actions/apigroupcreate.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * Create a group via the API
   6  *
   7  * PHP version 5
   8  *
   9  * LICENCE: This program is free software: you can redistribute it and/or modify
  10  * it under the terms of the GNU Affero General Public License as published by
  11  * the Free Software Foundation, either version 3 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU Affero General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License
  20  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21  *
  22  * @category  API
  23  * @package   StatusNet
  24  * @author    Craig Andrews <candrews@integralblue.com>
  25  * @author    Evan Prodromou <evan@status.net>
  26  * @author    Jeffery To <jeffery.to@gmail.com>
  27  * @author    Zach Copley <zach@status.net>
  28  * @copyright 2009 StatusNet, Inc.
  29  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  30  * @link      http://status.net/
  31  */
  32
  33 if (!defined('STATUSNET')) {
  34     exit(1);
  35 }
  36
  37 require_once INSTALLDIR . '/lib/apiauth.php';
  38
  39 /**
  40  * Make a new group. Sets the authenticated user as the administrator of the group.
  41  *
  42  * @category API
  43  * @package  StatusNet
  44  * @author   Craig Andrews <candrews@integralblue.com>
  45  * @author   Evan Prodromou <evan@status.net>
  46  * @author   Jeffery To <jeffery.to@gmail.com>
  47  * @author   Zach Copley <zach@status.net>
  48  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  49  * @link     http://status.net/
  50  */
  51
  52 class ApiGroupCreateAction extends ApiAuthAction
  53 {
  54     var $group       = null;
  55     var $nickname    = null;
  56     var $fullname    = null;
  57     var $homepage    = null;
  58     var $description = null;
  59     var $location    = null;
  60     var $aliasstring = null;
  61     var $aliases     = null;
  62
  63     /**
  64      * Take arguments for running
  65      *
  66      * @param array $args $_REQUEST args
  67      *
  68      * @return boolean success flag
  69      *
  70      */
  71
  72     function prepare($args)
  73     {
  74         parent::prepare($args);
  75
  76         $this->user  = $this->auth_user;
  77
  78         $this->nickname    = $this->arg('nickname');
  79         $this->fullname    = $this->arg('full_name');
  80         $this->homepage    = $this->arg('homepage');
  81         $this->description = $this->arg('description');
  82         $this->location    = $this->arg('location');
  83         $this->aliasstring = $this->arg('aliases');
  84
  85         return true;
  86     }
  87
  88     /**
  89      * Handle the request
  90      *
  91      * Save the new group
  92      *
  93      * @param array $args $_REQUEST data (unused)
  94      *
  95      * @return void
  96      */
  97
  98     function handle($args)
  99     {
 100         parent::handle($args);
 101
 102         if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 103              $this->clientError(
 104                  _('This method requires a POST.'),
 105                  400,
 106                  $this->format
 107              );
 108              return;
 109         }
 110
 111         if (empty($this->user)) {
 112             $this->clientError(_('No such user.'), 404, $this->format);
 113             return;
 114         }
 115
 116         if ($this->validateParams() == false) {
 117             return;
 118         }
 119
 120         $group = User_group::register(array('nickname' => $this->nickname,
 121                                             'fullname' => $this->fullname,
 122                                             'homepage' => $this->homepage,
 123                                             'description' => $this->description,
 124                                             'location' => $this->location,
 125                                             'aliases'  => $this->aliases,
 126                                             'userid'   => $this->user->id,
 127                                             'local'    => true));
 128
 129         switch($this->format) {
 130         case 'xml':
 131             $this->showSingleXmlGroup($group);
 132             break;
 133         case 'json':
 134             $this->showSingleJsonGroup($group);
 135             break;
 136         default:
 137             $this->clientError(
 138                 _('API method not found.'),
 139                 404,
 140                 $this->format
 141             );
 142             break;
 143         }
 144
 145     }
 146
 147     /**
 148      * Validate params for the new group
 149      *
 150      * @return void
 151      */
 152
 153     function validateParams()
 154     {
 155         $valid = Validate::string(
 156             $this->nickname, array(
 157                 'min_length' => 1,
 158                 'max_length' => 64,
 159                 'format' => NICKNAME_FMT
 160             )
 161         );
 162
 163         if (!$valid) {
 164             $this->clientError(
 165                 _(
 166                     'Nickname must have only lowercase letters ' .
