143d2073cStracker-user<?php 243d2073cStracker-user 343d2073cStracker-user/** 443d2073cStracker-user * Annotations plugin — storage and data-logic helper. 543d2073cStracker-user * 643d2073cStracker-user * This component owns: 743d2073cStracker-user * 843d2073cStracker-user * 1. The per-page annotation store. One JSON file per page, obtained via 943d2073cStracker-user * metaFN($id, '.annotations'), holding {version, annotations:[...]}. 1043d2073cStracker-user * JSON and pretty-printed so the files are easy to inspect or back up. 1143d2073cStracker-user * The page text and the wiki changelog are never touched. 1243d2073cStracker-user * 1343d2073cStracker-user * 2. The text-quote anchor model. Each annotation stores an anchor of 1443d2073cStracker-user * {exact, prefix, suffix, start} — the quoted text, a short slice of the 1543d2073cStracker-user * surrounding context on each side (to disambiguate repeated quotes), 1643d2073cStracker-user * and a character-offset hint. This is the Hypothes.is approach. 1743d2073cStracker-user * 1843d2073cStracker-user * 3. CRUD on annotations and their threaded replies. 1943d2073cStracker-user * 2043d2073cStracker-user * 4. Server-side orphan detection: a page is rendered to plain text and an 2143d2073cStracker-user * annotation is "orphaned" when its quoted text no longer appears. Used 2243d2073cStracker-user * by the admin-only per-page "clear orphaned" operation. (The live UI 2343d2073cStracker-user * also detects orphans client-side for the on-page counter.) 2443d2073cStracker-user * 2543d2073cStracker-user * 5. The permission rules, as the single source of truth. They are pure 2643d2073cStracker-user * functions: the caller gathers the facts (current user, admin flag, the 2743d2073cStracker-user * page's ACL level) and passes them in. Because annotations live 2843d2073cStracker-user * out-of-band, creating one needs only AUTH_READ on the page, never 2943d2073cStracker-user * AUTH_EDIT — so a group whose page edit access is blocked can still 3043d2073cStracker-user * annotate. 3143d2073cStracker-user */ 3243d2073cStracker-user 3343d2073cStracker-user// must be run within DokuWiki 3443d2073cStracker-userif (!defined('DOKU_INC')) die(); 3543d2073cStracker-user 3643d2073cStracker-userclass helper_plugin_annotations extends DokuWiki_Plugin 3743d2073cStracker-user{ 3843d2073cStracker-user /** storage schema version, written into each file */ 3943d2073cStracker-user const SCHEMA_VERSION = 1; 4043d2073cStracker-user 4143d2073cStracker-user /** longest quoted selection stored, in characters */ 4243d2073cStracker-user const MAX_QUOTE = 1000; 4343d2073cStracker-user 44*86c7806dStracker-user /** length of the prefix/suffix context slices, in characters (config fallback) */ 45*86c7806dStracker-user const DEFAULT_CONTEXT = 64; 4643d2073cStracker-user 47*86c7806dStracker-user /** longest annotation/reply body, in characters (config fallback) */ 48*86c7806dStracker-user const DEFAULT_BODY = 10000; 49*86c7806dStracker-user 50*86c7806dStracker-user /** 51*86c7806dStracker-user * Configured length of each prefix/suffix context slice, in characters. 52*86c7806dStracker-user * 53*86c7806dStracker-user * @return int 54*86c7806dStracker-user */ 55*86c7806dStracker-user protected function contextLength() 56*86c7806dStracker-user { 57*86c7806dStracker-user $v = (int) $this->getConf('context_length'); 58*86c7806dStracker-user return $v >= 0 ? $v : self::DEFAULT_CONTEXT; 59*86c7806dStracker-user } 60*86c7806dStracker-user 61*86c7806dStracker-user /** 62*86c7806dStracker-user * Configured maximum annotation/reply body length, in characters. 63*86c7806dStracker-user * 64*86c7806dStracker-user * @return int 65*86c7806dStracker-user */ 66*86c7806dStracker-user protected function bodyCap() 67*86c7806dStracker-user { 68*86c7806dStracker-user $v = (int) $this->getConf('body_cap'); 69*86c7806dStracker-user return $v > 0 ? $v : self::DEFAULT_BODY; 70*86c7806dStracker-user } 7143d2073cStracker-user 7243d2073cStracker-user // --------------------------------------------------------------------- 7343d2073cStracker-user // Storage 7443d2073cStracker-user // --------------------------------------------------------------------- 7543d2073cStracker-user 7643d2073cStracker-user /** 7743d2073cStracker-user * Path of a page's annotation file. 7843d2073cStracker-user * 7943d2073cStracker-user * @param string $id page id 8043d2073cStracker-user * @return string 8143d2073cStracker-user */ 8243d2073cStracker-user protected function getFile($id) 8343d2073cStracker-user { 8443d2073cStracker-user return metaFN($id, '.annotations'); 8543d2073cStracker-user } 8643d2073cStracker-user 8743d2073cStracker-user /** 8843d2073cStracker-user * All annotations stored for a page. 8943d2073cStracker-user * 9043d2073cStracker-user * @param string $id page id 9143d2073cStracker-user * @return array list of annotation arrays (empty if none) 9243d2073cStracker-user */ 9343d2073cStracker-user public function getAnnotations($id) 9443d2073cStracker-user { 9543d2073cStracker-user $file = $this->getFile($id); 9643d2073cStracker-user if (!file_exists($file)) { 9743d2073cStracker-user return []; 9843d2073cStracker-user } 9943d2073cStracker-user $raw = io_readFile($file, false); 10043d2073cStracker-user if ($raw === '') { 10143d2073cStracker-user return []; 10243d2073cStracker-user } 10343d2073cStracker-user $data = json_decode($raw, true); 10443d2073cStracker-user if (!is_array($data) || !isset($data['annotations']) || !is_array($data['annotations'])) { 10543d2073cStracker-user return []; 10643d2073cStracker-user } 10743d2073cStracker-user return $data['annotations']; 10843d2073cStracker-user } 10943d2073cStracker-user 11043d2073cStracker-user /** 11143d2073cStracker-user * A single annotation by id. 11243d2073cStracker-user * 11343d2073cStracker-user * @param string $id page id 11443d2073cStracker-user * @param string $annId annotation id 11543d2073cStracker-user * @return array|null 11643d2073cStracker-user */ 11743d2073cStracker-user public function getAnnotation($id, $annId) 11843d2073cStracker-user { 11943d2073cStracker-user foreach ($this->getAnnotations($id) as $a) { 12043d2073cStracker-user if (($a['id'] ?? '') === $annId) { 12143d2073cStracker-user return $a; 12243d2073cStracker-user } 12343d2073cStracker-user } 12443d2073cStracker-user return null; 12543d2073cStracker-user } 12643d2073cStracker-user 12743d2073cStracker-user /** 12843d2073cStracker-user * Counts for the on-page indicator. The orphan count is deliberately not 12943d2073cStracker-user * here — it depends on the rendered page and is computed client-side. 13043d2073cStracker-user * 13143d2073cStracker-user * @param string $id page id 13243d2073cStracker-user * @return array ['total'=>int, 'open'=>int, 'resolved'=>int] 13343d2073cStracker-user */ 13443d2073cStracker-user public function getStats($id) 13543d2073cStracker-user { 136108f92bdStracker-user return $this->statsFor($this->getAnnotations($id)); 137108f92bdStracker-user } 138108f92bdStracker-user 139108f92bdStracker-user /** 140108f92bdStracker-user * Counts for the on-page indicator, computed from an already-loaded list. 141108f92bdStracker-user * Split out from getStats() so callers that already hold the annotation 142108f92bdStracker-user * array (e.g. the page-load JSINFO injector, which embeds the same list) 143108f92bdStracker-user * don't re-read the file. 144108f92bdStracker-user * 145108f92bdStracker-user * @param array $annotations annotation list 146108f92bdStracker-user * @return array ['total'=>int, 'open'=>int, 'resolved'=>int] 147108f92bdStracker-user */ 148108f92bdStracker-user public function statsFor(array $annotations) 149108f92bdStracker-user { 15043d2073cStracker-user $open = 0; 15143d2073cStracker-user $resolved = 0; 152108f92bdStracker-user foreach ($annotations as $a) { 15343d2073cStracker-user if (($a['status'] ?? 'open') === 'resolved') { 15443d2073cStracker-user $resolved++; 15543d2073cStracker-user } else { 15643d2073cStracker-user $open++; 15743d2073cStracker-user } 15843d2073cStracker-user } 15943d2073cStracker-user return ['total' => $open + $resolved, 'open' => $open, 'resolved' => $resolved]; 16043d2073cStracker-user } 16143d2073cStracker-user 16243d2073cStracker-user /** 16343d2073cStracker-user * Write a page's annotation list to disk. 16443d2073cStracker-user * 16543d2073cStracker-user * @param string $id page id 16643d2073cStracker-user * @param array $list annotations 16743d2073cStracker-user * @return bool 16843d2073cStracker-user */ 16943d2073cStracker-user protected function writeFile($id, array $list) 17043d2073cStracker-user { 17143d2073cStracker-user $payload = [ 