X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=11950f52f3cbf4d3a20cc05f2f4af1d77e8fc0c4;hb=7a2d5f6a8eea1babea3450af0f62f3f692f91348;hp=1d1cdc8f64074d3c15ef11cbce38b03d026d8376;hpb=3a5523820cccf73f1702a384d80f4b6787d38553;p=friendica.git
diff --git a/include/api.php b/include/api.php
index 1d1cdc8f64..11950f52f3 100644
--- a/include/api.php
+++ b/include/api.php
@@ -24,15 +24,14 @@
*/
use Friendica\App;
+use Friendica\Collection\Api\Notifications as ApiNotifications;
use Friendica\Content\ContactSelector;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
-use Friendica\Core\Session;
use Friendica\Core\System;
-use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
@@ -54,13 +53,11 @@ use Friendica\Network\HTTPException\MethodNotAllowedException;
use Friendica\Network\HTTPException\NotFoundException;
use Friendica\Network\HTTPException\TooManyRequestsException;
use Friendica\Network\HTTPException\UnauthorizedException;
+use Friendica\Object\Api\Friendica\Notification as ApiNotification;
use Friendica\Object\Image;
use Friendica\Protocol\Activity;
use Friendica\Protocol\Diaspora;
-use Friendica\Security\FKOAuth1;
use Friendica\Security\OAuth;
-use Friendica\Security\OAuth1\OAuthRequest;
-use Friendica\Security\OAuth1\OAuthUtil;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Images;
use Friendica\Util\Network;
@@ -177,7 +174,7 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
}
/**
- * Log in user via OAuth1 or Simple HTTP Auth.
+ * Log in user via Simple HTTP Auth.
* Simple Auth allow username in form of user@server
, ignoring server part
*
* @param App $a App
@@ -206,24 +203,6 @@ function api_login(App $a)
}
if (empty($_SERVER['PHP_AUTH_USER'])) {
- // Try OAuth when no user is provided
- $oauth1 = new FKOAuth1();
- // login with oauth
- try {
- $request = OAuthRequest::from_request();
- list($consumer, $token) = $oauth1->verify_request($request);
- if (!is_null($token)) {
- $oauth1->loginUser($token->uid);
- Session::set('allow_api', true);
- return;
- }
- echo __FILE__.__LINE__.__FUNCTION__ . "";
- var_dump($consumer, $token);
- die();
- } catch (Exception $e) {
- Logger::warning(API_LOG_PREFIX . 'OAuth error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]);
- }
-
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login");
@@ -279,7 +258,7 @@ function api_login(App $a)
$_SESSION["allow_api"] = true;
- Hook::callAll('logged_in', $a->user);
+ Hook::callAll('logged_in', $record);
}
/**
@@ -343,7 +322,7 @@ function api_call(App $a, App\Arguments $args = null)
if (!empty($info['auth']) && api_user() === false) {
api_login($a);
- Logger::info(API_LOG_PREFIX . 'username {username}', ['module' => 'api', 'action' => 'call', 'username' => $a->user['username']]);
+ Logger::info(API_LOG_PREFIX . 'nickname {nickname}', ['module' => 'api', 'action' => 'call', 'nickname' => $a->getLoggedInUserNickname()]);
}
Logger::debug(API_LOG_PREFIX . 'parameters', ['module' => 'api', 'action' => 'call', 'parameters' => $_REQUEST]);
@@ -566,10 +545,10 @@ function api_get_user(App $a, $contact_id = null)
}
// $called_api is the API path exploded on / and is expected to have at least 2 elements
- if (is_null($user) && ($a->argc > (count($called_api) - 1)) && (count($called_api) > 0)) {
+ if (is_null($user) && (DI::args()->getArgc() > (count($called_api) - 1)) && (count($called_api) > 0)) {
$argid = count($called_api);
- if (!empty($a->argv[$argid])) {
- $data = explode(".", $a->argv[$argid]);
+ if (!empty(DI::args()->getArgv()[$argid])) {
+ $data = explode(".", DI::args()->getArgv()[$argid]);
if (count($data) > 1) {
list($user, $null) = $data;
}
@@ -1042,7 +1021,7 @@ function api_statuses_mediap($type)
}
$txt = HTML::toBBCode($txt);
- $a->argv[1] = $user_info['screen_name']; //should be set to username?
