actions/apigroupcreate.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * Create a group via the API
   6  *
   7  * PHP version 5
   8  *
   9  * LICENCE: This program is free software: you can redistribute it and/or modify
  10  * it under the terms of the GNU Affero General Public License as published by
  11  * the Free Software Foundation, either version 3 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU Affero General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License
  20  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21  *
  22  * @category  API
  23  * @package   StatusNet
  24  * @author    Craig Andrews <candrews@integralblue.com>
  25  * @author    Evan Prodromou <evan@status.net>
  26  * @author    Jeffery To <jeffery.to@gmail.com>
  27  * @author    Zach Copley <zach@status.net>
  28  * @copyright 2009 StatusNet, Inc.
  29  * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
  30  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  31  * @link      http://status.net/
  32  */
  33
  34 if (!defined('STATUSNET')) {
  35     exit(1);
  36 }
  37
  38 require_once INSTALLDIR . '/lib/apiauth.php';
  39
  40 /**
  41  * Make a new group. Sets the authenticated user as the administrator of the group.
  42  *
  43  * @category API
  44  * @package  StatusNet
  45  * @author   Craig Andrews <candrews@integralblue.com>
  46  * @author   Evan Prodromou <evan@status.net>
  47  * @author   Jeffery To <jeffery.to@gmail.com>
  48  * @author   Zach Copley <zach@status.net>
  49  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  50  * @link     http://status.net/
  51  */
  52
  53 class ApiGroupCreateAction extends ApiAuthAction
  54 {
  55     var $group       = null;
  56     var $nickname    = null;
  57     var $fullname    = null;
  58     var $homepage    = null;
  59     var $description = null;
  60     var $location    = null;
  61     var $aliasstring = null;
  62     var $aliases     = null;
  63
  64     /**
  65      * Take arguments for running
  66      *
  67      * @param array $args $_REQUEST args
  68      *
  69      * @return boolean success flag
  70      *
  71      */
  72
  73     function prepare($args)
  74     {
  75         parent::prepare($args);
  76
  77         $this->user  = $this->auth_user;
  78
  79         $this->nickname    = $this->arg('nickname');
  80         $this->fullname    = $this->arg('full_name');
  81         $this->homepage    = $this->arg('homepage');
  82         $this->description = $this->arg('description');
  83         $this->location    = $this->arg('location');
  84         $this->aliasstring = $this->arg('aliases');
  85
  86         return true;
  87     }
  88
  89     /**
  90      * Handle the request
  91      *
  92      * Save the new group
  93      *
  94      * @param array $args $_REQUEST data (unused)
  95      *
  96      * @return void
  97      */
  98
  99     function handle($args)
 100     {
 101         parent::handle($args);
 102
 103         if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 104              $this->clientError(
 105                  // TRANS: Client error. POST is a HTTP command. It should not be translated.
 106                  _('This method requires a POST.'),
 107                  400,
 108                  $this->format
 109              );
 110              return;
 111         }
 112
 113         if (empty($this->user)) {
 114             $this->clientError(_('No such user.'), 404, $this->format);
 115             return;
 116         }
 117
 118         if ($this->validateParams() == false) {
 119             return;
 120         }
 121
 122         $group = User_group::register(array('nickname' => $this->nickname,
 123                                             'fullname' => $this->fullname,
 124                                             'homepage' => $this->homepage,
 125                                             'description' => $this->description,
 126                                             'location' => $this->location,
 127                                             'aliases'  => $this->aliases,
 128                                             'userid'   => $this->user->id,
 129                                             'local'    => true));
 130
 131         switch($this->format) {
 132         case 'xml':
 133             $this->showSingleXmlGroup($group);
 134             break;
 135         case 'json':
 136             $this->showSingleJsonGroup($group);
 137             break;
 138         default:
 139             $this->clientError(
 140                 _('API method not found.'),
 141                 404,
 142                 $this->format
 143             );
 144             break;
 145         }
 146
 147     }
 148
 149     /**
 150      * Validate params for the new group
 151      *
 152      * @return void
 153      */
 154
 155     function validateParams()
 156     {
 157         $valid = Validate::string(
 158             $this->nickname, array(
 159                 'min_length' => 1,
 160                 'max_length' => 64,
 161                 'format' => NICKNAME_FMT
 162             )
 163         );
 164
 165         if (!$valid) {
 166             $this->clientError(
 167                 _(
 168                     'Nickname must have only lowercase letters ' .
