+ self::checkAllowedScope(self::SCOPE_WRITE);
+ $uid = self::getCurrentUserID();
+
+ $request = $this->getRequest([
+ 'status' => '', // Text content of the status. If media_ids is provided, this becomes optional. Attaching a poll is optional while status is provided.
+ 'media_ids' => [], // Array of Attachment ids to be attached as media. If provided, status becomes optional, and poll cannot be used.
+ 'poll' => [], // Poll data. If provided, media_ids cannot be used, and poll[expires_in] must be provided.
+ 'in_reply_to_id' => 0, // ID of the status being replied to, if status is a reply
+ 'quote_id' => 0, // ID of the message to quote
+ 'sensitive' => false, // Mark status and attached media as sensitive?
+ 'spoiler_text' => '', // Text to be shown as a warning or subject before the actual content. Statuses are generally collapsed behind this field.
+ 'visibility' => '', // Visibility of the posted status. One of: "public", "unlisted", "private" or "direct".
+ 'scheduled_at' => '', // ISO 8601 Datetime at which to schedule a status. Providing this paramter will cause ScheduledStatus to be returned instead of Status. Must be at least 5 minutes in the future.
+ 'language' => '', // ISO 639 language code for this status.
+ 'friendica' => [], // Friendica extensions to the standard Mastodon API spec
+ ], $request);
+
+ $owner = User::getOwnerDataById($uid);
+
+ // The imput is defined as text. So we can use Markdown for some enhancements
+ $body = Markdown::toBBCode($request['status']);
+
+ if (DI::pConfig()->get($uid, 'system', 'api_auto_attach', false) && preg_match("/\[url=[^\[\]]*\](.*)\[\/url\]\z/ism", $body, $matches)) {
+ $body = preg_replace("/\[url=[^\[\]]*\].*\[\/url\]\z/ism", PageInfo::getFooterFromUrl($matches[1]), $body);
+ }
+
+ $item = [];
+ $item['network'] = Protocol::DFRN;
+ $item['uid'] = $uid;
+ $item['verb'] = Activity::POST;
+ $item['contact-id'] = $owner['id'];
+ $item['author-id'] = $item['owner-id'] = Contact::getPublicIdByUserId($uid);
+ $item['title'] = '';
+ $item['body'] = $body;
+ $item['app'] = $this->getApp();
+
+ switch ($request['visibility']) {
+ case 'public':
+ $item['allow_cid'] = '';
+ $item['allow_gid'] = '';
+ $item['deny_cid'] = '';
+ $item['deny_gid'] = '';
+ $item['private'] = Item::PUBLIC;
+ break;
+ case 'unlisted':
+ $item['allow_cid'] = '';
+ $item['allow_gid'] = '';
+ $item['deny_cid'] = '';
+ $item['deny_gid'] = '';
+ $item['private'] = Item::UNLISTED;
+ break;
+ case 'private':
+ if (!empty($owner['allow_cid'] . $owner['allow_gid'] . $owner['deny_cid'] . $owner['deny_gid'])) {
+ $item['allow_cid'] = $owner['allow_cid'];
+ $item['allow_gid'] = $owner['allow_gid'];
+ $item['deny_cid'] = $owner['deny_cid'];
+ $item['deny_gid'] = $owner['deny_gid'];
+ } else {
+ $item['allow_cid'] = '';
+ $item['allow_gid'] = '<' . Group::FOLLOWERS . '>';
+ $item['deny_cid'] = '';
+ $item['deny_gid'] = '';
+ }
+ $item['private'] = Item::PRIVATE;
+ break;
+ case 'direct':
+ $item['private'] = Item::PRIVATE;
+ // The permissions are assigned in "expandTags"
+ break;
+ default:
+ if (is_numeric($request['visibility']) && Group::exists($request['visibility'], $uid)) {
+ $item['allow_cid'] = '';
+ $item['allow_gid'] = '<' . $request['visibility'] . '>';
+ $item['deny_cid'] = '';
+ $item['deny_gid'] = '';
+ } else {
+ $item['allow_cid'] = $owner['allow_cid'];
