actions/apigroupcreate.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * Create a group via the API
   6  *
   7  * PHP version 5
   8  *
   9  * LICENCE: This program is free software: you can redistribute it and/or modify
  10  * it under the terms of the GNU Affero General Public License as published by
  11  * the Free Software Foundation, either version 3 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU Affero General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License
  20  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21  *
  22  * @category  API
  23  * @package   StatusNet
  24  * @author    Craig Andrews <candrews@integralblue.com>
  25  * @author    Evan Prodromou <evan@status.net>
  26  * @author    Jeffery To <jeffery.to@gmail.com>
  27  * @author    Zach Copley <zach@status.net>
  28  * @copyright 2009 StatusNet, Inc.
  29  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  30  * @link      http://status.net/
  31  */
  32
  33 if (!defined('STATUSNET')) {
  34     exit(1);
  35 }
  36
  37 require_once INSTALLDIR . '/lib/apiauth.php';
  38
  39 /**
  40  * Make a new group. Sets the authenticated user as the administrator of the group.
  41  *
  42  * @category API
  43  * @package  StatusNet
  44  * @author   Craig Andrews <candrews@integralblue.com>
  45  * @author   Evan Prodromou <evan@status.net>
  46  * @author   Jeffery To <jeffery.to@gmail.com>
  47  * @author   Zach Copley <zach@status.net>
  48  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  49  * @link     http://status.net/
  50  */
  51
  52 class ApiGroupCreateAction extends ApiAuthAction
  53 {
  54     var $group       = null;
  55     var $nickname    = null;
  56     var $fullname    = null;
  57     var $homepage    = null;
  58     var $description = null;
  59     var $location    = null;
  60     var $aliasstring = null;
  61     var $aliases     = null;
  62
  63     /**
  64      * Take arguments for running
  65      *
  66      * @param array $args $_REQUEST args
  67      *
  68      * @return boolean success flag
  69      *
  70      */
  71
  72     function prepare($args)
  73     {
  74         parent::prepare($args);
  75
  76         $this->user  = $this->auth_user;
  77
  78         $this->nickname    = $this->arg('nickname');
  79         $this->fullname    = $this->arg('full_name');
  80         $this->homepage    = $this->arg('homepage');
  81         $this->description = $this->arg('description');
  82         $this->location    = $this->arg('location');
  83         $this->aliasstring = $this->arg('aliases');
  84
  85         return true;
  86     }
  87
  88     /**
  89      * Handle the request
  90      *
  91      * Save the new group
  92      *
  93      * @param array $args $_REQUEST data (unused)
  94      *
  95      * @return void
  96      */
  97
  98     function handle($args)
  99     {
 100         parent::handle($args);
 101
 102         if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 103              $this->clientError(
 104                  _('This method requires a POST.'),
 105                  400,
 106                  $this->format
 107              );
 108              return;
 109         }
 110
 111         if (empty($this->user)) {
 112             $this->clientError(_('No such user.'), 404, $this->format);
 113             return;
 114         }
 115
 116         if ($this->validateParams() == false) {
 117             return;
 118         }
 119
 120         $group = new User_group();
 121
 122         $group->query('BEGIN');
 123
 124         $group->nickname    = $this->nickname;
 125         $group->fullname    = $this->fullname;
 126         $group->homepage    = $this->homepage;
 127         $group->description = $this->description;
 128         $group->location    = $this->location;
 129         $group->created     = common_sql_now();
 130
 131         $result = $group->insert();
 132
 133         if (!$result) {
 134             common_log_db_error($group, 'INSERT', __FILE__);
 135             $this->serverError(
 136                 _('Could not create group.'),
 137                 500,
 138                 $this->format
 139             );
 140             return;
 141         }
 142
 143         $result = $group->setAliases($this->aliases);
 144
 145         if (!$result) {
 146             $this->serverError(
 147                 _('Could not create aliases.'),
 148                 500,
 149                 $this->format
 150             );
 151             return;
 152         }
 153
 154         $member = new Group_member();
 155
 156         $member->group_id   = $group->id;
 157         $member->profile_id = $this->user->id;
 158         $member->is_admin   = 1;
 159         $member->created    = $group->created;
 160
 161         $result = $member->insert();
 162
 163         if (!$result) {
 164             common_log_db_error($member, 'INSERT', __FILE__);
 165             $this->serverError(
 166                 _('Could not set group membership.'),
 167                 500,
 168                 $this->format
 169             );
 170             return;
 171         }
 172
 173         $group->query('COMMIT');
 174
 175         switch($this->format) {
 176         case 'xml':
 177             $this->showSingleXmlGroup($group);
 178             break;
 179         case 'json':
 180             $this->showSingleJsonGroup($group);
 181             break;
 182         default:
 183             $this->clientError(
 184                 _('API method not found!'),
 185                 404,
 186                 $this->format
 187             );
 188             break;
 189         }
 190
 191     }
 192
 193     /**
 194      * Validate params for the new group
 195      *
 196      * @return void
 197      */
 198
 199     function validateParams()
 200     {
 201         $valid = Validate::string(
 202             $this->nickname, array(
 203                 'min_length' => 1,
 204                 'max_length' => 64,
 205                 'format' => NICKNAME_FMT
 206             )
 207         );
 208
 209         if (!$valid) {
 210             $this->clientError(
 211                 _(
 212                     'Nickname must have only lowercase letters ' .
