The official, canonical postActiv repository. http://www.postactiv.com

apigroupprofileupdate.php 9.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267
  1. <?php
  2. /* ============================================================================
  3. * Title: APIGroupProfileUpdate
  4. * Update a group's profile
  5. *
  6. * postActiv:
  7. * the micro-blogging software
  8. *
  9. * Copyright:
  10. * Copyright (C) 2016-2018, Maiyannah Bishop
  11. *
  12. * Derived from code copyright various sources:
  13. * o GNU Social (C) 2013-2016, Free Software Foundation, Inc
  14. * o StatusNet (C) 2008-2012, StatusNet, Inc
  15. * ----------------------------------------------------------------------------
  16. * License:
  17. * This program is free software: you can redistribute it and/or modify
  18. * it under the terms of the GNU Affero General Public License as published by
  19. * the Free Software Foundation, either version 3 of the License, or
  20. * (at your option) any later version.
  21. *
  22. * This program is distributed in the hope that it will be useful,
  23. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  24. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25. * GNU Affero General Public License for more details.
  26. *
  27. * You should have received a copy of the GNU Affero General Public License
  28. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  29. *
  30. * <https://www.gnu.org/licenses/agpl.html>
  31. * ----------------------------------------------------------------------------
  32. * About:
  33. * Update a group's profile
  34. *
  35. * PHP version:
  36. * Tested with PHP 7.0
  37. * ----------------------------------------------------------------------------
  38. * File Authors:
  39. * o Zach Copley
  40. * o Siebrand Mazeland <s.mazeland@xs4all.nl>
  41. * o Mikael Nordfeldth <mmn@hethane.se>
  42. * o Maiyannah Bishop <maiyannah.bishop@postactiv.com>
  43. *
  44. * Web:
  45. * o postActiv <http://www.postactiv.com>
  46. * o GNU social <https://www.gnu.org/s/social/>
  47. * ============================================================================
  48. */
  49. // This file is formatted so that it provides useful documentation output in
  50. // NaturalDocs. Please be considerate of this before changing formatting.
  51. if (!defined('POSTACTIV')) { exit(1); }
  52. /**
  53. * API analog to the group edit page
  54. */
  55. class ApiGroupProfileUpdateAction extends ApiAuthAction
  56. {
  57. protected $needPost = true;
  58. /**
  59. * Take arguments for running
  60. *
  61. * @param array $args $_REQUEST args
  62. *
  63. * @return boolean success flag
  64. *
  65. */
  66. protected function prepare(array $args=array())
  67. {
  68. parent::prepare($args);
  69. $this->nickname = Nickname::normalize($this->trimmed('nickname'));
  70. $this->fullname = $this->trimmed('fullname');
  71. $this->homepage = $this->trimmed('homepage');
  72. $this->description = $this->trimmed('description');
  73. $this->location = $this->trimmed('location');
  74. $this->aliasstring = $this->trimmed('aliases');
  75. $this->user = $this->auth_user;
  76. $this->group = $this->getTargetGroup($this->arg('id'));
  77. return true;
  78. }
  79. /**
  80. * Handlex the request
  81. *
  82. * See which request params have been set, and update the profile
  83. *
  84. * @return void
  85. */
  86. protected function handle()
  87. {
  88. parent::handle();
  89. if (!in_array($this->format, array('xml', 'json'))) {
  90. // TRANS: Client error displayed when coming across a non-supported API method.
  91. $this->clientError(_('API method not found.'), 404);
  92. }
  93. if (empty($this->user)) {
  94. // TRANS: Client error displayed when not providing a user or an invalid user.
  95. $this->clientError(_('No such user.'), 404);
  96. }
  97. if (empty($this->group)) {
  98. // TRANS: Client error displayed when not providing a group or an invalid group.
  99. $this->clientError(_('Group not found.'), 404);
  100. }
  101. if (!$this->user->isAdmin($this->group)) {
  102. // TRANS: Client error displayed when trying to edit a group without being an admin.
