X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fapitimelineuser.php;h=81b8fcc88f3c5856e1bae420444a8639d42de904;hb=26703076f66f77f337559416cc02101c532d7aa8;hp=0c97aad21c107ff318137441b8bea475d7e232a9;hpb=64cdbe6c5578df1dc49d8e3dd72451ab0ac96bd2;p=quix0rs-gnu-social.git diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php index 0c97aad21c..81b8fcc88f 100644 --- a/actions/apitimelineuser.php +++ b/actions/apitimelineuser.php @@ -38,8 +38,6 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR . '/lib/apibareauth.php'; - /** * Returns the most recent notices (default 20) posted by the authenticating * user. Another user's timeline can be requested via the id parameter. This @@ -57,30 +55,28 @@ require_once INSTALLDIR . '/lib/apibareauth.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class ApiTimelineUserAction extends ApiBareAuthAction { - var $notices = null; + var $next_id = null; + /** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag - * */ - - function prepare($args) + protected function prepare(array $args=array()) { parent::prepare($args); - $this->user = $this->getTargetUser($this->arg('id')); + $this->target = $this->getTargetProfile($this->arg('id')); - if (empty($this->user)) { - $this->clientError(_('No such user.'), 404, $this->format); - return; + if (!($this->target instanceof Profile)) { + // TRANS: Client error displayed requesting most recent notices for a non-existing user. + $this->clientError(_('No such user.'), 404); } $this->notices = $this->getNotices(); @@ -93,15 +89,17 @@ class ApiTimelineUserAction extends ApiBareAuthAction * * Just show the notices * - * @param array $args $_REQUEST data (unused) - * * @return void */ - - function handle($args) + protected function handle() { - parent::handle($args); - $this->showTimeline(); + parent::handle(); + + if ($this->isPost()) { + $this->handlePost(); + } else { + $this->showTimeline(); + } } /** @@ -109,49 +107,92 @@ class ApiTimelineUserAction extends ApiBareAuthAction * * @return void */ - function showTimeline() { - $profile = $this->user->getProfile(); - // We'll use the shared params from the Atom stub // for other feed types. - $atom = new AtomUserNoticeFeed($this->user, $this->auth_user); + $atom = new AtomUserNoticeFeed($this->target->getUser(), $this->auth_user); $link = common_local_url( - 'showstream', - array('nickname' => $this->user->nickname) - ); + 'showstream', + array('nickname' => $this->target->nickname) + ); $self = $this->getSelfUri(); // FriendFeed's SUP protocol // Also added RSS and Atom feeds - $suplink = common_local_url('sup', null, null, $this->user->id); + $suplink = common_local_url('sup', null, null, $this->target->id); header('X-SUP-ID: ' . $suplink); + + // paging links + $nextUrl = !empty($this->next_id) + ? common_local_url('ApiTimelineUser', + array('format' => $this->format, + 'id' => $this->target->id), + array('max_id' => $this->next_id)) + : null; + + $prevExtra = array(); + if (!empty($this->notices)) { + assert($this->notices[0] instanceof Notice); + $prevExtra['since_id'] = $this->notices[0]->id; + } + + $prevUrl = common_local_url('ApiTimelineUser', + array('format' => $this->format, + 'id' => $this->target->id), + $prevExtra); + $firstUrl = common_local_url('ApiTimelineUser', + array('format' => $this->format, + 'id' => $this->target->id)); + switch($this->format) { case 'xml': $this->showXmlTimeline($this->notices); break; case 'rss': $this->showRssTimeline( - $this->notices, - $atom->title, - $link, - $atom->subtitle, - $suplink, - $atom->logo, - $self - ); + $this->notices, + $atom->title, + $link, + $atom->subtitle, + $suplink, + $atom->logo, + $self + ); break; case 'atom': - header('Content-Type: application/atom+xml; charset=utf-8'); $atom->setId($self); $atom->setSelfLink($self); + + // Add navigation links: next, prev, first + // Note: we use IDs rather than pages for navigation; page boundaries + // change too quickly! + + if (!empty($this->next_id)) { + $atom->addLink($nextUrl, + array('rel' => 'next', + 'type' => 'application/atom+xml')); + } + + if (($this->page > 1 || !empty($this->max_id)) && !empty($this->notices)) { + $atom->addLink($prevUrl, + array('rel' => 'prev', + 'type' => 'application/atom+xml')); + } + + if ($this->page > 1 || !empty($this->since_id) || !empty($this->max_id)) { + $atom->addLink($firstUrl, + array('rel' => 'first', + 'type' => 