Fix comment mentions in activities

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2016-10-26 17:34:03 +0200
committer: Joas Schilling <coding@schilljs.com> 2016-10-28 12:32:10 +0200
commit: 286482656bd77b9a162c4ab291508c5fed78b8da (patch)
tree: 94d43c935e75d2b6efe4989120f0b45f701776f4 /apps/comments
parent: b98dfaccd96fb9b0da13bc59f55ed9b61cbbd528 (diff)
download: nextcloud-server-286482656bd77b9a162c4ab291508c5fed78b8da.tar.gz
nextcloud-server-286482656bd77b9a162c4ab291508c5fed78b8da.zip
1 files changed, 25 insertions, 0 deletions
diff --git a/apps/comments/lib/Activity/Extension.php b/apps/comments/lib/Activity/Extension.php
index 6bf7bc9ac0b..2a155dd0064 100644
--- a/apps/comments/lib/Activity/Extension.php
+++ b/apps/comments/lib/Activity/Extension.php
@@ -29,6 +29,7 @@ use OCP\Comments\NotFoundException;
 use OCP\IL10N;
 use OCP\IURLGenerator;
 use OCP\L10N\IFactory;
+use OCP\Util;
 
 /**
  * Class Extension
@@ -306,6 +307,25 @@ class Extension implements IExtension {
 				$comment = $this->commentsManager->get((int) $matches[1]);
 				$message = $comment->getMessage();
 				$message = str_replace("\n", '<br />', str_replace(['<', '>'], ['&lt;', '&gt;'], $message));
+
+				foreach ($comment->getMentions() as $mention) {
+					if ($mention['type'] !== 'user') {
+						continue;
+					}
+
+					try {
+						$displayName = $this->commentsManager->resolveDisplayName($mention['type'], $mention['id']);
+					} catch (\OutOfBoundsException $e) {
+						// No displayname, upon client's discretion what to display.
+						$displayName = $mention['id'];
+					}
+
+					$message = preg_replace(
+						'/(^|\s)(' . '@' . $mention['id'] . ')(\b)/',
+						'${1}' . $this->regexSafeUser($mention['id'], $displayName) . '${3}',
+						$message
+					);
+				}
 				return $message;
 			} catch (NotFoundException $e) {
 				return '';
@@ -314,4 +334,9 @@ class Extension implements IExtension {
 
 		return '';
 	}
+
+	protected function regexSafeUser($uid, $displayName) {
+		// FIXME evil internal API hackery, do NOT copy this
+		return str_replace('$', '\$', '<user display-name="' . Util::sanitizeHTML($displayName) . '">' . Util::sanitizeHTML($uid) . '</user>');
+	}
 }
author	Joas Schilling <coding@schilljs.com>	2016-10-26 17:34:03 +0200
committer	Joas Schilling <coding@schilljs.com>	2016-10-28 12:32:10 +0200
commit	286482656bd77b9a162c4ab291508c5fed78b8da (patch)
tree	94d43c935e75d2b6efe4989120f0b45f701776f4 /apps/comments
parent	b98dfaccd96fb9b0da13bc59f55ed9b61cbbd528 (diff)
download	nextcloud-server-286482656bd77b9a162c4ab291508c5fed78b8da.tar.gz nextcloud-server-286482656bd77b9a162c4ab291508c5fed78b8da.zip