From 6d31c11e57cfcf143a7554e733746320730f0a15 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sat, 30 Jan 2021 16:23:46 -0500 Subject: [PATCH] Move GET item/ignore/{id} to POST item/{id}/ignore --- src/Module/Item/Ignore.php | 29 +++++++++++++++++------------ static/routes.config.php | 2 +- view/js/main.js | 4 ++-- 3 files changed, 20 insertions(+), 15 deletions(-) diff --git a/src/Module/Item/Ignore.php b/src/Module/Item/Ignore.php index 1883faa905..668e493109 100644 --- a/src/Module/Item/Ignore.php +++ b/src/Module/Item/Ignore.php @@ -41,18 +41,17 @@ class Ignore extends BaseModule throw new HttpException\ForbiddenException($l10n->t('Access denied.')); } - $args = DI::args(); - $dba = DI::dba(); - - $message_id = intval($args->get(2)); - - if (empty($message_id) || !is_int($message_id)) { + if (empty($parameters['id'])) { throw new HTTPException\BadRequestException(); } - $thread = Post::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $message_id]); + $itemId = intval($parameters['id']); + + $dba = DI::dba(); + + $thread = Post::selectFirstThreadForUser(local_user(), ['uid', 'ignored'], ['iid' => $itemId]); if (!$dba->isResult($thread)) { - throw new HTTPException\BadRequestException(); + throw new HTTPException\NotFoundException(); } // Numeric values are needed for the json output further below @@ -61,11 +60,11 @@ class Ignore extends BaseModule switch ($thread['uid'] ?? 0) { // if the thread is from the current user case local_user(): - $dba->update('thread', ['ignored' => $ignored], ['iid' => $message_id]); + $dba->update('thread', ['ignored' => $ignored], ['iid' => $itemId]); break; // 0 (null will get transformed to 0) => it's a public post case 0: - $dba->update('user-item', ['ignored' => $ignored], ['iid' => $message_id, 'uid' => local_user()], true); + $dba->update('user-item', ['ignored' => $ignored], ['iid' => $itemId, 'uid' => local_user()], true); break; // Throws a BadRequestException and not a ForbiddenException on purpose // Avoids harvesting existing, but forbidden IIDs (security issue) @@ -86,7 +85,13 @@ class Ignore extends BaseModule DI::baseUrl()->redirect($return_path . $rand); } - // the json doesn't really matter, it will either be 0 or 1 - System::jsonExit($ignored); + $return = [ + 'status' => 'ok', + 'item_id' => $itemId, + 'verb' => 'ignore', + 'state' => $ignored, + ]; + + System::jsonExit($return); } } diff --git a/static/routes.config.php b/static/routes.config.php index 564b920d61..6acad3827e 100644 --- a/static/routes.config.php +++ b/static/routes.config.php @@ -291,8 +291,8 @@ return [ ], '/item' => [ - '/ignore/{id}' => [Module\Item\Ignore::class, [R::GET]], '/{id:\d+}/activity/{verb}' => [Module\Item\Activity::class, [ R::POST]], + '/{id:\d+}/ignore' => [Module\Item\Ignore::class, [ R::POST]], '/{id:\d+}/pin' => [Module\Item\Pin::class, [ R::POST]], ], diff --git a/view/js/main.js b/view/js/main.js index 3613ee78f6..4921ea94f7 100644 --- a/view/js/main.js +++ b/view/js/main.js @@ -728,8 +728,8 @@ function doPin(ident) { function doIgnoreThread(ident) { ident = ident.toString(); $('#like-rotator-' + ident).show(); - $.get('item/ignore/' + ident, function(data) { - if (data === 1) { + $.post('item/' + ident + '/ignore', function(data) { + if (data.state === 1) { $('#ignored-' + ident) .addClass('ignored') .removeClass('unignored');