'application/atom+xml')); + + } + $atom->addEntryFromNotices($this->notices); $this->raw($atom->getString()); @@ -159,11 +200,37 @@ class ApiTimelineUserAction extends ApiBareAuthAction case 'json': $this->showJsonTimeline($this->notices); break; - default: - $this->clientError(_('API method not found.'), $code = 404); + case 'as': + header('Content-Type: ' . ActivityStreamJSONDocument::CONTENT_TYPE); + $doc = new ActivityStreamJSONDocument($this->auth_user); + $doc->setTitle($atom->title); + $doc->addLink($link, 'alternate', 'text/html'); + $doc->addItemsFromNotices($this->notices); + + if (!empty($this->next_id)) { + $doc->addLink($nextUrl, + array('rel' => 'next', + 'type' => ActivityStreamJSONDocument::CONTENT_TYPE)); + } + + if (($this->page > 1 || !empty($this->max_id)) && !empty($this->notices)) { + $doc->addLink($prevUrl, + array('rel' => 'prev', + 'type' => ActivityStreamJSONDocument::CONTENT_TYPE)); + } + + if ($this->page > 1 || !empty($this->since_id) || !empty($this->max_id)) { + $doc->addLink($firstUrl, + array('rel' => 'first', + 'type' => ActivityStreamJSONDocument::CONTENT_TYPE)); + } + + $this->raw($doc->asString()); break; + default: + // TRANS: Client error displayed when coming across a non-supported API method. + $this->clientError(_('API method not found.'), 404); } - } /** @@ -171,34 +238,39 @@ class ApiTimelineUserAction extends ApiBareAuthAction * * @return array notices */ - function getNotices() { $notices = array(); - $notice = $this->user->getNotices( - ($this->page-1) * $this->count, $this->count, - $this->since_id, $this->max_id - ); + $notice = $this->target->getNotices(($this->page-1) * $this->count, + $this->count + 1, + $this->since_id, + $this->max_id, + $this->scoped); while ($notice->fetch()) { - $notices[] = clone($notice); + if (count($notices) < $this->count) { + $notices[] = clone($notice); + } else { + $this->next_id = $notice->id; + break; + } } return $notices; } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * * @return boolean true */ - function isReadOnly($args) + function isReadOnly(array $args=array()) { - return true; + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** @@ -206,7 +278,6 @@ class ApiTimelineUserAction extends ApiBareAuthAction * * @return string datestamp of the latest notice in the stream */ - function lastModified() { if (!empty($this->notices) && (count($this->notices) > 0)) { @@ -224,26 +295,222 @@ class ApiTimelineUserAction extends ApiBareAuthAction * * @return string etag */ - function etag() { if (!empty($this->notices) && (count($this->notices) > 0)) { - $last = count($this->notices) - 1; return '"' . implode( - ':', - array($this->arg('action'), - common_user_cache_hash($this->auth_user), - common_language(), - $this->user->id, - strtotime($this->notices[0]->created), - strtotime($this->notices[$last]->created)) - ) - . '"'; + ':', + array($this->arg('action'), + common_user_cache_hash($this->auth_user), + common_language(), + $this->target->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; } return null; } + function handlePost() + { + if (empty($this->auth_user) || + $this->auth_user->id != $this->target->id) { + // TRANS: Client error displayed trying to add a notice to another user's timeline. + $this->clientError(_('Only the user can add to their own timeline.')); + } + + // Only handle posts for Atom + if ($this->format != 'atom') { + // TRANS: Client error displayed when using another format than AtomPub. + $this->clientError(_('Only accept AtomPub for Atom feeds.')); + } + + $xml = trim(file_get_contents('php://input')); + if (empty($xml)) { + // TRANS: Client error displayed attempting to post an empty API notice. + $this->clientError(_('Atom post must not be empty.')); + } + + $old = error_reporting(error_reporting() & ~(E_WARNING | E_NOTICE)); + $dom = new DOMDocument(); + $ok = $dom->loadXML($xml); + error_reporting($old); + if (!