actions/apigroupcreate.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * Create a group via the API
   6  *
   7  * PHP version 5
   8  *
   9  * LICENCE: This program is free software: you can redistribute it and/or modify
  10  * it under the terms of the GNU Affero General Public License as published by
  11  * the Free Software Foundation, either version 3 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU Affero General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License
  20  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21  *
  22  * @category  API
  23  * @package   StatusNet
  24  * @author    Craig Andrews <candrews@integralblue.com>
  25  * @author    Zach Copley <zach@status.net>
  26  * @copyright 2009 StatusNet, Inc.
  27  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  28  * @link      http://status.net/
  29  */
  30
  31 if (!defined('STATUSNET')) {
  32     exit(1);
  33 }
  34
  35 require_once INSTALLDIR . '/lib/apiauth.php';
  36
  37 /**
  38  * Make a new group. Sets the authenticated user as the administrator of the group.
  39  *
  40  * @category API
  41  * @package  StatusNet
  42  * @author   Zach Copley <zach@status.net>
  43  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  44  * @link     http://status.net/
  45  */
  46
  47 class ApiGroupCreateAction extends ApiAuthAction
  48 {
  49     var $group       = null;
  50     var $nickname    = null;
  51     var $fullname    = null;
  52     var $homepage    = null;
  53     var $description = null;
  54     var $location    = null;
  55     var $aliasstring = null;
  56     var $aliases     = null;
  57
  58     /**
  59      * Take arguments for running
  60      *
  61      * @param array $args $_REQUEST args
  62      *
  63      * @return boolean success flag
  64      *
  65      */
  66
  67     function prepare($args)
  68     {
  69         parent::prepare($args);
  70
  71         $this->user  = $this->auth_user;
  72
  73         $this->nickname    = $this->arg('nickname');
  74         $this->fullname    = $this->arg('full_name');
  75         $this->homepage    = $this->arg('homepage');
  76         $this->description = $this->arg('description');
  77         $this->location    = $this->arg('location');
  78         $this->aliasstring = $this->arg('aliases');
  79
  80         return true;
  81     }
  82
  83     /**
  84      * Handle the request
  85      *
  86      * Save the new group
  87      *
  88      * @param array $args $_REQUEST data (unused)
  89      *
  90      * @return void
  91      */
  92
  93     function handle($args)
  94     {
  95         parent::handle($args);
  96
  97         if (!common_config('inboxes','enabled')) {
  98            $this->serverError(
  99                _('Inboxes must be enabled for groups to work'),
 100                400,
 101                $this->format
 102            );
 103            return false;
 104         }
 105
 106         if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 107             $this->clientError(
 108                 _('This method requires a POST.'),
 109                 400,
 110                 $this->format
 111             );
 112             return;
 113         }
 114
 115         if (empty($this->user)) {
 116             $this->clientError(_('No such user!'), 404, $this->format);
 117             return;
 118         }
 119
 120         if ($this->validateParams() == false) {
 121             return;
 122         }
 123
 124         $group = new User_group();
 125
 126         $group->query('BEGIN');
 127
 128         $group->nickname    = $this->nickname;
 129         $group->fullname    = $this->fullname;
 130         $group->homepage    = $this->homepage;
 131         $group->description = $this->description;
 132         $group->location    = $this->location;
 133         $group->created     = common_sql_now();
 134
 135         $result = $group->insert();
 136
 137         if (!$result) {
 138             common_log_db_error($group, 'INSERT', __FILE__);
 139             $this->serverError(
 140                 _('Could not create group.'),
 141                 500,
 142                 $this->format
 143             );
 144             return;
 145         }
 146
 147         $result = $group->setAliases($this->aliases);
 148
 149         if (!$result) {
 150             $this->serverError(
 151                 _('Could not create aliases.'),
 152                 500,
 153                 $this->format
 154             );
 155             return;
 156         }
 157
 158         $member = new Group_member();
 159
 160         $member->group_id   = $group->id;
 161         $member->profile_id = $this->user->id;
 162         $member->is_admin   = 1;
 163         $member->created    = $group->created;
 164
 165         $result = $member->insert();
 166
 167         if (!$result) {
 168             common_log_db_error($member, 'INSERT', __FILE__);
 169             $this->serverError(
 170                 _('Could not set group membership.'),
 171                 500,
 172                 $this->format
 173             );
 174             return;
 175         }
 176
 177         $group->query('COMMIT');
 178
 179         switch($this->format) {
 180         case 'xml':
 181             $this->showSingleXmlGroup($group);
 182             break;
 183         case 'json':
 184             $this->showSingleJsonGroup($group);
 185             break;
 186         default:
 187             $this->clientError(
 188                 _('API method not found!'),
 189                 404,
 190                 $this->format
 191             );
 192             break;
 193         }
 194
 195     }
 196
 197     /**
 198      * Validate params for the new group
 199      *
 200      * @return void
 201      */
 202
 203     function validateParams()
 204     {
 205         if (!Validate::string(
 206             $this->nickname, array(
 207                 'min_length' => 1,
 208                 'max_length' => 64,
 209                 'format' => NICKNAME_FMT)
 210                 )
 211             )
 212         {
 213             $this->clientError(
 214                 _(
 215                     'Nickname must have only lowercase letters ' .
