X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FBaseApi.php;h=f8524b524ee48c694f2532515aab0cdfe06e3e71;hb=1d6f5c33a1a7c538d4e529d22701fd735855da15;hp=f219e56dc49cab165faca418ccf25570efe17680;hpb=e56a53647bd5469551bf4f9ef2df50a5dd16b943;p=friendica.git

diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php
index f219e56dc4..f8524b524e 100644
--- a/src/Module/BaseApi.php
+++ b/src/Module/BaseApi.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -29,9 +29,11 @@ use Friendica\Core\Logger;
 use Friendica\Core\System;
 use Friendica\DI;
 use Friendica\Model\Contact;
+use Friendica\Model\Item;
 use Friendica\Model\Post;
 use Friendica\Model\User;
 use Friendica\Module\Api\ApiResponse;
+use Friendica\Module\Special\HTTPException as ModuleHTTPException;
 use Friendica\Network\HTTPException;
 use Friendica\Security\BasicAuth;
 use Friendica\Security\OAuth;
@@ -79,22 +81,24 @@ class BaseApi extends BaseModule
 	 *
 	 * @throws HTTPException\ForbiddenException
 	 */
-	public function run(array $request = []): ResponseInterface
+	public function run(ModuleHTTPException $httpException, array $request = [], bool $scopecheck = true): ResponseInterface
 	{
-		switch ($this->server['REQUEST_METHOD'] ?? Router::GET) {
-			case Router::DELETE:
-			case Router::PATCH:
-			case Router::POST:
-			case Router::PUT:
-				self::checkAllowedScope(self::SCOPE_WRITE);
-
-				if (!$this->app->isLoggedIn()) {
-					throw new HTTPException\ForbiddenException($this->t('Permission denied.'));
-				}
-				break;
+		if ($scopecheck) {
+			switch ($this->args->getMethod()) {
+				case Router::DELETE:
+				case Router::PATCH:
+				case Router::POST:
+				case Router::PUT:
+					self::checkAllowedScope(self::SCOPE_WRITE);
+
+					if (!self::getCurrentUserID()) {
+						throw new HTTPException\ForbiddenException($this->t('Permission denied.'));
+					}
+					break;
+			}
 		}
 
-		return parent::run($request);
+		return parent::run($httpException, $request);
 	}
 
 	/**
@@ -136,13 +140,13 @@ class BaseApi extends BaseModule
 	}
 
 	/**
-	 * Set the "link" header with "next" and "prev" links
-	 * @return void
+	 * Get the "link" header with "next" and "prev" links
+	 * @return string
 	 */
-	protected static function setLinkHeader()
+	protected static function getLinkHeader(): string
 	{
 		if (empty(self::$boundaries)) {
-			return;
+			return '';
 		}
 
 		$request = self::$request;
@@ -161,7 +165,70 @@ class BaseApi extends BaseModule
 		$prev = $command . '?' . http_build_query($prev_request);
 		$next = $command . '?' . http_build_query($next_request);
 
-		header('Link: <' . $next . '>; rel="next", <' . $prev . '>; rel="prev"');
+		return 'Link: <' . $next . '>; rel="next", <' . $prev . '>; rel="prev"';
+	}
+
+	/**
+	 * Get the "link" header with "next" and "prev" links for an offset/limit type call
+	 * @return string
+	 */
+	protected static function getOffsetAndLimitLinkHeader(int $offset, int $limit): string
+	{
+		$request = self::$request;
+
+		unset($request['offset']);
+		$request['limit'] = $limit;
+
+		$prev_request = $next_request = $request;
+
+		$prev_request['offset'] = $offset - $limit;
+		$next_request['offset'] = $offset + $limit;
+
+		$command = DI::baseUrl() . '/' . DI::args()->getCommand();
+
+		$prev = $command . '?' . http_build_query($prev_request);
+		$next = $command . '?' . http_build_query($next_request);
+
+		if ($prev_request['offset'] >= 0) {
+			return 'Link: <' . $next . '>; rel="next", <' . $prev . '>; rel="prev"';
+		} else {
+			return 'Link: <' . $next . '>; rel="next"';
+		}
+	}
+
+	/**
+	 * Set the "link" header with "next" and "prev" links
+	 * @return void
+	 */
+	protected static function setLinkHeader()
+	{
+		$header = self::getLinkHeader();
+		if (!empty($header)) {
+			header($header);
+		}
+	}
+
+	/**
+	 * Set the "link" header with "next" and "prev" links
+	 * @return void
+	 */
+	protected static function setLinkHeaderByOffsetLimit(int $offset, int $limit)
+	{
+		$header = self::getOffsetAndLimitLinkHeader($offset, $limit);
+		if (!empty($header)) {
+			header($header);
+		}
+	}
+
+	/**
+	 * Check if the app is known to support quoted posts
+	 *
+	 * @return bool
+	 */
+	public static function appSupportsQuotes(): bool
+	{
+		$token = self::getCurrentApplication();
+		return (!empty($token['name']) && in_array($token['name'], ['Fedilab']));
 	}
 