$ok) { + // TRANS: Client error displayed attempting to post an API that is not well-formed XML. + $this->clientError(_('Atom post must be well-formed XML.')); + } + + if ($dom->documentElement->namespaceURI != Activity::ATOM || + $dom->documentElement->localName != 'entry') { + // TRANS: Client error displayed when not using an Atom entry. + $this->clientError(_('Atom post must be an Atom entry.')); + } + + $activity = new Activity($dom->documentElement); + + $saved = null; + + if (Event::handle('StartAtomPubNewActivity', array(&$activity, $this->target->getUser(), &$saved))) { + if ($activity->verb != ActivityVerb::POST) { + // TRANS: Client error displayed when not using the POST verb. Do not translate POST. + $this->clientError(_('Can only handle POST activities.')); + } + + $note = $activity->objects[0]; + + if (!in_array($note->type, array(ActivityObject::NOTE, + ActivityObject::BLOGENTRY, + ActivityObject::STATUS))) { + // TRANS: Client error displayed when using an unsupported activity object type. + // TRANS: %s is the unsupported activity object type. + $this->clientError(sprintf(_('Cannot handle activity object type "%s".'), + $note->type)); + } + + $saved = $this->postNote($activity); + + Event::handle('EndAtomPubNewActivity', array($activity, $this->target->getUser(), $saved)); + } + + if (!empty($saved)) { + header('HTTP/1.1 201 Created'); + header("Location: " . common_local_url('ApiStatusesShow', array('id' => $saved->id, + 'format' => 'atom'))); + $this->showSingleAtomStatus($saved); + } + } + + function postNote($activity) + { + $note = $activity->objects[0]; + + // Use summary as fallback for content + + if (!empty($note->content)) { + $sourceContent = $note->content; + } else if (!empty($note->summary)) { + $sourceContent = $note->summary; + } else if (!empty($note->title)) { + $sourceContent = $note->title; + } else { + // @fixme fetch from $sourceUrl? + // TRANS: Client error displayed when posting a notice without content through the API. + // TRANS: %d is the notice ID (number). + $this->clientError(sprintf(_('No content for notice %d.'), $note->id)); + } + + // Get (safe!) HTML and text versions of the content + + $rendered = $this->purify($sourceContent); + $content = common_strip_html($rendered); + + $shortened = $this->auth_user->shortenLinks($content); + + $options = array('is_local' => Notice::LOCAL_PUBLIC, + 'rendered' => $rendered, + 'replies' => array(), + 'groups' => array(), + 'tags' => array(), + 'urls' => array()); + + // accept remote URI (not necessarily a good idea) + + common_debug("Note ID is {$note->id}"); + + if (!empty($note->id)) { + $notice = Notice::getKV('uri', trim($note->id)); + + if (!empty($notice)) { + // TRANS: Client error displayed when using another format than AtomPub. + // TRANS: %s is the notice URI. + $this->clientError(sprintf(_('Notice with URI "%s" already exists.'), $note->id)); + } + common_log(LOG_NOTICE, "Saving client-supplied notice URI '$note->id'"); + $options['uri'] = $note->id; + } + + // accept remote create time (also maybe not such a good idea) + + if (!empty($activity->time)) { + common_log(LOG_NOTICE, "Saving client-supplied create time {$activity->time}"); + $options['created'] = common_sql_date($activity->time); + } + + // Check for optional attributes... + + if ($activity->context instanceof ActivityContext) { + + foreach ($activity->context->attention as $uri=>$type) { + try { + $profile = Profile::fromUri($uri); + if ($profile->isGroup()) { + $options['groups'][] = $profile->id; + } else { + $options['replies'][] = $uri; + } + } catch (UnknownUriException $e) { + common_log(LOG_WARNING, sprintf('AtomPub post with unknown attention URI %s', $uri)); + } + } + + // Maintain direct reply associations + // @fixme what about conversation ID? + + if (!empty($activity->context->replyToID)) { + $orig = Notice::getKV('uri', + $activity->context->replyToID); + if (!empty($orig)) { + $options['reply_to'] = $orig->id; + } + } + + $location = $activity->context->location; + + if ($location) { + $options['lat'] = $location->lat; + $options['lon'] = $location->lon; + if ($location->location_id) { + $options['location_ns'] = $location->location_ns; + $options['location_id'] = $location->location_id; + } + } + } + + // Atom categories <-> hashtags + + foreach ($activity->categories as $cat) { + if ($cat->term) { + $term = common_canonical_tag($cat->term); + if ($term) { + $options['tags'][] = $term; + } + } + } + + // Atom enclosures -> attachment URLs + foreach ($activity->enclosures as $href) { + // @fixme save these locally or....? + $options['urls'][] = $href; + } + + $saved = Notice::saveNew($this->target->id, + $content, + 'atompub', // TODO: deal with this + $options); + + return $saved; + } + + function purify($content) + { + require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php'; + + $config = array('safe' => 1, + 'deny_attribute' => 'id,style,on*'); + return htmLawed($content, $config); + } }