+ DI::args()->getArgv()[1] = $user_info['screen_name']; //should be set to username?
$picture = wall_upload_post($a, false);
@@ -1209,7 +1188,7 @@ function api_statuses_update($type)
// We have to avoid that the post is rejected because of an empty body
if (empty($_REQUEST['body'])) {
- $_REQUEST['body'] = '[hr]';
+ $_REQUEST['body'] = '[hr]';
}
}
@@ -1904,7 +1883,7 @@ function api_statuses_show($type)
}
// params
- $id = intval($a->argv[3] ?? 0);
+ $id = intval(DI::args()->getArgv()[3] ?? 0);
if ($id == 0) {
$id = intval($_REQUEST['id'] ?? 0);
@@ -1912,7 +1891,7 @@ function api_statuses_show($type)
// Hotot workaround
if ($id == 0) {
- $id = intval($a->argv[4] ?? 0);
+ $id = intval(DI::args()->getArgv()[4] ?? 0);
}
Logger::log('API: api_statuses_show: ' . $id);
@@ -1983,7 +1962,7 @@ function api_conversation_show($type)
}
// params
- $id = intval($a->argv[3] ?? 0);
+ $id = intval(DI::args()->getArgv()[3] ?? 0);
$since_id = intval($_REQUEST['since_id'] ?? 0);
$max_id = intval($_REQUEST['max_id'] ?? 0);
$count = intval($_REQUEST['count'] ?? 20);
@@ -1997,7 +1976,7 @@ function api_conversation_show($type)
// Hotot workaround
if ($id == 0) {
- $id = intval($a->argv[4] ?? 0);
+ $id = intval(DI::args()->getArgv()[4] ?? 0);
}
Logger::info(API_LOG_PREFIX . '{subaction}', ['module' => 'api', 'action' => 'conversation', 'subaction' => 'show', 'id' => $id]);
@@ -2066,7 +2045,7 @@ function api_statuses_repeat($type)
api_get_user($a);
// params
- $id = intval($a->argv[3] ?? 0);
+ $id = intval(DI::args()->getArgv()[3] ?? 0);
if ($id == 0) {
$id = intval($_REQUEST['id'] ?? 0);
@@ -2074,7 +2053,7 @@ function api_statuses_repeat($type)
// Hotot workaround
if ($id == 0) {
- $id = intval($a->argv[4] ?? 0);
+ $id = intval(DI::args()->getArgv()[4] ?? 0);
}
Logger::log('API: api_statuses_repeat: '.$id);
@@ -2149,7 +2128,7 @@ function api_statuses_destroy($type)
api_get_user($a);
// params
- $id = intval($a->argv[3] ?? 0);
+ $id = intval(DI::args()->getArgv()[3] ?? 0);
if ($id == 0) {
$id = intval($_REQUEST['id'] ?? 0);
@@ -2157,7 +2136,7 @@ function api_statuses_destroy($type)
// Hotot workaround
if ($id == 0) {
- $id = intval($a->argv[4] ?? 0);
+ $id = intval(DI::args()->getArgv()[4] ?? 0);
}
Logger::log('API: api_statuses_destroy: '.$id);
@@ -2214,11 +2193,14 @@ function api_statuses_mentions($type)
(SELECT `uri-id` FROM `post-user-notification` WHERE `uid` = ? AND `notification-type` & ? != 0 ORDER BY `uri-id`)
AND (`uid` = 0 OR (`uid` = ? AND NOT `global`)) AND `id` > ?";
- $condition = [GRAVITY_PARENT, GRAVITY_COMMENT, api_user(),
- Post\UserNotification::NOTIF_EXPLICIT_TAGGED | Post\UserNotification::NOTIF_IMPLICIT_TAGGED |
- Post\UserNotification::NOTIF_THREAD_COMMENT | Post\UserNotification::NOTIF_DIRECT_COMMENT |
- Post\UserNotification::NOTIF_DIRECT_THREAD_COMMENT,
- api_user(), $since_id];
+ $condition = [
+ GRAVITY_PARENT, GRAVITY_COMMENT,
+ api_user(),
+ Post\UserNotification::TYPE_EXPLICIT_TAGGED | Post\UserNotification::TYPE_IMPLICIT_TAGGED |
+ Post\UserNotification::TYPE_THREAD_COMMENT | Post\UserNotification::TYPE_DIRECT_COMMENT |
+ Post\UserNotification::TYPE_DIRECT_THREAD_COMMENT,
+ api_user(), $since_id,
+ ];
if ($max_id > 0) {
$query .= " AND `id` <= ?";
@@ -2350,16 +2332,16 @@ function api_favorites_create_destroy($type)
// for versioned api.
