X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fapistatusesshow.php;h=ea3453948b14002b4d4167d049d64f40daa78628;hb=aac6a21c4e53ed5952d195a6d39e6dbd0537637f;hp=13cc88c2c73bcc6c53d67ae3e6b4a78c559bf1ca;hpb=c4b9dc7a0ff2e41712715ac21bace067e8c02715;p=quix0rs-gnu-social.git diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php index 13cc88c2c7..ea3453948b 100644 --- a/actions/apistatusesshow.php +++ b/actions/apistatusesshow.php @@ -34,11 +34,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR . '/lib/apiprivateauth.php'; +if (!defined('GNUSOCIAL')) { exit(1); } /** * Returns the notice specified by id as a Twitter-style status and inline user @@ -67,7 +63,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * * @return boolean success flag */ - function prepare($args) + protected function prepare(array $args=array()) { parent::prepare($args); @@ -78,11 +74,25 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction $this->notice_id = (int)$this->trimmed('id'); - if (empty($notice_id)) { - $this->notice_id = (int)$this->arg('id'); + $this->notice = null; + try { + $this->notice = Notice::getByID($this->notice_id); + } catch (NoResultException $e) { + // No such notice was found, maybe it was deleted? + $deleted = null; + Event::handle('IsNoticeDeleted', array($this->notice_id, &$deleted)); + if ($deleted === true) { + // TRANS: Client error displayed trying to show a deleted notice. + throw new ClientException(_('Notice deleted.'), 410); + } + // TRANS: Client error displayed trying to show a non-existing notice. + throw new ClientException(_('No such notice.'), 404); } - $this->notice = Notice::staticGet((int)$this->notice_id); + if (!$this->notice->inScope($this->scoped)) { + // TRANS: Client exception thrown when trying a view a notice the user has no access to. + throw new ClientException(_('Access restricted.'), 403); + } return true; } @@ -92,18 +102,15 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction * * Check the format and show the notice * - * @param array $args $_REQUEST data (unused) - * * @return void */ - function handle($args) + protected function handle() { - parent::handle($args); + parent::handle(); if (!in_array($this->format, array('xml', 'json', 'atom'))) { // TRANS: Client error displayed when coming across a non-supported API method. $this->clientError(_('API method not found.'), 404); - return; } switch ($_SERVER['REQUEST_METHOD']) { @@ -116,7 +123,6 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction default: // TRANS: Client error displayed calling an unsupported HTTP error in API status show. $this->clientError(_('HTTP method not supported.'), 405); - return; } } @@ -127,43 +133,20 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction */ function showNotice() { - if (!empty($this->notice)) { - switch ($this->format) { - case 'xml': - $this->showSingleXmlStatus($this->notice); - break; - case 'json': - $this->show_single_json_status($this->notice); - break; - case 'atom': - $this->showSingleAtomStatus($this->notice); - break; - default: - // TRANS: Exception thrown requesting an unsupported notice output format. - // TRANS: %s is the requested output format. - throw new Exception(sprintf(_("Unsupported format: %s."), $this->format)); - } - } else { - // XXX: Twitter just sets a 404 header and doens't bother - // to return an err msg - - $deleted = Deleted_notice::staticGet($this->notice_id); - - if (!empty($deleted)) { - $this->clientError( - // TRANS: Client error displayed requesting a deleted status. - _('Status deleted.'), - 410, - $this->format - ); - } else { - $this->clientError( - // TRANS: Client error displayed requesting a status with an invalid ID. - _('No status with that ID found.'), - 404, - $this->format - ); - } + switch ($this->format) { + case 'xml': + $this->showSingleXmlStatus($this->notice); + break; + case 'json': + $this->show_single_json_status($this->notice); + break; + case 'atom': + $this->showSingleAtomStatus($this->notice); + break; + default: + // TRANS: Exception thrown requesting an unsupported notice output format. + // TRANS: %s is the requested output format. + throw new Exception(sprintf(_("Unsupported format: %s."), $this->format)); } } @@ -187,11 +170,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction */ function lastModified() { - if (!empty($this->notice)) { - return strtotime($this->notice->created); - } - - return null; + return strtotime($this->notice->created); } /** @@ -204,20 +183,15 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction */ function etag() { - if (!empty($this->notice)) { - - return '"' . implode( - ':', - array($this->arg('action'), - common_user_cache_hash($this->auth_user), - common_language(), - $this->notice->id, - strtotime($this->notice->created)) - ) - . '"'; - } - - return null; + return '"' . implode( + ':', + array($this->arg('action'), + common_user_cache_hash($this->auth_user), + common_language(), + $this->notice->id, + strtotime($this->notice->created)) + ) + . '"'; } function deleteNotice() @@ -225,7 +199,6 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction if ($this->format != 'atom') { // TRANS: Client error displayed when trying to delete a notice not using the Atom format. $this->clientError(_('Can only delete using the Atom format.')); - return; } if (empty($this->auth_user) || @@ -233,11 +206,10 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction !$this->auth_user->hasRight(Right::DELETEOTHERSNOTICE))) { // TRANS: Client error displayed when a user has no rights to delete notices of other users. $this->clientError(_('Cannot delete this notice.'), 403); - return; } if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) { - $this->notice->delete(); + $this->notice->deleteAs($this->scoped); Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice)); }