17243d2073cStracker-user 'version' => self::SCHEMA_VERSION, 17343d2073cStracker-user 'annotations' => array_values($list), 17443d2073cStracker-user ]; 175da56206cStracker-user return (bool) io_saveFile( 176da56206cStracker-user $this->getFile($id), 177da56206cStracker-user json_encode($payload, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES) 178da56206cStracker-user ); 17943d2073cStracker-user } 18043d2073cStracker-user 18143d2073cStracker-user /** 18243d2073cStracker-user * Run a modification against a page's annotations under a write lock. 18343d2073cStracker-user * 18443d2073cStracker-user * The modifier receives the annotation list by reference and returns an 18543d2073cStracker-user * outcome value. Returning the boolean false aborts the write (used for 18643d2073cStracker-user * "target not found"); any other value is returned to the caller after a 18743d2073cStracker-user * successful save. 18843d2073cStracker-user * 18943d2073cStracker-user * @param string $id page id 19043d2073cStracker-user * @param callable $modifier function(array &$annotations): mixed 19143d2073cStracker-user * @return mixed the modifier's outcome on success, or false on failure 19243d2073cStracker-user */ 19343d2073cStracker-user protected function mutate($id, callable $modifier) 19443d2073cStracker-user { 19543d2073cStracker-user $file = $this->getFile($id); 19643d2073cStracker-user io_lock($file); 19743d2073cStracker-user 19843d2073cStracker-user $annotations = $this->getAnnotations($id); 19943d2073cStracker-user $outcome = $modifier($annotations); 20043d2073cStracker-user 20143d2073cStracker-user if ($outcome === false) { 20243d2073cStracker-user io_unlock($file); 20343d2073cStracker-user return false; 20443d2073cStracker-user } 20543d2073cStracker-user 20643d2073cStracker-user $ok = $this->writeFile($id, $annotations); 20743d2073cStracker-user io_unlock($file); 20843d2073cStracker-user return $ok ? $outcome : false; 20943d2073cStracker-user } 21043d2073cStracker-user 21143d2073cStracker-user // --------------------------------------------------------------------- 21243d2073cStracker-user // Annotation CRUD 21343d2073cStracker-user // --------------------------------------------------------------------- 21443d2073cStracker-user 21543d2073cStracker-user /** 21643d2073cStracker-user * Create an annotation. 21743d2073cStracker-user * 21843d2073cStracker-user * @param string $id page id 21943d2073cStracker-user * @param array $anchor raw anchor {exact, prefix, suffix, start} 22043d2073cStracker-user * @param string $author username 22143d2073cStracker-user * @param string $body annotation text 22243d2073cStracker-user * @return array|false the created annotation, or false on invalid input 22343d2073cStracker-user */ 22443d2073cStracker-user public function createAnnotation($id, $anchor, $author, $body) 22543d2073cStracker-user { 22643d2073cStracker-user if ($id === '' || $author === '' || $author === null) { 22743d2073cStracker-user return false; 22843d2073cStracker-user } 22943d2073cStracker-user $body = $this->cleanBody($body); 23043d2073cStracker-user if ($body === '') { 23143d2073cStracker-user return false; 23243d2073cStracker-user } 23343d2073cStracker-user $anchor = $this->cleanAnchor($anchor); 23443d2073cStracker-user if ($anchor === null) { 23543d2073cStracker-user return false; 23643d2073cStracker-user } 23743d2073cStracker-user 23843d2073cStracker-user $now = time(); 23943d2073cStracker-user $new = [ 24043d2073cStracker-user 'id' => $this->newId(), 24143d2073cStracker-user 'anchor' => $anchor, 24243d2073cStracker-user 'author' => $author, 24343d2073cStracker-user 'created' => $now, 24443d2073cStracker-user 'modified' => $now, 24543d2073cStracker-user 'body' => $body, 24643d2073cStracker-user 'status' => 'open', 24743d2073cStracker-user 'resolved_by' => '', 24843d2073cStracker-user 'resolved_at' => 0, 24943d2073cStracker-user 'replies' => [], 25043d2073cStracker-user ]; 25143d2073cStracker-user 25243d2073cStracker-user return $this->mutate($id, function (array &$annotations) use ($new) { 25343d2073cStracker-user $annotations[] = $new; 25443d2073cStracker-user return $new; 25543d2073cStracker-user }); 25643d2073cStracker-user } 25743d2073cStracker-user 25843d2073cStracker-user /** 25943d2073cStracker-user * Edit an annotation's body text. 26043d2073cStracker-user * 