 167                     'and numbers and no spaces.'
 168                 ),
 169                 403,
 170                 $this->format
 171             );
 172             return false;
 173         } elseif ($this->groupNicknameExists($this->nickname)) {
 174             $this->clientError(
 175                 _('Nickname already in use. Try another one.'),
 176                 403,
 177                 $this->format
 178             );
 179             return false;
 180         } else if (!User_group::allowedNickname($this->nickname)) {
 181             $this->clientError(
 182                 _('Not a valid nickname.'),
 183                 403,
 184                 $this->format
 185             );
 186             return false;
 187
 188         } elseif (
 189             !is_null($this->homepage)
 190             && strlen($this->homepage) > 0
 191             && !Validate::uri(
 192                 $this->homepage, array(
 193                     'allowed_schemes' =>
 194                     array('http', 'https')
 195                 )
 196             )) {
 197             $this->clientError(
 198                 _('Homepage is not a valid URL.'),
 199                 403,
 200                 $this->format
 201             );
 202             return false;
 203         } elseif (
 204             !is_null($this->fullname)
 205             && mb_strlen($this->fullname) > 255) {
 206                 $this->clientError(
 207                     _('Full name is too long (max 255 chars).'),
 208                     403,
 209                     $this->format
 210                 );
 211             return false;
 212         } elseif (User_group::descriptionTooLong($this->description)) {
 213             $this->clientError(
 214                 sprintf(
 215                     _('Description is too long (max %d chars).'),
 216                     User_group::maxDescription()
 217                 ),
 218                 403,
 219                 $this->format
 220             );
 221             return false;
 222         } elseif (
 223             !is_null($this->location)
 224             && mb_strlen($this->location) > 255) {
 225                 $this->clientError(
 226                     _('Location is too long (max 255 chars).'),
 227                     403,
 228                     $this->format
 229                 );
 230             return false;
 231         }
 232
 233         if (!empty($this->aliasstring)) {
 234             $this->aliases = array_map(
 235                 'common_canonical_nickname',
 236                 array_unique(preg_split('/[\s,]+/', $this->aliasstring))
 237             );
 238         } else {
 239             $this->aliases = array();
 240         }
 241
 242         if (count($this->aliases) > common_config('group', 'maxaliases')) {
 243             $this->clientError(
 244                 sprintf(
 245                     _('Too many aliases! Maximum %d.'),
 246                     common_config('group', 'maxaliases')
 247                 ),
 248                 403,
 249                 $this->format
 250             );
 251             return false;
 252         }
 253
 254         foreach ($this->aliases as $alias) {
 255
 256             $valid = Validate::string(
 257                 $alias, array(
 258                     'min_length' => 1,
 259                     'max_length' => 64,
 260                     'format' => NICKNAME_FMT
 261                 )
 262             );
 263
 264             if (!$valid) {
 265                 $this->clientError(
 266                     sprintf(_('Invalid alias: "%s".'), $alias),
 267                     403,
 268                     $this->format
 269                 );
 270                 return false;
 271             }
 272             if ($this->groupNicknameExists($alias)) {
 273                 $this->clientError(
 274                     sprintf(
 275                         _('Alias "%s" already in use. Try another one.'),
 276                         $alias
 277                     ),
 278                     403,
 279                     $this->format
 280                 );
 281                 return false;
 282             }
 283
 284             // XXX assumes alphanum nicknames
 285
 286             if (strcmp($alias, $this->nickname) == 0) {
 287                 $this->clientError(
 288                     _('Alias can\'t be the same as nickname.'),
 289                     403,
 290                     $this->format
 291                 );
 292                 return false;
 293             }
 294         }
 295
 296         // Evarything looks OK
 297
 298         return true;
 299     }
 300
 301     /**
 302      * Check to see whether a nickname is already in use by a group
 303      *
 304      * @param String $nickname The nickname in question
 305      *
 306      * @return boolean true or false
 307      */
 308
 309     function groupNicknameExists($nickname)
 310     {
 311         $local = Local_group::staticGet('nickname', $nickname);
 312
 313         if (!empty($local)) {
 314             return true;
 315         }
 316
 317         $alias = Group_alias::staticGet('alias', $nickname);
 318
 319         if (!empty($alias)) {
 320             return true;
 321         }
 322
 323         return false;
 324     }
 325
 326 }