From 72b301272e0b70ded3e2b237391909e3f152ad0b Mon Sep 17 00:00:00 2001
From: Benjamin Bellamy <ben@podlibre.org>
Date: Tue, 20 Oct 2020 13:46:00 +0000
Subject: [PATCH] feat: add lock podcast according to the Podcastindex
podcast-namespace to prevent unauthozized import
---
app/Controllers/Admin/Podcast.php | 13 +++++++-
.../2020-05-30-101500_add_podcasts.php | 33 +++++++++++--------
app/Entities/Podcast.php | 7 ++--
app/Helpers/rss_helper.php | 9 +++--
app/Language/en/Podcast.php | 3 ++
app/Language/en/PodcastImport.php | 2 ++
app/Language/fr/Podcast.php | 3 ++
app/Language/fr/PodcastImport.php | 2 ++
app/Models/PodcastModel.php | 1 +
app/Views/admin/podcast/create.php | 7 ++++
app/Views/admin/podcast/edit.php | 11 ++++++-
11 files changed, 71 insertions(+), 20 deletions(-)
diff --git a/app/Controllers/Admin/Podcast.php b/app/Controllers/Admin/Podcast.php
index 1d10f9f2f0..05503ca221 100644
--- a/app/Controllers/Admin/Podcast.php
+++ b/app/Controllers/Admin/Podcast.php
@@ -156,6 +156,7 @@ class Podcast extends BaseController
'copyright' => $this->request->getPost('copyright'),
'block' => $this->request->getPost('block') === 'yes',
'complete' => $this->request->getPost('complete') === 'yes',
+ 'lock' => $this->request->getPost('lock') === 'yes',
'created_by' => user(),
'updated_by' => user(),
]);
@@ -244,10 +245,19 @@ class Podcast extends BaseController
' ⎋</a>',
]);
}
-
$nsItunes = $feed->channel[0]->children(
'http://www.itunes.com/dtds/podcast-1.0.dtd'
);
+ $nsPodcast = $feed->channel[0]->children(
+ 'https://github.com/Podcastindex-org/podcast-namespace/blob/main/docs/1.0.md'
+ );
+
+ if ((string) $nsPodcast->locked === 'yes') {
+ return redirect()
+ ->back()
+ ->withInput()
+ ->with('errors', [lang('PodcastImport.lock_import')]);
+ }
$podcast = new \App\Entities\Podcast([
'name' => $this->request->getPost('name'),
@@ -453,6 +463,7 @@ class Podcast extends BaseController
$this->podcast->block = $this->request->getPost('block') === 'yes';
$this->podcast->complete =
$this->request->getPost('complete') === 'yes';
+ $this->podcast->lock = $this->request->getPost('lock') === 'yes';
$this->updated_by = user();
$db = \Config\Database::connect();
diff --git a/app/Database/Migrations/2020-05-30-101500_add_podcasts.php b/app/Database/Migrations/2020-05-30-101500_add_podcasts.php
index 018315cfd9..96633865ee 100644
--- a/app/Database/Migrations/2020-05-30-101500_add_podcasts.php
+++ b/app/Database/Migrations/2020-05-30-101500_add_podcasts.php
@@ -79,6 +79,10 @@ class AddPodcasts extends Migration
'constraint' => 1024,
'null' => true,
],
+ 'episode_description_footer' => [
+ 'type' => 'TEXT',
+ 'null' => true,
+ ],
'block' => [
'type' => 'TINYINT',
'constraint' => 1,
@@ -89,19 +93,12 @@ class AddPodcasts extends Migration
'constraint' => 1,
'default' => 0,
],
- 'episode_description_footer' => [
- 'type' => 'TEXT',
- 'null' => true,
- ],
- 'created_by' => [
- 'type' => 'INT',
- 'constraint' => 11,
- 'unsigned' => true,
- ],
- 'updated_by' => [
- 'type' => 'INT',
- 'constraint' => 11,
- 'unsigned' => true,
+ 'lock' => [
+ 'type' => 'TINYINT',
+ 'constraint' => 1,
+ 'comment' =>
+ 'This tells other podcast platforms whether they are allowed to import this feed.',
+ 'default' => 1,
],
'imported_feed_url' => [
