Temporarily remove EventPrime integration because of security issues. #89

Merged
linos merged 1 commit from remove_eventprime into main 2024-12-19 17:00:30 +01:00
7 changed files with 0 additions and 493 deletions

View file

@ -115,11 +115,6 @@ jobs:
env:
PHP_VERSION: ${{ matrix.php-version }}
- name: Run Integration tests for EventPrime
run: cd /workspace/Event-Federation/wordpress-event-bridge-for-activitypub/ && ./vendor/bin/phpunit --filter=eventprime
env:
PHP_VERSION: ${{ matrix.php-version }}
- name: Run Integration tests for Event Organiser
run: cd /workspace/Event-Federation/wordpress-event-bridge-for-activitypub/ && ./vendor/bin/phpunit --filter=event_organiser
env:

View file

@ -63,7 +63,6 @@ This plugin depends on the [ActivityPub plugin](https://wordpress.org/plugins/ac
* [Eventin](https://de.wordpress.org/plugins/wp-event-solution/)
* [Modern Events Calendar Lite](https://webnus.net/modern-events-calendar/)
* [GatherPress](https://gatherpress.org/)
* [EventPrime Events Calendar, Bookings and Tickets](https://wordpress.org/plugins/eventprime-event-calendar-management/)
* [Event Organiser](https://wordpress.org/plugins/event-organiser/)
## Configuration ##

View file

@ -1,78 +0,0 @@
<?php
/**
* ActivityPub Transformer for the plugin EventPrime.
*
* @package Event_Bridge_For_ActivityPub
* @license AGPL-3.0-or-later
*/
namespace Event_Bridge_For_ActivityPub\Activitypub\Transformer;
// Exit if accessed directly.
defined( 'ABSPATH' ) || exit; // @codeCoverageIgnore
use Activitypub\Activity\Extended_Object\Place;
use Event_Bridge_For_ActivityPub\Activitypub\Transformer\Event;
/**
* ActivityPub Transformer for VS Event
*
* @since 1.0.0
*/
final class EventPrime extends Event {
/**
* Get the end time from the event object.
*/
public function get_end_time(): ?string {
$timestamp = get_post_meta( $this->wp_object->ID, 'em_end_date', true );
if ( $timestamp ) {
return \gmdate( 'Y-m-d\TH:i:s\Z', $timestamp );
} else {
return null;
}
}
/**
* Get the end time from the event object.
*/
public function get_start_time(): string {
$timestamp = get_post_meta( $this->wp_object->ID, 'em_start_date', true );
if ( $timestamp ) {
return \gmdate( 'Y-m-d\TH:i:s\Z', $timestamp );
} else {
return '';
}
}
/**
* Get location from the event object.
*/
public function get_location(): ?Place {
$venue_term_id = get_post_meta( $this->wp_object->ID, 'em_venue', true );
if ( ! $venue_term_id ) {
return null;
}
$venue = wp_get_post_terms( $this->wp_object->ID, 'em_venue' );
if ( empty( $venue ) ) {
return null;
} else {
$venue = $venue[0];
}
$place = new Place();
$place->set_name( $venue->name );
$place->set_content( $venue->description );
$address = get_term_meta( $venue->term_id, 'em_address', true );
$display_address = get_term_meta( $venue->term_id, 'em_display_address_on_frontend', true );
if ( $address && $display_address ) {
$place->set_address( get_term_meta( $venue->term_id, 'em_address', true ) );
}
return $place;
}
}

View file

@ -130,7 +130,6 @@ class Setup {
'\Event_Bridge_For_ActivityPub\Integrations\WP_Event_Manager',
'\Event_Bridge_For_ActivityPub\Integrations\Eventin',
'\Event_Bridge_For_ActivityPub\Integrations\Modern_Events_Calendar_Lite',
'\Event_Bridge_For_ActivityPub\Integrations\EventPrime',
'\Event_Bridge_For_ActivityPub\Integrations\Event_Organiser',
);