 216                     'and numbers and no spaces.'
 217                 ),
 218                 403,
 219                 $this->format
 220             );
 221             return false;
 222         } elseif ($this->groupNicknameExists($this->nickname)) {
 223             $this->clientError(
 224                 _('Nickname already in use. Try another one.'),
 225                 403,
 226                 $this->format
 227             );
 228             return false;
 229         } else if (!User_group::allowedNickname($this->nickname)) {
 230             $this->clientError(
 231                 _('Not a valid nickname.'),
 232                 403,
 233                 $this->format
 234             );
 235             return false;
 236
 237         } elseif (!is_null($this->homepage)
 238             && strlen($this->homepage) > 0
 239             && !Validate::uri(
 240                 $this->homepage, array(
 241                     'allowed_schemes' =>
 242                     array('http', 'https')
 243                 )
 244             ))
 245         {
 246             $this->clientError(
 247                 _('Homepage is not a valid URL.'),
 248                 403,
 249                 $this->format
 250             );
 251             return false;
 252         } elseif (!is_null($this->fullname)
 253             && mb_strlen($this->fullname) > 255)
 254             {
 255                 $this->clientError(
 256                     _('Full name is too long (max 255 chars).'),
 257                     403,
 258                     $this->format
 259                 );
 260             return false;
 261         } elseif (User_group::descriptionTooLong($this->description)) {
 262             $this->clientError(sprintf(
 263                 _('Description is too long (max %d chars).'),
 264                     User_group::maxDescription()),
 265                     403,
 266                     $this->format
 267                 );
 268             return false;
 269         } elseif (!is_null($this->location)
 270             && mb_strlen($this->location) > 255)
 271             {
 272                 $this->clientError(
 273                     _('Location is too long (max 255 chars).'),
 274                     403,
 275                     $this->format
 276                 );
 277             return false;
 278         }
 279
 280         if (!empty($this->aliasstring)) {
 281             $this->aliases = array_map(
 282                 'common_canonical_nickname',
 283                 array_unique(preg_split('/[\s,]+/',
 284                 $this->aliasstring)
 285                 )
 286             );
 287         } else {
 288             $this->aliases = array();
 289         }
 290
 291         if (count($this->aliases) > common_config('group', 'maxaliases')) {
 292             $this->clientError(
 293                 sprintf(_('Too many aliases! Maximum %d.'),
 294                     common_config('group', 'maxaliases')),
 295                     403,
 296                     $this->format
 297                 );
 298             return false;
 299         }
 300
 301         foreach ($this->aliases as $alias) {
 302             if (!Validate::string($alias, array(
 303                 'min_length' => 1,
 304                 'max_length' => 64,
 305                 'format' => NICKNAME_FMT
 306                 )
 307             ))
 308             {
 309                 $this->clientError(
 310                     sprintf(_('Invalid alias: "%s"'), $alias),
 311                     403,
 312                     $this->format
 313                 );
 314                 return false;
 315             }
 316             if ($this->groupNicknameExists($alias)) {
 317                 $this->clientError(
 318                     sprintf(_('Alias "%s" already in use. Try another one.'),
 319                     $alias),
 320                     403,
 321                     $this->format
 322                 );
 323                 return false;
 324             }
 325
 326             // XXX assumes alphanum nicknames
 327
 328             if (strcmp($alias, $this->nickname) == 0) {
 329                 $this->clientError(
 330                     _('Alias can\'t be the same as nickname.'),
 331                     403,
 332                     $this->format
 333                 );
 334                 return false;
 335             }
 336         }
 337
 338         // Evarything looks OK
 339
 340         return true;
 341     }
 342
 343     function groupNicknameExists($nickname)
 344     {
 345        $group = User_group::staticGet('nickname', $nickname);
 346
 347        if (!empty($group)) {
 348            return true;
 349        }
 350
 351        $alias = Group_alias::staticGet('alias', $nickname);
 352
 353        if (!empty($alias)) {
 354            return true;
 355        }
 356
 357        return false;
 358     }
 359
 360 }