/// @TODO We need a better global soluton
$action_argv_id = 2;
- if (count($a->argv) > 1 && $a->argv[1] == "1.1") {
+ if (count(DI::args()->getArgv()) > 1 && DI::args()->getArgv()[1] == "1.1") {
$action_argv_id = 3;
}
- if ($a->argc <= $action_argv_id) {
+ if (DI::args()->getArgc() <= $action_argv_id) {
throw new BadRequestException("Invalid request.");
}
- $action = str_replace("." . $type, "", $a->argv[$action_argv_id]);
- if ($a->argc == $action_argv_id + 2) {
- $itemid = intval($a->argv[$action_argv_id + 1] ?? 0);
+ $action = str_replace("." . $type, "", DI::args()->getArgv()[$action_argv_id]);
+ if (DI::args()->getArgc() == $action_argv_id + 2) {
+ $itemid = intval(DI::args()->getArgv()[$action_argv_id + 1] ?? 0);
} else {
$itemid = intval($_REQUEST['id'] ?? 0);
}
@@ -3018,7 +3000,7 @@ function api_format_item($item, $type = "json", $status_user = null, $author_use
list($status_user, $author_user, $owner_user) = api_item_get_user($a, $item);
}
- localize_item($item);
+ DI::contentItem()->localize($item);
$in_reply_to = api_in_reply_to($item);
@@ -3074,15 +3056,6 @@ function api_format_item($item, $type = "json", $status_user = null, $author_use
$retweeted_item = [];
$quoted_item = [];
- if ($item['gravity'] == GRAVITY_PARENT) {
- $body = $item['body'];
- $retweeted_item = api_share_as_retweet($item);
- if ($body != $item['body']) {
- $quoted_item = $retweeted_item;
- $retweeted_item = [];
- }
- }
-
if (empty($retweeted_item) && ($item['owner-id'] == $item['author-id'])) {
$announce = api_get_announce($item);
if (!empty($announce)) {
@@ -3140,6 +3113,7 @@ function api_format_item($item, $type = "json", $status_user = null, $author_use
$retweeted_status['text'] = $rt_converted["text"];
$retweeted_status['statusnet_html'] = $rt_converted["html"];
+ $retweeted_status['friendica_html'] = $rt_converted["html"];
$retweeted_status['created_at'] = api_date($retweeted_item['created']);
if (!empty($quoted_status)) {
@@ -3807,11 +3781,11 @@ api_register_func('api/direct_messages/destroy', 'api_direct_messages_destroy',
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
- * @throws BadRequestException
- * @throws ForbiddenException
- * @throws ImagickException
- * @throws InternalServerErrorException
- * @throws NotFoundException
+ * @throws HTTPException\BadRequestException
+ * @throws HTTPException\ExpectationFailedException
+ * @throws HTTPException\ForbiddenException
+ * @throws HTTPException\InternalServerErrorException
+ * @throws HTTPException\NotFoundException
* @see https://developer.twitter.com/en/docs/accounts-and-users/follow-search-get-users/api-reference/post-friendships-destroy.html
*/
function api_friendships_destroy($type)
@@ -3819,25 +3793,31 @@ function api_friendships_destroy($type)
$uid = api_user();
if ($uid === false) {
- throw new ForbiddenException();
+ throw new HTTPException\ForbiddenException();
+ }
+
+ $owner = User::getOwnerDataById($uid);
+ if (!$owner) {
+ Logger::notice(API_LOG_PREFIX . 'No owner {uid} found', ['module' => 'api', 'action' => 'friendships_destroy', 'uid' => $uid]);
+ throw new HTTPException\NotFoundException('Error Processing Request');
}
$contact_id = $_REQUEST['user_id'] ?? 0;
if (empty($contact_id)) {
Logger::notice(API_LOG_PREFIX . 'No user_id specified', ['module' => 'api', 'action' => 'friendships_destroy']);
- throw new BadRequestException("no user_id specified");
+ throw new HTTPException\BadRequestException('no user_id specified');
}
// Get Contact by given id
$contact = DBA::selectFirst('contact', ['url'], ['id' => $contact_id, 'uid' => 0, 'self' => false]);
if(!DBA::isResult($contact)) {
