updated plugin ActivityPub version 8.3.0
This commit is contained in:
Gitium
@ -0,0 +1,114 @@
|
||||
<?php
|
||||
/**
|
||||
* Outbox Update handler file.
|
||||
*
|
||||
* @package Activitypub
|
||||
*/
|
||||
|
||||
namespace Activitypub\Handler\Outbox;
|
||||
|
||||
use Activitypub\Collection\Posts;
|
||||
use Activitypub\Collection\Remote_Posts;
|
||||
|
||||
use function Activitypub\is_activity_public;
|
||||
|
||||
/**
|
||||
* Handle outgoing Update activities (C2S).
|
||||
*/
|
||||
class Update {
|
||||
/**
|
||||
* Initialize the class, registering WordPress hooks.
|
||||
*/
|
||||
public static function init() {
|
||||
\add_filter( 'activitypub_outbox_update', array( self::class, 'handle_update' ), 10, 3 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle outgoing "Update" activities from local actors.
|
||||
*
|
||||
* Updates a WordPress post from the ActivityPub object. The post scheduler
|
||||
* will add it to the outbox and federate it.
|
||||
*
|
||||
* @param array $activity The activity data.
|
||||
* @param int $user_id The local user ID.
|
||||
* @param string|null $visibility Content visibility.
|
||||
*
|
||||
* @return \WP_Post|\WP_Error|false The updated post on success, WP_Error on failure, false if not handled.
|
||||
*/
|
||||
public static function handle_update( $activity, $user_id = null, $visibility = null ) {
|
||||
// Skip private/direct activities.
|
||||
if ( ! is_activity_public( $activity ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$object = $activity['object'] ?? array();
|
||||
|
||||
if ( ! \is_array( $object ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$type = $object['type'] ?? '';
|
||||
|
||||
// Only handle Note and Article types.
|
||||
if ( ! \in_array( $type, array( 'Note', 'Article' ), true ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$object_id = $object['id'] ?? '';
|
||||
|
||||
if ( empty( $object_id ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/*
|
||||
* Find the post by its ActivityPub ID.
|
||||
* First try to find a local post by permalink.
|
||||
*/
|
||||
$post_id = \url_to_postid( $object_id );
|
||||
$post = $post_id ? \get_post( $post_id ) : null;
|
||||
|
||||
// Fall back to Posts collection for remote posts (ap_post type).
|
||||
if ( ! $post instanceof \WP_Post ) {
|
||||
$post = Remote_Posts::get_by_guid( $object_id );
|
||||
}
|
||||
|
||||
if ( ! $post instanceof \WP_Post ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify the user owns this post.
|
||||
* The blog actor ($user_id === 0) can update any post since it
|
||||
* represents the site itself.
|
||||
*/
|
||||
if ( (int) $post->post_author !== $user_id && $user_id > 0 ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Verify the user has permission to edit this post.
|
||||
if ( $user_id > 0 && ! \user_can( $user_id, 'edit_post', $post->ID ) ) {
|
||||
return new \WP_Error(
|
||||
'activitypub_forbidden',
|
||||
\__( 'You do not have permission to edit this post.', 'activitypub' ),
|
||||
array( 'status' => 403 )
|
||||
);
|
||||
}
|
||||
|
||||
$post = Posts::update( $post, $activity, $visibility );
|
||||
|
||||
if ( \is_wp_error( $post ) ) {
|
||||
return $post;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fires after a post has been updated from an outgoing Update activity.
|
||||
*
|
||||
* @param int $post_id The updated post ID.
|
||||
* @param array $activity The activity data.
|
||||
* @param int $user_id The user ID.
|
||||
*/
|
||||
\do_action( 'activitypub_outbox_updated_post', $post->ID, $activity, $user_id );
|
||||
|
||||
return $post;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user