src/Module/Api/Friendica/Photo/Update.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2023, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\Api\Friendica\Photo;
  23
  24 use Friendica\App;
  25 use Friendica\Core\ACL;
  26 use Friendica\Core\L10n;
  27 use Friendica\Factory\Api\Friendica\Photo as FriendicaPhoto;
  28 use Friendica\Module\BaseApi;
  29 use Friendica\Model\Photo;
  30 use Friendica\Module\Api\ApiResponse;
  31 use Friendica\Network\HTTPException;
  32 use Friendica\Util\Profiler;
  33 use Psr\Log\LoggerInterface;
  34
  35 /**
  36  * API endpoint: /api/friendica/photo/update
  37  */
  38 class Update extends BaseApi
  39 {
  40         /** @var FriendicaPhoto */
  41         private $friendicaPhoto;
  42
  43
  44         public function __construct(FriendicaPhoto $friendicaPhoto, App $app, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, ApiResponse $response, array $server, array $parameters = [])
  45         {
  46                 parent::__construct($app, $l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
  47
  48                 $this->friendicaPhoto = $friendicaPhoto;
  49         }
  50
  51         protected function post(array $request = [])
  52         {
  53                 BaseApi::checkAllowedScope(BaseApi::SCOPE_WRITE);
  54                 $uid  = BaseApi::getCurrentUserID();
  55                 $type = $this->getRequestValue($this->parameters, 'extension', 'json');
  56
  57                 // input params
  58                 $photo_id  = $this->getRequestValue($request, 'photo_id');
  59                 $desc      = $this->getRequestValue($request, 'desc');
  60                 $album     = $this->getRequestValue($request, 'album');
  61                 $album_new = $this->getRequestValue($request, 'album_new');
  62                 $allow_cid = $this->getRequestValue($request, 'allow_cid');
  63                 $deny_cid  = $this->getRequestValue($request, 'deny_cid');
  64                 $allow_gid = $this->getRequestValue($request, 'allow_gid');
  65                 $deny_gid  = $this->getRequestValue($request, 'deny_gid');
  66
  67                 // do several checks on input parameters
  68                 // we do not allow calls without album string
  69                 if ($album == null) {
  70                         throw new HTTPException\BadRequestException('no albumname specified');
  71                 }
  72
  73                 // check if photo is existing in database
  74                 if (!Photo::exists(['resource-id' => $photo_id, 'uid' => $uid, 'album' => $album])) {
  75                         throw new HTTPException\BadRequestException('photo not available');
  76                 }
  77
  78                 // checks on acl strings provided by clients
  79                 $acl_input_error = false;
  80                 $acl_input_error |= !ACL::isValidContact($allow_cid, $uid);
  81                 $acl_input_error |= !ACL::isValidContact($deny_cid, $uid);
  82                 $acl_input_error |= !ACL::isValidGroup($allow_gid, $uid);
  83                 $acl_input_error |= !ACL::isValidGroup($deny_gid, $uid);
  84                 if ($acl_input_error) {
  85                         throw new HTTPException\BadRequestException('acl data invalid');
  86                 }
  87
  88                 $updated_fields = [];
  89
  90                 if (!is_null($desc)) {
  91                         $updated_fields['desc'] = $desc;
  92                 }
  93
  94                 if (!is_null($album_new)) {
  95                         $updated_fields['album'] = $album_new;
  96                 }
  97
  98                 if (!is_null($allow_cid)) {
  99                         $allow_cid                   = trim($allow_cid);
 100                         $updated_fields['allow_cid'] = $allow_cid;
 101                 }
 102
 103                 if (!is_null($deny_cid)) {
 104                         $deny_cid                   = trim($deny_cid);
 105                         $updated_fields['deny_cid'] = $deny_cid;
 106                 }
 107
 108                 if (!is_null($allow_gid)) {
 109                         $allow_gid                   = trim($allow_gid);
 110                         $updated_fields['allow_gid'] = $allow_gid;
 111                 }
 112
 113                 if (!is_null($deny_gid)) {
 114                         $deny_gid                   = trim($deny_gid);
 115                         $updated_fields['deny_gid'] = $deny_gid;
 116                 }
 117
 118                 $result = false;
 119                 if (count($updated_fields) > 0) {
 120                         $nothingtodo = false;
 121                         $result      = Photo::update($updated_fields, ['uid' => $uid, 'resource-id' => $photo_id, 'album' => $album]);
 122                 } else {
 123                         $nothingtodo = true;
 124                 }
 125
 126                 if (!empty($_FILES['media'])) {
 127                         $nothingtodo = false;
 128                         $photo       = Photo::upload($uid, $_FILES['media'], $album, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $desc, $photo_id);
 129                         if (!empty($photo)) {
 130                                 $data = ['photo' => $this->friendicaPhoto->createFromId($photo['resource_id'], null, $uid, $type)];
 131                                 $this->response->exit('photo_update', $data, $this->parameters['extension'] ?? null);
 132                                 return;
 133                         }
 134                 }
 135
 136                 // return success of updating or error message
 137                 if ($result) {
 138                         Photo::clearAlbumCache($uid);
 139                         $answer = ['result' => 'updated', 'message' => 'Image id `' . $photo_id . '` has been updated.'];
 140                         $this->response->exit('photo_update', ['$result' => $answer], $this->parameters['extension'] ?? null);
 141                         return;
 142                 } else {
 143                         if ($nothingtodo) {
 144                                 $answer = ['result' => 'cancelled', 'message' => 'Nothing to update for image id `' . $photo_id . '`.'];
 145                                 $this->response->exit('photo_update', ['$result' => $answer], $this->parameters['extension'] ?? null);
 146                                 return;
 147                         }
 148                         throw new HTTPException\InternalServerErrorException('unknown error - update photo entry in database failed');
 149                 }
 150
 151                 throw new HTTPException\InternalServerErrorException('unknown error - this error on uploading or updating a photo should never happen');
 152         }
 153 }