gnu-social/actions/block.php
2021-07-16 19:44:38 +01:00

240 lines
7.0 KiB
PHP

<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* Block a user action class.
*
* @category Action
* @package GNUsocial
* @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net>
* @copyright 2008, 2009 StatusNet, Inc.
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
defined('GNUSOCIAL') || die();
/**
* Block a user action class.
*
* @category Action
* @package GNUsocial
* @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net>
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class BlockAction extends ProfileFormAction
{
public $profile = null;
/**
* Take arguments for running
*
* @param array $args $_REQUEST args
*
* @return boolean success flag
*/
public function prepare(array $args = []): bool
{
if (!parent::prepare($args)) {
return false;
}
$cur = common_current_user();
assert(!empty($cur)); // checked by parent
if ($cur->hasBlocked($this->profile)) {
// TRANS: Client error displayed when blocking a user that has already been blocked.
$this->clientError(_('You already blocked that user.'));
}
return true;
}
/**
* Handle request
*
* @param array $args $_REQUEST args; handled in prepare()
*
* @return void
*/
public function handle(): void
{
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('no')) {
$this->returnToPrevious();
} elseif ($this->arg('yes')) {
$this->handlePost();
$this->returnToPrevious();
} else {
$this->showPage();
}
} else {
$this->showPage();
}
}
public function showContent(): void
{
$this->areYouSureForm();
}
public function title(): string
{
// TRANS: Title for block user page.
return _('Block user');
}
public function showNoticeForm(): void
{
// nop
}
/**
* Confirm with user.
*
* Shows a confirmation form.
*
* @return void
*/
public function areYouSureForm()
{
// @fixme if we ajaxify the confirmation form, skip the preview on ajax hits
$profile = new ArrayWrapper(array($this->profile));
$preview = new ProfileList($profile, $this);
$preview->show();
$id = $this->profile->id;
$this->elementStart('form', array('id' => 'block-' . $id,
'method' => 'post',
'class' => 'form_settings form_entity_block',
'action' => common_local_url('block')));
$this->elementStart('fieldset');
$this->hidden('token', common_session_token());
// TRANS: Legend for block user form.
$this->element('legend', _('Block user'));
$this->element(
'p',
null,
// TRANS: Explanation of consequences when blocking a user on the block user page.
_('Are you sure you want to block this user? '
. 'Afterwards, they will be unsubscribed from you, '
. 'unable to subscribe to you in the future, and '
. 'you will not be notified of any @-replies from them.')
);
$this->element('input', [
'id' => 'blockto-' . $id,
'name' => 'profileid',
'type' => 'hidden',
'value' => $id
]);
foreach ($this->args as $k => $v) {
if (substr($k, 0, 9) == 'returnto-') {
$this->hidden($k, $v);
}
}
$this->submit(
'form_action-no',
// TRANS: Button label on the user block form.
_m('BUTTON', 'No'),
'submit form_action-primary',
'no',
// TRANS: Submit button title for 'No' when blocking a user.
_('Do not block this user.')
);
$this->submit(
'form_action-yes',
// TRANS: Button label on the user block form.
_m('BUTTON', 'Yes'),
'submit form_action-secondary',
'yes',
// TRANS: Submit button title for 'Yes' when blocking a user.
_('Block this user.')
);
$this->elementEnd('fieldset');
$this->elementEnd('form');
}
/**
* Actually block a user.
*
* @return void
*/
public function handlePost(): void
{
$cur = common_current_user();
if (Event::handle('StartBlockProfile', array($cur, $this->profile))) {
$result = $cur->block($this->profile);
if ($result) {
Event::handle('EndBlockProfile', array($cur, $this->profile));
}
}
if (!$result) {
// TRANS: Server error displayed when blocking a user fails.
$this->serverError(_('Failed to save block information.'));
}
}
public function showScripts(): void
{
parent::showScripts();
$this->autofocus('form_action-yes');
}
/**
* Override for form session token checks; on our first hit we're just
* requesting confirmation, which doesn't need a token. We need to be
* able to take regular GET requests from email!
*
* @throws ClientException if token is bad on POST request or if we have
* confirmation parameters which could trigger something.
*/
public function checkSessionToken(): void
{
if (
$_SERVER['REQUEST_METHOD'] === 'POST'
|| $this->arg('yes')
|| $this->arg('no')
) {
parent::checkSessionToken();
}
}
/**
* If we reached this form without returnto arguments, return to the
* current user's subscription list.
*
* @return string URL
*/
public function defaultReturnTo()
{
$user = common_current_user();
if ($user) {
return common_local_url(
'subscribers',
['nickname' => $user->nickname]
);
} else {
return common_local_url('public');
}
}
}