From a8d1b7e9c26b4449a4a1e0e250f9b6766b2d8e62 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:10:17 -0400 Subject: Merge DeleteAction class into DeletenoticeAction The DeleteAction class checked for notice information, and only had one subclass: DeletenoticeAction. I couldn't figure out any other class that would subclass it, so I combined the two into a single class. --- actions/deletenotice.php | 37 +++++++++++++++++++++++++++++++++---- 1 file changed, 33 insertions(+), 4 deletions(-) (limited to 'actions/deletenotice.php') diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 3d040f2fa..617fa9c17 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -32,15 +32,44 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/lib/deleteaction.php'; - -class DeletenoticeAction extends DeleteAction +class DeletenoticeAction extends Action { - var $error = null; + var $error = null; + var $user = null; + var $notice = null; + var $profile = null; + var $user_profile = null; + + function prepare($args) + { + parent::prepare($args); + + $this->user = common_current_user(); + $notice_id = $this->trimmed('notice'); + $this->notice = Notice::staticGet($notice_id); + + if (!$this->notice) { + common_user_error(_('No such notice.')); + exit; + } + + $this->profile = $this->notice->getProfile(); + $this->user_profile = $this->user->getProfile(); + + return true; + } function handle($args) { parent::handle($args); + + if (!common_logged_in()) { + common_user_error(_('Not logged in.')); + exit; + } else if ($this->notice->profile_id != $this->user_profile->id) { + common_user_error(_('Can\'t delete this notice.')); + exit; + } // XXX: Ajax! if ($_SERVER['REQUEST_METHOD'] == 'POST') { -- cgit v1.2.3-54-g00ecf From ee9856c452a7e54994c30cd9138dd6faa2107001 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:14:49 -0400 Subject: moderator can delete another user's notice --- actions/deletenotice.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'actions/deletenotice.php') diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 617fa9c17..4a48a9c34 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -66,7 +66,8 @@ class DeletenoticeAction extends Action if (!common_logged_in()) { common_user_error(_('Not logged in.')); exit; - } else if ($this->notice->profile_id != $this->user_profile->id) { + } else if ($this->notice->profile_id != $this->user_profile->id && + !$this->user->hasRight(Right::deleteOthersNotice)) { common_user_error(_('Can\'t delete this notice.')); exit; } -- cgit v1.2.3-54-g00ecf From 1de9496c7fed16c2675c3d5136c131c07534c2cc Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 7 Nov 2009 22:26:03 -0500 Subject: fix constant for deleteothersnotice --- actions/deletenotice.php | 2 +- lib/noticelist.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'actions/deletenotice.php') diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 4a48a9c34..ba8e86d0f 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -67,7 +67,7 @@ class DeletenoticeAction extends Action common_user_error(_('Not logged in.')); exit; } else if ($this->notice->profile_id != $this->user_profile->id && - !$this->user->hasRight(Right::deleteOthersNotice)) { + !$this->user->hasRight(Right::DELETEOTHERSNOTICE)) { common_user_error(_('Can\'t delete this notice.')); exit; } diff --git a/lib/noticelist.php b/lib/noticelist.php index 8b3015cc3..bf12bb73c 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -513,7 +513,7 @@ class NoticeListItem extends Widget $user = common_current_user(); if (!empty($user) && - ($this->notice->profile_id == $user->id || $user->hasRight(Right::deleteOthersNotice))) { + ($this->notice->profile_id == $user->id || $user->hasRight(Right::DELETEOTHERSNOTICE))) { $deleteurl = common_local_url('deletenotice', array('notice' => $this->notice->id)); -- cgit v1.2.3-54-g00ecf