Merge branch '0.9.x' into refactor-api

* 0.9.x: (39 commits)
  Timeout a little incase the notice item from XHR response is
  Relocated the button for pop up window for notice stream
  Script no longer needed for Realtime plugin
  Better check to see if the XML prolog should be outputted for XML
  Outputting UTF-8 charset in document header irrespective of mimetype.
  Switched Doctype to XHTML 1.0 Strict (which best reflects the current
  Twitter API returns server errors in preferred format
  move HTTP error code strings to class variables
  remove string-checks from code using Notice::saveNew()
  change string return from Notice::saveNew to exceptions
  stop overwriting created timestamp on group edit
  Forgot to add home_timeline to the list of methods that only require
  Forgot to add home_timeline to the list of methods that only require
  moderator can delete another user's notice
  show delete button when user has deleteOthersNotice right
  let hooks override standard user rights
  user rights
  Merge DeleteAction class into DeletenoticeAction
  Fix some bugs in the URL linkification, and fixed the unit test.
  Fix URL linkification test cases for addition of 'title' attribution with long URL in f3c8fccc
  ...

5 files changed, 35 insertions, 17 deletions

diff --git a/actions/api.php b/actions/api.php
index d570bb017..1bc90de11 100644
--- a/actions/api.php
+++ b/actions/api.php
@@ -160,6 +160,7 @@ class ApiAction extends Action
 
         static $bareauth = array('statuses/user_timeline',
                                  'statuses/friends_timeline',
+				 'statuses/home_timeline',
                                  'statuses/friends',
                                  'statuses/replies',
                                  'statuses/mentions',
diff --git a/actions/deletenotice.php b/actions/deletenotice.php
index 3d040f2fa..4a48a9c34 100644
--- a/actions/deletenotice.php
+++ b/actions/deletenotice.php
@@ -32,15 +32,45 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
     exit(1);
 }
 
-require_once INSTALLDIR.'/lib/deleteaction.php';
-
-class DeletenoticeAction extends DeleteAction
+class DeletenoticeAction extends Action
 {
-    var $error = null;
+    var $error        = null;
+    var $user         = null;
+    var $notice       = null;
+    var $profile      = null;
+    var $user_profile = null;
+
+    function prepare($args)
+    {
+        parent::prepare($args);
+
+        $this->user   = common_current_user();
+        $notice_id    = $this->trimmed('notice');
+        $this->notice = Notice::staticGet($notice_id);
+
+        if (!$this->notice) {
+            common_user_error(_('No such notice.'));
+            exit;
+        }
+
+        $this->profile      = $this->notice->getProfile();
+        $this->user_profile = $this->user->getProfile();
+
+        return true;
+    }
 
     function handle($args)
     {
         parent::handle($args);
+
+        if (!common_logged_in()) {
+            common_user_error(_('Not logged in.'));
+            exit;
+        } else if ($this->notice->profile_id != $this->user_profile->id &&
+                   !$this->user->hasRight(Right::deleteOthersNotice)) {
+            common_user_error(_('Can\'t delete this notice.'));
+            exit;
+        }
         // XXX: Ajax!
 
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
diff --git a/actions/editgroup.php b/actions/editgroup.php
index 0c2dc8bdf..5dd039f8a 100644
--- a/actions/editgroup.php
+++ b/actions/editgroup.php
@@ -250,7 +250,6 @@ class EditgroupAction extends GroupDesignAction
         $this->group->homepage    = $homepage;
         $this->group->description = $description;
         $this->group->location    = $location;
-        $this->group->created     = common_sql_now();
 
         $result = $this->group->update($orig);
 
diff --git a/actions/newnotice.php b/actions/newnotice.php
index 23ec2a1b5..d5b0332f4 100644
--- a/actions/newnotice.php
+++ b/actions/newnotice.php
@@ -255,13 +255,6 @@ class NewnoticeAction extends Action
         $notice = Notice::saveNew($user->id, $content_shortened, 'web', 1,
                                   ($replyto == 'false') ? null : $replyto);
 
-        if (is_string($notice)) {
-            if (isset($filename)) {
-                $this->deleteFile($filename);
-            }
-            $this->clientError($notice);
-        }
-
         if (isset($mimetype)) {
             $this->attachFile($notice, $fileRecord);
         }
diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php
index 2f10ff966..87043b182 100644
--- a/actions/twitapistatuses.php
+++ b/actions/twitapistatuses.php
@@ -297,11 +297,6 @@ class TwitapistatusesAction extends TwitterapiAction
                 html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'),
                     $source, 1, $reply_to);
 
-            if (is_string($notice)) {
-                $this->serverError($notice);
-                return;
-            }
-
             common_broadcast_notice($notice);
             $apidata['api_arg'] = $notice->id;
         }