 	/**
@@ -231,11 +298,11 @@ class BaseApi extends BaseModule
 		if ($throttle_day > 0) {
 			$datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60);
 
-			$condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", GRAVITY_PARENT, $uid, $datefrom];
+			$condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", Item::GRAVITY_PARENT, $uid, $datefrom];
 			$posts_day = Post::countThread($condition);
 
 			if ($posts_day > $throttle_day) {
-				Logger::info('Daily posting limit reached', ['uid' => $uid, 'posts' => $posts_day, 'limit' => $throttle_day]);
+				Logger::notice('Daily posting limit reached', ['uid' => $uid, 'posts' => $posts_day, 'limit' => $throttle_day]);
 				$error = DI::l10n()->t('Too Many Requests');
 				$error_description = DI::l10n()->tt("Daily posting limit of %d post reached. The post was rejected.", "Daily posting limit of %d posts reached. The post was rejected.", $throttle_day);
 				$errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
@@ -247,11 +314,11 @@ class BaseApi extends BaseModule
 		if ($throttle_week > 0) {
 			$datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*7);
 
-			$condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", GRAVITY_PARENT, $uid, $datefrom];
+			$condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", Item::GRAVITY_PARENT, $uid, $datefrom];
 			$posts_week = Post::countThread($condition);
 
 			if ($posts_week > $throttle_week) {
-				Logger::info('Weekly posting limit reached', ['uid' => $uid, 'posts' => $posts_week, 'limit' => $throttle_week]);
+				Logger::notice('Weekly posting limit reached', ['uid' => $uid, 'posts' => $posts_week, 'limit' => $throttle_week]);
 				$error = DI::l10n()->t('Too Many Requests');
 				$error_description = DI::l10n()->tt("Weekly posting limit of %d post reached. The post was rejected.", "Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week);
 				$errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
@@ -263,13 +330,13 @@ class BaseApi extends BaseModule
 		if ($throttle_month > 0) {
 			$datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*30);
 
-			$condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", GRAVITY_PARENT, $uid, $datefrom];
+			$condition = ["`gravity` = ? AND `uid` = ? AND `wall` AND `received` > ?", Item::GRAVITY_PARENT, $uid, $datefrom];
 			$posts_month = Post::countThread($condition);
 
 			if ($posts_month > $throttle_month) {
-				Logger::info('Monthly posting limit reached', ['uid' => $uid, 'posts' => $posts_month, 'limit' => $throttle_month]);
+				Logger::notice('Monthly posting limit reached', ['uid' => $uid, 'posts' => $posts_month, 'limit' => $throttle_month]);
 				$error = DI::l10n()->t('Too Many Requests');
-				$error_description = DI::l10n()->t("Monthly posting limit of %d post reached. The post was rejected.", "Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month);
+				$error_description = DI::l10n()->tt('Monthly posting limit of %d post reached. The post was rejected.', 'Monthly posting limit of %d posts reached. The post was rejected.', $throttle_month);
 				$errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
 				System::jsonError(429, $errorobj->toArray());
 			}