+ $item['allow_gid'] = $owner['allow_gid'];
+ $item['deny_cid'] = $owner['deny_cid'];
+ $item['deny_gid'] = $owner['deny_gid'];
+ }
+
+ if (!empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) {
+ $item['private'] = Item::PRIVATE;
+ } elseif (DI::pConfig()->get($uid, 'system', 'unlisted')) {
+ $item['private'] = Item::UNLISTED;
+ } else {
+ $item['private'] = Item::PUBLIC;
+ }
+ break;
+ }
+
+ if (!empty($request['language'])) {
+ $item['language'] = json_encode([$request['language'] => 1]);
+ }
+
+ if ($request['in_reply_to_id']) {
+ $parent = Post::selectFirst(['uri', 'private'], ['uri-id' => $request['in_reply_to_id'], 'uid' => [0, $uid]]);
+
+ $item['thr-parent'] = $parent['uri'];
+ $item['gravity'] = Item::GRAVITY_COMMENT;
+ $item['object-type'] = Activity\ObjectType::COMMENT;
+
+ if (in_array($parent['private'], [Item::UNLISTED, Item::PUBLIC]) && ($item['private'] == Item::PRIVATE)) {
+ throw new HTTPException\NotImplementedException('Private replies for public posts are not implemented.');
+ }
+ } else {
+ self::checkThrottleLimit();
+
+ $item['gravity'] = Item::GRAVITY_PARENT;
+ $item['object-type'] = Activity\ObjectType::NOTE;
+ }
+
+ if ($request['quote_id']) {
+ if (!Post::exists(['uri-id' => $request['quote_id'], 'uid' => [0, $uid]])) {
+ throw new HTTPException\NotFoundException('Item with URI ID ' . $request['quote_id'] . ' not found for user ' . $uid . '.');
+ }
+ $item['quote-uri-id'] = $request['quote_id'];
+ }
+
+ $item['title'] = $request['friendica']['title'] ?? '';
+
+ if (!empty($request['spoiler_text'])) {
+ if (!isset($request['friendica']['title']) && !$request['in_reply_to_id'] && DI::pConfig()->get($uid, 'system', 'api_spoiler_title', true)) {
+ $item['title'] = $request['spoiler_text'];
+ } else {
+ $item['body'] = '[abstract=' . Protocol::ACTIVITYPUB . ']' . $request['spoiler_text'] . "[/abstract]\n" . $item['body'];
+ }
+ }
+
+ $item = DI::contentItem()->expandTags($item, $request['visibility'] == 'direct');
+
+ if (!empty($request['media_ids'])) {
+ $item = $this->storeMediaIds($request['media_ids'], $item);
+ }
+
+ if (!empty($request['scheduled_at'])) {
+ $item['guid'] = Item::guid($item, true);
+ $item['uri'] = Item::newURI($item['guid']);
+ $id = Post\Delayed::add($item['uri'], $item, Worker::PRIORITY_HIGH, Post\Delayed::PREPARED, DateTimeFormat::utc($request['scheduled_at']));
+ if (empty($id)) {
+ DI::mstdnError()->InternalError();
+ }
+ System::jsonExit(DI::mstdnScheduledStatus()->createFromDelayedPostId($id, $uid)->toArray());
+ }
+
+ $id = Item::insert($item, true);
+ if (!empty($id)) {
+ $item = Post::selectFirst(['uri-id'], ['id' => $id]);
+ if (!empty($item['uri-id'])) {
+ System::jsonExit(DI::mstdnStatus()->createFromUriId($item['uri-id'], $uid, self::appSupportsQuotes()));
+ }
+ }
+
+ DI::mstdnError()->InternalError();
+ }
+
+ protected function delete(array $request = [])
+ {
+ self::checkAllowedScope(self::SCOPE_READ);
+ $uid = self::getCurrentUserID();
+
+ if (empty($this->parameters['id'])) {
+ DI::mstdnError()->UnprocessableEntity();
+ }
+
+ $item = Post::selectFirstForUser($uid, ['id'], ['uri-id' => $this->parameters['id'], 'uid' => $uid]);
+ if (empty($item['id'])) {
+ DI::mstdnError()->RecordNotFound();
+ }
+
+ if (!Item::markForDeletionById($item['id'])) {
+ DI::mstdnError()->RecordNotFound();
+ }
+
+ System::jsonExit([]);