207 lines
6.7 KiB
PHP
207 lines
6.7 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Name: DSC01 DSC Categories
|
|
* Description: Public civic diagnostic — the legal surfaces where HOA governance disputes manifest.
|
|
* Version: 0.3.0
|
|
* MinVersion: 11.0
|
|
* MaxVersion: 12.0
|
|
*/
|
|
|
|
use Zotlabs\Extend\Widget;
|
|
|
|
require_once 'addon/dsc01/dsc01_renderer.php';
|
|
require_once 'addon/dsc01/dsc01_spool.php';
|
|
|
|
function dsc01_module() {}
|
|
|
|
function dsc01_load() {
|
|
register_hook('load_pdl', 'addon/dsc01/dsc01.php', 'dsc01_load_pdl');
|
|
Widget::register('addon/dsc01/Widget/Dsc01.php', 'dsc01');
|
|
}
|
|
|
|
function dsc01_unload() {
|
|
unregister_hook('load_pdl', 'addon/dsc01/dsc01.php', 'dsc01_load_pdl');
|
|
Widget::unregister('addon/dsc01/Widget/Dsc01.php', 'dsc01');
|
|
}
|
|
|
|
function dsc01_load_pdl(&$b) {
|
|
if (!is_array($b) || empty($b['module']) || $b['module'] !== 'dsc01') {
|
|
return;
|
|
}
|
|
$layout = @file_get_contents('addon/dsc01/mod_dsc01.pdl');
|
|
if ($layout !== false) {
|
|
$b['layout'] = $layout;
|
|
}
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// HELPERS
|
|
// ---------------------------------------------------------------------------
|
|
|
|
function dsc01_h($value) {
|
|
return htmlspecialchars((string) $value, ENT_QUOTES, 'UTF-8');
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// ACCESS
|
|
// ---------------------------------------------------------------------------
|
|
|
|
function dsc01_access_state($association_slug = '') {
|
|
// Operator check — association channel owner (local channel only)
|
|
if (local_channel()) {
|
|
$channel = App::get_channel();
|
|
if (local_channel() === intval($channel['channel_id'])) {
|
|
return 'operator';
|
|
}
|
|
}
|
|
|
|
if (!$association_slug) {
|
|
return 'public';
|
|
}
|
|
|
|
// Load association config from vs01 — the single source of truth.
|
|
$raw = @file_get_contents('addon/vs01/config.json');
|
|
if ($raw === false) return 'public';
|
|
$cfg = json_decode($raw, true);
|
|
if (json_last_error() !== JSON_ERROR_NONE) return 'public';
|
|
|
|
$assoc = $cfg['associations'][$association_slug] ?? null;
|
|
if (!$assoc) return 'public';
|
|
|
|
// get_observer_hash() works for both local channels and guest token visitors.
|
|
$observer = get_observer_hash();
|
|
if (!$observer) return 'public';
|
|
|
|
$groups = $assoc['groups'] ?? [];
|
|
|
|
// Direct pgrp_member query — does not call local_channel(), works for guest tokens.
|
|
|
|
// Corpus Builder — highest participant tier
|
|
$cb_gid = intval($groups['corpus_builder'] ?? 0);
|
|
if ($cb_gid) {
|
|
$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND xchan = '%s' LIMIT 1",
|
|
intval($cb_gid),
|
|
dbesc($observer)
|
|
);
|
|
if ($r) return 'participant';
|
|
}
|
|
|
|
// SASE Participant
|
|
$sase_gid = intval($groups['sase_participant'] ?? 0);
|
|
if ($sase_gid) {
|
|
$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND xchan = '%s' LIMIT 1",
|
|
intval($sase_gid),
|
|
dbesc($observer)
|
|
);
|
|
if ($r) return 'participant';
|
|
}
|
|
|
|
// Civic Professional
|
|
$prof_gid = intval($groups['civic_professional'] ?? 0);
|
|
if ($prof_gid) {
|
|
$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND xchan = '%s' LIMIT 1",
|
|
intval($prof_gid),
|
|
dbesc($observer)
|
|
);
|
|
if ($r) return 'professional';
|
|
}
|
|
|
|
return 'public';
|
|
}
|
|
|
|
function dsc01_access_wall($association_slug = '') {
|
|
$raw = @file_get_contents('addon/vs01/config.json');
|
|
$cfg = $raw ? json_decode($raw, true) : [];
|
|
$assoc = $association_slug ? ($cfg['associations'][$association_slug] ?? null) : null;
|
|
$name = $assoc ? dsc01_h($assoc['name']) : 'this association';
|
|
return '
|
|
<div class="dsc01-content">
|
|
<div class="alert alert-info" role="alert">
|
|
<strong>HOA_MEMBER standing required to submit a record for ' . $name . '.</strong>
|
|
DSC Categories are public and readable by anyone.