- Logger::notice(API_LOG_PREFIX . 'No contact found for ID {contact}', ['module' => 'api', 'action' => 'friendships_destroy', 'contact' => $contact_id]);
- throw new NotFoundException("no contact found to given ID");
+ Logger::notice(API_LOG_PREFIX . 'No public contact found for ID {contact}', ['module' => 'api', 'action' => 'friendships_destroy', 'contact' => $contact_id]);
+ throw new HTTPException\NotFoundException('no contact found to given ID');
}
- $url = $contact["url"];
+ $url = $contact['url'];
$condition = ["`uid` = ? AND (`rel` = ? OR `rel` = ?) AND (`nurl` = ? OR `alias` = ? OR `alias` = ?)",
$uid, Contact::SHARING, Contact::FRIEND, Strings::normaliseLink($url),
@@ -3846,40 +3826,33 @@ function api_friendships_destroy($type)
if (!DBA::isResult($contact)) {
Logger::notice(API_LOG_PREFIX . 'Not following contact', ['module' => 'api', 'action' => 'friendships_destroy']);
- throw new NotFoundException("Not following Contact");
- }
-
- if (!in_array($contact['network'], Protocol::NATIVE_SUPPORT)) {
- Logger::notice(API_LOG_PREFIX . 'Not supported for {network}', ['module' => 'api', 'action' => 'friendships_destroy', 'network' => $contact['network']]);
- throw new ExpectationFailedException("Not supported");
+ throw new HTTPException\NotFoundException('Not following Contact');
}
- $dissolve = ($contact['rel'] == Contact::SHARING);
+ try {
+ $result = Contact::terminateFriendship($owner, $contact);
- $owner = User::getOwnerDataById($uid);
- if ($owner) {
- Contact::terminateFriendship($owner, $contact, $dissolve);
- }
- else {
- Logger::notice(API_LOG_PREFIX . 'No owner {uid} found', ['module' => 'api', 'action' => 'friendships_destroy', 'uid' => $uid]);
- throw new NotFoundException("Error Processing Request");
- }
+ if ($result === null) {
+ Logger::notice(API_LOG_PREFIX . 'Not supported for {network}', ['module' => 'api', 'action' => 'friendships_destroy', 'network' => $contact['network']]);
+ throw new HTTPException\ExpectationFailedException('Unfollowing is currently not supported by this contact\'s network.');
+ }
- // Sharing-only contacts get deleted as there no relationship any more
- if ($dissolve) {
- Contact::remove($contact['id']);
- } else {
- DBA::update('contact', ['rel' => Contact::FOLLOWER], ['id' => $contact['id']]);
+ if ($result === false) {
+ throw new HTTPException\ServiceUnavailableException('Unable to unfollow this contact, please retry in a few minutes or contact your administrator.');
+ }
+ } catch (Exception $e) {
+ Logger::error(API_LOG_PREFIX . $e->getMessage(), ['owner' => $owner, 'contact' => $contact]);
+ throw new HTTPException\InternalServerErrorException('Unable to unfollow this contact, please contact your administrator');
}
// "uid" and "self" are only needed for some internal stuff, so remove it from here
- unset($contact["uid"]);
- unset($contact["self"]);
+ unset($contact['uid']);
+ unset($contact['self']);
// Set screen_name since Twidere requests it
- $contact["screen_name"] = $contact["nick"];
+ $contact['screen_name'] = $contact['nick'];
- return api_format_data("friendships-destroy", $type, ['user' => $contact]);
+ return api_format_data('friendships-destroy', $type, ['user' => $contact]);
}
api_register_func('api/friendships/destroy', 'api_friendships_destroy', true, API_METHOD_POST);
@@ -4057,48 +4030,6 @@ api_register_func('api/direct_messages/all', 'api_direct_messages_all', true);
api_register_func('api/direct_messages/sent', 'api_direct_messages_sentbox', true);
api_register_func('api/direct_messages', 'api_direct_messages_inbox', true);
-/**
- * Returns an OAuth Request Token.
