gnu-social/actions/apistatusesshow.php

221 lines
7.1 KiB
PHP
Raw Normal View History

2009-10-01 01:06:46 +01:00
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
2009-10-01 01:06:46 +01:00
/**
* Show a notice (as a Twitter-style status)
*
* @category API
* @package GNUsocial
2009-10-13 00:36:00 +01:00
* @author Craig Andrews <candrews@integralblue.com>
* @author Evan Prodromou <evan@status.net>
* @author Jeffery To <jeffery.to@gmail.com>
* @author Tom Blankenship <mac65@mac65.com>
* @author Mike Cochrane <mikec@mikenz.geek.nz>
* @author Robin Millette <robin@millette.info>
2009-10-01 01:06:46 +01:00
* @author Zach Copley <zach@status.net>
* @copyright 2009 StatusNet, Inc.
* @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
2009-10-01 01:06:46 +01:00
*/
defined('GNUSOCIAL') || die();
2009-10-01 01:06:46 +01:00
/**
* Returns the notice specified by id as a Twitter-style status and inline user
*
* @category API
* @package GNUsocial
* @author Craig Andrews <candrews@integralblue.com>
* @author Evan Prodromou <evan@status.net>
* @author Jeffery To <jeffery.to@gmail.com>
* @author Tom Blankenship <mac65@mac65.com>
* @author Mike Cochrane <mikec@mikenz.geek.nz>
* @author Robin Millette <robin@millette.info>
* @author Zach Copley <zach@status.net>
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
2009-10-01 01:06:46 +01:00
*/
class ApiStatusesShowAction extends ApiPrivateAuthAction
2009-10-01 01:06:46 +01:00
{
public $notice_id = null;
public $notice = null;
2009-10-01 01:06:46 +01:00
/**
* Take arguments for running
*
* @param array $args $_REQUEST args
*
* @return boolean success flag
*/
protected function prepare(array $args=array())
2009-10-01 01:06:46 +01:00
{
parent::prepare($args);
// 'id' is an undocumented parameter in Twitter's API. Several
// clients make use of it, so we support it too.
// show.json?id=12345 takes precedence over /show/12345.json
$this->notice_id = (int)$this->trimmed('id');
$this->notice = null;
try {
$this->notice = Notice::getByID($this->notice_id);
} catch (NoResultException $e) {
// No such notice was found, maybe it was deleted?
$deleted = null;
Event::handle('IsNoticeDeleted', array($this->notice_id, &$deleted));
if ($deleted === true) {
// TRANS: Client error displayed trying to show a deleted notice.
throw new ClientException(_('Notice deleted.'), 410);
}
// TRANS: Client error displayed trying to show a non-existing notice.
throw new ClientException(_('No such notice.'), 404);
}
if (!$this->notice->inScope($this->scoped)) {
// TRANS: Client exception thrown when trying a view a notice the user has no access to.
throw new ClientException(_('Access restricted.'), 403);
2009-10-01 01:06:46 +01:00
}
return true;
}
/**
* Handle the request
*
2009-10-01 01:08:52 +01:00
* Check the format and show the notice
2009-10-01 01:06:46 +01:00
*
* @return void
*/
protected function handle()
2009-10-01 01:06:46 +01:00
{
parent::handle();
2009-10-01 01:06:46 +01:00
if (!in_array($this->format, array('xml', 'json', 'atom'))) {
2011-04-03 23:12:52 +01:00
// TRANS: Client error displayed when coming across a non-supported API method.
$this->clientError(_('API method not found.'), 404);
2009-10-01 01:06:46 +01:00
}
2010-10-25 02:24:23 +01:00
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
$this->showNotice();
break;
case 'DELETE':
$this->deleteNotice();
break;
default:
// TRANS: Client error displayed calling an unsupported HTTP error in API status show.
2010-10-25 02:24:23 +01:00
$this->clientError(_('HTTP method not supported.'), 405);
}
2009-10-01 01:06:46 +01:00
}
/**
2009-10-01 01:08:52 +01:00
* Show the notice
2009-10-01 01:06:46 +01:00
*
* @return void
*/
public function showNotice()
2009-10-01 01:06:46 +01:00
{
switch ($this->format) {
case 'xml':
$this->showSingleXmlStatus($this->notice);
break;
case 'json':
$this->show_single_json_status($this->notice);
break;
case 'atom':
$this->showSingleAtomStatus($this->notice);
break;
default:
// TRANS: Exception thrown requesting an unsupported notice output format.
// TRANS: %s is the requested output format.
throw new Exception(sprintf(_("Unsupported format: %s."), $this->format));
2009-10-01 01:06:46 +01:00
}
}
/**
* We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
2009-10-01 01:06:46 +01:00
*
* @param array $args other arguments
*
* @return boolean true
*/
public function isReadOnly($args)
2009-10-01 01:06:46 +01:00
{
return in_array($_SERVER['REQUEST_METHOD'], ['GET', 'HEAD']);
2009-10-01 01:06:46 +01:00
}
/**
* When was this notice last modified?
*
* @return string datestamp of the latest notice in the stream
*/
public function lastModified()
2009-10-01 01:06:46 +01:00
{
return strtotime($this->notice->created);
2009-10-01 01:06:46 +01:00
}
/**
* An entity tag for this notice
*
* Returns an Etag based on the action name, language, and
* timestamps of the notice
*
* @return string etag
*/
public function etag()
2009-10-01 01:06:46 +01:00
{
return '"' . implode(
':',
array($this->arg('action'),
common_user_cache_hash($this->auth_user),
common_language(),
$this->notice->id,
strtotime($this->notice->created))
)
. '"';
2009-10-01 01:06:46 +01:00
}
public function deleteNotice()
2010-10-25 02:24:23 +01:00
{
if ($this->format != 'atom') {
// TRANS: Client error displayed when trying to delete a notice not using the Atom format.
$this->clientError(_('Can only delete using the Atom format.'));
2010-10-25 02:24:23 +01:00
}
if (empty($this->auth_user) ||
($this->notice->profile_id != $this->auth_user->id &&
!$this->auth_user->hasRight(Right::DELETEOTHERSNOTICE))) {
// TRANS: Client error displayed when a user has no rights to delete notices of other users.
$this->clientError(_('Cannot delete this notice.'), 403);
2010-10-25 02:24:23 +01:00
}
if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) {
$this->notice->deleteAs($this->scoped);
2010-10-25 02:24:23 +01:00
Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice));
}
// @fixme is there better output we could do here?
http_response_code(200);
2010-10-25 02:24:23 +01:00
header('Content-Type: text/plain');
// TRANS: Confirmation of notice deletion in API. %d is the ID (number) of the deleted notice.
2010-10-25 02:24:23 +01:00
print(sprintf(_('Deleted notice %d'), $this->notice->id));
print("\n");
}
2009-10-01 01:06:46 +01:00
}