summaryrefslogtreecommitdiffstats
path: root/apps/comments/lib
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2016-10-26 17:34:03 +0200
committerJoas Schilling <coding@schilljs.com>2016-10-28 12:32:10 +0200
commit286482656bd77b9a162c4ab291508c5fed78b8da (patch)
tree94d43c935e75d2b6efe4989120f0b45f701776f4 /apps/comments/lib
parentb98dfaccd96fb9b0da13bc59f55ed9b61cbbd528 (diff)
downloadnextcloud-server-286482656bd77b9a162c4ab291508c5fed78b8da.tar.gz
nextcloud-server-286482656bd77b9a162c4ab291508c5fed78b8da.zip
Fix comment mentions in activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/comments/lib')
-rw-r--r--apps/comments/lib/Activity/Extension.php25
1 files changed, 25 insertions, 0 deletions
diff --git a/apps/comments/lib/Activity/Extension.php b/apps/comments/lib/Activity/Extension.php
index 6bf7bc9ac0b..2a155dd0064 100644
--- a/apps/comments/lib/Activity/Extension.php
+++ b/apps/comments/lib/Activity/Extension.php
@@ -29,6 +29,7 @@ use OCP\Comments\NotFoundException;
use OCP\IL10N;
use OCP\IURLGenerator;
use OCP\L10N\IFactory;
+use OCP\Util;
/**
* Class Extension
@@ -306,6 +307,25 @@ class Extension implements IExtension {
$comment = $this->commentsManager->get((int) $matches[1]);
$message = $comment->getMessage();
$message = str_replace("\n", '<br />', str_replace(['<', '>'], ['&lt;', '&gt;'], $message));
+
+ foreach ($comment->getMentions() as $mention) {
+ if ($mention['type'] !== 'user') {
+ continue;
+ }
+
+ try {
+ $displayName = $this->commentsManager->resolveDisplayName($mention['type'], $mention['id']);
+ } catch (\OutOfBoundsException $e) {
+ // No displayname, upon client's discretion what to display.
+ $displayName = $mention['id'];
+ }
+
+ $message = preg_replace(
+ '/(^|\s)(' . '@' . $mention['id'] . ')(\b)/',
+ '${1}' . $this->regexSafeUser($mention['id'], $displayName) . '${3}',
+ $message
+ );
+ }
return $message;
} catch (NotFoundException $e) {
return '';
@@ -314,4 +334,9 @@ class Extension implements IExtension {
return '';
}
+
+ protected function regexSafeUser($uid, $displayName) {
+ // FIXME evil internal API hackery, do NOT copy this
+ return str_replace('$', '\$', '<user display-name="' . Util::sanitizeHTML($displayName) . '">' . Util::sanitizeHTML($uid) . '</user>');
+ }
}