 'status' => 404 , 'actor' => $actor ) );
2022-11-09 15:08:32 +01:00
}
2022-12-15 11:37:00 +01:00
if ( is_wp_error ( $actor ) ) {
return $actor ;
}
2023-06-14 15:02:45 +02:00
$transient_key = 'activitypub_' . $actor ;
2023-05-31 14:03:46 +02:00
// only check the cache if needed.
if ( $cached ) {
$metadata = \get_transient ( $transient_key );
2018-12-20 11:33:08 +01:00
2023-05-31 14:03:46 +02:00
if ( $metadata ) {
return $metadata ;
}
2018-12-20 11:33:08 +01:00
}
2019-09-27 10:12:59 +02:00
if ( ! \wp_http_validate_url ( $actor ) ) {
2023-09-21 09:03:24 +02:00
$metadata = new WP_Error ( 'activitypub_no_valid_actor_url' , \__ ( 'The "actor" is no valid URL' , 'activitypub' ), array ( 'status' => 400 , 'actor' => $actor ) );
2022-12-12 16:36:22 +01:00
return $metadata ;
2018-12-20 11:33:08 +01:00
}
2023-05-05 20:02:12 +02:00
$response = Http :: get ( $actor );
2023-10-21 11:23:05 +02:00
2019-09-27 10:12:59 +02:00
if ( \is_wp_error ( $response ) ) {
2018-12-20 11:33:08 +01:00
return $response ;
}
2019-09-27 10:12:59 +02:00
$metadata = \wp_remote_retrieve_body ( $response );
$metadata = \json_decode ( $metadata , true );
2018-12-20 11:33:08 +01:00
if ( ! $metadata ) {
2023-09-21 09:03:24 +02:00
$metadata = new WP_Error ( 'activitypub_invalid_json' , \__ ( 'No valid JSON data' , 'activitypub' ), array ( 'status' => 400 , 'actor' => $actor ) );
2022-12-09 13:39:48 +01:00
return $metadata ;
2018-12-20 11:33:08 +01:00
}
2023-10-21 11:23:05 +02:00
\set_transient ( $transient_key , $metadata , WEEK_IN_SECONDS );
2018-12-20 11:33:08 +01:00
return $metadata ;
}
2023-05-10 15:36:45 +02:00
/**
* Returns the followers of a given user .
*
* @ param int $user_id The User - ID .
*
* @ return array The followers .
*/
2019-02-24 12:07:41 +01:00
function get_followers ( $user_id ) {
2023-07-03 18:18:03 +02:00
return Followers :: get_followers ( $user_id );
2019-01-22 21:16:37 +01:00
}
2023-05-10 15:36:45 +02:00
/**
* Count the number of followers for a given user .
*
* @ param int $user_id The User - ID .
*
* @ return int The number of followers .
*/
2019-02-24 12:07:41 +01:00
function count_followers ( $user_id ) {
2023-07-03 18:18:03 +02:00
return Followers :: count_followers ( $user_id );
2019-01-22 21:16:37 +01:00
}
2019-11-18 20:57:00 +01:00
/**
* Examine a url and try to determine the author ID it represents .
*
* Checks are supposedly from the hosted site blog .
*
* @ param string $url Permalink to check .
*
* @ return int User ID , or 0 on failure .
*/
function url_to_authorid ( $url ) {
global $wp_rewrite ;
// check if url hase the same host
2020-05-12 20:30:06 +02:00
if ( \wp_parse_url ( \site_url (), \PHP_URL_HOST ) !== \wp_parse_url ( $url , \PHP_URL_HOST ) ) {
2019-11-18 20:57:00 +01:00
return 0 ;
}
// first, check to see if there is a 'author=N' to match against
2019-12-01 21:20:26 +01:00
if ( \preg_match ( '/[?&]author=(\d+)/i' , $url , $values ) ) {
2020-05-12 20:30:06 +02:00
$id = \absint ( $values [ 1 ] );
2019-11-18 20:57:00 +01:00
if ( $id ) {
return $id ;
}
}
// check to see if we are using rewrite rules
$rewrite = $wp_rewrite -> wp_rewrite_rules ();
// not using rewrite rules, and 'author=N' method failed, so we're out of options
if ( empty ( $rewrite ) ) {
return 0 ;
}
// generate rewrite rule for the author url
$author_rewrite = $wp_rewrite -> get_author_permastruct ();
2019-12-01 21:20:26 +01:00
$author_regexp = \str_replace ( '%author%' , '' , $author_rewrite );
2019-11-18 20:57:00 +01:00
// match the rewrite rule with the passed url
2019-12-01 21:20:26 +01:00
if ( \preg_match ( '/https?:\/\/(.+)' . \preg_quote ( $author_regexp , '/' ) . '([^\/]+)/i' , $url , $match ) ) {
2020-05-12 20:30:06 +02:00
$user = \get_user_by ( 'slug' , $match [ 2 ] );
2019-11-18 20:57:00 +01:00
if ( $user ) {
return $user -> ID ;
}
}
return 0 ;
}
2023-03-14 18:36:47 +01:00
2023-05-02 14:39:25 +02:00
/**
* Check for Tombstone Objects
*
* @ see https :// www . w3 . org / TR / activitypub / #delete-activity-outbox
*
* @ param WP_Error $wp_error A WP_Error - Response of an HTTP - Request
*
* @ return boolean true if HTTP - Code is 410 or 404
*/
function is_tombstone ( $wp_error ) {
if ( ! is_wp_error ( $wp_error ) ) {
return false ;
}
if ( in_array ( ( int ) $wp_error -> get_error_code (), array ( 404 , 410 ), true ) ) {
return true ;
}
return false ;
}
2023-05-12 21:58:50 +02:00
/**
* Get the REST URL relative to this plugin ' s namespace .
