OpenVK · n1rwana · Aug 7, 2023 · Aug 9, 2023
diff --git a/Web/Models/Entities/User.php b/Web/Models/Entities/User.php
@@ -438,6 +438,8 @@ function getPrivacySetting(string $id): int
 
     function getPrivacyPermission(string $permission, ?User $user = NULL): bool
     {
+        if ($this->isServiceAccount() && $permission !== "page.read" && ($user !== NULL && $user->getId() !== $this->getId())) return false;
+
         $permStatus = $this->getPrivacySetting($permission);
         if(!$user)
             return $permStatus === User::PRIVACY_EVERYONE;
@@ -1113,6 +1115,16 @@ function canUnbanThemself(): bool
         return true;
     }
 
+    function getServiceAccountNotify(): ?string
+    {
+        return $this->getRecord()->service_account_notify;
+    }
+
+    function isServiceAccount(): bool
+    {
+        return !is_null($this->getServiceAccountNotify());
+    }
+
     function toVkApiStruct(): object
     {
         $res = (object) [];

diff --git a/Web/Presenters/CommentPresenter.php b/Web/Presenters/CommentPresenter.php
@@ -23,6 +23,9 @@ function renderLike(int $id): void
         $comment = (new Comments)->get($id);
         if(!$comment || $comment->isDeleted()) $this->notFound();
 
+        if (!($comment->getTarget() instanceof Post && $comment->getTarget()->getOwner() instanceof User && ($comment->getTarget()->getOwner()->isServiceAccount()))
+            if(!is_null($this->user)) $comment->toggleLike($this->user->identity);
+
         if ($comment->getTarget() instanceof Post && $comment->getTarget()->getWallOwner()->isBanned())
             $this->flashFail("err", tr("error"), tr("forbidden"));
 
@@ -51,7 +54,7 @@ function renderMakeComment(string $repo, int $eId): void
         else if($entity instanceof Topic)
             $club = $entity->getClub();
 
-        if ($entity instanceof Post && $entity->getWallOwner()->isBanned())
+        if ($entity instanceof Post && ($entity->getOwner()->isServiceAccount() || $entity->getWallOwner()->isBanned()))
             $this->flashFail("err", tr("error"), tr("forbidden"));
 
         if($_FILES["_vid_attachment"] && OPENVK_ROOT_CONF['openvk']['preferences']['videos']['disableUploading'])
@@ -134,7 +137,7 @@ function renderDeleteComment(int $id): void
 
         $comment = (new Comments)->get($id);
         if(!$comment) $this->notFound();
-        if(!$comment->canBeDeletedBy($this->user->identity))
+        if(!$comment->canBeDeletedBy($this->user->identity) || ($comment->getTarget() instanceof Post && $comment->getTarget()->getOwner() instanceof User && $comment->getTarget()->getOwner()->isServiceAccount()))
             $this->throwError(403, "Forbidden", "У вас недостаточно прав чтобы редактировать этот ресурс.");
         if ($comment->getTarget() instanceof Post && $comment->getTarget()->getWallOwner()->isBanned())
             $this->flashFail("err", tr("error"), tr("forbidden"));

diff --git a/Web/Presenters/GiftsPresenter.php b/Web/Presenters/GiftsPresenter.php
@@ -20,7 +20,7 @@ function renderUserGifts(int $user): void
         $this->assertUserLoggedIn();
 
         $user = $this->users->get($user);
-        if(!$user)
+        if(!$user || $user->isServiceAccount())
             $this->notFound();
 
         $this->template->user     = $user;
@@ -33,7 +33,7 @@ function renderUserGifts(int $user): void
     function renderGiftMenu(): void
     {
         $user = $this->users->get((int) ($this->queryParam("user") ?? 0));
-        if(!$user)
+        if(!$user || $user->isServiceAccount())
             $this->notFound();
 