26143d2073cStracker-user * @param string $id page id 26243d2073cStracker-user * @param string $annId annotation id 26343d2073cStracker-user * @param string $body new text 26443d2073cStracker-user * @return bool 26543d2073cStracker-user */ 26643d2073cStracker-user public function updateAnnotationBody($id, $annId, $body) 26743d2073cStracker-user { 26843d2073cStracker-user $body = $this->cleanBody($body); 26943d2073cStracker-user if ($body === '') { 27043d2073cStracker-user return false; 27143d2073cStracker-user } 27243d2073cStracker-user return (bool) $this->mutate($id, function (array &$annotations) use ($annId, $body) { 27343d2073cStracker-user foreach ($annotations as $i => $a) { 27443d2073cStracker-user if (($a['id'] ?? '') === $annId) { 27543d2073cStracker-user $annotations[$i]['body'] = $body; 27643d2073cStracker-user $annotations[$i]['modified'] = time(); 27743d2073cStracker-user return true; 27843d2073cStracker-user } 27943d2073cStracker-user } 28043d2073cStracker-user return false; 28143d2073cStracker-user }); 28243d2073cStracker-user } 28343d2073cStracker-user 28443d2073cStracker-user /** 28543d2073cStracker-user * Delete an annotation and all its replies. 28643d2073cStracker-user * 28743d2073cStracker-user * @param string $id page id 28843d2073cStracker-user * @param string $annId annotation id 28943d2073cStracker-user * @return bool 29043d2073cStracker-user */ 29143d2073cStracker-user public function deleteAnnotation($id, $annId) 29243d2073cStracker-user { 29343d2073cStracker-user return (bool) $this->mutate($id, function (array &$annotations) use ($annId) { 29443d2073cStracker-user foreach ($annotations as $i => $a) { 29543d2073cStracker-user if (($a['id'] ?? '') === $annId) { 29643d2073cStracker-user array_splice($annotations, $i, 1); 29743d2073cStracker-user return true; 29843d2073cStracker-user } 29943d2073cStracker-user } 30043d2073cStracker-user return false; 30143d2073cStracker-user }); 30243d2073cStracker-user } 30343d2073cStracker-user 30443d2073cStracker-user /** 30543d2073cStracker-user * Mark an annotation open or resolved. 30643d2073cStracker-user * 30743d2073cStracker-user * @param string $id page id 30843d2073cStracker-user * @param string $annId annotation id 30943d2073cStracker-user * @param string $status 'open' or 'resolved' 31043d2073cStracker-user * @param string $actor username making the change (recorded when resolving) 31143d2073cStracker-user * @return bool 31243d2073cStracker-user */ 31343d2073cStracker-user public function setStatus($id, $annId, $status, $actor) 31443d2073cStracker-user { 31543d2073cStracker-user if (!in_array($status, ['open', 'resolved'], true)) { 31643d2073cStracker-user return false; 31743d2073cStracker-user } 31843d2073cStracker-user return (bool) $this->mutate($id, function (array &$annotations) use ($annId, $status, $actor) { 31943d2073cStracker-user foreach ($annotations as $i => $a) { 32043d2073cStracker-user if (($a['id'] ?? '') === $annId) { 32143d2073cStracker-user $annotations[$i]['status'] = $status; 32243d2073cStracker-user if ($status === 'resolved') { 32343d2073cStracker-user $annotations[$i]['resolved_by'] = $actor; 32443d2073cStracker-user $annotations[$i]['resolved_at'] = time(); 32543d2073cStracker-user } else { 32643d2073cStracker-user $annotations[$i]['resolved_by'] = ''; 32743d2073cStracker-user $annotations[$i]['resolved_at'] = 0; 32843d2073cStracker-user } 32943d2073cStracker-user return true; 33043d2073cStracker-user } 33143d2073cStracker-user } 33243d2073cStracker-user return false; 33343d2073cStracker-user }); 33443d2073cStracker-user } 33543d2073cStracker-user 33643d2073cStracker-user // --------------------------------------------------------------------- 33743d2073cStracker-user // Reply CRUD 33843d2073cStracker-user // --------------------------------------------------------------------- 33943d2073cStracker-user 34043d2073cStracker-user /** 34143d2073cStracker-user * Add a reply to an annotation. 