X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fapistatusesshow.php;h=8b9cc347797bdfeb4b7bbff62def398e354edd2c;hb=46cf5aa2a40af94e42d44135560a6464f8e7d5d4;hp=86ffd6862eb13b9bcc448c658e3f0fb1865bf1f9;hpb=b60b9b4fa2863a398291706350b3f68f725f7687;p=quix0rs-gnu-social.git diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php index 86ffd6862e..8b9cc34779 100644 --- a/actions/apistatusesshow.php +++ b/actions/apistatusesshow.php @@ -34,11 +34,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR . '/lib/apiprivateauth.php'; +if (!defined('GNUSOCIAL')) { exit(1); } /** * Returns the notice specified by id as a Twitter-style status and inline user @@ -55,10 +51,8 @@ require_once INSTALLDIR . '/lib/apiprivateauth.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class ApiStatusesShowAction extends ApiPrivateAuthAction { - var $notice_id = null; var $notice = null; @@ -68,10 +62,8 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * @param array $args $_REQUEST args * * @return boolean success flag - * */ - - function prepare($args) + protected function prepare(array $args=array()) { parent::prepare($args); @@ -82,11 +74,20 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction $this->notice_id = (int)$this->trimmed('id'); - if (empty($notice_id)) { - $this->notice_id = (int)$this->arg('id'); + $this->notice = Notice::getKV('id', $this->notice_id); + if (!$this->notice instanceof Notice) { + $deleted = Deleted_notice::getKV('id', $this->notice_id); + if ($deleted instanceof Deleted_notice) { + // TRANS: Client error displayed trying to show a deleted notice. + $this->clientError(_('Notice deleted.'), 410); + } + // TRANS: Client error displayed trying to show a non-existing notice. + $this->clientError(_('No such notice.'), 404); + } + if (!$this->notice->inScope($this->scoped)) { + // TRANS: Client exception thrown when trying a view a notice the user has no access to. + throw new ClientException(_('Access restricted.'), 403); } - - $this->notice = Notice::staticGet((int)$this->notice_id); return true; } @@ -96,18 +97,15 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * * Check the format and show the notice * - * @param array $args $_REQUEST data (unused) - * * @return void */ - - function handle($args) + protected function handle() { - parent::handle($args); + parent::handle(); if (!in_array($this->format, array('xml', 'json', 'atom'))) { + // TRANS: Client error displayed when coming across a non-supported API method. $this->clientError(_('API method not found.'), 404); - return; } switch ($_SERVER['REQUEST_METHOD']) { @@ -118,8 +116,8 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction $this->deleteNotice(); break; default: + // TRANS: Client error displayed calling an unsupported HTTP error in API status show. $this->clientError(_('HTTP method not supported.'), 405); - return; } } @@ -128,7 +126,6 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * * @return void */ - function showNotice() { if (!empty($this->notice)) { @@ -143,23 +140,26 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction $this->showSingleAtomStatus($this->notice); break; default: - throw new Exception(sprintf(_("Unsupported format: %s"), $this->format)); + // TRANS: Exception thrown requesting an unsupported notice output format. + // TRANS: %s is the requested output format. + throw new Exception(sprintf(_("Unsupported format: %s."), $this->format)); } } else { - // XXX: Twitter just sets a 404 header and doens't bother // to return an err msg - $deleted = Deleted_notice::staticGet($this->notice_id); + $deleted = Deleted_notice::getKV($this->notice_id); if (!empty($deleted)) { $this->clientError( + // TRANS: Client error displayed requesting a deleted status. _('Status deleted.'), 410, $this->format ); } else { $this->clientError( + // TRANS: Client error displayed requesting a status with an invalid ID. _('No status with that ID found.'), 404, $this->format @@ -169,7 +169,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * @@ -178,7 +178,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction function isReadOnly($args) { - return true; + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** @@ -186,7 +186,6 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * * @return string datestamp of the latest notice in the stream */ - function lastModified() { if (!empty($this->notice)) { @@ -204,7 +203,6 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * * @return string etag */ - function etag() { if (!empty($this->notice)) { @@ -226,15 +224,15 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction function deleteNotice() { if ($this->format != 'atom') { - $this->clientError(_("Can only delete using the Atom format.")); - return; + // TRANS: Client error displayed when trying to delete a notice not using the Atom format. + $this->clientError(_('Can only delete using the Atom format.')); } if (empty($this->auth_user) || ($this->notice->profile_id != $this->auth_user->id && !$this->auth_user->hasRight(Right::DELETEOTHERSNOTICE))) { - $this->clientError(_('Can\'t delete this notice.'), 403); - return; + // TRANS: Client error displayed when a user has no rights to delete notices of other users. + $this->clientError(_('Cannot delete this notice.'), 403); } if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) { @@ -246,6 +244,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction header('HTTP/1.1 200 OK'); header('Content-Type: text/plain'); + // TRANS: Confirmation of notice deletion in API. %d is the ID (number) of the deleted notice. print(sprintf(_('Deleted notice %d'), $this->notice->id)); print("\n"); }