*
* @category API
* @package StatusNet
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @author Evan Prodromou <evan@status.net>
+ * @author Jeffery To <jeffery.to@gmail.com>
+ * @author Tom Blankenship <mac65@mac65.com>
+ * @author Mike Cochrane <mikec@mikenz.geek.nz>
+ * @author Robin Millette <robin@millette.info>
* @author Zach Copley <zach@status.net>
* @copyright 2009 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
exit(1);
}
-require_once INSTALLDIR.'/lib/api.php';
+require_once INSTALLDIR . '/lib/apiprivateauth.php';
/**
* Returns the notice specified by id as a Twitter-style status and inline user
*
* @category API
* @package StatusNet
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @author Evan Prodromou <evan@status.net>
+ * @author Jeffery To <jeffery.to@gmail.com>
+ * @author Tom Blankenship <mac65@mac65.com>
+ * @author Mike Cochrane <mikec@mikenz.geek.nz>
+ * @author Robin Millette <robin@millette.info>
* @author Zach Copley <zach@status.net>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
-
-class ApiStatusesShowAction extends ApiAction
+class ApiStatusesShowAction extends ApiPrivateAuthAction
{
-
var $notice_id = null;
var $notice = null;
* @param array $args $_REQUEST args
*
* @return boolean success flag
- *
*/
-
function prepare($args)
{
parent::prepare($args);
*
* @return void
*/
-
function handle($args)
{
parent::handle($args);
- if (!in_array($this->format, array('xml', 'json'))) {
- $this->clientError(_('API method not found!'), $code = 404);
+ if (!in_array($this->format, array('xml', 'json', 'atom'))) {
+ // TRANS: Client error displayed when trying to handle an unknown API method.
+ $this->clientError(_('API method not found.'), 404);
return;
}
- $this->showNotice();
+ switch ($_SERVER['REQUEST_METHOD']) {
+ case 'GET':
+ $this->showNotice();
+ break;
+ case 'DELETE':
+ $this->deleteNotice();
+ break;
+ default:
+ $this->clientError(_('HTTP method not supported.'), 405);
+ return;
+ }
}
/**
*
* @return void
*/
-
function showNotice()
{
if (!empty($this->notice)) {
- if ($this->format == 'xml') {
- $this->show_single_xml_status($this->notice);
- } elseif ($this->format == 'json') {
+ switch ($this->format) {
+ case 'xml':
+ $this->showSingleXmlStatus($this->notice);
+ break;
+ case 'json':
$this->show_single_json_status($this->notice);
+ break;
+ case 'atom':
+ $this->showSingleAtomStatus($this->notice);
+ break;
+ default:
+ throw new Exception(sprintf(_("Unsupported format: %s"), $this->format));
}
} else {
-
// XXX: Twitter just sets a 404 header and doens't bother
// to return an err msg
if (!empty($deleted)) {
$this->clientError(
+ // TRANS: Client error displayed requesting a deleted status.
_('Status deleted.'),
410,
$this->format
);
} else {
$this->clientError(
+ // TRANS: Client error displayed requesting a status with an invalid ID.
_('No status with that ID found.'),
404,
$this->format
}
/**
- * Is this action read only?
+ * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
*
* @param array $args other arguments
*
* @return boolean true
*/
-
+
function isReadOnly($args)
{
- return true;
+ return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
}
/**
*
* @return string datestamp of the latest notice in the stream
*/
-
function lastModified()
{
if (!empty($this->notice)) {
*
* @return string etag
*/
-
function etag()
{
if (!empty($this->notice)) {
return '"' . implode(
':',
array($this->arg('action'),
+ common_user_cache_hash($this->auth_user),
common_language(),
$this->notice->id,
strtotime($this->notice->created))
return null;
}
+ function deleteNotice()
+ {
+ if ($this->format != 'atom') {
+ $this->clientError(_("Can only delete using the Atom format."));
+ return;
+ }
+
+ if (empty($this->auth_user) ||
+ ($this->notice->profile_id != $this->auth_user->id &&
+ !$this->auth_user->hasRight(Right::DELETEOTHERSNOTICE))) {
+ $this->clientError(_('Can\'t delete this notice.'), 403);
+ return;
+ }
+
+ if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) {
+ $this->notice->delete();
+ Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice));
+ }
+
+ // @fixme is there better output we could do here?
+
+ header('HTTP/1.1 200 OK');
+ header('Content-Type: text/plain');
+ print(sprintf(_('Deleted notice %d'), $this->notice->id));
+ print("\n");
+ }
}
projects / quix0rs-gnu-social.git / blobdiff