34243d2073cStracker-user * 34343d2073cStracker-user * @param string $id page id 34443d2073cStracker-user * @param string $annId annotation id 34543d2073cStracker-user * @param string $author username 34643d2073cStracker-user * @param string $body reply text 347ee9dbf15Stracker-user * @param string $parentId id of the reply being replied to, or '' for root-level 34843d2073cStracker-user * @return array|false the created reply, or false on invalid input 34943d2073cStracker-user */ 350ee9dbf15Stracker-user public function addReply($id, $annId, $author, $body, $parentId = '') 35143d2073cStracker-user { 35243d2073cStracker-user if ($author === '' || $author === null) { 35343d2073cStracker-user return false; 35443d2073cStracker-user } 35543d2073cStracker-user $body = $this->cleanBody($body); 35643d2073cStracker-user if ($body === '') { 35743d2073cStracker-user return false; 35843d2073cStracker-user } 35943d2073cStracker-user $now = time(); 36043d2073cStracker-user $reply = [ 36143d2073cStracker-user 'id' => $this->newId(), 362ee9dbf15Stracker-user 'parentId' => preg_replace('/[^a-f0-9]/', '', (string) $parentId), 36343d2073cStracker-user 'author' => $author, 36443d2073cStracker-user 'created' => $now, 36543d2073cStracker-user 'modified' => $now, 36643d2073cStracker-user 'body' => $body, 36743d2073cStracker-user ]; 36843d2073cStracker-user 36943d2073cStracker-user return $this->mutate($id, function (array &$annotations) use ($annId, $reply) { 37043d2073cStracker-user foreach ($annotations as $i => $a) { 37143d2073cStracker-user if (($a['id'] ?? '') === $annId) { 37243d2073cStracker-user $annotations[$i]['replies'][] = $reply; 37343d2073cStracker-user return $reply; 37443d2073cStracker-user } 37543d2073cStracker-user } 37643d2073cStracker-user return false; 37743d2073cStracker-user }); 37843d2073cStracker-user } 37943d2073cStracker-user 38043d2073cStracker-user /** 38143d2073cStracker-user * Edit a reply's body text. 38243d2073cStracker-user * 38343d2073cStracker-user * @param string $id page id 38443d2073cStracker-user * @param string $annId annotation id 38543d2073cStracker-user * @param string $replyId reply id 38643d2073cStracker-user * @param string $body new text 38743d2073cStracker-user * @return bool 38843d2073cStracker-user */ 38943d2073cStracker-user public function updateReply($id, $annId, $replyId, $body) 39043d2073cStracker-user { 39143d2073cStracker-user $body = $this->cleanBody($body); 39243d2073cStracker-user if ($body === '') { 39343d2073cStracker-user return false; 39443d2073cStracker-user } 39543d2073cStracker-user return (bool) $this->mutate($id, function (array &$annotations) use ($annId, $replyId, $body) { 39643d2073cStracker-user foreach ($annotations as $i => $a) { 39743d2073cStracker-user if (($a['id'] ?? '') !== $annId) { 39843d2073cStracker-user continue; 39943d2073cStracker-user } 40043d2073cStracker-user foreach (($a['replies'] ?? []) as $j => $r) { 40143d2073cStracker-user if (($r['id'] ?? '') === $replyId) { 40243d2073cStracker-user $annotations[$i]['replies'][$j]['body'] = $body; 40343d2073cStracker-user $annotations[$i]['replies'][$j]['modified'] = time(); 40443d2073cStracker-user return true; 40543d2073cStracker-user } 40643d2073cStracker-user } 40743d2073cStracker-user } 40843d2073cStracker-user return false; 40943d2073cStracker-user }); 41043d2073cStracker-user } 41143d2073cStracker-user 41243d2073cStracker-user /** 41343d2073cStracker-user * Delete a reply. 41443d2073cStracker-user * 41543d2073cStracker-user * @param string $id page id 41643d2073cStracker-user * @param string $annId annotation id 41743d2073cStracker-user * @param string $replyId reply id 41843d2073cStracker-user * @return bool 41943d2073cStracker-user */ 42043d2073cStracker-user public function deleteReply($id, $annId, $replyId) 42143d2073cStracker-user { 42243d2073cStracker-user return (bool) $this->mutate($id, function (array &$annotations) use ($annId, $replyId) { 42343d2073cStracker-user foreach ($annotations as $i => $a) { 42443d2073cStracker-user if (($a['id'] ?? '') !== $annId) { 42543d2073cStracker-user continue; 42643d2073cStracker-user } 42743d2073cStracker-user foreach (($a['replies'] ?? []) as $j => $r) { 42843d2073cStracker-user if (($r['id'] ?? '') === $replyId) { 42943d2073cStracker-user array_splice($annotations[$i]['replies'], $j, 1); 43043d2073cStracker-user return true; 43143d2073cStracker-user } 43243d2073cStracker-user } 43343d2073cStracker-user } 43443d2073cStracker-user return false; 43543d2073cStracker-user }); 43643d2073cStracker-user } 43743d2073cStracker-user 43843d2073cStracker-user // --------------------------------------------------------------------- 43943d2073cStracker-user // Bulk maintenance (admin, per