View file

@ -1,221 +0,0 @@
<?php
/**
* EventPrime Events Calendar, Bookings and Tickets
*
* @link https://wordpress.org/plugins/eventprime-event-calendar-management/
* @package Event_Bridge_For_ActivityPub
* @since 1.0.0
*/
namespace Event_Bridge_For_ActivityPub\Integrations;
use Activitypub\Signature;
use Eventprime_Basic_Functions;
// Exit if accessed directly.
defined( 'ABSPATH' ) || exit; // @codeCoverageIgnore
/**
* This class defines which information is necessary for the EventPrime event plugin.
*
* @since 1.0.0
*/
final class EventPrime extends Event_Plugin {
/**
* Add filter for the template inclusion.
*/
public function __construct() {
\add_filter( 'template_include', array( self::class, 'render_activitypub_template' ), 100 );
}
/**
* Returns the full plugin file.
*
* @return string
*/
public static function get_relative_plugin_file(): string {
return 'eventprime-event-calendar-management/event-prime.php';
}
/**
* Returns the event post type of the plugin.
*
* @return string
*/
public static function get_post_type(): string {
return 'em_event';
}
/**
* Returns the IDs of the admin pages of the plugin.
*
* @return array The settings page urls.
*/
public static function get_settings_pages(): array {
return array( 'ep-settings' );
}
/**
* Returns the ActivityPub transformer class.
*
* @return string
*/
public static function get_activitypub_transformer_class_name(): string {
return 'EventPrime';
}
/**
* Returns the taxonomy used for the plugin's event categories.
*
* @return string
*/
public static function get_event_category_taxonomy(): string {
return 'em_event_type';
}
/**
* Determine whether the current request is an EventPrime ActivityPub request.
*
* Forked from https://github.com/Automattic/wordpress-activitypub/blob/trunk/includes/functions.php
* the function is_activitypub_request.
*/
private static function is_eventprime_activitypub_request() {
global $wp_query;
/*
* ActivityPub requests are currently only made for
* author archives, singular posts, and the homepage.
*/
if ( ! \is_author() && ! \is_singular() && ! \is_home() && ! defined( '\REST_REQUEST' ) ) {
return false;
}
// Check if the current post type supports ActivityPub.
if ( \is_singular() ) {
$queried_object = \get_queried_object();
if ( ! $queried_object instanceof \WP_Post ) {
return false;
}
if ( '[em_event]' !== $queried_object->post_content && '[em_events]' !== $queried_object->post_content ) {
return false;
}
}
// Check if header already sent.
if ( ! \headers_sent() && ACTIVITYPUB_SEND_VARY_HEADER ) {
// Send Vary header for Accept header.
\header( 'Vary: Accept' );
}
// One can trigger an ActivityPub request by adding ?activitypub to the URL.
if ( isset( $wp_query->query_vars['activitypub'] ) ) {
return true;
}
/*
* The other (more common) option to make an ActivityPub request
* is to send an Accept header.
*/
if ( isset( $_SERVER['HTTP_ACCEPT'] ) ) {
$accept = sanitize_text_field( wp_unslash( $_SERVER['HTTP_ACCEPT'] ) );
/*
* $accept can be a single value, or a comma separated list of values.
* We want to support both scenarios,
* and return true when the header includes at least one of the following:
* - application/activity+json
* - application/ld+json
* - application/json
*/
if ( preg_match( '/(application\/(ld\+json|activity\+json|json))/i', $accept ) ) {
return true;
}
}
return false;
}
/**
* Extract the post id of the event for an EventPrime event query.
*
* @return bool|int The post ID if an event could be identified, false otherwise.
*/
private static function get_eventprime_post_id() {
$event = get_query_var( 'event' );
if ( ! $event ) {
if ( ! empty( filter_input( INPUT_GET, 'event', FILTER_SANITIZE_FULL_SPECIAL_CHARS ) ) ) {
$event = rtrim( filter_input( INPUT_GET, 'event', FILTER_SANITIZE_FULL_SPECIAL_CHARS ), '/\\' );
}
}
if ( $event ) {
$ep_basic_functions = new Eventprime_Basic_Functions();
return $ep_basic_functions->ep_get_id_by_slug( $event, 'em_event' );
}
return false;
}
/**
* Add the ActivityPub template for EventPrime.
*
* @param string $template The path to the template object.
* @return string The new path to the JSON template.
*/
public static function render_activitypub_template( $template ) {
if ( defined( 'REST_REQUEST' ) && REST_REQUEST ) {
return $template;
}
// Check if the request is a page with (solely) the eventprime shortcode in it.
if ( ! self::is_eventprime_activitypub_request() ) {
return $template;
}
if ( ! \is_singular() ) {
return $template;
}
$post_id = self::get_eventprime_post_id();
if ( $post_id ) {
$preview = \get_query_var( 'preview' );
if ( $preview ) {
$activitypub_template = ACTIVITYPUB_PLUGIN_DIR . '/templates/post-preview.php';
} else {
$activitypub_template = ACTIVITYPUB_PLUGIN_DIR . '/templates/post-json.php';
}
}
/*
* Check if the request is authorized.
*
* @see https://www.w3.org/wiki/SocialCG/ActivityPub/Primer/Authentication_Authorization#Authorized_fetch
* @see https://swicg.github.io/activitypub-http-signature/#authorized-fetch
*/
if ( $activitypub_template && defined( 'ACTIVITYPUB_AUTHORIZED_FETCH' ) && constant( 'ACTIVITYPUB_AUTHORIZED_FETCH' ) ) {
$verification = Signature::verify_http_signature( $_SERVER );
if ( \is_wp_error( $verification ) ) {
header( 'HTTP/1.1 401 Unauthorized' );
// Fallback as template_loader can't return http headers.
return $template;
}
}
if ( $activitypub_template ) {
global $post;
$post = get_post( $post_id ); // phpcs:ignore WordPress.WP.GlobalVariablesOverride.Prohibited
// Ensure WordPress functions use the new post data.
setup_postdata( $post );
// Return the default ActivityPub template.
return $activitypub_template;
}
return $template;
}
}

