Merge pull request #1261 from Alkarex/api-edit

API edit feeds and categories

1 files changed, 161 insertions, 31 deletions

diff --git a/p/api/greader.php b/p/api/greader.php
index 98ae60475..e77ef3726 100644
--- a/p/api/greader.php
+++ b/p/api/greader.php
@@ -153,13 +153,12 @@ function authorizationToUser() {
 		if (count($headerAuthX) === 2) {
 			$user = $headerAuthX[0];
 			if (ctype_alnum($user)) {
-				$conf = get_user_configuration($user);
-				if (is_null($conf)) {
+				FreshRSS_Context::$user_conf = get_user_configuration($user);
+				if (FreshRSS_Context::$user_conf == null) {
 					Minz_Log::warning('Invalid API user ' . $user . ': configuration cannot be found.');
 					unauthorized();
 				}
-				global $system_conf;
-				if ($headerAuthX[1] === sha1($system_conf->salt . $user . $conf->apiPasswordHash)) {
+				if ($headerAuthX[1] === sha1(FreshRSS_Context::$system_conf->salt . $user . FreshRSS_Context::$user_conf->apiPasswordHash)) {
 					return $user;
 				} else {
 					logMe('Invalid API authorisation for user ' . $user . ': ' . $headerAuthX[1]);
@@ -181,16 +180,15 @@ function clientLogin($email, $pass) {	//http://web.archive.org/web/2013060409104
 			include_once(LIB_PATH . '/password_compat.php');
 		}
 
-		$conf = get_user_configuration($email);
-		if (is_null($conf)) {
+		FreshRSS_Context::$user_conf = get_user_configuration($email);
+		if (FreshRSS_Context::$user_conf == null) {
 			Minz_Log::warning('Invalid API user ' . $email . ': configuration cannot be found.');
 			unauthorized();
 		}
 
-		if ($conf->apiPasswordHash != '' && password_verify($pass, $conf->apiPasswordHash)) {
+		if (FreshRSS_Context::$user_conf->apiPasswordHash != '' && password_verify($pass, FreshRSS_Context::$user_conf->apiPasswordHash)) {
 			header('Content-Type: text/plain; charset=UTF-8');
-			global $system_conf;
-			$auth = $email . '/' . sha1($system_conf->salt . $email . $conf->apiPasswordHash);
+			$auth = $email . '/' . sha1(FreshRSS_Context::$system_conf->salt . $email . FreshRSS_Context::$user_conf->apiPasswordHash);
 			echo 'SID=', $auth, "\n",
 				'Auth=', $auth, "\n";
 			exit();
@@ -209,8 +207,7 @@ function token($conf) {
 //https://github.com/ericmann/gReader-Library/blob/master/greader.class.php
 	$user = Minz_Session::param('currentUser', '_');
 	//logMe('token('. $user . ")");	//TODO: Implement real token that expires
-	global $system_conf;
-	$token = str_pad(sha1($system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z');	//Must have 57 characters
+	$token = str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z');	//Must have 57 characters
 	echo $token, "\n";
 	exit();
 }
@@ -219,8 +216,7 @@ function checkToken($conf, $token) {
 //http://code.google.com/p/google-reader-api/wiki/ActionToken
 	$user = Minz_Session::param('currentUser', '_');
 	//logMe('checkToken(' . $token . ")");
-	global $system_conf;
-	if ($token === str_pad(sha1($system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) {
+	if ($token === str_pad(sha1(FreshRSS_Context::$system_conf->salt . $user . $conf->apiPasswordHash), 57, 'Z')) {
 		return true;
 	}
 	unauthorized();
@@ -261,8 +257,7 @@ function subscriptionList() {
 	$stm->execute();
 	$res = $stm->fetchAll(PDO::FETCH_ASSOC);
 
-	global $system_conf;
-	$salt = $system_conf->salt;
+	$salt = FreshRSS_Context::$system_conf->salt;
 	$subscriptions = array();
 
 	foreach ($res as $line) {
@@ -287,6 +282,85 @@ function subscriptionList() {
 	exit();
 }
 