page) 44043d2073cStracker-user // --------------------------------------------------------------------- 44143d2073cStracker-user 44243d2073cStracker-user /** 44343d2073cStracker-user * Remove every resolved annotation from a page. 44443d2073cStracker-user * 44543d2073cStracker-user * @param string $id page id 44643d2073cStracker-user * @return int|false number removed, or false on write failure 44743d2073cStracker-user */ 44843d2073cStracker-user public function clearResolved($id) 44943d2073cStracker-user { 45043d2073cStracker-user if (empty($this->getAnnotations($id))) { 45143d2073cStracker-user return 0; 45243d2073cStracker-user } 45343d2073cStracker-user return $this->mutate($id, function (array &$annotations) { 45443d2073cStracker-user $before = count($annotations); 45543d2073cStracker-user $annotations = array_values(array_filter($annotations, function ($a) { 45643d2073cStracker-user return ($a['status'] ?? 'open') !== 'resolved'; 45743d2073cStracker-user })); 45843d2073cStracker-user return $before - count($annotations); 45943d2073cStracker-user }); 46043d2073cStracker-user } 46143d2073cStracker-user 46243d2073cStracker-user /** 46343d2073cStracker-user * Remove every orphaned annotation from a page — those whose quoted text 46443d2073cStracker-user * no longer appears in the rendered page. The page is re-checked here, so 46543d2073cStracker-user * this is authoritative regardless of what a client believed. 46643d2073cStracker-user * 46743d2073cStracker-user * @param string $id page id 46843d2073cStracker-user * @return int|false number removed, or false on write failure 46943d2073cStracker-user */ 47043d2073cStracker-user public function clearOrphaned($id) 47143d2073cStracker-user { 47243d2073cStracker-user $orphanIds = []; 47343d2073cStracker-user foreach ($this->findOrphaned($id) as $a) { 47443d2073cStracker-user $orphanIds[] = $a['id']; 47543d2073cStracker-user } 47643d2073cStracker-user if (empty($orphanIds)) { 47743d2073cStracker-user return 0; 47843d2073cStracker-user } 47943d2073cStracker-user return $this->mutate($id, function (array &$annotations) use ($orphanIds) { 48043d2073cStracker-user $before = count($annotations); 48143d2073cStracker-user $annotations = array_values(array_filter($annotations, function ($a) use ($orphanIds) { 48243d2073cStracker-user return !in_array($a['id'] ?? '', $orphanIds, true); 48343d2073cStracker-user })); 48443d2073cStracker-user return $before - count($annotations); 48543d2073cStracker-user }); 48643d2073cStracker-user } 48743d2073cStracker-user 48843d2073cStracker-user // --------------------------------------------------------------------- 48943d2073cStracker-user // Orphan detection 49043d2073cStracker-user // --------------------------------------------------------------------- 49143d2073cStracker-user 49243d2073cStracker-user /** 49343d2073cStracker-user * Render a page to normalised plain text, for quote searching. 49443d2073cStracker-user * 49543d2073cStracker-user * Block-level closing tags become spaces so adjacent blocks do not fuse 49643d2073cStracker-user * into one run of text; then tags are stripped, entities decoded, and 49743d2073cStracker-user * whitespace collapsed — the same normalisation applied to stored quotes. 49843d2073cStracker-user * 49943d2073cStracker-user * @param string $id page id 50043d2073cStracker-user * @return string 50143d2073cStracker-user */ 50243d2073cStracker-user public function getPageText($id) 50343d2073cStracker-user { 50443d2073cStracker-user if (!page_exists($id)) { 50543d2073cStracker-user return ''; 50643d2073cStracker-user } 50743d2073cStracker-user $xhtml = p_wiki_xhtml($id, '', false); 50843d2073cStracker-user if (!is_string($xhtml) || $xhtml === '') { 50943d2073cStracker-user return ''; 51043d2073cStracker-user } 51143d2073cStracker-user $xhtml = preg_replace('#</(p|div|li|h[1-6]|td|th|tr|blockquote|pre|dt|dd)>#i', ' ', $xhtml); 51243d2073cStracker-user $xhtml = preg_replace('#<br\s*/?>#i', ' ', $xhtml); 51343d2073cStracker-user $text = strip_tags($xhtml); 51443d2073cStracker-user $text = html_entity_decode($text, ENT_QUOTES | ENT_HTML5, 'UTF-8'); 51543d2073cStracker-user return $this->normalizeWhitespace($text); 51643d2073cStracker-user } 51743d2073cStracker-user 51843d2073cStracker-user /** 51943d2073cStracker-user * The annotations on a page whose quoted text is no longer present. 