gnu-social/plugins/OStatus/actions/ostatussub.php
Mikael Nordfeldth 747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00

464 lines
16 KiB
PHP

<?php
/*
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2009-2010, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* @package OStatusPlugin
* @maintainer Brion Vibber <brion@status.net>
*/
if (!defined('STATUSNET')) {
exit(1);
}
/**
* Key UI methods:
*
* showInputForm() - form asking for a remote profile account or URL
* We end up back here on errors
*
* showPreviewForm() - surrounding form for preview-and-confirm
* preview() - display profile for a remote user
*
* success() - redirects to subscriptions page on subscribe
*/
class OStatusSubAction extends Action
{
protected $profile_uri; // provided acct: or URI of remote entity
protected $oprofile; // Ostatus_profile of remote entity, if valid
/**
* Show the initial form, when we haven't yet been given a valid
* remote profile.
*/
function showInputForm()
{
$user = common_current_user();
$profile = $user->getProfile();
$this->elementStart('form', array('method' => 'post',
'id' => 'form_ostatus_sub',
'class' => 'form_settings',
'action' => $this->selfLink()));
$this->hidden('token', common_session_token());
$this->elementStart('fieldset', array('id' => 'settings_feeds'));
$this->elementStart('ul', 'form_data');
$this->elementStart('li');
$this->input('profile',
// TRANS: Field label for a field that takes an OStatus user address.
_m('Subscribe to'),
$this->profile_uri,
// TRANS: Tooltip for field label "Subscribe to".
_m('OStatus user\'s address, like nickname@example.com or http://example.net/nickname.'));
$this->elementEnd('li');
$this->elementEnd('ul');
// TRANS: Button text.
$this->submit('validate', _m('BUTTON','Continue'));
$this->elementEnd('fieldset');
$this->elementEnd('form');
}
/**
* Show the preview-and-confirm form. We've got a valid remote
* profile and are ready to poke it!
*
* This controls the wrapper form; actual profile display will
* be in previewUser() or previewGroup() depending on the type.
*/
function showPreviewForm()
{
$ok = $this->preview();
if (!$ok) {
// @todo FIXME maybe provide a cancel button or link back?
return;
}
$this->elementStart('div', 'entity_actions');
$this->elementStart('ul');
$this->elementStart('li', 'entity_subscribe');
$this->elementStart('form', array('method' => 'post',
'id' => 'form_ostatus_sub',
'class' => 'form_remote_authorize',
'action' =>
$this->selfLink()));
$this->elementStart('fieldset');
$this->hidden('token', common_session_token());
$this->hidden('profile', $this->profile_uri);
if ($this->oprofile->isGroup()) {
// TRANS: Button text.
$this->submit('submit', _m('Join'), 'submit', null,
// TRANS: Tooltip for button "Join".
_m('BUTTON','Join this group'));
} else {
// TRANS: Button text.
$this->submit('submit', _m('BUTTON','Confirm'), 'submit', null,
// TRANS: Tooltip for button "Confirm".
_m('Subscribe to this user'));
}
$this->elementEnd('fieldset');
$this->elementEnd('form');
$this->elementEnd('li');
$this->elementEnd('ul');
$this->elementEnd('div');
}
/**
* Show a preview for a remote user's profile
* @return boolean true if we're ok to try subscribing
*/
function preview()
{
$oprofile = $this->oprofile;
$profile = $oprofile->localProfile();
$cur = common_current_user();
if ($cur->isSubscribed($profile)) {
$this->element('div', array('class' => 'error'),
// TRANS: Extra paragraph in remote profile view when already subscribed.