'type' => 'VARCHAR',
@@ -117,6 +114,16 @@ class AddPodcasts extends Migration
'The RSS new feed URL if this podcast is moving out, NULL otherwise.',
'null' => true,
],
+ 'created_by' => [
+ 'type' => 'INT',
+ 'constraint' => 11,
+ 'unsigned' => true,
+ ],
+ 'updated_by' => [
+ 'type' => 'INT',
+ 'constraint' => 11,
+ 'unsigned' => true,
+ ],
'created_at' => [
'type' => 'TIMESTAMP',
],
diff --git a/app/Entities/Podcast.php b/app/Entities/Podcast.php
index f60e44dc2b..e64cd5bca7 100644
--- a/app/Entities/Podcast.php
+++ b/app/Entities/Podcast.php
@@ -76,13 +76,14 @@ class Podcast extends Entity
'owner_email' => '?string',
'type' => 'string',
'copyright' => '?string',
+ 'episode_description_footer' => '?string',
'block' => 'boolean',
'complete' => 'boolean',
- 'episode_description_footer' => '?string',
- 'created_by' => 'integer',
- 'updated_by' => 'integer',
+ 'lock' => 'boolean',
'imported_feed_url' => '?string',
'new_feed_url' => '?string',
+ 'created_by' => 'integer',
+ 'updated_by' => 'integer',
];
/**
diff --git a/app/Helpers/rss_helper.php b/app/Helpers/rss_helper.php
index 9f17a2f73c..7841337834 100644
--- a/app/Helpers/rss_helper.php
+++ b/app/Helpers/rss_helper.php
@@ -21,8 +21,11 @@ function get_rss_feed($podcast)
$itunes_namespace = 'http://www.itunes.com/dtds/podcast-1.0.dtd';
+ $podcast_namespace =
+ 'https://github.com/Podcastindex-org/podcast-namespace/blob/main/docs/1.0.md';
+
$rss = new SimpleRSSElement(
- "<?xml version='1.0' encoding='utf-8'?><rss version='2.0' xmlns:itunes='$itunes_namespace' xmlns:content='http://purl.org/rss/1.0/modules/content/'></rss>"
+ "<?xml version='1.0' encoding='utf-8'?><rss version='2.0' xmlns:itunes='$itunes_namespace' xmlns:podcast='$podcast_namespace' xmlns:content='http://purl.org/rss/1.0/modules/content/'></rss>"
);
$channel = $rss->addChild('channel');
@@ -60,7 +63,9 @@ function get_rss_feed($podcast)
$itunes_image = $channel->addChild('image', null, $itunes_namespace);
$itunes_image->addAttribute('href', $podcast->image->original_url);
$channel->addChild('language', $podcast->language);
-
+ $channel
+ ->addChild('locked', $podcast->lock ? 'yes' : 'no', $podcast_namespace)
+ ->addAttribute('owner', $podcast->owner_email);
// set main category first, then other categories as apple
add_category_tag($channel, $podcast->category);
foreach ($podcast->other_categories as $other_category) {
diff --git a/app/Language/en/Podcast.php b/app/Language/en/Podcast.php
index fc54298c41..d979ae78b5 100644
--- a/app/Language/en/Podcast.php
+++ b/app/Language/en/Podcast.php
@@ -65,6 +65,9 @@ return [
'status_section_subtitle' => 'Dead or alive?',
'block' => 'Podcast should be hidden from all platforms',
'complete' => 'Podcast will not be having new episodes',
+ 'lock' => 'Podcast is locked for export',
+ 'lock_hint' =>
+ 'The purpose is to tell other podcast platforms whether they are allowed to import this feed. A value of yes means that any attempt to import this feed into a new platform should be rejected.',
'submit_create' => 'Create podcast',
'submit_edit' => 'Save podcast',
],
diff --git a/app/Language/en/PodcastImport.php b/app/Language/en/PodcastImport.php
index d914557a9b..5660a280f4 100644
--- a/app/Language/en/PodcastImport.php