52043d2073cStracker-user * 52143d2073cStracker-user * @param string $id page id 52243d2073cStracker-user * @return array list of orphaned annotation arrays 52343d2073cStracker-user */ 52443d2073cStracker-user public function findOrphaned($id) 52543d2073cStracker-user { 52643d2073cStracker-user $annotations = $this->getAnnotations($id); 52743d2073cStracker-user if (empty($annotations)) { 52843d2073cStracker-user return []; 52943d2073cStracker-user } 53043d2073cStracker-user $pageText = $this->getPageText($id); 53143d2073cStracker-user 53243d2073cStracker-user $orphaned = []; 53343d2073cStracker-user foreach ($annotations as $a) { 53443d2073cStracker-user $exact = $this->normalizeWhitespace($a['anchor']['exact'] ?? ''); 53543d2073cStracker-user if ($exact === '' || mb_strpos($pageText, $exact) === false) { 53643d2073cStracker-user $orphaned[] = $a; 53743d2073cStracker-user } 53843d2073cStracker-user } 53943d2073cStracker-user return $orphaned; 54043d2073cStracker-user } 54143d2073cStracker-user 54243d2073cStracker-user // --------------------------------------------------------------------- 54343d2073cStracker-user // Permission rules (single source of truth) 54443d2073cStracker-user // --------------------------------------------------------------------- 54543d2073cStracker-user 54643d2073cStracker-user /** 54743d2073cStracker-user * May this user create an annotation, reply, or change a resolve status? 54843d2073cStracker-user * 54943d2073cStracker-user * Requires only read access to the page — annotations are out-of-band, so 55043d2073cStracker-user * a user whose page edit access is blocked may still annotate. 55143d2073cStracker-user * 55243d2073cStracker-user * @param string $user current username ('' for anonymous) 55343d2073cStracker-user * @param int $aclLevel the user's ACL level on the page 55443d2073cStracker-user * @return bool 55543d2073cStracker-user */ 55643d2073cStracker-user public function canAnnotate($user, $aclLevel) 55743d2073cStracker-user { 55843d2073cStracker-user return $user !== '' && $user !== null && $aclLevel >= AUTH_READ; 55943d2073cStracker-user } 56043d2073cStracker-user 56143d2073cStracker-user /** 56243d2073cStracker-user * May this user edit or delete the given annotation? Author or admin. 56343d2073cStracker-user * 56443d2073cStracker-user * @param array $annotation 56543d2073cStracker-user * @param string $user 56643d2073cStracker-user * @param bool $isAdmin 56743d2073cStracker-user * @return bool 56843d2073cStracker-user */ 56943d2073cStracker-user public function canEditAnnotation(array $annotation, $user, $isAdmin) 57043d2073cStracker-user { 57143d2073cStracker-user if ($user === '' || $user === null) { 57243d2073cStracker-user return false; 57343d2073cStracker-user } 57443d2073cStracker-user return $isAdmin || (($annotation['author'] ?? '') === $user); 57543d2073cStracker-user } 57643d2073cStracker-user 57743d2073cStracker-user /** 57843d2073cStracker-user * May this user edit or delete the given reply? Author or admin. 57943d2073cStracker-user * 58043d2073cStracker-user * @param array $reply 58143d2073cStracker-user * @param string $user 58243d2073cStracker-user * @param bool $isAdmin 58343d2073cStracker-user * @return bool 58443d2073cStracker-user */ 58543d2073cStracker-user public function canEditReply(array $reply, $user, $isAdmin) 58643d2073cStracker-user { 58743d2073cStracker-user if ($user === '' || $user === null) { 58843d2073cStracker-user return false; 58943d2073cStracker-user } 59043d2073cStracker-user return $isAdmin || (($reply['author'] ?? '') === $user); 59143d2073cStracker-user } 59243d2073cStracker-user 59343d2073cStracker-user /** 59443d2073cStracker-user * May this user run the per-page "clear resolved/orphaned" operations? 59543d2073cStracker-user * Admins only. 59643d2073cStracker-user * 59743d2073cStracker-user * @param bool $isAdmin 59843d2073cStracker-user * @return bool 59943d2073cStracker-user */ 60043d2073cStracker-user public function canClear($isAdmin) 60143d2073cStracker-user { 60243d2073cStracker-user return (bool) $isAdmin; 60343d2073cStracker-user } 60443d2073cStracker-user 60543d2073cStracker-user // --------------------------------------------------------------------- 60643d2073cStracker-user // Input cleaning 60743d2073cStracker-user // --------------------------------------------------------------------- 60843d2073cStracker-user 60943d2073cStracker-user /** 61043d2073cStracker-user * Validate and normalise a raw anchor. 