Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x

[quix0rs-gnu-social.git] / actions / postnotice.php

diff --git a/actions/postnotice.php b/actions/postnotice.php
index eb2d63b61cf08119ba2911b130a6aaf50ee508fd..694c7808d9930722c5d2e054a59b0387201c4ae2 100644 (file)
--- a/actions/postnotice.php
+++ b/actions/postnotice.php
@@ -1,7 +1,18 @@
 <?php
-/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, 2009, Control Yourself, Inc.
+/**
+ * Handle postnotice action
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @author   Robin Millette <millette@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link     http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as published by
@@ -17,75 +28,80 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('LACONICA')) { exit(1); }
+if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
 
-require_once(INSTALLDIR.'/lib/omb.php');
+require_once INSTALLDIR.'/lib/omb.php';
+require_once INSTALLDIR.'/extlib/libomb/service_provider.php';
 
+/**
+ * Handler for postnotice action
+ *
+ * @category Action
+ * @package  StatusNet
+ * @author   Evan Prodromou <evan@status.net>
+ * @author   Robin Millette <millette@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link     http://status.net/
+ */
 class PostnoticeAction extends Action
 {
+    /**
+     * For initializing members of the class.
+     *
+     * @param array $argarray misc. arguments
+     *
+     * @return boolean true
+     */
+    function prepare($argarray)
+    {
+        StatusNet::setApi(true); // Send smaller error pages
+
+        parent::prepare($argarray);
+
+        try {
+            $this->checkNotice();
+        } catch (Exception $e) {
+            $this->clientError($e->getMessage());
+            return false;
+        }
+        return true;
+    }
+
     function handle($args)
     {
         parent::handle($args);
         try {
-            common_remove_magic_from_request();
-            $req = OAuthRequest::from_request('POST', common_local_url('postnotice'));
-            # Note: server-to-server function!
-            $server = omb_oauth_server();
-            list($consumer, $token) = $server->verify_request($req);
-            if ($this->save_notice($req, $consumer, $token)) {
-                print "omb_version=".OMB_VERSION_01;
+            $srv = new OMB_Service_Provider(null, omb_oauth_datastore(),
+                                            omb_oauth_server());
+            $srv->handlePostNotice();
+        } catch (OMB_RemoteServiceException $rse) {
+            $msg = $rse->getMessage();
+            if (preg_match('/Revoked accesstoken/', $msg) ||
+                preg_match('/No subscriber/', $msg)) {
+                $this->clientError($msg, 403);
+            } else {
+                $this->clientError($msg);
             }
-        } catch (OAuthException $e) {
+        } catch (Exception $e) {
             $this->serverError($e->getMessage());
             return;
         }
     }
 
-    function save_notice(&$req, &$consumer, &$token)
+    function checkNotice()
     {
-        $version = $req->get_parameter('omb_version');
-        if ($version != OMB_VERSION_01) {
-            $this->clientError(_('Unsupported OMB version'), 400);
-            return false;
-        }
-        # First, check to see
-        $listenee =  $req->get_parameter('omb_listenee');
-        $remote_profile = Remote_profile::staticGet('uri', $listenee);
-        if (!$remote_profile) {
-            $this->clientError(_('Profile unknown'), 403);
+        $content = common_shorten_links($_POST['omb_notice_content']);
+        if (Notice::contentTooLong($content)) {
+            $this->clientError(_('Invalid notice content.'), 400);
             return false;
         }
-        $sub = Subscription::staticGet('token', $token->key);
-        if (!$sub) {
-            $this->clientError(_('No such subscription'), 403);
-            return false;
+        $license      = $_POST['omb_notice_license'];
+        $site_license = common_config('license', 'url');
+        if ($license && !common_compatible_license($license, $site_license)) {
+            throw new Exception(sprintf(_('Notice license ‘%1$s’ is not ' .
+                                          'compatible with site license ‘%2$s’.'),
+                                        $license, $site_license));
         }
-        $content = $req->get_parameter('omb_notice_content');
-        $content_shortened = common_shorten_links($content);
-        if (mb_strlen($content_shortened) > 140) {
-            $this->clientError(_('Invalid notice content'), 400);
-            return false;
-        }
-        $notice_uri = $req->get_parameter('omb_notice');
-        if (!Validate::uri($notice_uri) &&
-            !common_valid_tag($notice_uri)) {
-            $this->clientError(_('Invalid notice uri'), 400);
-            return false;
-        }
-        $notice_url = $req->get_parameter('omb_notice_url');
-        if ($notice_url && !common_valid_http_url($notice_url)) {
-            $this->clientError(_('Invalid notice url'), 400);
-            return false;
-        }
-        $notice = Notice::staticGet('uri', $notice_uri);
-        if (!$notice) {
-            $notice = Notice::saveNew($remote_profile->id, $content, 'omb', false, null, $notice_uri);
-            if (is_string($notice)) {
-                common_server_serror($notice, 500);
-                return false;
-            }
-            common_broadcast_notice($notice, true);
-        }
-        return true;
     }
 }
+?>
\ No newline at end of file