  103. $this->clientError(_('You must be an admin to edit the group.'), 403);
  104. }
  105. $this->group->query('BEGIN');
  106. $orig = clone($this->group);
  107. try {
  108. if (common_config('profile', 'changenick') == true && $this->group->nickname !== $this->nickname) {
  109. try {
  110. $this->group->nickname = Nickname::normalize($this->nickname, true);
  111. } catch (NicknameException $e) {
  112. throw new ApiValidationException($e->getMessage());
  113. }
  114. $this->group->mainpage = common_local_url('showgroup',
  115. array('nickname' => $this->group->nickname));
  116. }
  117. if (!empty($this->fullname)) {
  118. $this->validateFullname();
  119. $this->group->fullname = $this->fullname;
  120. }
  121. if (!empty($this->homepage)) {
  122. $this->validateHomepage();
  123. $this->group->homepage = $this->homepage;
  124. }
  125. if (!empty($this->description)) {
  126. $this->validateDescription();
  127. $this->group->description = $this->decription;
  128. }
  129. if (!empty($this->location)) {
  130. $this->validateLocation();
  131. $this->group->location = $this->location;
  132. }
  133. } catch (ApiValidationException $ave) {
  134. $this->clientError($ave->getMessage(), 400);
  135. }
  136. $result = $this->group->update($orig);
  137. if (!$result) {
  138. common_log_db_error($this->group, 'UPDATE', __FILE__);
  139. // TRANS: Server error displayed when group update fails.
  140. $this->serverError(_('Could not update group.'));
  141. }
  142. $aliases = array();
  143. try {
  144. if (!empty($this->aliasstring)) {
  145. $aliases = $this->validateAliases();
  146. }
  147. } catch (ApiValidationException $ave) {
  148. $this->clientError($ave->getMessage(), 403);
  149. }
  150. $result = $this->group->setAliases($aliases);
  151. if (!$result) {
  152. // TRANS: Server error displayed when adding group aliases fails.
  153. $this->serverError(_('Could not create aliases.'));
  154. }
  155. $this->group->query('COMMIT');
  156. switch($this->format) {
  157. case 'xml':
  158. $this->showSingleXmlGroup($this->group);
  159. break;
  160. case 'json':
  161. $this->showSingleJsonGroup($this->group);
  162. break;
  163. default:
  164. // TRANS: Client error displayed when coming across a non-supported API method.
  165. $this->clientError(_('API method not found.'), 404);
  166. }
  167. }
  168. function validateHomepage()
  169. {
  170. if (!is_null($this->homepage)
  171. && (strlen($this->homepage) > 0)
  172. && !common_valid_http_url($this->homepage)) {
  173. throw new ApiValidationException(
  174. // TRANS: API validation exception thrown when homepage URL does not validate.
  175. _('Homepage is not a valid URL.')
  176. );
  177. }
  178. }
  179. function validateFullname()
  180. {
  181. if (!is_null($this->fullname) && mb_strlen($this->fullname) > 255) {
  182. throw new ApiValidationException(
  183. // TRANS: API validation exception thrown when full name does not validate.
  184. _('Full name is too long (maximum 255 characters).')
  185. );
  186. }
  187. }
  188. function validateDescription()
  189. {
  190. if (User_group::descriptionTooLong($this->description)) {
  191. // TRANS: API validation exception thrown when description does not validate.
  192. // TRANS: %d is the maximum description length and used for plural.
  193. throw new ApiValidationException(sprintf(_m('Description is too long (maximum %d character).',
  194. 'Description is too long (maximum %d characters).',
  195. User_group::maxDescription()),
  196. User_group::maxDescription()));
  197. }
  198. }
  199. function validateLocation()
  200. {
  201. if (!is_null($this->location) && mb_strlen($this->location) > 255) {
  202. throw new ApiValidationException(
  203. // TRANS: API validation exception thrown when location does not validate.
  204. _('Location is too long (maximum 255 characters).')
  205. );
  206. }
  207. }
  208. function validateAliases()
  209. {
  210. try {
  211. $aliases = array_map(array('Nickname', 'normalize'),
  212. array_unique(preg_split('/[\s,]+/', $this->aliasstring)));
  213. } catch (NicknameException $e) {
  214. throw new ApiValidationException(sprintf('Error processing aliases: %s', $e->getMessage()));
  215. }
  216. if (count($aliases) > common_config('group', 'maxaliases')) {
  217. // TRANS: API validation exception thrown when aliases do not validate.
  218. // TRANS: %d is the maximum number of aliases and used for plural.
  219. throw new ApiValidationException(sprintf(_m('Too many aliases! Maximum %d allowed.',
  220. 'Too many aliases! Maximum %d allowed.',
  221. common_config('group', 'maxaliases')),
  222. common_config('group', 'maxaliases')));
  223. }
  224. return $aliases;
  225. }
  226. }
  227. // END OF FILE
  228. // ============================================================================
  229. ?>