delete a notice using AtomPub

1 files changed, 37 insertions, 1 deletions

diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php
index c0eab15a4..86ffd6862 100644
--- a/actions/apistatusesshow.php
+++ b/actions/apistatusesshow.php
@@ -110,7 +110,17 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
             return;
         }
 
-        $this->showNotice();
+        switch ($_SERVER['REQUEST_METHOD']) {
+        case 'GET':
+            $this->showNotice();
+            break;
+        case 'DELETE':
+            $this->deleteNotice();
+            break;
+        default:
+            $this->clientError(_('HTTP method not supported.'), 405);
+            return;
+        }
     }
 
     /**
@@ -213,4 +223,30 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
         return null;
     }
 
+    function deleteNotice()
+    {
+        if ($this->format != 'atom') {
+            $this->clientError(_("Can only delete using the Atom format."));
+            return;
+        }
+
+        if (empty($this->auth_user) ||
+            ($this->notice->profile_id != $this->auth_user->id &&
+             !$this->auth_user->hasRight(Right::DELETEOTHERSNOTICE))) {
+            $this->clientError(_('Can\'t delete this notice.'), 403);
+            return;
+        }
+
+        if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) {
+            $this->notice->delete();
+            Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice));
+        }
+
+        // @fixme is there better output we could do here?
+
+        header('HTTP/1.1 200 OK');
+        header('Content-Type: text/plain');
+        print(sprintf(_('Deleted notice %d'), $this->notice->id));
+        print("\n");
+    }
 }