_m('You are already subscribed to this user.'));
$ok = false;
} else {
$ok = true;
}
$avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
$avatarUrl = $avatar ? $avatar->displayUrl() : false;
$this->showEntity($profile,
$profile->profileurl,
$avatarUrl,
$profile->bio);
return $ok;
}
function showEntity($entity, $profile, $avatar, $note)
{
$nickname = $entity->nickname;
$fullname = $entity->fullname;
$homepage = $entity->homepage;
$location = $entity->location;
if (!$avatar) {
$avatar = Avatar::defaultImage(AVATAR_PROFILE_SIZE);
}
$this->elementStart('div', 'entity_profile vcard');
$this->element('img', array('src' => $avatar,
'class' => 'photo avatar entity_depiction',
'width' => AVATAR_PROFILE_SIZE,
'height' => AVATAR_PROFILE_SIZE,
'alt' => $nickname));
$hasFN = ($fullname !== '') ? 'nickname' : 'fn nickname entity_nickname';
$this->elementStart('a', array('href' => $profile,
'class' => 'url '.$hasFN));
$this->raw($nickname);
$this->elementEnd('a');
if (!is_null($fullname)) {
$this->elementStart('div', 'fn entity_fn');
$this->raw($fullname);
$this->elementEnd('div');
}
if (!is_null($location)) {
$this->elementStart('div', 'label entity_location');
$this->raw($location);
$this->elementEnd('div');
}
if (!is_null($homepage)) {
$this->elementStart('a', array('href' => $homepage,
'class' => 'url entity_url'));
$this->raw($homepage);
$this->elementEnd('a');
}
if (!is_null($note)) {
$this->elementStart('div', 'note entity_note');
$this->raw($note);
$this->elementEnd('div');
}
$this->elementEnd('div');
}
/**
* Redirect on successful remote user subscription
*/
function success()
{
$cur = common_current_user();
$url = common_local_url('subscriptions', array('nickname' => $cur->nickname));
common_redirect($url, 303);
}
/**
* Pull data for a remote profile and check if it's valid.
* Fills out error UI string in $this->error
* Fills out $this->oprofile on success.
*
* @return boolean
*/
function pullRemoteProfile()
{
$this->profile_uri = $this->trimmed('profile');
try {
if (Validate::email($this->profile_uri)) {
$this->oprofile = Ostatus_profile::ensureWebfinger($this->profile_uri);
} else if (Validate::uri($this->profile_uri)) {
$this->oprofile = Ostatus_profile::ensureProfileURL($this->profile_uri);
} else {
// TRANS: Error message in OStatus plugin. Do not translate the domain names example.com
// TRANS: and example.net, as these are official standard domain names for use in examples.
$this->error = _m("Sorry, we could not reach that address. Please make sure that the OStatus address is like nickname@example.com or http://example.net/nickname.");
common_debug('Invalid address format.', __FILE__);
return false;
}
return true;
} catch (FeedSubBadURLException $e) {
// TRANS: Error message in OStatus plugin. Do not translate the domain names example.com
// TRANS: and example.net, as these are official standard domain names for use in examples.
$this->error = _m('Sorry, we could not reach that address. Please make sure that the OStatus address is like nickname@example.com or http://example.net/nickname.');
common_debug('Invalid URL or could not reach server.', __FILE__);
} catch (FeedSubBadResponseException $e) {
// TRANS: Error text.
$this->error = _m('Sorry, we could not reach that feed. Please try that OStatus address again later.');
common_debug('Cannot read feed; server returned error.', __FILE__);
} catch (FeedSubEmptyException $e) {
// TRANS: Error text.
$this->error = _m('Sorry, we could not reach that feed. Please try that OStatus address again later.');
common_debug('Cannot read feed; server returned an empty page.', __FILE__);
} catch (FeedSubBadHTMLException $e) {
// TRANS: Error text.
$this->error = _m('Sorry, we could not reach that feed. Please try that OStatus address again later.');
common_debug('Bad HTML, could not find feed link.', __FILE__);
} catch (FeedSubNoFeedException $e) {
// TRANS: Error text.
$this->error = _m("Sorry, we could not reach that feed. Please try that OStatus address again later.");
common_debug('Could not find a feed linked from this URL.', __FILE__);
} catch (FeedSubUnrecognizedTypeException $e) {
// TRANS: Error text.
$this->error = _m("Sorry, we could not reach that feed. Please try that OStatus address again later.");
common_debug('Not a recognized feed type.', __FILE__);
} catch (Exception $e) {
// Any new ones we forgot about
// TRANS: Error message in OStatus plugin. Do not translate the domain names example.com
// TRANS: and example.net, as these are official standard domain names for use in examples.
