public function groups() { if (($this->method == 'POST' || $this->method == 'PUT') && !$this->body) { $this->e400("{$this->method} data not provided"); } $groupID = $this->groupID; // // Add a group // if ($this->method == 'POST') { if (!$this->permissions->isSuper()) { $this->e403(); } if ($groupID) { $this->e400("POST requests cannot end with a groupID (did you mean PUT?)"); } try { $group = @new SimpleXMLElement($this->body); } catch (Exception $e) { $this->e400("{$this->method} data is not valid XML"); } if ((int) $group['id']) { $this->e400("POST requests cannot contain a groupID in '" . $this->body . "'"); } $fields = $this->getFieldsFromGroupXML($group); Zotero_DB::beginTransaction(); try { $group = new Zotero_Group(); foreach ($fields as $field => $val) { $group->{$field} = $val; } $group->save(); } catch (Exception $e) { if (strpos($e->getMessage(), "Invalid") === 0) { $this->e400($e->getMessage() . " in " . $this->body . "'"); } switch ($e->getCode()) { case Z_ERROR_GROUP_NAME_UNAVAILABLE: $this->e400($e->getMessage()); default: $this->e500($e->getMessage()); } } $this->responseXML = $group->toAtom(array('full'), $this->queryParams, $this->apiVersion); Zotero_DB::commit(); $url = Zotero_Atom::getGroupURI($group); header("Location: " . $url, false, 201); $this->end(); } // // Update a group // if ($this->method == 'PUT') { if (!$this->permissions->isSuper()) { $this->e403(); } if (!$groupID) { $this->e400("PUT requests must end with a groupID (did you mean POST?)"); } try { $group = @new SimpleXMLElement($this->body); } catch (Exception $e) { $this->e400("{$this->method} data is not valid XML"); } $fields = $this->getFieldsFromGroupXML($group); // Group id is optional, but, if it's there, make sure it matches $id = (string) $group['id']; if ($id && $id != $groupID) { $this->e400("Group ID {$id} does not match group ID {$groupID} from URI"); } Zotero_DB::beginTransaction(); try { $group = Zotero_Groups::get($groupID); if (!$group) { $this->e404("Group {$groupID} does not exist"); } foreach ($fields as $field => $val) { $group->{$field} = $val; } if ($this->ifUnmodifiedSince && strtotime($group->dateModified) > $this->ifUnmodifiedSince) { $this->e412(); } $group->save(); } catch (Exception $e) { if (strpos($e->getMessage(), "Invalid") === 0) { $this->e400($e->getMessage() . " in " . $this->body . "'"); } else { if ($e->getCode() == Z_ERROR_GROUP_DESCRIPTION_TOO_LONG) { $this->e400($e->getMessage()); } } $this->e500($e->getMessage()); } $this->responseXML = $group->toAtom(array('full'), $this->queryParams, $this->apiVersion); Zotero_DB::commit(); $this->end(); } // // Delete a group // if ($this->method == 'DELETE') { if (!$this->permissions->isSuper()) { $this->e403(); } if (!$groupID) { $this->e400("DELETE requests must end with a groupID"); } Zotero_DB::beginTransaction(); $group = Zotero_Groups::get($groupID); if (!$group) { $this->e404("Group {$groupID} does not exist"); } $group->erase(); Zotero_DB::commit(); header("HTTP/1.1 204 No Content"); exit; } // // View one or more groups // // Single group if ($groupID) { $group = Zotero_Groups::get($groupID); if (!$this->permissions->canAccess($this->objectLibraryID)) { $this->e403(); } if (!$group) { $this->e404("Group not found"); } $this->responseXML = $group->toAtom($this->queryParams['content'], $this->queryParams, $this->apiVersion); } else { if ($this->objectUserID) { // Users (or their keys) can see only their own groups if (!$this->permissions->isSuper() && $this->userID != $this->objectUserID) { $this->e403(); } $title = Zotero_Users::getUsername($this->objectUserID) . "’s Groups"; } else { // For now, only root can do unrestricted group searches if (!$this->permissions->isSuper()) { $this->e403(); } $title = "Groups"; } try { $results = Zotero_Groups::getAllAdvanced($this->objectUserID, $this->queryParams, $this->permissions); } catch (Exception $e) { switch ($e->getCode()) { case Z_ERROR_INVALID_GROUP_TYPE: $this->e400($e->getMessage()); } throw $e; } $groups = $results['groups']; $totalResults = $results['totalResults']; $this->responseXML = Zotero_Atom::createAtomFeed($title, $this->uri, $groups, $totalResults, $this->queryParams, $this->apiVersion, $this->permissions); } $this->end(); }
public function toAtom($content = array('none'), $queryParams, $apiVersion = null) { // TODO: multi-format support $content = $content[0]; if (!$this->loaded) { $this->load(); } $xml = new SimpleXMLElement('<entry xmlns="' . Zotero_Atom::$nsAtom . '" ' . 'xmlns:zapi="' . Zotero_Atom::$nsZoteroAPI . '" ' . 'xmlns:zxfer="' . Zotero_Atom::$nsZoteroTransfer . '"/>'); $title = $this->name ? $this->name : '[Untitled]'; $xml->title = $title; $author = $xml->addChild('author'); $ownerLibraryID = Zotero_Users::getLibraryIDFromUserID($this->ownerUserID); $author->name = Zotero_Users::getUsername($this->ownerUserID); $author->uri = Zotero_URI::getLibraryURI($ownerLibraryID); $xml->id = Zotero_URI::getGroupURI($this); $xml->published = Zotero_Date::sqlToISO8601($this->dateAdded); $xml->updated = Zotero_Date::sqlToISO8601($this->dateModified); $link = $xml->addChild("link"); $link['rel'] = "self"; $link['type'] = "application/atom+xml"; $link['href'] = Zotero_Atom::getGroupURI($this); $link = $xml->addChild('link'); $link['rel'] = 'alternate'; $link['type'] = 'text/html'; $link['href'] = Zotero_URI::getGroupURI($this); $xml->addChild('zapi:numItems', $this->numItems(), Zotero_Atom::$nsZoteroAPI); if ($content == 'html') { $xml->content['type'] = 'html'; $htmlXML = $this->toHTML(); $xml->content->div = ''; $xml->content->div['xmlns'] = Zotero_Atom::$nsXHTML; $fNode = dom_import_simplexml($xml->content->div); $subNode = dom_import_simplexml($htmlXML); $importedNode = $fNode->ownerDocument->importNode($subNode, true); $fNode->appendChild($importedNode); } else { if ($content == 'json') { $xml->content['type'] = 'application/json'; $xml->content = $this->toJSON(false, $queryParams['pprint'], true); } else { if ($content == 'full') { $xml->content['type'] = 'application/xml'; $fullXML = $this->toXML(); $fNode = dom_import_simplexml($xml->content); $subNode = dom_import_simplexml($fullXML); $importedNode = $fNode->ownerDocument->importNode($subNode, true); $fNode->appendChild($importedNode); } } } return $xml; }