]> git.mxchange.org Git - quix0rs-gnu-social.git/blob - actions/atompubmembershipfeed.php
Better type check, better URL
[quix0rs-gnu-social.git] / actions / atompubmembershipfeed.php
1 <?php
2 /**
3  * StatusNet - the distributed open-source microblogging tool
4  * Copyright (C) 2010, StatusNet, Inc.
5  *
6  * Feed of group memberships for a user, in ActivityStreams format
7  *
8  * PHP version 5
9  *
10  * This program is free software: you can redistribute it and/or modify
11  * it under the terms of the GNU Affero General Public License as published by
12  * the Free Software Foundation, either version 3 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU Affero General Public License for more details.
19  *
20  * You should have received a copy of the GNU Affero General Public License
21  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
22  *
23  * @category  AtomPub
24  * @package   StatusNet
25  * @author    Evan Prodromou <evan@status.net>
26  * @copyright 2010 StatusNet, Inc.
27  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
28  * @link      http://status.net/
29  */
30
31 if (!defined('STATUSNET')) {
32     // This check helps protect against security problems;
33     // your code file can't be executed directly from the web.
34     exit(1);
35 }
36
37 require_once INSTALLDIR . '/lib/apiauth.php';
38
39 /**
40  * Feed of group memberships for a user, in ActivityStreams format
41  *
42  * @category  Action
43  * @package   StatusNet
44  * @author    Evan Prodromou <evan@status.net>
45  * @copyright 2010 StatusNet, Inc.
46  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
47  * @link      http://status.net/
48  */
49 class AtompubmembershipfeedAction extends ApiAuthAction
50 {
51     private $_profile     = null;
52     private $_memberships = null;
53
54     /**
55      * For initializing members of the class.
56      *
57      * @param array $argarray misc. arguments
58      *
59      * @return boolean true
60      */
61     function prepare($argarray)
62     {
63         parent::prepare($argarray);
64
65         $profileId = $this->trimmed('profile');
66
67         $this->_profile = Profile::staticGet('id', $profileId);
68
69         if (empty($this->_profile)) {
70             // TRANS: Client exception.
71             throw new ClientException(_('No such profile.'), 404);
72         }
73
74         $offset = ($this->page-1) * $this->count;
75         $limit  = $this->count + 1;
76
77         $this->_memberships = Group_member::byMember($this->_profile->id,
78                                                      $offset,
79                                                      $limit);
80
81         return true;
82     }
83
84     /**
85      * Handler method
86      *
87      * @param array $argarray is ignored since it's now passed in in prepare()
88      *
89      * @return void
90      */
91     function handle($argarray=null)
92     {
93         parent::handle($argarray);
94
95         switch ($_SERVER['REQUEST_METHOD']) {
96         case 'HEAD':
97         case 'GET':
98             $this->showFeed();
99             break;
100         case 'POST':
101             $this->addMembership();
102             break;
103         default:
104             // TRANS: Client exception thrown when using an unsupported HTTP method.
105             throw new ClientException(_('HTTP method not supported.'), 405);
106             return;
107         }
108
109         return;
110     }
111
112     /**
113      * Show a feed of favorite activity streams objects
114      *
115      * @return void
116      */
117     function showFeed()
118     {
119         header('Content-Type: application/atom+xml; charset=utf-8');
120
121         $url = common_local_url('AtomPubMembershipFeed',
122                                 array('profile' => $this->_profile->id));
123
124         $feed = new Atom10Feed(true);
125
126         $feed->addNamespace('activity',
127                             'http://activitystrea.ms/spec/1.0/');
128
129         $feed->addNamespace('poco',
130                             'http://portablecontacts.net/spec/1.0');
131
132         $feed->addNamespace('media',
133                             'http://purl.org/syndication/atommedia');
134
135         $feed->id = $url;
136
137         $feed->setUpdated('now');
138
139         $feed->addAuthor($this->_profile->getBestName(),
140                          $this->_profile->getURI());
141
142         // TRANS: Title for group membership feed.
143         // TRANS: %s is a username.
144         $feed->setTitle(sprintf(_('Group memberships of %s'),
145                                 $this->_profile->getBestName()));
146
147         // TRANS: Subtitle for group membership feed.
148         // TRANS: %1$s is a username, %2$s is the StatusNet sitename.
149         $feed->setSubtitle(sprintf(_('Groups %1$s is a member of on %2$s'),
150                                    $this->_profile->getBestName(),
151                                    common_config('site', 'name')));
152
153         $feed->addLink(common_local_url('usergroups',
154                                         array('nickname' =>
155                                               $this->_profile->nickname)));
156
157         $feed->addLink($url,
158                        array('rel' => 'self',
159                              'type' => 'application/atom+xml'));
160
161         // If there's more...
