<?php /** * Block a user from a group action class. * * PHP version 5 * * @category Action * @package StatusNet * @author Evan Prodromou <evan@status.net> * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ * * StatusNet - the distributed open-source microblogging tool * Copyright (C) 2008, 2009, StatusNet, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } /** * Block a user from a group * * @category Action * @package StatusNet * @author Evan Prodromou <evan@status.net> * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ */ class GroupblockAction extends Action { var $profile = null; var $group = null; /** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return false; } $token = $this->trimmed('token'); if (empty($token) || $token != common_session_token()) { $this->clientError(_('There was a problem with your session token. Try again, please.')); return; } $id = $this->trimmed('blockto'); if (empty($id)) { $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (empty($this->profile)) { $this->clientError(_('No profile with that ID.')); return false; } $group_id = $this->trimmed('blockgroup'); if (empty($group_id)) { $this->clientError(_('No group specified.')); return false; } $this->group = User_group::staticGet('id', $group_id); if (empty($this->group)) { $this->clientError(_('No such group.')); return false; } $user = common_current_user(); if (!$user->isAdmin($this->group)) { $this->clientError(_('Only an admin can block group members.'), 401); return false; } if (Group_block::isBlocked($this->group, $this->profile)) { $this->clientError(_('User is already blocked from group.')); return false; } // XXX: could have proactive blocks, but we don't have UI for it. if (!$this->profile->isMember($this->group)) { $this->clientError(_('User is not a member of group.')); return false; } return true; } /** * Handle request * * Shows a page with list of favorite notices * * @param array $args $_REQUEST args; handled in prepare() * * @return void */ function handle($args) { parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { common_redirect(common_local_url('groupmembers', array('nickname' => $this->group->nickname)), 303); } elseif ($this->arg('yes')) { $this->blockProfile(); } elseif ($this->arg('blockto')) { $this->showPage(); } } } function showContent() { $this->areYouSureForm(); } function title() { return _('Block user from group'); } function showNoticeForm() { // nop } /** * Confirm with user. * * Shows a confirmation form. * * @return void */ function areYouSureForm() { $id = $this->profile->id; $this->elementStart('form', array('id' => 'block-' . $id, 'method' => 'post', 'class' => 'form_settings form_entity_block', 'action' => common_local_url('groupblock'))); $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); $this->element('legend', _('Block user')); $this->element('p', null, sprintf(_('Are you sure you want to block user "%s" from the group "%s"? '. 'They will be removed from the group, unable to post, and '. 'unable to subscribe to the group in the future.'), $this->profile->getBestName(), $this->group->getBestName())); $this->hidden('blockto-' . $this->profile->id, $this->profile->id, 'blockto'); $this->hidden('blockgroup-' . $this->group->id, $this->group->id, 'blockgroup'); foreach ($this->args as $k => $v) { if (substr($k, 0, 9) == 'returnto-') { $this->hidden($k, $v); } } $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user from this group")); $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Block this user from this group')); $this->elementEnd('fieldset'); $this->elementEnd('form'); } /** * Actually block a user. * * @return void */ function blockProfile() { $block = Group_block::blockProfile($this->group, $this->profile, common_current_user()); if (empty($block)) { $this->serverError(_("Database error blocking user from group.")); return false; } // Now, gotta figure where we go back to foreach ($this->args as $k => $v) { if ($k == 'returnto-action') { $action = $v; } elseif (substr($k, 0, 9) == 'returnto-') { $args[substr($k, 9)] = $v; } } if ($action) { common_redirect(common_local_url($action, $args), 303); } else { common_redirect(common_local_url('groupmembers', array('nickname' => $this->group->nickname)), 303); } } }