| blob | d3c7cdd07242d2d504bbf186fe95697c2137c067 |
1 <?_info
2 nocache=>1
3 _info?><?page
4 title=><?_ml .title _ml?>
6 body<=
7 <?_code
8 {
9 use strict;
11 my $remote = LJ::get_remote();
12 return "<?needlogin?>" unless $remote;
14 my $qs = BML::get_query_string();
15 return LJ::bad_input($ML{'.error.invalidargument'})
16 unless $qs && $qs =~ /^(\d+)\.(.+)$/;
18 my ($aaid, $auth) = ($1, $2);
19 my $aa = LJ::is_valid_authaction($aaid, $auth);
20 return LJ::bad_input($ML{'.error.invalidargument'})
21 unless $aa;
22 return LJ::bad_input($ML{'.error.actionperformed'})
23 if $aa->{'used'} eq 'Y';
25 my $arg = {};
26 LJ::decode_url_string($aa->{'arg1'}, $arg);
28 ### perform actions according to the action type
30 # invite users to communities
31 if ($aa->{'action'} eq 'comm_invite') {
33 my $dbh = LJ::get_db_writer();
35 my $targetid = $arg->{'targetid'};
36 return LJ::bad_input($ML{'.error.internerr.invalidaction'}) unless $targetid;
38 # add to community
39 if ($arg->{'member'}) {
40 if (my $aau = LJ::load_userid($aa->{userid})) {
41 if (my $target = LJ::load_userid($targetid)) {
42 $aau->add_friend($target);
43 }
44 }
45 }
47 # set up rels with this community
48 my @rels = ();
49 push @rels, 'A' if $arg->{'admin'};
50 push @rels, 'P' if $arg->{'post'};
51 push @rels, 'M' if $arg->{'moderate'};
52 push @rels, 'N' if $arg->{'preapprove'};
54 if (@rels) {
55 LJ::set_rel_multi( map { [$aa->{userid}, $targetid, $_] } @rels );
56 }
58 # mark this authaction as used
59 $dbh->do("UPDATE authactions SET used='Y' WHERE aaid=?", undef, $aa->{'aaid'});
61 # return success
62 my $username = LJ::get_username($aa->{'userid'});
63 return "<?h1 $ML{'.comm.success'} h1?>".
64 '<?p '.BML::ml('.comm.text',
65 {'comm'=>LJ::ljuser($username),
66 'aopts'=>'href="'.$LJ::SITEROOT.'/friends/add.bml?user='.$username.'"'}).
67 ' p?>';
68 }
70 # invite users to shared journals
71 if ($aa->{'action'} eq 'shared_invite') {
72 my $dbh = LJ::get_db_writer();
74 my $targetid = $arg->{'targetid'};
75 return LJ::bad_input($ML{'.error.internerr.invalidaction'}) unless $targetid;
77 LJ::set_rel($aa->{'userid'}, $targetid, 'P');
79 # mark this authaction as used
80 $dbh->do("UPDATE authactions SET used='Y' WHERE aaid=?", undef, $aa->{'aaid'});
82 my $username = LJ::get_username($aa->{'userid'});
83 return "<?h1 $ML{'.shared.success'} h1?>".
84 '<?p '.BML::ml('.shared.text',
85 {'shared'=>LJ::ljuser($username),
86 'aopts'=>'href="'.$LJ::SITEROOT.'/friends/add.bml?user='.$username.'"'}).
87 ' p?>';
88 }
90 # approve someone joining a community
91 if ($aa->{action} eq 'comm_join_request') {
93 #create list of users which can do it.
94 my @all_which_allowed;
95 my $maintainers = LJ::load_rel_user_cache($aa->{userid}, 'A') || [];
96 my $moderators = LJ::load_rel_user_cache($aa->{userid}, 'M') || [];
97 my $owner = LJ::load_rel_user_cache($aa->{userid}, 'S') || [];
98 push @all_which_allowed, (@$maintainers, @$moderators, @$owner);
100 #find remote user in allow list
101 unless (grep $_ eq $remote->{userid}, @all_which_allowed) {
102 return LJ::bad_input($ML{'.error.nopermission'});
103 }
105 my $dbh = LJ::get_db_writer();
107 # get user we're adding
108 my $targetid = $arg->{targetid};
109 return LJ::bad_input($ML{'.error.internerr.invalidaction'}) unless $targetid;
111 # add to community
112 my $user = LJ::load_userid($targetid);
113 return "<?h1 $ML{'Error'} h1?><?p ".LJ::Lang::ml('.error.approving', { username => $user->ljuser_display } )." p?>"
114 unless LJ::approve_pending_member($aa->{userid}, $targetid);
116 # return success
117 my $commname = LJ::get_username($aa->{userid});
118 my $username = LJ::get_username($targetid);
119 return "<?h1 $ML{'.comm.success'} h1?>".
120 '<?p ' . BML::ml('.commjoin.text', {
121 user => LJ::ljuser($username),
122 comm => LJ::ljuser($commname),
123 aopts => "href=\"$LJ::SITEROOT/community/members.bml?authas=$commname\"",
124 }) . ' p?>';
125 }
127 # not other action types right now
128 return LJ::bad_input($ML{'.error.unknownactiontype'});
129 }
130 _code?>
132 <=body
133 page?>