Remove CSRF protection from username/password login and from OpenID login.

[quix0rs-gnu-social.git] / actions / apitimelinetag.php

diff --git a/actions/apitimelinetag.php b/actions/apitimelinetag.php
index a274daac00bdfc7507ae83aeab08345b0333ea76..c7ec172aeb1ded71f53e5c86a9237dd8d6b092a8 100644 (file)
--- a/actions/apitimelinetag.php
+++ b/actions/apitimelinetag.php
@@ -25,7 +25,8 @@
  * @author    Evan Prodromou <evan@status.net>
  * @author    Jeffery To <jeffery.to@gmail.com>
  * @author    Zach Copley <zach@status.net>
- * @copyright 2009 StatusNet, Inc.
+ * @copyright 2009-2010 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link      http://status.net/
  */
@@ -34,7 +35,7 @@ if (!defined('STATUSNET')) {
     exit(1);
 }
 
-require_once INSTALLDIR . '/lib/api.php';
+require_once INSTALLDIR . '/lib/apiprivateauth.php';
 
 /**
  * Returns the 20 most recent notices tagged by a given tag
@@ -49,7 +50,7 @@ require_once INSTALLDIR . '/lib/api.php';
  * @link     http://status.net/
  */
 
-class ApiTimelineTagAction extends ApiAction
+class ApiTimelineTagAction extends ApiPrivateAuthAction
 {
 
     var $notices = null;
@@ -67,6 +68,8 @@ class ApiTimelineTagAction extends ApiAction
     {
         parent::prepare($args);
 
+        common_debug("apitimelinetag prepare()");
+
         $this->tag     = $this->arg('tag');
         $this->notices = $this->getNotices();
 
@@ -98,45 +101,64 @@ class ApiTimelineTagAction extends ApiAction
     function showTimeline()
     {
         $sitename   = common_config('site', 'name');
+        $sitelogo   = (common_config('site', 'logo')) ? common_config('site', 'logo') : Theme::path('logo.png');
         $title      = sprintf(_("Notices tagged with %s"), $this->tag);
-        $link       = common_local_url(
-            'tag',
-            array('tag' => $this->tag)
-        );
         $subtitle   = sprintf(
             _('Updates tagged with %1$s on %2$s!'),
             $this->tag,
             $sitename
         );
-        $taguribase = common_config('integration', 'taguri');
+        $taguribase = TagURI::base();
         $id         = "tag:$taguribase:TagTimeline:".$tag;
 
+        $link = common_local_url(
+            'tag',
+            array('tag' => $this->tag)
+        );
+
+        $self = $this->getSelfUri();
+
+        common_debug("self link is: $self");
+
         switch($this->format) {
         case 'xml':
             $this->showXmlTimeline($this->notices);
             break;
         case 'rss':
-            $this->showRssTimeline($this->notices, $title, $link, $subtitle);
-            break;
-        case 'atom':
-            $selfuri = common_root_url() .
-                'api/statusnet/tags/timeline/' .
-                    $this->tag . '.atom';
-            $this->showAtomTimeline(
+            $this->showRssTimeline(
                 $this->notices,
                 $title,
-                $id,
                 $link,
                 $subtitle,
                 null,
-                $selfuri
+                $sitelogo,
+                $self
             );
+            break;
+        case 'atom':
+
+            header('Content-Type: application/atom+xml; charset=utf-8');
+
+            $atom = new AtomNoticeFeed($this->auth_user);
+
+            $atom->setId($id);
+            $atom->setTitle($title);
+            $atom->setSubtitle($subtitle);
+            $atom->setLogo($logo);
+            $atom->setUpdated('now');
+
+            $atom->addLink($link);
+            $atom->setSelfLink($self);
+
+            $atom->addEntryFromNotices($this->notices);
+            $this->raw($atom->getString());
+
             break;
         case 'json':
             $this->showJsonTimeline($this->notices);
             break;
         default:
-            $this->clientError(_('API method not found!'), $code = 404);
+            $this->clientError(_('API method not found.'), $code = 404);
             break;
         }
     }