         $this->template->page = $page = (int) ($this->queryParam("p") ?? 1);
@@ -65,7 +65,7 @@ function renderConfirmGift(): void
         $user = $this->users->get((int) ($this->queryParam("user") ?? 0));
         $gift = $this->gifts->get((int) ($this->queryParam("elid") ?? 0));
         $cat  = $this->gifts->getCat((int) ($this->queryParam("pack") ?? 0));
-        if(!$user || !$cat || !$gift || !$cat->hasGift($gift))
+        if(!$user || !$cat || !$gift || !$cat->hasGift($gift) || $user->isServiceAccount())
             $this->flashFail("err", "Не удалось подарить", "Не удалось подтвердить права на подарок.");
 
         if(!$gift->canUse($this->user->identity))

diff --git a/Web/Presenters/PhotosPresenter.php b/Web/Presenters/PhotosPresenter.php
@@ -1,6 +1,6 @@
 <?php declare(strict_types=1);
 namespace openvk\Web\Presenters;
-use openvk\Web\Models\Entities\{Club, Photo, Album};
+use openvk\Web\Models\Entities\{Club, Photo, Album, User};
 use openvk\Web\Models\Repositories\{Photos, Albums, Users, Clubs};
 use Nette\InvalidStateException as ISE;
 
@@ -158,7 +158,10 @@ function renderPhoto(int $ownerId, int $photoId): void
     {
         $photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
         if(!$photo || $photo->isDeleted()) $this->notFound();
-
+
+        if ($photo->getOwner() instanceof User && $photo->getOwner()->isServiceAccount())
+            $this->notFound();
+
         if(!is_null($this->queryParam("from"))) {
             if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) {
                 $album = $this->albums->get((int) $matches[1]);

diff --git a/Web/Presenters/UserPresenter.php b/Web/Presenters/UserPresenter.php
@@ -296,6 +296,8 @@ function renderSub(): void
 
         $user = $this->users->get((int) $this->postParam("id"));
         if(!$user) exit("Invalid state");
+        if ($user->isServiceAccount())
+            $this->flashFail("err", tr("error"), tr("forbidden"));
 
         $user->toggleSubscription($this->user->identity);
 
@@ -654,6 +656,9 @@ function renderCoinsTransfer(): void
         if($this->user->identity->getCoins() < $value)
             $this->flashFail("err", tr("failed_to_tranfer_points"), tr("you_dont_have_enough_points"));
 
+        if ($receiver->isServiceAccount())
+            $this->flashFail("err", tr("error"), tr("forbidden"));
+
         if($this->user->id !== $receiver->getId()) {
             $this->user->identity->setCoins($this->user->identity->getCoins() - $value);
             $this->user->identity->save();
@@ -695,6 +700,9 @@ function renderIncreaseRating(): void
         if($this->user->identity->getCoins() < $value)
             $this->flashFail("err", tr("failed_to_increase_rating"), tr("you_dont_have_enough_points"));
 
+        if ($receiver->isServiceAccount())
+            $this->flashFail("err", tr("error"), tr("forbidden"));
+
         $this->user->identity->setCoins($this->user->identity->getCoins() - $value);
         $this->user->identity->save();
 

diff --git a/Web/Presenters/WallPresenter.php b/Web/Presenters/WallPresenter.php
@@ -90,6 +90,9 @@ function renderWallEmbedded(int $user): void
     function renderRSS(int $user): void
     {
         $owner = ($user < 0 ? (new Clubs) : (new Users))->get(abs($user));
+        if ($owner instanceof User && $owner->isServiceAccount())
+            $this->flashFail("err", tr("error"), tr("forbidden"));
+
         if(is_null($this->user)) {
             $canPost = false;
         } else if($user > 0) {
@@ -215,7 +218,7 @@ function renderMakePost(int $wall): void
         $wallOwner = ($wall > 0 ? (new Users)->get($wall) : (new Clubs)->get($wall * -1))
                      ?? $this->flashFail("err", tr("failed_to_publish_post"), tr("error_4"));
 