- *
- * @see https://oauth.net/core/1.0/#auth_step1
- */
-function api_oauth_request_token()
-{
- $oauth1 = new FKOAuth1();
- try {
- $r = $oauth1->fetch_request_token(OAuthRequest::from_request());
- } catch (Exception $e) {
- echo "error=" . OAuthUtil::urlencode_rfc3986($e->getMessage());
- exit();
- }
- echo $r;
- exit();
-}
-
-/**
- * Returns an OAuth Access Token.
- *
- * @return array|string
- * @see https://oauth.net/core/1.0/#auth_step3
- */
-function api_oauth_access_token()
-{
- $oauth1 = new FKOAuth1();
- try {
- $r = $oauth1->fetch_access_token(OAuthRequest::from_request());
- } catch (Exception $e) {
- echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage());
- exit();
- }
- echo $r;
- exit();
-}
-
-/// @TODO move to top of file or somewhere better
-api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
-api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
-
-
/**
* delete a complete photoalbum with all containing photos from database through api
*
@@ -4567,14 +4498,14 @@ function api_account_update_profile($type)
if (!empty($_POST['name'])) {
DBA::update('profile', ['name' => $_POST['name']], ['uid' => $local_user]);
DBA::update('user', ['username' => $_POST['name']], ['uid' => $local_user]);
- DBA::update('contact', ['name' => $_POST['name']], ['uid' => $local_user, 'self' => 1]);
- DBA::update('contact', ['name' => $_POST['name']], ['id' => $api_user['id']]);
+ Contact::update(['name' => $_POST['name']], ['uid' => $local_user, 'self' => 1]);
+ Contact::update(['name' => $_POST['name']], ['id' => $api_user['id']]);
}
if (isset($_POST['description'])) {
DBA::update('profile', ['about' => $_POST['description']], ['uid' => $local_user]);
- DBA::update('contact', ['about' => $_POST['description']], ['uid' => $local_user, 'self' => 1]);
- DBA::update('contact', ['about' => $_POST['description']], ['id' => $api_user['id']]);
+ Contact::update(['about' => $_POST['description']], ['uid' => $local_user, 'self' => 1]);
+ Contact::update(['about' => $_POST['description']], ['id' => $api_user['id']]);
}
Profile::publishUpdate($local_user);
@@ -4983,76 +4914,6 @@ function api_get_announce($item)
return array_merge($item, $announce);
}
-/**
- * Return the item shared, if the item contains only the [share] tag
- *
- * @param array $item Sharer item
- * @return array|false Shared item or false if not a reshare
- * @throws ImagickException
- * @throws InternalServerErrorException
- */
-function api_share_as_retweet(&$item)
-{
- $body = trim($item["body"]);
-
- if (Diaspora::isReshare($body, false) === false) {
- if ($item['author-id'] == $item['owner-id']) {
- return false;
- } else {
- // Reshares from OStatus, ActivityPub and Twitter
- $reshared_item = $item;
- $reshared_item['owner-id'] = $reshared_item['author-id'];
- $reshared_item['owner-link'] = $reshared_item['author-link'];
- $reshared_item['owner-name'] = $reshared_item['author-name'];
- $reshared_item['owner-avatar'] = $reshared_item['author-avatar'];
- return $reshared_item;
- }
- }
-
- $reshared = Item::getShareArray($item);
- if (empty($reshared)) {
- return false;
- }
-
- $reshared_item = $item;
-
- if (empty($reshared['shared']) || empty($reshared['profile']) || empty($reshared['author']) || empty($reshared['avatar']) || empty($reshared['posted'])) {
- return false;
- }
-
- if (!empty($reshared['comment'])) {
- $item['body'] = $reshared['comment'];
- }
-
- $reshared_item["share-pre-body"] = $reshared['comment'];
- $reshared_item["body"] = $reshared['shared'];
- $reshared_item["author-id"] = Contact::getIdForURL($reshared['profile'], 0, false);
- $reshared_item["author-name"] = $reshared['author'];
- $reshared_item["author-link"] = $reshared['profile'];
- $reshared_item["author-avatar"] = $reshared['avatar'];
- $reshared_item["plink"] = $reshared['link'] ?? '';
- $reshared_item["created"] = $reshared['posted'];
- $reshared_item["edited"] = $reshared['posted'];
-