+function subscriptionEdit($streamNames, $titles, $action, $add = '', $remove = '') {
+	//logMe("subscriptionEdit()");
+	//https://github.com/mihaip/google-reader-api/blob/master/wiki/ApiSubscriptionEdit.wiki
+	switch ($action) {
+		case 'subscribe':
+		case 'unsubscribe':
+		case 'edit':
+			break;
+		default:
+			badRequest();
+	}
+	$addCatId = 0;
+	$categoryDAO = null;
+	if ($add != '' || $remove != '') {
+		$categoryDAO = new FreshRSS_CategoryDAO();
+	}
+	$c_name = '';
+	if ($add != '' && strpos($add, 'user/-/label/') === 0) {	//user/-/label/Example
+		$c_name = substr($add, 13);
+		$cat = $categoryDAO->searchByName($c_name);
+		$addCatId = $cat == null ? -1 : $cat->id();
+	} else if ($remove != '' && strpos($remove, 'user/-/label/')) {
+		$addCatId = 1;	//Default category
+	}
+	if ($addCatId <= 0 && $c_name = '') {
+		$addCatId = 1;	//Default category
+	}
+	$feedDAO = FreshRSS_Factory::createFeedDao();
+	for ($i = count($streamNames) - 1; $i >= 0; $i--) {
+		$streamName = $streamNames[$i];	//feed/http://example.net/sample.xml	;	feed/338
+		if (strpos($streamName, 'feed/') === 0) {
+			$streamName = substr($streamName, 5);
+			$feedId = 0;
+			if (ctype_digit($streamName)) {
+				if ($action === 'subscribe') {
+					continue;
+				}
+				$feedId = $streamName;
+			} else {
+				$feed = $feedDAO->searchByUrl($streamName);
+				$feedId = $feed == null ? -1 : $feed->id();
+			}
+			$title = isset($titles[$i]) ? $titles[$i] : '';
+			switch ($action) {
+				case 'subscribe':
+					if ($feedId <= 0) {
+						$http_auth = '';	//TODO
+						try {
+							$feed = FreshRSS_feed_Controller::addFeed($streamName, $title, $addCatId, $c_name, $http_auth);
+							continue;
+						} catch (Exception $e) {
+							logMe("subscriptionEdit error subscribe: " . $e->getMessage());
+						}
+					}
+					badRequest();
+					break;
+				case 'unsubscribe':
+					if (!($feedId > 0 && FreshRSS_feed_Controller::deleteFeed($feedId))) {
+						badRequest();
+					}
+					break;
+				case 'edit':
+					if ($feedId > 0) {
+						if ($addCatId > 0) {
+							FreshRSS_feed_Controller::moveFeed($feedId, $addCatId);
+						}
+						if ($title != '') {
+							FreshRSS_feed_Controller::renameFeed($feedId, $title);
+						}
+					} else {
+						badRequest();
+					}
+					break;
+			}
+		}
+	}
+	exit('OK');
+}
+
 function unreadCount() {	//http://blog.martindoms.com/2009/10/16/using-the-google-reader-api-part-2/#unread-count
 	//logMe("unreadCount()");
 	header('Content-Type: application/json; charset=UTF-8');
@@ -523,8 +597,38 @@ function editTag($e_ids, $a, $r) {
 			break;
 	}
 
-	echo 'OK';
-	exit();
+	exit('OK');
+}
+
+function renameTag($s, $dest) {
+	//logMe("renameTag()");
+	if ($s != '' && strpos($s, 'user/-/label/') === 0 &&
+		$dest != '' &&  strpos($dest, 'user/-/label/') === 0) {
+		$s = substr($s, 13);
+		$categoryDAO = new FreshRSS_CategoryDAO();
+		$cat = $categoryDAO->searchByName($s);
+		if ($cat != null) {
+			$dest = substr($dest, 13);
+			$categoryDAO->updateCategory($cat->id(), array('name' => $dest));
+			exit('OK');
+		}
+	}
+	badRequest();
+}
+
+function disableTag($s, $dest) {
+	//logMe("renameTag()");
+	if ($s != '' && strpos($s, 'user/-/label/') === 0) {
+		$s = substr($s, 13);
+		$categoryDAO = new FreshRSS_CategoryDAO();
+		$cat = $categoryDAO->searchByName($s);
+		if ($cat != null) {
+			$feedDAO = FreshRSS_Factory::createFeedDao();
+			$feedDAO->changeCategory($cat->id(), 0);
+			exit('OK');
+		}
+	}
+	badRequest();
 }
 
 function markAllAsRead($streamId, $olderThanId) {
@@ -542,8 +646,7 @@ function markAllAsRead($streamId, $olderThanId) {
 		$entryDAO->markReadEntries($olderThanId, false, -1);
 	}
 
-	echo 'OK';
-	exit();
+	exit('OK');
 }
 
 //logMe('----------------------------------------------------------------');
@@ -555,17 +658,17 @@ $pathInfos = explode('/', $pathInfo);
 Minz_Configuration::register('system',
                              DATA_PATH . '/config.php',
                              DATA_PATH . '/config.default.php');
-$system_conf = Minz_Configuration::get('system');
-if (!$system_conf->api_enabled) {
+FreshRSS_Context::$system_conf = Minz_Configuration::get('system');
+if (!FreshRSS_Context::$system_conf->api_enabled) {
 	serviceUnavailable();
 }
 
