WCF/wcfsetup/install/files/lib/action/UserAvatarAction.class.php at f4890d176a844bf0b4c3734c0fb8f7bcb4cd2645 · WoltLab/WCF · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php

namespace wcf\action;

use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use wcf\data\user\UserProfile;
use wcf\event\user\UserAvatarFormFieldCollecting;
use wcf\http\Helper;
use wcf\system\cache\runtime\UserProfileRuntimeCache;
use wcf\system\event\EventHandler;
use wcf\system\exception\NamedUserException;
use wcf\system\exception\PermissionDeniedException;
use wcf\system\form\builder\field\FileProcessorFormField;
use wcf\system\form\builder\Psr15DialogForm;
use wcf\system\user\UserProfileHandler;
use wcf\system\WCF;
use wcf\util\HtmlString;

/**
 * Handles user avatars editing.
 *
 * @author      Olaf Braun
 * @copyright   2001-2024 WoltLab GmbH
 * @license     GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @since       6.2
 */
final class UserAvatarAction implements RequestHandlerInterface
{
    #[\Override]
    public function handle(ServerRequestInterface $request): ResponseInterface
    {
        $parameters = Helper::mapQueryParameters(
            $request->getQueryParams(),
            <<<'EOT'
                array {
                    id?: positive-int
                }
                EOT
        );

        if (!WCF::getUser()->userID) {
            throw new PermissionDeniedException();
        }

        if (isset($parameters['id'])) {
            $user = UserProfileRuntimeCache::getInstance()->getObject($parameters['id']);
        } else {
            $user = UserProfileHandler::getInstance()->getUserProfile();
        }

        if ($user->disableAvatar && $user->userID === WCF::getUser()->userID) {
            throw new NamedUserException(HtmlString::fromSafeHtml(WCF::getLanguage()->getDynamicVariable(
                'wcf.user.avatar.error.disabled'
            )));
        }

        if (!$user->canEditAvatar()) {
            throw new PermissionDeniedException();
        }

        $form = $this->getForm($user);

        if ($request->getMethod() === 'GET') {
            return $form->toResponse();
        } else {
            throw new \LogicException('Unreachable');
        }
    }

    private function getForm(UserProfile $user): Psr15DialogForm
    {
        $form = new Psr15DialogForm(
            UserAvatarAction::class,
            WCF::getLanguage()->get('wcf.user.avatar.edit')
        );
        $form->appendChildren([
            FileProcessorFormField::create('avatarFileID')
                ->objectType('com.woltlab.wcf.user.avatar')
                ->description('wcf.user.avatar.type.custom.description')
                ->singleFileUpload()
                ->bigPreview()
                ->simpleReplace()
                ->thumbnailSize('128'),
        ]);

        $event = new UserAvatarFormFieldCollecting($user);
        EventHandler::getInstance()->fire($event);
        $form->appendChildren($event->getFormFields());

        $form->markRequiredFields(false);
        $form->updatedObject($user);
        $form->build();

        return $form;
    }
}