|
|
To submit a record, you must complete the SASE process.
|
|
Visit <a href="https://directory.diagnostics.kane-il.us/channel/theron">
|
|
directory.diagnostics.kane-il.us
|
|
</a> to begin.
|
|
</div>
|
|
</div>
|
|
';
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// CONTENT ROUTER
|
|
// ---------------------------------------------------------------------------
|
|
|
|
function dsc01_content() {
|
|
if (function_exists('head_add_css')) {
|
|
head_add_css('/addon/dsc01/view/css/dsc01.css');
|
|
}
|
|
if (function_exists('head_add_js')) {
|
|
head_add_js('/addon/dsc01/view/js/dsc01.js');
|
|
}
|
|
|
|
$association_slug = argv(1) ?? '';
|
|
$sub_route = strtolower(argv(2) ?? '');
|
|
|
|
// Index — list the ten DSC categories
|
|
if (!$association_slug) {
|
|
return dsc01_render_index();
|
|
}
|
|
|
|
$raw = @file_get_contents('addon/vs01/config.json');
|
|
$cfg = $raw ? json_decode($raw, true) : [];
|
|
if (json_last_error() !== JSON_ERROR_NONE || !isset($cfg['associations'][$association_slug])) {
|
|
return dsc01_render_not_found();
|
|
}
|
|
|
|
$access = dsc01_access_state($association_slug);
|
|
|
|
// Manage route — operator only (stub)
|
|
if ($sub_route === 'manage') {
|
|
if ($access !== 'operator') {
|
|
return dsc01_access_wall($association_slug);
|
|
}
|
|
return dsc01_render_manage($association_slug);
|
|
}
|
|
|
|
// POST — submission handler
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
if ($access === 'public') {
|
|
return dsc01_access_wall($association_slug);
|
|
}
|
|
if (!dsc01_verify_csrf()) {
|
|
return '<div class="alert alert-danger">Invalid form token. Please reload and try again.</div>';
|
|
}
|
|
return dsc01_handle_post($association_slug, $access);
|
|
}
|
|
|
|
// Association landing — checklist
|
|
return dsc01_render_landing($association_slug, $access);
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// NOT FOUND
|
|
// ---------------------------------------------------------------------------
|
|
|
|
function dsc01_render_not_found() {
|
|
return '<div class="dsc01-content"><div class="alert alert-warning">Association not found.</div></div>';
|
|
}
|
|
|
|
// ---------------------------------------------------------------------------
|
|
// CSRF
|
|
// ---------------------------------------------------------------------------
|
|
|
|
function dsc01_csrf_token() {
|
|
if (empty($_SESSION['dsc01_csrf'])) {
|
|
$_SESSION['dsc01_csrf'] = bin2hex(random_bytes(16));
|
|
}
|
|
return '<input type="hidden" name="dsc01_csrf" value="'
|
|
. dsc01_h($_SESSION['dsc01_csrf']) . '">';
|
|
}
|
|
|
|
function dsc01_verify_csrf() {
|
|
return isset($_POST['dsc01_csrf'], $_SESSION['dsc01_csrf'])
|
|
&& hash_equals($_SESSION['dsc01_csrf'], $_POST['dsc01_csrf']);
|
|
}
|