*
* @ param string $path Optional . REST route path . Otherwise this plugin ' s namespaced root .
2023-05-17 09:03:26 +02:00
*
2023-05-12 21:58:50 +02:00
* @ return string REST URL relative to this plugin ' s namespace .
*/
function get_rest_url_by_path ( $path = '' ) {
// we'll handle the leading slash.
$path = ltrim ( $path , '/' );
2023-05-12 23:42:30 +02:00
$namespaced_path = sprintf ( '/%s/%s' , ACTIVITYPUB_REST_NAMESPACE , $path );
2023-05-13 01:25:49 +02:00
return \get_rest_url ( null , $namespaced_path );
2023-05-12 22:44:41 +02:00
}
2023-06-23 14:54:29 +02:00
/**
* Convert a string from camelCase to snake_case .
*
* @ param string $string The string to convert .
*
* @ return string The converted string .
*/
2023-07-20 13:25:28 +02:00
// phpcs:ignore Universal.NamingConventions.NoReservedKeywordParameterNames.stringFound
2023-06-23 14:54:29 +02:00
function camel_to_snake_case ( $string ) {
return strtolower ( preg_replace ( '/(?<!^)[A-Z]/' , '_$0' , $string ) );
}
2023-06-26 11:08:04 +02:00
/**
* Convert a string from snake_case to camelCase .
*
* @ param string $string The string to convert .
*
* @ return string The converted string .
*/
2023-07-20 13:25:28 +02:00
// phpcs:ignore Universal.NamingConventions.NoReservedKeywordParameterNames.stringFound
2023-06-26 11:08:04 +02:00
function snake_to_camel_case ( $string ) {
return lcfirst ( str_replace ( '_' , '' , ucwords ( $string , '_' ) ) );
}
2023-08-09 13:07:30 +02:00
/**
* Escapes a Tag , to be used as a hashtag .
*
* @ param string $string The string to escape .
*
* @ return string The escaped hastag .
*/
function esc_hashtag ( $string ) {
$hashtag = \wp_specialchars_decode ( $string , ENT_QUOTES );
// Remove all characters that are not letters, numbers, or underscores.
$hashtag = \preg_replace ( '/emoji-regex(*SKIP)(?!)|[^\p{L}\p{Nd}_]+/u' , '_' , $hashtag );
// Capitalize every letter that is preceded by an underscore.
$hashtag = preg_replace_callback (
'/_(.)/' ,
function ( $matches ) {
return '' . strtoupper ( $matches [ 1 ] );
},
$hashtag
);
// Add a hashtag to the beginning of the string.
$hashtag = ltrim ( $hashtag , '#' );
$hashtag = '#' . $hashtag ;
/**
* Allow defining your own custom hashtag generation rules .
*
* @ param string $hashtag The hashtag to be returned .
* @ param string $string The original string .
*/
$hashtag = apply_filters ( 'activitypub_esc_hashtag' , $hashtag , $string );
return esc_html ( $hashtag );
}
2023-05-11 19:53:53 +02:00
/**
* Check if a request is for an ActivityPub request .
*
* @ return bool False by default .
*/
function is_activitypub_request () {
global $wp_query ;
/*
* ActivityPub requests are currently only made for
* author archives , singular posts , and the homepage .
*/
2023-07-05 18:13:46 +02:00
if ( ! \is_author () && ! \is_singular () && ! \is_home () && ! defined ( '\REST_REQUEST' ) ) {
2023-05-11 19:53:53 +02:00
return false ;
}
// One can trigger an ActivityPub request by adding ?activitypub to the URL.
2023-07-20 13:25:28 +02:00
// phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.VariableRedeclaration
2023-05-11 19:53:53 +02:00
global $wp_query ;
if ( isset ( $wp_query -> query_vars [ 'activitypub' ] ) ) {
return true ;
}
/*
* The other ( more common ) option to make an ActivityPub request
* is to send an Accept header .
