$profiler->set(microtime(true) - $timestamp, 'init');
- if ($server['REQUEST_METHOD'] === 'POST') {
+ if ($server['REQUEST_METHOD'] === Router::DELETE) {
+ call_user_func([$this->module_class, 'delete'], $this->module_parameters);
+ }
+
+ if ($server['REQUEST_METHOD'] === Router::PATCH) {
+ call_user_func([$this->module_class, 'patch'], $this->module_parameters);
+ }
+
+ if ($server['REQUEST_METHOD'] === Router::POST) {
Core\Hook::callAll($this->module . '_mod_post', $post);
call_user_func([$this->module_class, 'post'], $this->module_parameters);
}
+ if ($server['REQUEST_METHOD'] === Router::PUT) {
+ call_user_func([$this->module_class, 'put'], $this->module_parameters);
+ }
+
Core\Hook::callAll($this->module . '_mod_afterpost', $placeholder);
call_user_func([$this->module_class, 'afterpost'], $this->module_parameters);
return $o;
}
+ /**
+ * Module DELETE method to process submitted data
+ *
+ * Extend this method if the module is supposed to process DELETE requests.
+ * Doesn't display any content
+ */
+ public static function delete(array $parameters = [])
+ {
+ }
+
+ /**
+ * Module PATCH method to process submitted data
+ *
+ * Extend this method if the module is supposed to process PATCH requests.
+ * Doesn't display any content
+ */
+ public static function patch(array $parameters = [])
+ {
+ }
+
/**
* Module POST method to process submitted data
*
{
}
+ /**
+ * Module PUT method to process submitted data
+ *
+ * Extend this method if the module is supposed to process PUT requests.
+ * Doesn't display any content
+ */
+ public static function put(array $parameters = [])
+ {
+ }
+
/*
* Functions used to protect against Cross-Site Request Forgery
* The security token has to base on at least one value that an attacker can't know - here it's the session ID and the private key.
namespace Friendica\Module\Api\Mastodon;
+use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\DI;
use Friendica\Module\BaseApi;
*/
class Statuses extends BaseApi
{
+ public static function delete(array $parameters = [])
+ {
+ self::unsupported('delete');
+ }
+
/**
* @param array $parameters
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
namespace Friendica\Module\Api\Mastodon;
-use Friendica\Core\Logger;
-use Friendica\Core\System;
-use Friendica\DI;
use Friendica\Module\BaseApi;
/**
*/
class Unimplemented extends BaseApi
{
+ /**
+ * @param array $parameters
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ */
+ public static function delete(array $parameters = [])
+ {
+ self::unsupported('delete');
+ }
+
+ /**
+ * @param array $parameters
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ */
+ public static function patch(array $parameters = [])
+ {
+ self::unsupported('patch');
+ }
+
+ /**
+ * @param array $parameters
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ */
+ public static function post(array $parameters = [])
+ {
+ self::unsupported('post');
+ }
+
+ /**
+ * @param array $parameters
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ */
+ public static function put(array $parameters = [])
+ {
+ self::unsupported('put');
+ }
+
/**
* @param array $parameters
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
public static function rawContent(array $parameters = [])
{
- $path = DI::args()->getQueryString();
- Logger::info('Unimplemented API call', ['path' => $path]);
- $error = DI::l10n()->t('API endpoint "%s" is not implemented', $path);
- $error_description = DI::l10n()->t('The API endpoint is currently not implemented but might be in the future.');;
- $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
- System::jsonError(501, $errorobj->toArray());
+ self::unsupported('get');
}
}
namespace Friendica\Module;
use Friendica\BaseModule;
+use Friendica\Core\Logger;
+use Friendica\Core\System;
use Friendica\DI;
use Friendica\Network\HTTPException;
}
}
+ public static function delete(array $parameters = [])
+ {
+ if (!api_user()) {
+ throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
+ }
+
+ $a = DI::app();
+
+ if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
+ }
+ }
+
+ public static function patch(array $parameters = [])
+ {
+ if (!api_user()) {
+ throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
+ }
+
+ $a = DI::app();
+
+ if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
+ }
+ }
+
public static function post(array $parameters = [])
{
if (!api_user()) {
}
}
+ public static function put(array $parameters = [])
+ {
+ if (!api_user()) {
+ throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.'));
+ }
+
+ $a = DI::app();
+
+ if (!empty($a->user['uid']) && $a->user['uid'] != api_user()) {
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
+ }
+ }
+
+ public static function unsupported(string $method = 'all')
+ {
+ $path = DI::args()->getQueryString();
+ Logger::info('Unimplemented API call', ['path' => $path, 'method' => $method]);
+ $error = DI::l10n()->t('API endpoint %s "%s" is not implemented', $method, $path);
+ $error_description = DI::l10n()->t('The API endpoint is currently not implemented but might be in the future.');;
+ $errorobj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
+ System::jsonError(501, $errorobj->toArray());
+ }
+
/**
* Log in user via OAuth1 or Simple HTTP Auth.
*
projects / friendica.git / commitdiff