X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fapistatusesshow.php;h=80b0374a63a8a51f203e62af06113bb7260bac41;hb=6c671141982c5837a2e5bf1e90de389c728d5dee;hp=3be22ca59792340cda63914634bf2c37091be5a8;hpb=861e0f02270c43e5303471ae9c419662cac76142;p=quix0rs-gnu-social.git diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php index 3be22ca597..80b0374a63 100644 --- a/actions/apistatusesshow.php +++ b/actions/apistatusesshow.php @@ -29,6 +29,7 @@ * @author Robin Millette * @author Zach Copley * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -37,7 +38,7 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR . '/lib/api.php'; +require_once INSTALLDIR . '/lib/apiprivateauth.php'; /** * Returns the notice specified by id as a Twitter-style status and inline user @@ -54,10 +55,8 @@ require_once INSTALLDIR . '/lib/api.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - -class ApiStatusesShowAction extends ApiAction +class ApiStatusesShowAction extends ApiPrivateAuthAction { - var $notice_id = null; var $notice = null; @@ -67,9 +66,7 @@ class ApiStatusesShowAction extends ApiAction * @param array $args $_REQUEST args * * @return boolean success flag - * */ - function prepare($args) { parent::prepare($args); @@ -99,17 +96,27 @@ class ApiStatusesShowAction extends ApiAction * * @return void */ - function handle($args) { parent::handle($args); - if (!in_array($this->format, array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); + if (!in_array($this->format, array('xml', 'json', 'atom'))) { + // TRANS: Client error displayed when trying to handle an unknown API method. + $this->clientError(_('API method not found.'), 404); return; } - $this->showNotice(); + switch ($_SERVER['REQUEST_METHOD']) { + case 'GET': + $this->showNotice(); + break; + case 'DELETE': + $this->deleteNotice(); + break; + default: + $this->clientError(_('HTTP method not supported.'), 405); + return; + } } /** @@ -117,17 +124,23 @@ class ApiStatusesShowAction extends ApiAction * * @return void */ - function showNotice() { if (!empty($this->notice)) { - if ($this->format == 'xml') { + switch ($this->format) { + case 'xml': $this->showSingleXmlStatus($this->notice); - } elseif ($this->format == 'json') { + break; + case 'json': $this->show_single_json_status($this->notice); + break; + case 'atom': + $this->showSingleAtomStatus($this->notice); + break; + default: + throw new Exception(sprintf(_("Unsupported format: %s"), $this->format)); } } else { - // XXX: Twitter just sets a 404 header and doens't bother // to return an err msg @@ -135,12 +148,14 @@ class ApiStatusesShowAction extends ApiAction if (!empty($deleted)) { $this->clientError( + // TRANS: Client error displayed requesting a deleted status. _('Status deleted.'), 410, $this->format ); } else { $this->clientError( + // TRANS: Client error displayed requesting a status with an invalid ID. _('No status with that ID found.'), 404, $this->format @@ -150,16 +165,16 @@ class ApiStatusesShowAction extends ApiAction } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * * @return boolean true */ - + function isReadOnly($args) { - return true; + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** @@ -167,7 +182,6 @@ class ApiStatusesShowAction extends ApiAction * * @return string datestamp of the latest notice in the stream */ - function lastModified() { if (!empty($this->notice)) { @@ -185,7 +199,6 @@ class ApiStatusesShowAction extends ApiAction * * @return string etag */ - function etag() { if (!empty($this->notice)) { @@ -193,6 +206,7 @@ class ApiStatusesShowAction extends ApiAction return '"' . implode( ':', array($this->arg('action'), + common_user_cache_hash($this->auth_user), common_language(), $this->notice->id, strtotime($this->notice->created)) @@ -203,4 +217,30 @@ class ApiStatusesShowAction extends ApiAction return null; } + function deleteNotice() + { + if ($this->format != 'atom') { + $this->clientError(_("Can only delete using the Atom format.")); + return; + } + + if (empty($this->auth_user) || + ($this->notice->profile_id != $this->auth_user->id && + !$this->auth_user->hasRight(Right::DELETEOTHERSNOTICE))) { + $this->clientError(_('Can\'t delete this notice.'), 403); + return; + } + + if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) { + $this->notice->delete(); + Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice)); + } + + // @fixme is there better output we could do here? + + header('HTTP/1.1 200 OK'); + header('Content-Type: text/plain'); + print(sprintf(_('Deleted notice %d'), $this->notice->id)); + print("\n"); + } }