X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fdeletenotice.php;h=69cb1ebe87982e912dc41ba19d0d740ff0a8e303;hb=c473a39a7da07fbe5b80fec4c08111a554691c3a;hp=e733f9650ad12eb2e75960f3bdec0df9054a5019;hpb=56a8a255fff0037c29db09d4abf6631e9c45c730;p=quix0rs-gnu-social.git

diff --git a/actions/deletenotice.php b/actions/deletenotice.php
index e733f9650a..69cb1ebe87 100644
--- a/actions/deletenotice.php
+++ b/actions/deletenotice.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * Laconica, the distributed open-source microblogging tool
+ * StatusNet, the distributed open-source microblogging tool
  *
  * Class for deleting a notice
  *
@@ -20,27 +20,57 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  *
  * @category  Personal
- * @package   Laconica
- * @author    Evan Prodromou <evan@controlyourself.ca>
- * @author    Sarven Capadisli <csarven@controlyourself.ca>
- * @copyright 2008 Control Yourself, Inc.
+ * @package   StatusNet
+ * @author    Evan Prodromou <evan@status.net>
+ * @author    Sarven Capadisli <csarven@status.net>
+ * @copyright 2008 StatusNet, Inc.
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
- * @link      http://laconi.ca/
+ * @link      http://status.net/
  */
 
-if (!defined('LACONICA')) {
+if (!defined('STATUSNET') && !defined('LACONICA')) {
     exit(1);
 }
 
-require_once INSTALLDIR.'/lib/deleteaction.php';
-
-class DeletenoticeAction extends DeleteAction
+class DeletenoticeAction extends Action
 {
-    var $error = null;
+    var $error        = null;
+    var $user         = null;
+    var $notice       = null;
+    var $profile      = null;
+    var $user_profile = null;
+
+    function prepare($args)
+    {
+        parent::prepare($args);
+
+        $this->user   = common_current_user();
+        $notice_id    = $this->trimmed('notice');
+        $this->notice = Notice::staticGet($notice_id);
+
+        if (!$this->notice) {
+            common_user_error(_('No such notice.'));
+            exit;
+        }
+
+        $this->profile      = $this->notice->getProfile();
+        $this->user_profile = $this->user->getProfile();
+
+        return true;
+    }
 
     function handle($args)
     {
         parent::handle($args);
+
+        if (!common_logged_in()) {
+            common_user_error(_('Not logged in.'));
+            exit;
+        } else if ($this->notice->profile_id != $this->user_profile->id &&
+                   !$this->user->hasRight(Right::DELETEOTHERSNOTICE)) {
+            common_user_error(_('Can\'t delete this notice.'));
+            exit;
+        }
         // XXX: Ajax!
 
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
@@ -125,7 +155,7 @@ class DeletenoticeAction extends DeleteAction
 
         if (!$token || $token != common_session_token()) {
             $this->showForm(_('There was a problem with your session token. ' .
-                              ' Try again, please.'));
+                              'Try again, please.'));
             return;
         }