View file

@ -57,7 +57,6 @@ This plugin depends on the [ActivityPub plugin](https://wordpress.org/plugins/ac
* [Eventin](https://de.wordpress.org/plugins/wp-event-solution/)
* [Modern Events Calendar Lite](https://webnus.net/modern-events-calendar/)
* [GatherPress](https://gatherpress.org/)
* [EventPrime Events Calendar, Bookings and Tickets](https://wordpress.org/plugins/eventprime-event-calendar-management/)
* [Event Organiser](https://wordpress.org/plugins/event-organiser/)
== Configuration ==

View file

@ -1,186 +0,0 @@
<?php
/**
* Class SampleTest
*
* @package Event_Bridge_For_ActivityPub
*/
/**
* Sample test case.
*/
class Test_EventPrime extends WP_UnitTestCase {
/**
* Mockup venues of certain complexity.
*
* @var array
*/
private $mockup_venue = array();
/**
* Mockup events for tests.
*
* @var array
*/
protected $mockup_events = array();
/**
* Override the setup function, so that tests don't run if the Events Calendar is not active.
*/
public function set_up() {
parent::set_up();
if ( ! class_exists( '\Eventprime_Basic_Functions' ) ) {
self::markTestSkipped( 'The EventPrime Calendar management plugin is not active.' );
}
// Make sure that ActivityPub support is enabled for The Events Calendar.
$aeb = \Event_Bridge_For_ActivityPub\Setup::get_instance();
$aeb->activate_activitypub_support_for_active_event_plugins();
// Delete all posts afterwards.
_delete_all_posts();
$this->setup_mockup_data();
}
/**
* Setup mockup events.
*/
private function setup_mockup_data() {
$this->mockup_events = array(
'minimal_event' => array(
'name' => 'EventPrime Event title',
'description' => 'EventPrime event description',
'status' => 'Publish',
'em_event_type' => '',
'em_venue' => '',
'em_organizer' => '',
'em_performer' => '',
'em_start_date' => strtotime( '+10 days 15:00:00' ),
'em_end_date' => strtotime( '+10 days 16:00:00' ),
'em_enable_booking' => 'bookings_off',
'em_ticket_price' => 0,
),
);
$this->mockup_venue = array(
'name' => 'Test Venue',
'address' => 'Fediverse-street 1337, 1234 Fediverse-town',
);
}
/**
* Test that the right transformer gets applied.
*/
public function test_the_events_calendar_transformer_class() {
// We only test for one event plugin being active at the same time,
// even though we support multiple onces in theory.
// But testing all combinations is beyond scope.
$active_event_plugins = \Event_Bridge_For_ActivityPub\Setup::get_instance()->get_active_event_plugins();
$this->assertEquals( 1, count( $active_event_plugins ) );
// Enable ActivityPub support for the event plugin.
$this->assertContains( 'em_event', get_option( 'activitypub_support_post_types' ) );
// Create an EventPrime Event without content.
$ep_functions = new Eventprime_Basic_Functions();
$post_id = $ep_functions->insert_event_post_data( $this->mockup_events['minimal_event'] );
$wp_object = get_post( $post_id );
// Call the transformer Factory.
$transformer = \Activitypub\Transformer\Factory::get_transformer( $wp_object );
// Check that we got the right transformer.
$this->assertInstanceOf( \Event_Bridge_For_ActivityPub\Activitypub\Transformer\EventPrime::class, $transformer );
}
/**
* Test transformation of minimal event.
*/
public function test_transformation_of_minimal_event() {
// Create an EventPrime Event without content.
$ep_functions = new Eventprime_Basic_Functions();
$post_id = $ep_functions->insert_event_post_data( $this->mockup_events['minimal_event'] );
$wp_object = get_post( $post_id );
// Call the transformer Factory.
$event_array = \Activitypub\Transformer\Factory::get_transformer( $wp_object )->to_object()->to_array();
