delete notice form fix

diff --git a/actions/deletenotice.php b/actions/deletenotice.php
index eb84b4f3ae5d877281e4d205bf4ebc5fa42359b9..8f0211f8f9e638264a1b8d9a64a16ee49341203d 100644 (file)
--- a/actions/deletenotice.php
+++ b/actions/deletenotice.php
@@ -28,80 +28,26 @@
  * @link      http://status.net/
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) {
-    exit(1);
-}
+if (!defined('GNUSOCIAL')) { exit(1); }
 
 // @todo FIXME: documentation needed.
-class DeletenoticeAction extends Action
+class DeletenoticeAction extends FormAction
 {
-    var $error        = null;
-    var $user         = null;
-    var $notice       = null;
-    var $profile      = null;
-    var $user_profile = null;
-
-    function prepare($args)
-    {
-        parent::prepare($args);
+    protected $form = 'deletenotice';
 
-        $this->user   = common_current_user();
+    protected $notice = null;
 
-        if (!$this->user) {
-            // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
-            common_user_error(_('Not logged in.'));
-            exit;
-        }
-
-        $notice_id    = $this->trimmed('notice');
-        $this->notice = Notice::getKV($notice_id);
-
-        if (!$this->notice) {
-            // TRANS: Error message displayed trying to delete a non-existing notice.
-            common_user_error(_('No such notice.'));
-            exit;
-        }
-
-        $this->profile      = $this->notice->getProfile();
-        $this->user_profile = $this->user->getProfile();
-
-        return true;
-    }
-
-    function handle($args)
+    protected function doPreparation()
     {
-        parent::handle($args);
+        $this->notice = Notice::getByID($this->int('notice'));
 
-        if ($this->notice->profile_id != $this->user_profile->id &&
-                   !$this->user->hasRight(Right::DELETEOTHERSNOTICE)) {
+        if ($this->notice->profile_id != $this->scoped->getID() &&
+                   !$this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) {
             // TRANS: Error message displayed trying to delete a notice that was not made by the current user.
-            common_user_error(_('Cannot delete this notice.'));
-            exit;
+            $this->clientError(_('Cannot delete this notice.'));
         }
-        // XXX: Ajax!
 
-        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
-            $this->deleteNotice();
-        } else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
-            $this->showForm();
-        }
-    }
-
-    /**
-     * Show the page notice
-     *
-     * Shows instructions for the page
-     *
-     * @return void
-     */
-    function showPageNotice()
-    {
-        $instr  = $this->getInstructions();
-        $output = common_markup_to_html($instr);
-
-        $this->elementStart('div', 'instructions');
-        $this->raw($output);
-        $this->elementEnd('div');
+        $this->formOpts['notice'] = $this->notice;
     }
 
     function getInstructions()
@@ -117,73 +63,12 @@ class DeletenoticeAction extends Action
         return _('Delete notice');
     }
 
-    /**
-     * Wrapper for showing a page
-     *
-     * Stores an error and shows the page
-     *
-     * @param string $error Error, if any
-     *
-     * @return void
-     */
-    function showForm($error = null)
-    {
-        $this->error = $error;
-        $this->showPage();
-    }
-
-    /**
-     * Insert delete notice form into the content
-     *
-     * @return void
-     */
-    function showContent()
+    protected function doPost()
     {
-        $this->elementStart('form', array('id' => 'form_notice_delete',
-                                          'class' => 'form_settings',
-                                          'method' => 'post',
-                                          'action' => common_local_url('deletenotice')));
-        $this->elementStart('fieldset');
-        // TRANS: Fieldset legend for the delete notice form.
-        $this->element('legend', null, _('Delete notice'));
-        $this->hidden('token', common_session_token());
-        $this->hidden('notice', $this->trimmed('notice'));
-        // TRANS: Message for the delete notice form.
-        $this->element('p', null, _('Are you sure you want to delete this notice?'));
-        $this->submit('form_action-no',
-                      // TRANS: Button label on the delete notice form.
-                      _m('BUTTON','No'),
-                      'submit form_action-primary',
-                      'no',
-                      // TRANS: Submit button title for 'No' when deleting a notice.
-                      _('Do not delete this notice.'));
-        $this->submit('form_action-yes',
-                      // TRANS: Button label on the delete notice form.
-                      _m('BUTTON','Yes'),
-                      'submit form_action-secondary',
-                      'yes',
-                      // TRANS: Submit button title for 'Yes' when deleting a notice.
-                      _('Delete this notice.'));
-        $this->elementEnd('fieldset');
-        $this->elementEnd('form');
-    }
-
-    function deleteNotice()
-    {
-        // CSRF protection
-        $token = $this->trimmed('token');
-
-        if (!$token || $token != common_session_token()) {
-            // TRANS: Client error displayed when the session token does not match or is not given.
-            $this->showForm(_('There was a problem with your session token. ' .
-                              'Try again, please.'));
-            return;
-        }
-
         if ($this->arg('yes')) {
-            if (Event::handle('StartDeleteOwnNotice', array($this->user, $this->notice))) {
+            if (Event::handle('StartDeleteOwnNotice', array($this->scoped->getUser(), $this->notice))) {
                 $this->notice->delete();
-                Event::handle('EndDeleteOwnNotice', array($this->user, $this->notice));
+                Event::handle('EndDeleteOwnNotice', array($this->scoped->getUser(), $this->notice));
             }
         }