}
/**
- * Is this action read only?
+ * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
*
* @param array $args other arguments
*
function isReadOnly($args)
{
- if ($_SERVER['REQUEST_METHOD'] == 'GET') {
- return true;
- } else {
- return false;
- }
+ return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
}
/**
return;
}
- $xml = file_get_contents('php://input');
+ $xml = trim(file_get_contents('php://input'));
+ if (empty($xml)) {
+ $this->clientError(_('Atom post must not be empty.'));
+ }
$dom = DOMDocument::loadXML($xml);
+ if (!$dom) {
+ $this->clientError(_('Atom post must be well-formed XML.'));
+ }
if ($dom->documentElement->namespaceURI != Activity::ATOM ||
$dom->documentElement->localName != 'entry') {
$activity = new Activity($dom->documentElement);
- if (Event::handle('StartAtomPubNewActivity', array(&$activity))) {
+ $saved = null;
+
+ if (Event::handle('StartAtomPubNewActivity', array(&$activity, $this->user, &$saved))) {
if ($activity->verb != ActivityVerb::POST) {
// TRANS: Client error displayed when not using the POST verb.
$saved = $this->postNote($activity);
- Event::handle('EndAtomPubNewActivity', array($activity, $saved));
+ Event::handle('EndAtomPubNewActivity', array($activity, $this->user, $saved));
}
if (!empty($saved)) {
- header("Location: " . common_local_url('ApiStatusesShow', array('notice_id' => $saved->id,
+ header('HTTP/1.1 201 Created');
+ header("Location: " . common_local_url('ApiStatusesShow', array('id' => $saved->id,
'format' => 'atom')));
$this->showSingleAtomStatus($saved);
}
$profile = Profile::fromURI($uri);
if (!empty($profile)) {
- $options['replies'] = $uri;
+ $options['replies'][] = $uri;
} else {
$group = User_group::staticGet('uri', $uri);
if (!empty($group)) {
- $options['groups'] = $uri;
+ $options['groups'][] = $uri;
} else {
// @fixme: hook for discovery here
common_log(LOG_WARNING, sprintf(_('AtomPub post with unknown attention URI %s'), $uri));