*/
if ( isset ( $_SERVER [ 'HTTP_ACCEPT' ] ) ) {
2023-07-18 22:02:27 +02:00
$accept = sanitize_text_field ( wp_unslash ( $_SERVER [ 'HTTP_ACCEPT' ] ) );
2023-05-11 19:53:53 +02:00
/*
* $accept can be a single value , or a comma separated list of values .
* We want to support both scenarios ,
* and return true when the header includes at least one of the following :
* - application / activity + json
* - application / ld + json
2023-08-11 09:22:46 +02:00
* - application / json
2023-05-11 19:53:53 +02:00
*/
2023-08-11 09:22:46 +02:00
if ( preg_match ( '/(application\/(ld\+json|activity\+json|json))/i' , $accept ) ) {
2023-05-11 19:53:53 +02:00
return true ;
}
}
return false ;
}
2023-05-25 13:55:18 +02:00
/**
2023-06-28 14:22:27 +02:00
* This function checks if a user is disabled for ActivityPub .
2023-06-21 17:10:52 +02:00
*
* @ param int $user_id The User - ID .
*
2023-06-28 14:22:27 +02:00
* @ return boolean True if the user is disabled , false otherwise .
2023-06-21 17:10:52 +02:00
*/
2023-06-28 14:22:27 +02:00
function is_user_disabled ( $user_id ) {
2023-07-11 08:58:50 +02:00
$return = false ;
2023-06-21 17:10:52 +02:00
switch ( $user_id ) {
// if the user is the application user, it's always enabled.
2023-07-03 11:20:44 +02:00
case \Activitypub\Collection\Users :: APPLICATION_USER_ID :
2023-07-11 08:58:50 +02:00
$return = false ;
break ;
2023-06-21 17:10:52 +02:00
// if the user is the blog user, it's only enabled in single-user mode.
2023-07-03 11:20:44 +02:00
case \Activitypub\Collection\Users :: BLOG_USER_ID :
2023-07-20 10:57:14 +02:00
if ( is_user_type_disabled ( 'blog' ) ) {
$return = true ;
2023-07-11 08:58:50 +02:00
break ;
2023-06-21 17:10:52 +02:00
}
2023-07-11 08:58:50 +02:00
$return = false ;
break ;
2023-06-21 17:10:52 +02:00
// if the user is any other user, it's enabled if it can publish posts.
default :
2023-07-11 09:09:37 +02:00
if ( ! \get_user_by ( 'id' , $user_id ) ) {
$return = true ;
break ;
}
2023-07-20 10:57:14 +02:00
if ( is_user_type_disabled ( 'user' ) ) {
$return = true ;
2023-07-11 08:58:50 +02:00
break ;
2023-06-28 14:22:27 +02:00
}
2023-07-11 08:53:18 +02:00
if ( ! \user_can ( $user_id , 'publish_posts' ) ) {
2023-07-11 08:58:50 +02:00
$return = true ;
break ;
2023-07-11 08:53:18 +02:00
}
2023-07-11 08:58:50 +02:00
$return = false ;
break ;
2023-06-21 17:10:52 +02:00
}
2023-07-11 08:58:50 +02:00
return apply_filters ( 'activitypub_is_user_disabled' , $return , $user_id );
2023-06-21 17:10:52 +02:00
}
2023-07-20 10:57:14 +02:00
/**
* Checks if a User - Type is disabled for ActivityPub .
*
* This function is used to check if the 'blog' or 'user'
* type is disabled for ActivityPub .
*
* @ param enum $type Can be 'blog' or 'user' .
*
* @ return boolean True if the user type is disabled , false otherwise .
*/
function is_user_type_disabled ( $type ) {
switch ( $type ) {
case 'blog' :
if ( \defined ( 'ACTIVITYPUB_SINGLE_USER_MODE' ) ) {
if ( ACTIVITYPUB_SINGLE_USER_MODE ) {
$return = false ;
break ;
}
}
if ( \defined ( 'ACTIVITYPUB_DISABLE_BLOG_USER' ) ) {
$return = ACTIVITYPUB_DISABLE_BLOG_USER ;
break ;
}
2023-07-20 14:21:32 +02:00
if ( '1' !== \get_option ( 'activitypub_enable_blog_user' , '0' ) ) {
$return = true ;
break ;
}
2023-07-20 10:57:14 +02:00
$return = false ;
break ;
case 'user' :
if ( \defined ( 'ACTIVITYPUB_SINGLE_USER_MODE' ) ) {
if ( ACTIVITYPUB_SINGLE_USER_MODE ) {
$return = true ;
break ;
}
}
if ( \defined ( 'ACTIVITYPUB_DISABLE_USER' ) ) {
$return = ACTIVITYPUB_DISABLE_USER ;
break ;
}
2023-07-20 14:21:32 +02:00
if ( '1' !== \get_option ( 'activitypub_enable_users' , '1' ) ) {
$return = true ;
break ;
}
2023-07-20 10:57:14 +02:00
$return = false ;
break ;
default :
2023-09-21 09:03:24 +02:00
$return = new WP_Error ( 'activitypub_wrong_user_type' , __ ( 'Wrong user type' , 'activitypub' ), array ( 'status' => 400 ) );
2023-07-20 10:57:14 +02:00
break ;
}
return apply_filters ( 'activitypub_is_user_type_disabled' , $return , $type );
}
2023-07-10 10:29:02 +02:00
/**
* Check if the blog is in single - user mode .
