apilist.php 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Show, update or delete a list.
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category API
  23. * @package StatusNet
  24. * @author Shashi Gowda <connect2shashi@gmail.com>
  25. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  26. * @link http://status.net/
  27. */
  28. if (!defined('STATUSNET')) {
  29. exit(1);
  30. }
  31. class ApiListAction extends ApiBareAuthAction
  32. {
  33. /**
  34. * The list in question in the current request
  35. */
  36. var $list = null;
  37. /**
  38. * Is this an update request?
  39. */
  40. var $update = false;
  41. /**
  42. * Is this a delete request?
  43. */
  44. var $delete = false;
  45. /**
  46. * Set the flags for handling the request. Show list if this is a GET
  47. * request, update it if it is POST, delete list if method is DELETE
  48. * or if method is POST and an argument _method is set to DELETE. Act
  49. * like we don't know if the current user has no access to the list.
  50. *
  51. * Takes parameters:
  52. * - user: the user id or nickname
  53. * - id: the id of the tag or the tag itself
  54. *
  55. * @return boolean success flag
  56. */
  57. protected function prepare(array $args=array())
  58. {
  59. parent::prepare($args);
  60. $this->delete = ($_SERVER['REQUEST_METHOD'] == 'DELETE' ||
  61. ($this->trimmed('_method') == 'DELETE' &&
  62. $_SERVER['REQUEST_METHOD'] == 'POST'));
  63. // update list if method is POST or PUT and $this->delete is not true
  64. $this->update = (!$this->delete &&
  65. in_array($_SERVER['REQUEST_METHOD'], array('POST', 'PUT')));
  66. $this->user = $this->getTargetUser($this->arg('user'));
  67. $this->list = $this->getTargetList($this->arg('user'), $this->arg('id'));
  68. if (empty($this->list)) {
  69. // TRANS: Client error displayed when referring to a non-existing list.
  70. $this->clientError(_('List not found.'), 404);
  71. }
  72. return true;
  73. }
  74. /**
  75. * Handle the request
  76. *
  77. * @return boolean success flag
  78. */
  79. protected function handle()
  80. {
  81. parent::handle();
  82. if($this->delete) {
  83. $this->handleDelete();
  84. return true;
  85. }
  86. if($this->update) {
  87. $this->handlePut();
  88. return true;
  89. }
  90. switch($this->format) {
  91. case 'xml':
  92. $this->showSingleXmlList($this->list);
  93. break;
  94. case 'json':
  95. $this->showSingleJsonList($this->list);
  96. break;
  97. default:
  98. // TRANS: Client error displayed when coming across a non-supported API method.
  99. $this->clientError(_('API method not found.'), 404);
  100. }
  101. }
  102. /**
  103. * require authentication if it is a write action or user is ambiguous
  104. *
  105. */
  106. function requiresAuth()
  107. {
  108. return parent::requiresAuth() ||
  109. $this->create || $this->delete;
  110. }
  111. /**
  112. * Update a list
  113. *
  114. * @return boolean success
  115. */
  116. function handlePut()
  117. {
  118. if($this->auth_user->id != $this->list->tagger) {
  119. // TRANS: Client error displayed when trying to update another user's list.
  120. $this->clientError(_('You cannot update lists that do not belong to you.'), 401);
  121. }
  122. $new_list = clone($this->list);
  123. $new_list->tag = common_canonical_tag($this->arg('name'));
  124. $new_list->description = common_canonical_tag($this->arg('description'));
  125. $new_list->private = ($this->arg('mode') === 'private') ? true : false;
  126. $result = $new_list->update($this->list);
  127. if(!$result) {
  128. // TRANS: Client error displayed when an unknown error occurs updating a list.
  129. $this->clientError(_('An error occured.'), 503);
  130. }
  131. switch($this->format) {
  132. case 'xml':
  133. $this->showSingleXmlList($new_list);
  134. break;
  135. case 'json':
  136. $this->showSingleJsonList($new_list);
  137. break;
  138. default:
  139. // TRANS: Client error displayed when coming across a non-supported API method.
  140. $this->clientError(_('API method not found.'), 404);
  141. }
  142. }
  143. /**
  144. * Delete a list
  145. *
  146. * @return boolean success
  147. */
  148. function handleDelete()
  149. {
  150. if($this->auth_user->id != $this->list->tagger) {
  151. // TRANS: Client error displayed when trying to delete another user's list.
  152. $this->clientError(_('You cannot delete lists that do not belong to you.'), 401);
  153. }
  154. $record = clone($this->list);
  155. $this->list->delete();
  156. switch($this->format) {
  157. case 'xml':
  158. $this->showSingleXmlList($record);
  159. break;
  160. case 'json':
  161. $this->showSingleJsonList($record);
  162. break;
  163. default:
  164. // TRANS: Client error displayed when coming across a non-supported API method.
  165. $this->clientError(_('API method not found.'), 404);
  166. }
  167. }
  168. /**
  169. * Indicate that this resource is not read-only.
  170. *
  171. * @return boolean is_read-only=false
  172. */
  173. function isReadOnly($args)
  174. {
  175. return false;
  176. }
  177. /**
  178. * When was the list (people tag) last updated?
  179. *
  180. * @return String time_last_modified
  181. */
  182. function lastModified()
  183. {
  184. if(!empty($this->list)) {
  185. return strtotime($this->list->modified);
  186. }
  187. return null;
  188. }
  189. /**
  190. * An entity tag for this list
  191. *
  192. * Returns an Etag based on the action name, language, user ID and
  193. * timestamps of the first and last list the user has joined
  194. *
  195. * @return string etag
  196. */
  197. function etag()
  198. {
  199. if (!empty($this->list)) {
  200. return '"' . implode(
  201. ':',
  202. array($this->arg('action'),
  203. common_language(),
  204. $this->user->id,
  205. strtotime($this->list->created),
  206. strtotime($this->list->modified))
  207. )
  208. . '"';
  209. }
  210. return null;
  211. }
  212. }