- // Try to fetch the original item
- if (!empty($reshared['guid'])) {
- $condition = ['guid' => $reshared['guid'], 'uid' => [0, $item['uid']]];
- } elseif (!empty($reshared_item['plink']) && ($original_id = Item::searchByLink($reshared_item['plink']))) {
- $condition = ['id' => $original_id];
- } else {
- $condition = [];
- }
-
- if (!empty($condition)) {
- $original_item = Post::selectFirst([], $condition);
- if (DBA::isResult($original_item)) {
- $reshared_item = array_merge($reshared_item, $original_item);
- }
- }
-
- return $reshared_item;
-}
-
/**
*
* @param array $item
@@ -5679,7 +5540,7 @@ function api_friendica_activity($type)
if (api_user() === false) {
throw new ForbiddenException();
}
- $verb = strtolower($a->argv[3]);
+ $verb = strtolower(DI::args()->getArgv()[3]);
$verb = preg_replace("|\..*$|", "", $verb);
$id = $_REQUEST['id'] ?? 0;
@@ -5722,23 +5583,24 @@ api_register_func('api/friendica/activity/unattendmaybe', 'api_friendica_activit
*/
function api_friendica_notification($type)
{
- $a = DI::app();
-
if (api_user() === false) {
throw new ForbiddenException();
}
- if ($a->argc!==3) {
- throw new BadRequestException("Invalid argument count");
+ if (DI::args()->getArgc()!==3) {
+ throw new BadRequestException('Invalid argument count');
}
- $notifications = DI::notification()->getApiList(local_user());
+ $Notifies = DI::notify()->selectAllForUser(local_user(), ['order' => ['seen' => 'ASC', 'date' => 'DESC'], 'limit' => 50]);
- if ($type == "xml") {
- $xmlnotes = false;
- if (!empty($notifications)) {
- foreach ($notifications as $notification) {
- $xmlnotes[] = ["@attributes" => $notification->toArray()];
- }
+ $notifications = new ApiNotifications();
+ foreach ($Notifies as $Notify) {
+ $notifications[] = new ApiNotification($Notify);
+ }
+
+ if ($type == 'xml') {
+ $xmlnotes = [];
+ foreach ($notifications as $notification) {
+ $xmlnotes[] = ['@attributes' => $notification->toArray()];
}
$result = $xmlnotes;
@@ -5748,7 +5610,7 @@ function api_friendica_notification($type)
$result = false;
}
- return api_format_data("notes", $type, ['note' => $result]);
+ return api_format_data('notes', $type, ['note' => $result]);
}
/**
@@ -5772,27 +5634,37 @@ function api_friendica_notification_seen($type)
if (api_user() === false || $user_info === false) {
throw new ForbiddenException();
}
- if ($a->argc !== 4) {
- throw new BadRequestException("Invalid argument count");
+ if (DI::args()->getArgc() !== 4) {
+ throw new BadRequestException('Invalid argument count');
}
- $id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
+ $id = intval($_REQUEST['id'] ?? 0);
try {
- $notify = DI::notify()->getByID($id, api_user());
- DI::notify()->setSeen(true, $notify);
+ $Notify = DI::notify()->selectOneById($id);
+ if ($Notify->uid !== api_user()) {
+ throw new NotFoundException();
+ }
+
+ if ($Notify->uriId) {
+ DI::notification()->setAllSeenForUser($Notify->uid, ['target-uri-id' => $Notify->uriId]);
+ }
- if ($notify->otype === Notification\ObjectType::ITEM) {
- $item = Post::selectFirstForUser(api_user(), [], ['id' => $notify->iid, 'uid' => api_user()]);
+ $Notify->setSeen();
+ DI::notify()->save($Notify);
+
+ if ($Notify->otype === Notification\ObjectType::ITEM) {
+ $item = Post::selectFirstForUser(api_user(), [], ['id' => $Notify->iid, 'uid' => api_user()]);
if (DBA::isResult($item)) {
// we found the item, return it to the user
$ret = api_format_items([$item], $user_info, false, $type);
$data = ['status' => $ret];
- return api_format_data("status", $type, $data);
+ return api_format_data('status', $type, $data);
}
// the item can't be found, but we set the notification as seen, so we count this as a success
}
- return api_format_data('result', $type, ['result' => "success"]);
+
+ return api_format_data('result', $type, ['result' => 'success']);
} catch (NotFoundException $e) {
throw new BadRequestException('Invalid argument', $e);
} catch (Exception $e) {