*
* @ return boolean True if the blog is in single - user mode , false otherwise .
*/
function is_single_user () {
2023-09-26 21:04:51 +02:00
if (
2023-07-20 10:57:14 +02:00
false === is_user_type_disabled ( 'blog' ) &&
true === is_user_type_disabled ( 'user' )
2023-07-10 10:29:02 +02:00
) {
2023-09-26 21:04:51 +02:00
return true ;
2023-07-10 10:29:02 +02:00
}
2023-09-26 21:04:51 +02:00
return false ;
2023-07-10 10:29:02 +02:00
}
2023-09-15 10:38:47 +02:00
/**
* Check if a site supports the block editor .
*
* @ return boolean True if the site supports the block editor , false otherwise .
*/
function site_supports_blocks () {
2023-10-04 08:32:21 +02:00
if ( \version_compare ( \get_bloginfo ( 'version' ), '5.9' , '<' ) ) {
return false ;
}
2023-09-15 10:38:47 +02:00
if ( ! \function_exists ( 'register_block_type_from_metadata' ) ) {
return false ;
}
/**
* Allow plugins to disable block editor support ,
* thus disabling blocks registered by the ActivityPub plugin .
*
* @ param boolean $supports_blocks True if the site supports the block editor , false otherwise .
*/
return apply_filters ( 'activitypub_site_supports_blocks' , true );
}
2023-09-21 16:26:17 +02:00
/**
* Check if data is valid JSON .
*
* @ param string $data The data to check .
*
* @ return boolean True if the data is JSON , false otherwise .
*/
function is_json ( $data ) {
return \is_array ( \json_decode ( $data , true ) ) ? true : false ;
}
2023-10-12 15:52:11 +02:00
/**
* Check if a blog is public based on the `blog_public` option
*
* @ return bollean True if public , false if not
*/
function is_blog_public () {
return ( bool ) apply_filters ( 'activitypub_is_blog_public' , \get_option ( 'blog_public' , 1 ) );
}
2023-11-08 16:46:02 +01:00
/**
* Sanitize a URL
*
* @ param string $value The URL to sanitize
*
* @ return string | null The sanitized URL or null if invalid
*/
function sanitize_url ( $value ) {
if ( filter_var ( $value , FILTER_VALIDATE_URL ) === false ) {
return null ;
}
return esc_url_raw ( $value );
}
/**
* Extract recipient URLs from Activity object
*
* @ param array $data
*
* @ return array The list of user URLs
*/
function extract_recipients_from_activity ( $data ) {
$recipient_items = array ();
foreach ( array ( 'to' , 'bto' , 'cc' , 'bcc' , 'audience' ) as $i ) {
if ( array_key_exists ( $i , $data ) ) {
if ( is_array ( $data [ $i ] ) ) {
$recipient = $data [ $i ];
} else {
$recipient = array ( $data [ $i ] );
}
$recipient_items = array_merge ( $recipient_items , $recipient );
}
if ( is_array ( $data [ 'object' ] ) && array_key_exists ( $i , $data [ 'object' ] ) ) {
if ( is_array ( $data [ 'object' ][ $i ] ) ) {
$recipient = $data [ 'object' ][ $i ];
} else {
$recipient = array ( $data [ 'object' ][ $i ] );
}
$recipient_items = array_merge ( $recipient_items , $recipient );
}
}
$recipients = array ();
// flatten array
foreach ( $recipient_items as $recipient ) {
if ( is_array ( $recipient ) ) {
// check if recipient is an object
if ( array_key_exists ( 'id' , $recipient ) ) {
$recipients [] = $recipient [ 'id' ];
}
} else {
$recipients [] = $recipient ;
}
}
return array_unique ( $recipients );
}
/**
* Check if passed Activity is Public
*
* @ param array $data The Activity object as array
*
* @ return boolean True if public , false if not
*/
function is_activity_public ( $data ) {
$recipients = extract_recipients_from_activity ( $data );
return in_array ( 'https://www.w3.org/ns/activitystreams#Public' , $recipients , true );
}