From 9a1dbee0fdd1f586512e4517a5abb7898501bc11 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 1 Oct 2009 17:35:28 -0700 Subject: [PATCH] A new action for /statuses/destroy --- actions/apidestroy.php | 152 +++++++++++++++++++++++++++++++++++++++++ actions/apiupdate.php | 4 +- lib/router.php | 15 ++-- 3 files changed, 164 insertions(+), 7 deletions(-) create mode 100644 actions/apidestroy.php diff --git a/actions/apidestroy.php b/actions/apidestroy.php new file mode 100644 index 0000000000..a3b6bf65e8 --- /dev/null +++ b/actions/apidestroy.php @@ -0,0 +1,152 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Deletes one of the authenticating user's statuses (notices). + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiDestroyAction extends ApiAuthAction +{ + + var $user = null; + var $status = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->auth_user; + $this->notice_id = (int)$this->trimmed('id'); + + if (empty($notice_id)) { + $this->notice_id = (int)$this->arg('id'); + } + + $this->format = $this->arg('format'); + $this->notice = Notice::staticGet((int)$this->notice_id); + + return true; + } + + /** + * Handle the request + * + * Delete the notice and all related replies + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->clientError(_('This method requires a POST or DELETE.'), + 400, $this->format); + return; + } + + if (empty($this->notice)) { + $this->clientError(_('No status found with that ID.'), + 404, $this->format); + return; + } + + if ($this->user->id == $this->notice->profile_id) { + $replies = new Reply; + $replies->get('notice_id', $this->notice_id); + $replies->delete(); + $this->notice->delete(); + + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } else { + $this->clientError(_('You may not delete another user\'s status.'), + 403, $this->format); + } + + $this->showNotice(); + } + + /** + * Show the deleted notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + } + +} diff --git a/actions/apiupdate.php b/actions/apiupdate.php index 9ce208f656..04a38f3f87 100644 --- a/actions/apiupdate.php +++ b/actions/apiupdate.php @@ -31,7 +31,7 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR.'/lib/apibareauth.php'; +require_once INSTALLDIR.'/lib/apiauth.php'; /** * Updates the authenticating user's status (posts a notice). @@ -109,7 +109,7 @@ class ApiUpdateAction extends ApiAuthAction /** * Handle the request * - * Just show the notices + * Make a new notice for the update, save it, and show it * * @param array $args $_REQUEST data (unused) * diff --git a/lib/router.php b/lib/router.php index 3de4e322f9..5c9513f570 100644 --- a/lib/router.php +++ b/lib/router.php @@ -342,17 +342,22 @@ class Router $m->connect('api/statuses/show/:id.:format', array('action' => 'ApiShow', - 'id' => '[a-zA-Z0-9]+', + 'id' => '[0-9]+', 'format' => '(xml|json)')); $m->connect('api/statuses/update.:format', array('action' => 'ApiUpdate', 'format' => '(xml|json)')); - $m->connect('api/statuses/:method/:argument', - array('action' => 'api', - 'apiaction' => 'statuses'), - array('method' => 'destroy')); + $m->connect('api/statuses/destroy.:format', + array('action' => 'ApiDestroy', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/destroy/:id.:format', + array('action' => 'ApiDestroy', + 'id' => '[0-9]+', + 'format' => '(xml|json)')); + // users