actions/groupblock.php

   1 <?php
   2 /**
   3  * Block a user from a group action class.
   4  *
   5  * PHP version 5
   6  *
   7  * @category Action
   8  * @package  StatusNet
   9  * @author   Evan Prodromou <evan@status.net>
  10  * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
  11  * @link     http://status.net/
  12  *
  13  * StatusNet - the distributed open-source microblogging tool
  14  * Copyright (C) 2008, 2009, StatusNet, Inc.
  15  *
  16  * This program is free software: you can redistribute it and/or modify
  17  * it under the terms of the GNU Affero General Public License as published by
  18  * the Free Software Foundation, either version 3 of the License, or
  19  * (at your option) any later version.
  20  *
  21  * This program is distributed in the hope that it will be useful,
  22  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  23  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  24  * GNU Affero General Public License for more details.
  25  *
  26  * You should have received a copy of the GNU Affero General Public License
  27  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  28  */
  29
  30 if (!defined('STATUSNET') && !defined('LACONICA')) {
  31     exit(1);
  32 }
  33
  34 /**
  35  * Block a user from a group
  36  *
  37  * @category Action
  38  * @package  StatusNet
  39  * @author   Evan Prodromou <evan@status.net>
  40  * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
  41  * @link     http://status.net/
  42  */
  43
  44 class GroupblockAction extends RedirectingAction
  45 {
  46     var $profile = null;
  47     var $group = null;
  48
  49     /**
  50      * Take arguments for running
  51      *
  52      * @param array $args $_REQUEST args
  53      *
  54      * @return boolean success flag
  55      */
  56
  57     function prepare($args)
  58     {
  59         parent::prepare($args);
  60         if (!common_logged_in()) {
  61             $this->clientError(_('Not logged in.'));
  62             return false;
  63         }
  64         $token = $this->trimmed('token');
  65         if (empty($token) || $token != common_session_token()) {
  66             $this->clientError(_('There was a problem with your session token. Try again, please.'));
  67             return;
  68         }
  69         $id = $this->trimmed('blockto');
  70         if (empty($id)) {
  71             $this->clientError(_('No profile specified.'));
  72             return false;
  73         }
  74         $this->profile = Profile::staticGet('id', $id);
  75         if (empty($this->profile)) {
  76             $this->clientError(_('No profile with that ID.'));
  77             return false;
  78         }
  79         $group_id = $this->trimmed('blockgroup');
  80         if (empty($group_id)) {
  81             $this->clientError(_('No group specified.'));
  82             return false;
  83         }
  84         $this->group = User_group::staticGet('id', $group_id);
  85         if (empty($this->group)) {
  86             $this->clientError(_('No such group.'));
  87             return false;
  88         }
  89         $user = common_current_user();
  90         if (!$user->isAdmin($this->group)) {
  91             $this->clientError(_('Only an admin can block group members.'), 401);
  92             return false;
  93         }
  94         if (Group_block::isBlocked($this->group, $this->profile)) {
  95             $this->clientError(_('User is already blocked from group.'));
  96             return false;
  97         }
  98         // XXX: could have proactive blocks, but we don't have UI for it.
  99         if (!$this->profile->isMember($this->group)) {
 100             $this->clientError(_('User is not a member of group.'));
 101             return false;
 102         }
 103         return true;
 104     }
 105
 106     /**
 107      * Handle request
 108      *
 109      * Shows a page with list of favorite notices
 110      *
 111      * @param array $args $_REQUEST args; handled in prepare()
 112      *
 113      * @return void
 114      */
 115     function handle($args)
 116     {
 117         parent::handle($args);
 118         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 119             if ($this->arg('no')) {
 120                 $this->returnToPrevious();
 121             } elseif ($this->arg('yes')) {
 122                 $this->blockProfile();
 123             } elseif ($this->arg('blockto')) {
 124                 $this->showPage();
 125             }
 126         }
 127     }
 128
 129     function showContent() {
 130         $this->areYouSureForm();
 131     }
 132
 133     function title() {
 134         return _('Block user from group');
 135     }
 136
 137     function showNoticeForm() {
 138         // nop
 139     }
 140
 141     /**
 142      * Confirm with user.
 143      *
 144      * Shows a confirmation form.
 145      *
 146      * @return void
 147      */
 148
 149     function areYouSureForm()
 150     {
 151         $id = $this->profile->id;
 152         $this->elementStart('form', array('id' => 'block-' . $id,
 153                                            'method' => 'post',
 154                                            'class' => 'form_settings form_entity_block',
 155                                            'action' => common_local_url('groupblock')));
 156         $this->elementStart('fieldset');
 157         $this->hidden('token', common_session_token());
 158         $this->element('legend', _('Block user'));
 159         $this->element('p', null,
 160                        sprintf(_('Are you sure you want to block user "%1$s" from the group "%2$s"? '.
 161                                  'They will be removed from the group, unable to post, and '.
 162                                  'unable to subscribe to the group in the future.'),
 163                                $this->profile->getBestName(),
 164                                $this->group->getBestName()));
 165         $this->hidden('blockto-' . $this->profile->id,
 166                       $this->profile->id,
 167                       'blockto');
 168         $this->hidden('blockgroup-' . $this->group->id,
 169                       $this->group->id,
 170                       'blockgroup');
 171         foreach ($this->args as $k => $v) {
 172             if (substr($k, 0, 9) == 'returnto-') {
 173                 $this->hidden($k, $v);
 174             }
 175         }
 176         $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user from this group"));
 177         $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Block this user from this group'));
 178         $this->elementEnd('fieldset');
 179         $this->elementEnd('form');
 180     }
 181
 182     /**
 183      * Actually block a user.
 184      *
 185      * @return void
 186      */
 187
 188     function blockProfile()
 189     {
 190         $block = Group_block::blockProfile($this->group, $this->profile,
 191                                            common_current_user());
 192
 193         if (empty($block)) {
 194             $this->serverError(_("Database error blocking user from group."));
 195             return false;
 196         }
 197
 198         $this->returnToPrevious();
 199     }
 200
 201     /**
 202      * If we reached this form without returnto arguments, default to
 203      * the top of the group's member list.
 204      *
 205      * @return string URL
 206      */
 207     function defaultReturnTo()
 208     {
 209         return common_local_url('groupmembers',
 210                                 array('nickname' => $this->group->nickname));
 211     }
 212
 213     function showScripts()
 214     {
 215         parent::showScripts();
 216         $this->autofocus('form_action-yes');
 217     }
 218
 219 }
 220