-        if ($wallOwner->isBanned())
+        if ($wallOwner instanceof User && ($wallOwner->isServiceAccount() || $wallOwner->isBanned()))
             $this->flashFail("err", tr("error"), tr("forbidden"));
 
         if($wall > 0) {
@@ -345,7 +348,10 @@ function renderPost(int $wall, int $post_id): void
         $post = $this->posts->getPostById($wall, $post_id);
         if(!$post || $post->isDeleted())
             $this->notFound();
-
+
+        if ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount())
+            $this->flashFail("err", tr("error"), tr("forbidden"));
+
         $this->logPostView($post, $wall);
 
         $this->template->post     = $post;
@@ -373,8 +379,9 @@ function renderLike(int $wall, int $post_id): void
         $this->assertNoCSRF();
 
         $post = $this->posts->getPostById($wall, $post_id);
-        if(!$post || $post->isDeleted()) $this->notFound();
 
+        if(!$post || $post->isDeleted() || ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount())) $this->notFound();
+
         if ($post->getWallOwner()->isBanned())
             $this->flashFail("err", tr("error"), tr("forbidden"));
 
@@ -393,7 +400,7 @@ function renderShare(int $wall, int $post_id): void
 
         $post = $this->posts->getPostById($wall, $post_id);
 
-        if(!$post || $post->isDeleted()) 
+        if(!$post || $post->isDeleted() || ($post->getOwner() instanceof User && $post->getOwner()->isServiceAccount()))
             $this->notFound();
 
         if ($post->getWallOwner()->isBanned())

diff --git a/Web/Presenters/templates/Messenger/Index.xml b/Web/Presenters/templates/Messenger/Index.xml
@@ -29,7 +29,7 @@
                     alt="Фотография пользователя" />
                 </div>
                 <div class="crp-entry--info">
-                    <a href="{$recipient->getURL()}">{$recipient->getCanonicalName()}</a><br/>
+                    <a href="{$recipient->getURL()}" n:attr="style => $recipient->isServiceAccount() ? 'font-weight: 700; color: #1b7a1b;' : ''">{$recipient->getCanonicalName()}</a><br/>
                     <span>{$lastMsg->getSendTimeHumanized()}</span>
                 </div>
                 <div n:class="crp-entry--message, $lastMsg->getUnreadState() ? unread">

diff --git a/Web/Presenters/templates/User/View.xml b/Web/Presenters/templates/User/View.xml
@@ -393,7 +393,7 @@
             </div>
 			<div class="accountInfo clearFix">
                 <div class="profileName">
-                    <h2>{$user->getFullName()}</h2>
+                    <h2 n:attr="style => $user->isServiceAccount() ? 'font-weight: 700; color: #1b7a1b;' : ''">{$user->getFullName()}</h2>
                     {if !is_null($user->getStatus())}
                         <div n:class="page_status, $thatIsThisUser ? page_status_edit_button" n:attr="id => $thatIsThisUser ? page_status_text : NULL">{$user->getStatus()}</div>
                     {elseif $thatIsThisUser}
@@ -592,8 +592,14 @@
                 </div>
             </div>
         </div>
-
-        {presenter "openvk!Wall->wallEmbedded", $user->getId()}
+
+        {if $user->isServiceAccount() && $user->getId() !== $thisUser->getId()}
+            <div style="color: grey; margin: 36px 48px; text-align: center;">
+                {$user->getServiceAccountNotify()|noescape}
+            </div>
+        {else}
+            {presenter "openvk!Wall->wallEmbedded", $user->getId()}
+        {/if}
 
         <script n:if="isset($thisUser) && $thisUser->getChandlerUser()->can('access')->model('admin')->whichBelongsTo(NULL)">
             function banUser() {

diff --git a/install/sqls/00038-service-account-notifies.sql b/install/sqls/00038-service-account-notifies.sql
@@ -0,0 +1,2 @@
+ALTER TABLE `profiles`
+    ADD `service_account_notify` TEXT NULL DEFAULT NULL AFTER `alert`;
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		ALTER TABLE `profiles`
		ADD `service_account_notify` TEXT NULL DEFAULT NULL AFTER `alert`;