+++ b/app/Language/en/PodcastImport.php
@@ -40,5 +40,7 @@ return [
'Use this if your podcast does not have a season number but wish to set one during import. Leave blank otherwise.',
'max_episodes' => 'Maximum number of episodes to import',
'max_episodes_hint' => 'Leave blank to import all episodes',
+ 'lock_import' =>
+ 'This feed is protected. You cannot import it. If you are the owner, unprotect it on the origin platform.',
'submit' => 'Import podcast',
];
diff --git a/app/Language/fr/Podcast.php b/app/Language/fr/Podcast.php
index 0452bbc6d1..8fe3ad145d 100644
--- a/app/Language/fr/Podcast.php
+++ b/app/Language/fr/Podcast.php
@@ -66,6 +66,9 @@ return [
'status_section_subtitle' => 'Vivant ou mort ?',
'block' => 'Le podcast doit être masqué sur toutes les plateformes',
'complete' => 'Le podcast n’aura plus de nouveaux épisodes.',
+ 'lock' => 'Le podcast est fermé à l’export',
+ 'lock_hint' =>
+ 'Le but est d’indiquer aux autres plates-formes de podcast si elles sont autorisées à importer ce flux. La valeur « oui » signifie que toute tentative d’importation de ce flux dans une nouvelle plateforme doit être rejetée.',
'submit_create' => 'Créer le podcast',
'submit_edit' => 'Enregistrer le podcast',
],
diff --git a/app/Language/fr/PodcastImport.php b/app/Language/fr/PodcastImport.php
index c7d03e0c66..539d06095a 100644
--- a/app/Language/fr/PodcastImport.php
+++ b/app/Language/fr/PodcastImport.php
@@ -41,5 +41,7 @@ return [
'Utilisez ceci si le podcast à importer ne contient pas de numéros de saison mais que vous souhaitez en définir un. Laissez vide sinon.',
'max_episodes' => 'Nombre maximum d’épisodes à importer',
'max_episodes_hint' => 'Laissez vide pour importer tous les épisodes',
+ 'lock_import' =>
+ 'Ce flux est protégé. Vous ne pouvez pas l’importer. Si en vous êtes le propriétaire, déprotégez-le sur la plate-forme d’origine.',
'submit' => 'Importer le podcast',
];
diff --git a/app/Models/PodcastModel.php b/app/Models/PodcastModel.php
index 1fd98403bf..84b26e6ba7 100644
--- a/app/Models/PodcastModel.php
+++ b/app/Models/PodcastModel.php
@@ -32,6 +32,7 @@ class PodcastModel extends Model
'copyright',
'block',
'complete',
+ 'lock',
'created_by',
'updated_by',
'imported_feed_url',
diff --git a/app/Views/admin/podcast/create.php b/app/Views/admin/podcast/create.php
index 006dd61a87..1ee8414124 100644
--- a/app/Views/admin/podcast/create.php
+++ b/app/Views/admin/podcast/create.php
@@ -262,6 +262,13 @@
old('complete', false)
) ?>
+<?= form_switch(
+ lang('Podcast.form.lock'),
+ ['id' => 'lock', 'name' => 'lock'],
+ 'yes',
+ old('lock', $podcast->lock)
+) ?>
+
<?= form_section_close() ?>
diff --git a/app/Views/admin/podcast/edit.php b/app/Views/admin/podcast/edit.php
index 2a3933b719..b2c0286926 100644
--- a/app/Views/admin/podcast/edit.php
+++ b/app/Views/admin/podcast/edit.php
@@ -269,7 +269,16 @@
lang('Podcast.form.complete'),
['id' => 'complete', 'name' => 'complete'],
'yes',
- old('complete', $podcast->complete)
+ old('complete', $podcast->complete),
+ 'mb-2'
+) ?>
+
+<?= form_switch(
+ lang('Podcast.form.lock') .
+ hint_tooltip(lang('Podcast.form.lock_hint'), 'ml-1'),
+ ['id' => 'lock', 'name' => 'lock'],
+ 'yes',
+ old('lock', $podcast->lock)
) ?>
<?= form_section_close() ?>
--
GitLab