// Check that the event ActivityStreams representation contains everything as expected.
$this->assertEquals( 'Event', $event_array['type'] );
$this->assertEquals( 'EventPrime Event title', $event_array['name'] );
$this->assertEquals( 'EventPrime event description', wp_strip_all_tags( $event_array['content'] ) );
$this->assertEquals( gmdate( 'Y-m-d', strtotime( '+10 days 15:00:00' ) ) . 'T15:00:00Z', $event_array['startTime'] );
$this->assertEquals( gmdate( 'Y-m-d', strtotime( '+10 days 16:00:00' ) ) . 'T16:00:00Z', $event_array['endTime'] );
$this->assertTrue( $event_array['commentsEnabled'] );
$this->assertEquals( 'allow_all', $event_array['repliesModerationOption'] );
$this->assertEquals( 'external', $event_array['joinMode'] );
$this->assertArrayNotHasKey( 'location', $event_array );
$this->assertEquals( 'MEETING', $event_array['category'] );
}
/**
* Test transformation of minimal event.
*/
public function test_transformation_of_minimal_event_with_venue() {
// Create an EventPrime Event without content.
$ep_functions = new Eventprime_Basic_Functions();
$venue_term_id = wp_insert_term( $this->mockup_venue['name'], 'em_venue' )['term_id'];
add_term_meta( $venue_term_id, 'em_address', $this->mockup_venue['address'], true );
add_term_meta( $venue_term_id, 'em_display_address_on_frontend', true, true );
$event_data = $this->mockup_events['minimal_event'];
$event_data['em_venue'] = $venue_term_id;
$post_id = $ep_functions->insert_event_post_data( $event_data );
$wp_object = get_post( $post_id );
// Call the transformer Factory.
$event_array = \Activitypub\Transformer\Factory::get_transformer( $wp_object )->to_object()->to_array();
// Check that the event ActivityStreams representation contains everything as expected.
$this->assertEquals( 'Event', $event_array['type'] );
$this->assertEquals( 'EventPrime Event title', $event_array['name'] );
$this->assertEquals( 'EventPrime event description', wp_strip_all_tags( $event_array['content'] ) );
$this->assertEquals( gmdate( 'Y-m-d', strtotime( '+10 days 15:00:00' ) ) . 'T15:00:00Z', $event_array['startTime'] );
$this->assertEquals( gmdate( 'Y-m-d', strtotime( '+10 days 16:00:00' ) ) . 'T16:00:00Z', $event_array['endTime'] );
$this->assertTrue( $event_array['commentsEnabled'] );
$this->assertEquals( 'allow_all', $event_array['repliesModerationOption'] );
$this->assertEquals( 'external', $event_array['joinMode'] );
$this->assertEquals( $this->mockup_venue['name'], $event_array['location']['name'] );
$this->assertEquals( $this->mockup_venue['address'], $event_array['location']['address'] );
$this->assertEquals( 'MEETING', $event_array['category'] );
}
/**
* Test transformation of minimal event with venue which has a hidden address.
*/
public function test_transformation_of_minimal_event_with_venue_with_hidden_address() {
// Create an EventPrime Event without content.
$ep_functions = new Eventprime_Basic_Functions();
$venue_term_id = wp_insert_term( $this->mockup_venue['name'], 'em_venue' )['term_id'];
add_term_meta( $venue_term_id, 'em_address', $this->mockup_venue['address'], true );
add_term_meta( $venue_term_id, 'em_display_address_on_frontend', false, true );
$event_data = $this->mockup_events['minimal_event'];
$event_data['em_venue'] = $venue_term_id;
$post_id = $ep_functions->insert_event_post_data( $event_data );
$wp_object = get_post( $post_id );
// Call the transformer Factory.
$event_array = \Activitypub\Transformer\Factory::get_transformer( $wp_object )->to_object()->to_array();
// Check that the event ActivityStreams representation contains everything as expected.
$this->assertArrayNotHasKey( 'address', $event_array['location'] );
}
}