<?php
/**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2022, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
namespace Friendica\Module\Item;
use Friendica\BaseModule;
-use Friendica\Core\Session;
use Friendica\Core\System;
+use Friendica\Database\DBA;
use Friendica\DI;
-use Friendica\Model\Item;
+use Friendica\Model\Post;
use Friendica\Network\HTTPException;
/**
*/
class Pin extends BaseModule
{
- public static function rawContent(array $parameters = [])
+ protected function rawContent(array $request = [])
{
$l10n = DI::l10n();
- if (!Session::isAuthenticated()) {
+ if (!DI::userSession()->isAuthenticated()) {
throw new HttpException\ForbiddenException($l10n->t('Access denied.'));
}
- if (empty($parameters['id'])) {
+ if (empty($this->parameters['id'])) {
throw new HTTPException\BadRequestException();
}
- $itemId = intval($parameters['id']);
+ $itemId = intval($this->parameters['id']);
- $pinned = !Item::getPinned($itemId, local_user());
+ $item = Post::selectFirst(['uri-id', 'uid', 'featured', 'author-id'], ['id' => $itemId]);
+ if (!DBA::isResult($item)) {
+ throw new HTTPException\NotFoundException();
+ }
+
+ if (!in_array($item['uid'], [0, DI::userSession()->getLocalUserId()])) {
+ throw new HttpException\ForbiddenException($l10n->t('Access denied.'));
+ }
+
+ $pinned = !$item['featured'];
- Item::setPinned($itemId, local_user(), $pinned);
+ if ($pinned) {
+ Post\Collection::add($item['uri-id'], Post\Collection::FEATURED, $item['author-id'], DI::userSession()->getLocalUserId());
+ } else {
+ Post\Collection::remove($item['uri-id'], Post\Collection::FEATURED, DI::userSession()->getLocalUserId());
+ }
// See if we've been passed a return path to redirect to
$return_path = $_REQUEST['return'] ?? '';
projects / friendica.git / blobdiff