 169                     'and numbers and no spaces.'
 170                 ),
 171                 403,
 172                 $this->format
 173             );
 174             return false;
 175         } elseif ($this->groupNicknameExists($this->nickname)) {
 176             $this->clientError(
 177                 _('Nickname already in use. Try another one.'),
 178                 403,
 179                 $this->format
 180             );
 181             return false;
 182         } else if (!User_group::allowedNickname($this->nickname)) {
 183             $this->clientError(
 184                 _('Not a valid nickname.'),
 185                 403,
 186                 $this->format
 187             );
 188             return false;
 189
 190         } elseif (
 191             !is_null($this->homepage)
 192             && strlen($this->homepage) > 0
 193             && !Validate::uri(
 194                 $this->homepage, array(
 195                     'allowed_schemes' =>
 196                     array('http', 'https')
 197                 )
 198             )) {
 199             $this->clientError(
 200                 _('Homepage is not a valid URL.'),
 201                 403,
 202                 $this->format
 203             );
 204             return false;
 205         } elseif (
 206             !is_null($this->fullname)
 207             && mb_strlen($this->fullname) > 255) {
 208                 $this->clientError(
 209                     _('Full name is too long (max 255 chars).'),
 210                     403,
 211                     $this->format
 212                 );
 213             return false;
 214         } elseif (User_group::descriptionTooLong($this->description)) {
 215             $this->clientError(
 216                 sprintf(
 217                     _('Description is too long (max %d chars).'),
 218                     User_group::maxDescription()
 219                 ),
 220                 403,
 221                 $this->format
 222             );
 223             return false;
 224         } elseif (
 225             !is_null($this->location)
 226             && mb_strlen($this->location) > 255) {
 227                 $this->clientError(
 228                     _('Location is too long (max 255 chars).'),
 229                     403,
 230                     $this->format
 231                 );
 232             return false;
 233         }
 234
 235         if (!empty($this->aliasstring)) {
 236             $this->aliases = array_map(
 237                 'common_canonical_nickname',
 238                 array_unique(preg_split('/[\s,]+/', $this->aliasstring))
 239             );
 240         } else {
 241             $this->aliases = array();
 242         }
 243
 244         if (count($this->aliases) > common_config('group', 'maxaliases')) {
 245             $this->clientError(
 246                 sprintf(
 247                     _('Too many aliases! Maximum %d.'),
 248                     common_config('group', 'maxaliases')
 249                 ),
 250                 403,
 251                 $this->format
 252             );
 253             return false;
 254         }
 255
 256         foreach ($this->aliases as $alias) {
 257
 258             $valid = Validate::string(
 259                 $alias, array(
 260                     'min_length' => 1,
 261                     'max_length' => 64,
 262                     'format' => NICKNAME_FMT
 263                 )
 264             );
 265
 266             if (!$valid) {
 267                 $this->clientError(
 268                     sprintf(_('Invalid alias: "%s".'), $alias),
 269                     403,
 270                     $this->format
 271                 );
 272                 return false;
 273             }
 274             if ($this->groupNicknameExists($alias)) {
 275                 $this->clientError(
 276                     sprintf(
 277                         _('Alias "%s" already in use. Try another one.'),
 278                         $alias
 279                     ),
 280                     403,
 281                     $this->format
 282                 );
 283                 return false;
 284             }
 285
 286             // XXX assumes alphanum nicknames
 287
 288             if (strcmp($alias, $this->nickname) == 0) {
 289                 $this->clientError(
 290                     _('Alias can\'t be the same as nickname.'),
 291                     403,
 292                     $this->format
 293                 );
 294                 return false;
 295             }
 296         }
 297
 298         // Evarything looks OK
 299
 300         return true;
 301     }
 302
 303     /**
 304      * Check to see whether a nickname is already in use by a group
 305      *
 306      * @param String $nickname The nickname in question
 307      *
 308      * @return boolean true or false
 309      */
 310
 311     function groupNicknameExists($nickname)
 312     {
 313         $local = Local_group::staticGet('nickname', $nickname);
 314
 315         if (!empty($local)) {
 316             return true;
 317         }
 318
 319         $alias = Group_alias::staticGet('alias', $nickname);
 320
 321         if (!empty($alias)) {
 322             return true;
 323         }
 324
 325         return false;
 326     }
 327
 328 }