61143d2073cStracker-user * 61243d2073cStracker-user * @param mixed $anchor 61343d2073cStracker-user * @return array|null the cleaned anchor, or null if unusable 61443d2073cStracker-user */ 61543d2073cStracker-user protected function cleanAnchor($anchor) 61643d2073cStracker-user { 61743d2073cStracker-user if (!is_array($anchor)) { 61843d2073cStracker-user return null; 61943d2073cStracker-user } 62043d2073cStracker-user 62143d2073cStracker-user $exact = (isset($anchor['exact']) && is_string($anchor['exact'])) 62243d2073cStracker-user ? $this->normalizeWhitespace($anchor['exact']) 62343d2073cStracker-user : ''; 62443d2073cStracker-user if ($exact === '') { 62543d2073cStracker-user return null; // an anchor without quoted text is unusable 62643d2073cStracker-user } 62743d2073cStracker-user if (mb_strlen($exact) > self::MAX_QUOTE) { 62843d2073cStracker-user $exact = mb_substr($exact, 0, self::MAX_QUOTE); 62943d2073cStracker-user } 63043d2073cStracker-user 63143d2073cStracker-user $prefix = (isset($anchor['prefix']) && is_string($anchor['prefix'])) 63243d2073cStracker-user ? $this->normalizeWhitespace($anchor['prefix']) 63343d2073cStracker-user : ''; 63443d2073cStracker-user $suffix = (isset($anchor['suffix']) && is_string($anchor['suffix'])) 63543d2073cStracker-user ? $this->normalizeWhitespace($anchor['suffix']) 63643d2073cStracker-user : ''; 637*86c7806dStracker-user $ctx = $this->contextLength(); 638*86c7806dStracker-user if (mb_strlen($prefix) > $ctx) { 639*86c7806dStracker-user $prefix = mb_substr($prefix, -$ctx); 64043d2073cStracker-user } 641*86c7806dStracker-user if (mb_strlen($suffix) > $ctx) { 642*86c7806dStracker-user $suffix = mb_substr($suffix, 0, $ctx); 64343d2073cStracker-user } 64443d2073cStracker-user 64543d2073cStracker-user $start = isset($anchor['start']) ? max(0, (int) $anchor['start']) : 0; 64643d2073cStracker-user 64743d2073cStracker-user return [ 64843d2073cStracker-user 'exact' => $exact, 64943d2073cStracker-user 'prefix' => $prefix, 65043d2073cStracker-user 'suffix' => $suffix, 65143d2073cStracker-user 'start' => $start, 65243d2073cStracker-user ]; 65343d2073cStracker-user } 65443d2073cStracker-user 65543d2073cStracker-user /** 65643d2073cStracker-user * Clean an annotation/reply body: a plain-text string, trimmed, with 65743d2073cStracker-user * normalised line endings and a length cap. Newlines are kept; the text 65843d2073cStracker-user * is escaped by the consumer at render time. 65943d2073cStracker-user * 66043d2073cStracker-user * @param mixed $body 66143d2073cStracker-user * @return string 66243d2073cStracker-user */ 66343d2073cStracker-user protected function cleanBody($body) 66443d2073cStracker-user { 66543d2073cStracker-user if (!is_string($body)) { 66643d2073cStracker-user return ''; 66743d2073cStracker-user } 66843d2073cStracker-user $body = str_replace("\r\n", "\n", $body); 66943d2073cStracker-user $body = str_replace("\r", "\n", $body); 67043d2073cStracker-user $body = trim($body); 671*86c7806dStracker-user $cap = $this->bodyCap(); 672*86c7806dStracker-user if (mb_strlen($body) > $cap) { 673*86c7806dStracker-user $body = mb_substr($body, 0, $cap); 67443d2073cStracker-user } 67543d2073cStracker-user return $body; 67643d2073cStracker-user } 67743d2073cStracker-user 67843d2073cStracker-user /** 67943d2073cStracker-user * Collapse every run of whitespace to a single space and trim. 68043d2073cStracker-user * 68143d2073cStracker-user * @param mixed $text 68243d2073cStracker-user * @return string 68343d2073cStracker-user */ 68443d2073cStracker-user protected function normalizeWhitespace($text) 68543d2073cStracker-user { 68643d2073cStracker-user return trim(preg_replace('/\s+/u', ' ', (string) $text)); 68743d2073cStracker-user } 68843d2073cStracker-user 68943d2073cStracker-user /** 69043d2073cStracker-user * A fresh identifier for an annotation or reply. 69143d2073cStracker-user * 69243d2073cStracker-user * @return string 16 hex characters 69343d2073cStracker-user */ 69443d2073cStracker-user protected function newId() 69543d2073cStracker-user { 69643d2073cStracker-user return bin2hex(random_bytes(8)); 69743d2073cStracker-user } 69843d2073cStracker-user} 699