$this->error = _m("Sorry, we could not reach that address. Please make sure that the OStatus address is like nickname@example.com or http://example.net/nickname.");
common_debug(sprintf('Bad feed URL: %s %s', get_class($e), $e->getMessage()), __FILE__);
}
return false;
}
function validateRemoteProfile()
{
// Send us to the respective subscription form for conf
if ($this->oprofile->isGroup()) {
$target = common_local_url('ostatusgroup', array(), array('profile' => $this->profile_uri));
common_redirect($target, 303);
} else if ($this->oprofile->isPeopletag()) {
$target = common_local_url('ostatuspeopletag', array(), array('profile' => $this->profile_uri));
common_redirect($target, 303);
}
}
/**
* Attempt to finalize subscription.
* validateFeed must have been run first.
*
* Calls showForm on failure or success on success.
*/
function saveFeed()
{
// And subscribe the current user to the local profile
$user = common_current_user();
$local = $this->oprofile->localProfile();
if ($user->isSubscribed($local)) {
// TRANS: OStatus remote subscription dialog error.
$this->showForm(_m('Already subscribed!'));
} elseif (Subscription::start($user->getProfile(), $local)) {
$this->success();
} else {
// TRANS: OStatus remote subscription dialog error.
$this->showForm(_m('Remote subscription failed!'));
}
}
function prepare($args)
{
parent::prepare($args);
if (!common_logged_in()) {
// XXX: selfURL() didn't work. :<
common_set_returnto($_SERVER['REQUEST_URI']);
if (Event::handle('RedirectToLogin', array($this, null))) {
common_redirect(common_local_url('login'), 303);
}
return false;
}
if ($this->pullRemoteProfile()) {
$this->validateRemoteProfile();
}
return true;
}
/**
* Handle the submission.
*/
function handle($args)
{
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
} else {
$this->showForm();
}
}
/**
* Handle posts to this form
*
* @return void
*/
function handlePost()
{
// CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Client error displayed when the session token does not match or is not given.
$this->showForm(_m('There was a problem with your session token. '.
'Try again, please.'));
return;
}
if ($this->oprofile) {
if ($this->arg('submit')) {
$this->saveFeed();
return;
}
}
$this->showForm();
}
/**
* Show the appropriate form based on our input state.
*/
function showForm($err=null)
{
if ($err) {
$this->error = $err;
}
if ($this->boolean('ajax')) {
header('Content-Type: text/xml;charset=utf-8');
$this->xw->startDocument('1.0', 'UTF-8');
$this->elementStart('html');
$this->elementStart('head');
// TRANS: Form title.
$this->element('title', null, _m('Subscribe to user'));
$this->elementEnd('head');
$this->elementStart('body');
$this->showContent();
$this->elementEnd('body');
$this->elementEnd('html');
} else {
$this->showPage();
}
}
/**
* Title of the page
*
* @return string Title of the page
*/
function title()
{
// TRANS: Page title for OStatus remote subscription form.
return _m('Confirm');
}
/**
* Instructions for use
*
* @return instructions for use
*/
function getInstructions()
{
// TRANS: Instructions.
return _m('You can subscribe to users from other supported sites. Paste their address or profile URI below:');
}
function showPageNotice()
{
if (!empty($this->error)) {
$this->element('p', 'error', $this->error);
}
}
/**
* Content area of the page
*
* Shows a form for associating a remote OStatus account with this
* StatusNet account.
*
* @return void
*/
function showContent()
{
if ($this->oprofile) {
$this->showPreviewForm();
} else {
$this->showInputForm();
}
}
function showScripts()
{
parent::showScripts();
$this->autofocus('feedurl');
}
function selfLink()
{
return common_local_url('ostatussub');
}
/**
* Disable the send-notice form at the top of the page.
* This is really just a hack for the broken CSS in the Cloudy theme,
* I think; copying from other non-notice-navigation pages that do this
* as well. There will be plenty of others also broken.
*
* @fixme fix the cloudy theme
* @fixme do this in a more general way
*/
function showNoticeForm() {
// nop
}
}