 213                     'and numbers and no spaces.'
 214                 ),
 215                 403,
 216                 $this->format
 217             );
 218             return false;
 219         } elseif ($this->groupNicknameExists($this->nickname)) {
 220             $this->clientError(
 221                 _('Nickname already in use. Try another one.'),
 222                 403,
 223                 $this->format
 224             );
 225             return false;
 226         } else if (!User_group::allowedNickname($this->nickname)) {
 227             $this->clientError(
 228                 _('Not a valid nickname.'),
 229                 403,
 230                 $this->format
 231             );
 232             return false;
 233
 234         } elseif (
 235             !is_null($this->homepage)
 236             && strlen($this->homepage) > 0
 237             && !Validate::uri(
 238                 $this->homepage, array(
 239                     'allowed_schemes' =>
 240                     array('http', 'https')
 241                 )
 242             )) {
 243             $this->clientError(
 244                 _('Homepage is not a valid URL.'),
 245                 403,
 246                 $this->format
 247             );
 248             return false;
 249         } elseif (
 250             !is_null($this->fullname)
 251             && mb_strlen($this->fullname) > 255) {
 252                 $this->clientError(
 253                     _('Full name is too long (max 255 chars).'),
 254                     403,
 255                     $this->format
 256                 );
 257             return false;
 258         } elseif (User_group::descriptionTooLong($this->description)) {
 259             $this->clientError(
 260                 sprintf(
 261                     _('Description is too long (max %d chars).'),
 262                     User_group::maxDescription()
 263                 ),
 264                 403,
 265                 $this->format
 266             );
 267             return false;
 268         } elseif (
 269             !is_null($this->location)
 270             && mb_strlen($this->location) > 255) {
 271                 $this->clientError(
 272                     _('Location is too long (max 255 chars).'),
 273                     403,
 274                     $this->format
 275                 );
 276             return false;
 277         }
 278
 279         if (!empty($this->aliasstring)) {
 280             $this->aliases = array_map(
 281                 'common_canonical_nickname',
 282                 array_unique(preg_split('/[\s,]+/', $this->aliasstring))
 283             );
 284         } else {
 285             $this->aliases = array();
 286         }
 287
 288         if (count($this->aliases) > common_config('group', 'maxaliases')) {
 289             $this->clientError(
 290                 sprintf(
 291                     _('Too many aliases! Maximum %d.'),
 292                     common_config('group', 'maxaliases')
 293                 ),
 294                 403,
 295                 $this->format
 296             );
 297             return false;
 298         }
 299
 300         foreach ($this->aliases as $alias) {
 301
 302             $valid = Validate::string(
 303                 $alias, array(
 304                     'min_length' => 1,
 305                     'max_length' => 64,
 306                     'format' => NICKNAME_FMT
 307                 )
 308             );
 309
 310             if (!$valid) {
 311                 $this->clientError(
 312                     sprintf(_('Invalid alias: "%s"'), $alias),
 313                     403,
 314                     $this->format
 315                 );
 316                 return false;
 317             }
 318             if ($this->groupNicknameExists($alias)) {
 319                 $this->clientError(
 320                     sprintf(
 321                         _('Alias "%s" already in use. Try another one.'),
 322                         $alias
 323                     ),
 324                     403,
 325                     $this->format
 326                 );
 327                 return false;
 328             }
 329
 330             // XXX assumes alphanum nicknames
 331
 332             if (strcmp($alias, $this->nickname) == 0) {
 333                 $this->clientError(
 334                     _('Alias can\'t be the same as nickname.'),
 335                     403,
 336                     $this->format
 337                 );
 338                 return false;
 339             }
 340         }
 341
 342         // Evarything looks OK
 343
 344         return true;
 345     }
 346
 347     /**
 348      * Check to see whether a nickname is already in use by a group
 349      *
 350      * @param String $nickname The nickname in question
 351      *
 352      * @return boolean true or false
 353      */
 354
 355     function groupNicknameExists($nickname)
 356     {
 357         $group = User_group::staticGet('nickname', $nickname);
 358
 359         if (!empty($group)) {
 360             return true;
 361         }
 362
 363         $alias = Group_alias::staticGet('alias', $nickname);
 364
 365         if (!empty($alias)) {
 366             return true;
 367         }
 368
 369         return false;
 370     }
 371
 372 }