From: Cyperghost <olaf_schmitz_1@t-online.de>
Date: Fri, 22 Mar 2024 11:16:51 +0000 (+0100)
Subject: Added new function `canViewObject` to `ICommentManager` to check access to any object... 
X-Git-Tag: 6.1.0_Alpha_1~142^2~11
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=a80b5a3e97cc85d9b0afbb04de00840738a1a06e;p=GitHub%2FWoltLab%2FWCF.git

Added new function `canViewObject` to `ICommentManager` to check access to any object of comments.
---

diff --git a/wcfsetup/install/files/lib/system/comment/manager/AbstractCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/AbstractCommentManager.class.php
index b2fb5fd579..3170f23ac4 100644
--- a/wcfsetup/install/files/lib/system/comment/manager/AbstractCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/AbstractCommentManager.class.php
@@ -164,6 +164,9 @@ abstract class AbstractCommentManager extends SingletonFactory implements IComme
     #[\Override]
     public function canModerateObject(int $objectTypeID, int $objectID, UserProfile $user): bool
     {
+        if (!$this->canViewObject($objectID, $user)) {
+            return false;
+        }
         return (bool)$user->getPermission($this->permissionCanModerate);
     }
 
diff --git a/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php
index 768c027182..5f6b6d1d84 100644
--- a/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/ArticleCommentManager.class.php
@@ -6,6 +6,7 @@ use wcf\data\article\content\ArticleContent;
 use wcf\data\article\content\ArticleContentEditor;
 use wcf\data\article\content\ArticleContentList;
 use wcf\data\object\type\ObjectTypeCache;
+use wcf\data\user\UserProfile;
 use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\cache\runtime\ViewableArticleContentRuntimeCache;
 use wcf\system\cache\runtime\ViewableCommentResponseRuntimeCache;
@@ -71,6 +72,16 @@ class ArticleCommentManager extends AbstractCommentManager implements IViewableL
         return true;
     }
 
+    #[\Override]
+    public function canViewObject(int $objectID, UserProfile $user): bool
+    {
+        $articleContent = new ArticleContent($objectID);
+        if (!$articleContent->articleContentID) {
+            return false;
+        }
+        return $articleContent->getArticle()->canRead($user);
+    }
+
     /**
      * @inheritDoc
      */
diff --git a/wcfsetup/install/files/lib/system/comment/manager/ICommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/ICommentManager.class.php
index 5500208cd3..12f6dc8939 100644
--- a/wcfsetup/install/files/lib/system/comment/manager/ICommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/ICommentManager.class.php
@@ -69,7 +69,7 @@ interface ICommentManager
      * @param int $objectTypeID
      * @param int $objectID
      * @return  bool
-     * @deprecated 6.1
+     * @deprecated 6.1 use `canModerateObject` instead
      */
     public function canModerate($objectTypeID, $objectID);
 
@@ -131,6 +131,11 @@ interface ICommentManager
      */
     public function isAccessible($objectID, $validateWritePermission = false);
 
+    /**
+     * Returns true if the user may read content identified by object type id and object id.
+     */
+    public function canViewObject(int $objectID, UserProfile $user): bool;
+
     /**
      * Updates total count of comments (includes responses).
      *
diff --git a/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php
index f86c6ae7b3..e13b625dd4 100644
--- a/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/ModerationQueueCommentManager.class.php
@@ -5,6 +5,7 @@ namespace wcf\system\comment\manager;
 use wcf\data\moderation\queue\ModerationQueue;
 use wcf\data\moderation\queue\ModerationQueueEditor;
 use wcf\data\moderation\queue\ViewableModerationQueue;
+use wcf\data\user\UserProfile;
 
 /**
  * Moderation queue comment manager implementation.
@@ -25,6 +26,14 @@ class ModerationQueueCommentManager extends AbstractCommentManager
         return $entry->canEdit();
     }
 
+    #[\Override]
+    public function canViewObject(int $objectID, UserProfile $user): bool
+    {
+        $entry = new ModerationQueue($objectID);
+
+        return $entry->canEdit($user->getDecoratedObject());
+    }
+
     /**
      * @inheritDoc
      */
diff --git a/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php
index 317d6f0ecd..1537fcc87d 100644
--- a/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/PageCommentManager.class.php
@@ -5,6 +5,7 @@ namespace wcf\system\comment\manager;
 use wcf\data\object\type\ObjectTypeCache;
 use wcf\data\page\Page;
 use wcf\data\page\PageList;
+use wcf\data\user\UserProfile;
 use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\cache\runtime\ViewableCommentResponseRuntimeCache;
 use wcf\system\cache\runtime\ViewableCommentRuntimeCache;
@@ -70,6 +71,23 @@ class PageCommentManager extends AbstractCommentManager implements IViewableLike
         return true;
     }
 
+    #[\Override]
+    public function canViewObject(int $objectID, UserProfile $user): bool
+    {
+        $page = new Page($objectID);
+        if (!$page->pageID) {
+            return false;
+        }
+        return $page->isAccessible($user->getDecoratedObject());
+    }
+
+    #[\Override]
+    public function canWriteComments(int $objectID, UserProfile $user): bool
+    {
+        return $this->canViewObject($objectID, $user);
+    }
+
+
     /**
      * @inheritDoc
      */
diff --git a/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php b/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php
index 6525f1d68c..e0f852c40d 100644
--- a/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php
+++ b/wcfsetup/install/files/lib/system/comment/manager/UserProfileCommentManager.class.php
@@ -6,6 +6,7 @@ use wcf\data\comment\Comment;
 use wcf\data\comment\response\CommentResponse;
 use wcf\data\object\type\ObjectTypeCache;
 use wcf\data\user\ignore\UserIgnore;
+use wcf\data\user\UserProfile;
 use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\cache\runtime\UserRuntimeCache;
 use wcf\system\cache\runtime\ViewableCommentResponseRuntimeCache;
@@ -90,6 +91,20 @@ class UserProfileCommentManager extends AbstractCommentManager implements IViewa
         return true;
     }
 
+    #[\Override]
+    public function canViewObject(int $objectID, UserProfile $user): bool
+    {
+        $userProfile = UserProfileRuntimeCache::getInstance()->getObject($objectID);
+        if ($userProfile === null) {
+            return false;
+        }
+
+        /** @see UserProfile::isProtected() */
+        return !$user->getPermission('admin.general.canViewPrivateUserOptions')
+            && !$userProfile->isAccessible('canViewProfile', $user->userID)
+            && $userProfile->userID != $user->userID;
+    }
+
     /**
      * @inheritDoc
      */