 Minz_Session::init('FreshRSS');
 
 $user = authorizationToUser();
-$conf = null;
+FreshRSS_Context::$user_conf = null;
 if ($user !== '') {
-	$conf = get_user_configuration($user);
+	FreshRSS_Context::$user_conf = get_user_configuration($user);
 }
 
 //logMe('User => ' . $user);
@@ -625,14 +728,28 @@ elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfo
 			if (isset($pathInfos[5]) && $pathInfos[5] === 'list') {
 				$output = isset($_GET['output']) ? $_GET['output'] : '';
 				if ($output !== 'json') notImplemented();
-				tagList($_GET['output']);
+				tagList($output);
 			}
 			break;
 		case 'subscription':
-			if (isset($pathInfos[5]) && $pathInfos[5] === 'list') {
-				$output = isset($_GET['output']) ? $_GET['output'] : '';
-				if ($output !== 'json') notImplemented();
-				subscriptionList($_GET['output']);
+			if (isset($pathInfos[5])) {
+				switch ($pathInfos[5]) {
+					case 'list':
+						$output = isset($_GET['output']) ? $_GET['output'] : '';
+						if ($output !== 'json') notImplemented();
+						subscriptionList($_GET['output']);
+						break;
+					case 'edit':
+						if (isset($_POST['s']) && isset($_POST['ac'])) {
+							$streamNames = multiplePosts('s');	//StreamId to operate on. The parameter may be repeated to edit multiple subscriptions at once
+							$titles = multiplePosts('t');	//Title to use for the subscription. For the `subscribe` action, if not specified then the feed's current title will be used. Can be used with the `edit` action to rename a subscription
+							$action = $_POST['ac'];	//Action to perform on the given StreamId. Possible values are `subscribe`, `unsubscribe` and `edit`
+							$add = isset($_POST['a']) ? $_POST['a'] : '';	//StreamId to add the subscription to (generally a user label)
+							$remove = isset($_POST['r']) ? $_POST['r'] : '';	//StreamId to remove the subscription from (generally a user label)
+							subscriptionEdit($streamNames, $titles, $action, $add, $remove);
+						}
+						break;
+				}
 			}
 			break;
 		case 'unread-count':
@@ -643,15 +760,28 @@ elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfo
 			break;
 		case 'edit-tag':	//http://blog.martindoms.com/2010/01/20/using-the-google-reader-api-part-3/
 			$token = isset($_POST['T']) ? trim($_POST['T']) : '';
-			checkToken($conf, $token);
+			checkToken(FreshRSS_Context::$user_conf, $token);
 			$a = isset($_POST['a']) ? $_POST['a'] : '';	//Add:	user/-/state/com.google/read	user/-/state/com.google/starred
 			$r = isset($_POST['r']) ? $_POST['r'] : '';	//Remove:	user/-/state/com.google/read	user/-/state/com.google/starred
 			$e_ids = multiplePosts('i');	//item IDs
 			editTag($e_ids, $a, $r);
 			break;
+		case 'rename-tag':	//https://github.com/theoldreader/api
+			$token = isset($_POST['T']) ? trim($_POST['T']) : '';
+			checkToken(FreshRSS_Context::$user_conf, $token);
+			$s = isset($_POST['s']) ? $_POST['s'] : '';	//user/-/label/Folder
+			$dest = isset($_POST['dest']) ? $_POST['dest'] : '';	//user/-/label/NewFolder
+			renameTag($s, $dest);
+			break;
+		case 'disable-tag':	//https://github.com/theoldreader/api
+			$token = isset($_POST['T']) ? trim($_POST['T']) : '';
+			checkToken(FreshRSS_Context::$user_conf, $token);
+			$s = isset($_POST['s']) ? $_POST['s'] : '';	//user/-/label/Folder
+			disableTag($s);
+			break;
 		case 'mark-all-as-read':
 			$token = isset($_POST['T']) ? trim($_POST['T']) : '';
-			checkToken($conf, $token);
+			checkToken(FreshRSS_Context::$user_conf, $token);
 			$streamId = $_POST['s'];	//StreamId
 			$ts = isset($_POST['ts']) ? $_POST['ts'] : '0';	//Older than timestamp in nanoseconds
 			if (!ctype_digit($ts)) {
@@ -660,7 +790,7 @@ elseif ($pathInfos[1] === 'reader' && $pathInfos[2] === 'api' && isset($pathInfo
 			markAllAsRead($streamId, $ts);
 			break;
 		case 'token':
-			token($conf);
+			token(FreshRSS_Context::$user_conf);
 			break;
 	}
 } elseif ($pathInfos[1] === 'check' && $pathInfos[2] === 'compatibility') {