diff --git a/phpBB/config/default/container/services_ucp.yml b/phpBB/config/default/container/services_ucp.yml index 4930250ba2..acd78f8440 100644 --- a/phpBB/config/default/container/services_ucp.yml +++ b/phpBB/config/default/container/services_ucp.yml @@ -34,8 +34,11 @@ services: - '@controller.helper' - '@dbal.conn' - '@form_helper' + - '@language' + - '@notification_manager' - '@path_helper' - '@request' + - '@user_loader' - '@user' - '@template.twig.environment' - '%tables.notification_push%' diff --git a/phpBB/phpbb/notification/method/webpush.php b/phpBB/phpbb/notification/method/webpush.php index 700503f97d..9d19cb2200 100644 --- a/phpBB/phpbb/notification/method/webpush.php +++ b/phpBB/phpbb/notification/method/webpush.php @@ -140,13 +140,10 @@ class webpush extends messenger_base implements extended_method_interface { $data = $notification->get_insert_array(); $data += [ - 'push_data' => json_encode([ - 'heading' => $this->config['sitename'], - 'title' => strip_tags($notification->get_title()), - 'text' => strip_tags($notification->get_reference()), - 'url' => htmlspecialchars_decode($notification->get_url()), - 'avatar' => $notification->get_avatar(), - ]), + 'push_data' => json_encode(array_merge( + $data, + ['notification_type_name' => $notification->get_type()], + )), 'notification_time' => time(), 'push_token' => hash('sha256', random_bytes(32)) ]; @@ -351,6 +348,14 @@ class webpush extends messenger_base implements extended_method_interface return array_intersect_key($data, $row); } + /** + * Get template data for the UCP + * + * @param helper $controller_helper + * @param form_helper $form_helper + * + * @return array + */ public function get_ucp_template_data(helper $controller_helper, form_helper $form_helper): array { $subscription_map = $this->get_user_subscription_map([$this->user->id()]); diff --git a/phpBB/phpbb/ucp/controller/webpush.php b/phpBB/phpbb/ucp/controller/webpush.php index cac2f10291..313965db63 100644 --- a/phpBB/phpbb/ucp/controller/webpush.php +++ b/phpBB/phpbb/ucp/controller/webpush.php @@ -19,10 +19,13 @@ use phpbb\db\driver\driver_interface; use phpbb\exception\http_exception; use phpbb\form\form_helper; use phpbb\json\sanitizer as json_sanitizer; +use phpbb\language\language; +use phpbb\notification\manager; use phpbb\path_helper; use phpbb\request\request_interface; use phpbb\symfony_request; use phpbb\user; +use phpbb\user_loader; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\Response; use Twig\Environment; @@ -47,12 +50,21 @@ class webpush /** @var form_helper */ protected $form_helper; + /** @var language */ + protected $language; + + /** @var manager */ + protected $notification_manager; + /** @var path_helper */ protected $path_helper; /** @var request_interface */ protected $request; + /** @var user_loader */ + protected $user_loader; + /** @var user */ protected $user; @@ -72,22 +84,28 @@ class webpush * @param controller_helper $controller_helper * @param driver_interface $db * @param form_helper $form_helper + * @param language $language + * @param manager $notification_manager * @param path_helper $path_helper * @param request_interface $request + * @param user_loader $user_loader * @param user $user * @param Environment $template * @param string $notification_webpush_table * @param string $push_subscriptions_table */ - public function __construct(config $config, controller_helper $controller_helper, driver_interface $db, form_helper $form_helper, path_helper $path_helper, - request_interface $request, user $user, Environment $template, string $notification_webpush_table, string $push_subscriptions_table) + public function __construct(config $config, controller_helper $controller_helper, driver_interface $db, form_helper $form_helper, language $language, manager $notification_manager, + path_helper $path_helper, request_interface $request, user_loader $user_loader, user $user, Environment $template, string $notification_webpush_table, string $push_subscriptions_table) { $this->config = $config; $this->controller_helper = $controller_helper; $this->db = $db; $this->form_helper = $form_helper; + $this->language = $language; + $this->notification_manager = $notification_manager; $this->path_helper = $path_helper; $this->request = $request; + $this->user_loader = $user_loader; $this->user = $user; $this->template = $template; $this->notification_webpush_table = $notification_webpush_table; @@ -147,7 +165,7 @@ class webpush $notification_data = $this->db->sql_fetchfield('push_data'); $this->db->sql_freeresult($result); - return $notification_data; + return $this->get_notification_data($notification_data); } /** @@ -178,23 +196,62 @@ class webpush $push_token = $notification_row['push_token']; // Check if passed push token is valid - $sql = 'SELECT user_form_salt + $sql = 'SELECT user_form_salt, user_lang FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $user_id; $result = $this->db->sql_query($sql); - $user_form_token = $this->db->sql_fetchfield('user_form_salt'); + $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); + $user_form_token = $row['user_form_salt']; + $user_lang = $row['user_lang']; + $expected_push_token = hash('sha256', $user_form_token . $push_token); if ($expected_push_token === $token) { - return $notification_data; + if ($user_lang !== $this->language->get_used_language()) + { + $this->language->set_user_language($user_lang, true); + } + return $this->get_notification_data($notification_data); } } throw new http_exception(Response::HTTP_FORBIDDEN, 'NO_AUTH_OPERATION'); } + /** + * Get notification data for output from json encoded data stored in database + * + * @param string $notification_data Encoded data stored in database + * + * @return string Data for notification output with javascript + */ + private function get_notification_data(string $notification_data): string + { + $row_data = json_decode($notification_data, true); + + // Old notification data is pre-parsed and just needs to be returned + if (isset($row_data['heading'])) + { + return $notification_data; + } + + // Get notification from row_data + $notification = $this->notification_manager->get_item_type_class($row_data['notification_type_name'], $row_data); + + // Load users for notification + $this->user_loader->load_users($notification->users_to_query()); + + return json_encode([ + 'heading' => $this->config['sitename'], + 'title' => strip_tags(html_entity_decode($notification->get_title(), ENT_NOQUOTES, 'UTF-8')), + 'text' => strip_tags(html_entity_decode($notification->get_reference(), ENT_NOQUOTES, 'UTF-8')), + 'url' => htmlspecialchars_decode($notification->get_url()), + 'avatar' => $notification->get_avatar(), + ]); + } + /** * Handle request to push worker javascript * @@ -205,7 +262,6 @@ class webpush */ public function worker(): Response { - // @todo: only work for logged in users, no anonymous & bot $content = $this->template->render('push_worker.js.twig', [ 'U_WEBPUSH_GET_NOTIFICATION' => $this->controller_helper->route('phpbb_ucp_push_get_notification_controller'), 'ASSETS_VERSION' => $this->config['assets_version'], @@ -223,20 +279,6 @@ class webpush return $response; } - /** - * Get template variables for subscribe type pages - * - * @return array - */ - protected function get_subscribe_vars(): array - { - return [ - 'U_WEBPUSH_SUBSCRIBE' => $this->controller_helper->route('phpbb_ucp_push_subscribe_controller'), - 'U_WEBPUSH_UNSUBSCRIBE' => $this->controller_helper->route('phpbb_ucp_push_unsubscribe_controller'), - 'FORM_TOKENS' => $this->form_helper->get_form_tokens(self::FORM_TOKEN_UCP), - ]; - } - /** * Check (un)subscribe form for valid link hash *