162
163         if ($this->page > 1) {
164             $feed->addLink($url,
165                            array('rel' => 'first',
166                                  'type' => 'application/atom+xml'));
167
168             $feed->addLink(common_local_url('AtomPubMembershipFeed',
169                                             array('profile' =>
170                                                   $this->_profile->id),
171                                             array('page' =>
172                                                   $this->page - 1)),
173                            array('rel' => 'prev',
174                                  'type' => 'application/atom+xml'));
175         }
176
177         if ($this->_memberships->N > $this->count) {
178
179             $feed->addLink(common_local_url('AtomPubMembershipFeed',
180                                             array('profile' =>
181                                                   $this->_profile->id),
182                                             array('page' =>
183                                                   $this->page + 1)),
184                            array('rel' => 'next',
185                                  'type' => 'application/atom+xml'));
186         }
187
188         $i = 0;
189
190         while ($this->_memberships->fetch()) {
191
192             // We get one more than needed; skip that one
193
194             $i++;
195
196             if ($i > $this->count) {
197                 break;
198             }
199
200             $act = $this->_memberships->asActivity();
201             $feed->addEntryRaw($act->asString(false, false, false));
202         }
203
204         $this->raw($feed->getString());
205     }
206
207     /**
208      * add a new favorite
209      *
210      * @return void
211      */
212     function addMembership()
213     {
214         // XXX: Refactor this; all the same for atompub
215
216         if (empty($this->auth_user) ||
217             $this->auth_user->id != $this->_profile->id) {
218             // TRANS: Client exception thrown when trying subscribe someone else to a group.
219             throw new ClientException(_("Cannot add someone else's".
220                                         " membership."), 403);
221         }
222
223         $xml = file_get_contents('php://input');
224
225         $dom = DOMDocument::loadXML($xml);
226
227         if ($dom->documentElement->namespaceURI != Activity::ATOM ||
228             $dom->documentElement->localName != 'entry') {
229             // TRANS: Client error displayed when not using an Atom entry.
230             throw new ClientException(_('Atom post must be an Atom entry.'));
231             return;
232         }
233
234         $activity = new Activity($dom->documentElement);
235
236         $membership = null;
237
238         if (Event::handle('StartAtomPubNewActivity', array(&$activity))) {
239             if ($activity->verb != ActivityVerb::JOIN) {
240                 // TRANS: Client error displayed when not using the join verb.
241                 throw new ClientException(_('Can only handle join activities.'));
242                 return;
243             }
244
245             $groupObj = $activity->objects[0];
246
247             if ($groupObj->type != ActivityObject::GROUP) {
248                 // TRANS: Client exception thrown when trying favorite an object that is not a notice.
249                 throw new ClientException(_('Can only fave notices.'));
250                 return;
251             }
252
253             $group = User_group::staticGet('uri', $groupObj->id);
254
255             if (empty($group)) {
256                 // XXX: import from listed URL or something
257                 // TRANS: Client exception thrown when trying to subscribe to a non-existing group.
258                 throw new ClientException(_('Unknown group.'));
259             }
260
261             $old = Group_member::pkeyGet(array('profile_id' => $this->auth_user->id,
262                                                'group_id' => $group->id));
263
264             if (!empty($old)) {
265                 // TRANS: Client exception thrown when trying to subscribe to an already subscribed group.
266                 throw new ClientException(_('Already a member.'));
267             }
268
269             $profile = $this->auth_user->getProfile();
270
271             if (Group_block::isBlocked($group, $profile)) {
272                 // XXX: import from listed URL or something
273                 // TRANS: Client exception thrown when trying to subscribe to group while blocked from that group.
274                 throw new ClientException(_('Blocked by admin.'));
275             }
276
277             $this->auth_user->joinGroup($group);
278
279             Event::handle('EndAtomPubNewActivity', array($activity, $membership));
280         }
281
282         if (!empty($membership)) {
283             $act = $membership->asActivity();
284
285             header('Content-Type: application/atom+xml; charset=utf-8');
286             header('Content-Location: ' . $act->selfLink);
287
288             $this->startXML();
289             $this->raw($act->asString(true, true, true));
290             $this->endXML();
291         }
292     }
293
294     /**
295      * Return true if read only.
296      *
297      * MAY override
298      *
299      * @param array $args other arguments
300      *
301      * @return boolean is read only action?
302      */
303     function isReadOnly($args)
304     {
305         if ($_SERVER['REQUEST_METHOD'] == 'GET' ||
306             $_SERVER['REQUEST_METHOD'] == 'HEAD') {
307             return true;
308         } else {
309             return false;
310         }
311     }
312
313     /**
314      * Return last modified, if applicable.
315      *
316      * MAY override
317      *
318      * @return string last modified http header
319      */
320     function lastModified()
321     {
322         // For comparison with If-Last-Modified
323         // If not applicable, return null
324         return null;
325     }
326
327     /**
328      * Return etag, if applicable.
329      *
330      * MAY override
331      *
332      * @return string etag http header
333      */
334     function etag()
335     {
336         return null;
337     }
338
339     /**
340      * Does this require authentication?
341      *
342      * @return boolean true if delete, else false
343      */
344     function requiresAuth()
345     {
346         if ($_SERVER['REQUEST_METHOD'] == 'GET' ||
347             $_SERVER['REQUEST_METHOD'] == 'HEAD') {
348             return false;
349         } else {
350             return true;
351         }
352     }
353 }