diff options
-rw-r--r-- | actions/apidestroy.php | 152 | ||||
-rw-r--r-- | actions/apiupdate.php | 4 | ||||
-rw-r--r-- | lib/router.php | 15 |
3 files changed, 164 insertions, 7 deletions
diff --git a/actions/apidestroy.php b/actions/apidestroy.php new file mode 100644 index 000000000..a3b6bf65e --- /dev/null +++ b/actions/apidestroy.php @@ -0,0 +1,152 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Destroy a notice through the API + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category API + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Deletes one of the authenticating user's statuses (notices). + * + * @category API + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiDestroyAction extends ApiAuthAction +{ + + var $user = null; + var $status = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->auth_user; + $this->notice_id = (int)$this->trimmed('id'); + + if (empty($notice_id)) { + $this->notice_id = (int)$this->arg('id'); + } + + $this->format = $this->arg('format'); + $this->notice = Notice::staticGet((int)$this->notice_id); + + return true; + } + + /** + * Handle the request + * + * Delete the notice and all related replies + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->clientError(_('This method requires a POST or DELETE.'), + 400, $this->format); + return; + } + + if (empty($this->notice)) { + $this->clientError(_('No status found with that ID.'), + 404, $this->format); + return; + } + + if ($this->user->id == $this->notice->profile_id) { + $replies = new Reply; + $replies->get('notice_id', $this->notice_id); + $replies->delete(); + $this->notice->delete(); + + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } else { + $this->clientError(_('You may not delete another user\'s status.'), + 403, $this->format); + } + + $this->showNotice(); + } + + /** + * Show the deleted notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + } + +} diff --git a/actions/apiupdate.php b/actions/apiupdate.php index 9ce208f65..04a38f3f8 100644 --- a/actions/apiupdate.php +++ b/actions/apiupdate.php @@ -31,7 +31,7 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR.'/lib/apibareauth.php'; +require_once INSTALLDIR.'/lib/apiauth.php'; /** * Updates the authenticating user's status (posts a notice). @@ -109,7 +109,7 @@ class ApiUpdateAction extends ApiAuthAction /** * Handle the request * - * Just show the notices + * Make a new notice for the update, save it, and show it * * @param array $args $_REQUEST data (unused) * diff --git a/lib/router.php b/lib/router.php index 3de4e322f..5c9513f57 100644 --- a/lib/router.php +++ b/lib/router.php @@ -342,17 +342,22 @@ class Router $m->connect('api/statuses/show/:id.:format', array('action' => 'ApiShow', - 'id' => '[a-zA-Z0-9]+', + 'id' => '[0-9]+', 'format' => '(xml|json)')); $m->connect('api/statuses/update.:format', array('action' => 'ApiUpdate', 'format' => '(xml|json)')); - $m->connect('api/statuses/:method/:argument', - array('action' => 'api', - 'apiaction' => 'statuses'), - array('method' => 'destroy')); + $m->connect('api/statuses/destroy.:format', + array('action' => 'ApiDestroy', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/destroy/:id.:format', + array('action' => 'ApiDestroy', + 'id' => '[0-9]+', + 'format' => '(xml|json)')); + // users |