summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2010-01-27 18:09:43 -0500
committerEvan Prodromou <evan@status.net>2010-01-27 18:09:43 -0500
commit0b41fa3ec384971cecc631d3cd395d440b61f32d (patch)
tree640f260547d35d5eb5695f5d351fafe8d55794f7
parent2aba2eeeaf78f4e407abe23643ff6027b0ea53dd (diff)
parent2494d3fa25a44b3cacf85c594683675ae9e6d0cb (diff)
Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing
-rw-r--r--db/rc3to09.sql16
-rw-r--r--db/rc3torc4.sql48
-rw-r--r--lib/apiauth.php33
3 files changed, 67 insertions, 30 deletions
diff --git a/db/rc3to09.sql b/db/rc3to09.sql
deleted file mode 100644
index 02dc7a6e2..000000000
--- a/db/rc3to09.sql
+++ /dev/null
@@ -1,16 +0,0 @@
-create table queue_item_new (
- id integer auto_increment primary key comment 'unique identifier',
- frame blob not null comment 'data: object reference or opaque string',
- transport varchar(8) not null comment 'queue for what? "email", "jabber", "sms", "irc", ...',
- created datetime not null comment 'date this record was created',
- claimed datetime comment 'date this item was claimed',
-
- index queue_item_created_idx (created)
-
-) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
-
-insert into queue_item_new (frame,transport,created,claimed)
- select notice_id,transport,created,claimed from queue_item;
-alter table queue_item rename to queue_item_old;
-alter table queue_item_new rename to queue_item;
-
diff --git a/db/rc3torc4.sql b/db/rc3torc4.sql
new file mode 100644
index 000000000..8342c4bc6
--- /dev/null
+++ b/db/rc3torc4.sql
@@ -0,0 +1,48 @@
+create table queue_item_new (
+ id integer auto_increment primary key comment 'unique identifier',
+ frame blob not null comment 'data: object reference or opaque string',
+ transport varchar(8) not null comment 'queue for what? "email", "jabber", "sms", "irc", ...',
+ created datetime not null comment 'date this record was created',
+ claimed datetime comment 'date this item was claimed',
+
+ index queue_item_created_idx (created)
+
+) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
+
+insert into queue_item_new (frame,transport,created,claimed)
+ select notice_id,transport,created,claimed from queue_item;
+alter table queue_item rename to queue_item_old;
+alter table queue_item_new rename to queue_item;
+
+alter table consumer
+ add consumer_secret varchar(255) not null comment 'secret value',
+ add verifier varchar(255) comment 'verifier string for OAuth 1.0a',
+ add verified_callback varchar(255) comment 'verified callback URL for OAuth 1.0a';
+
+create table oauth_application (
+ id integer auto_increment primary key comment 'unique identifier',
+ owner integer not null comment 'owner of the application' references profile (id),
+ consumer_key varchar(255) not null comment 'application consumer key' references consumer (consumer_key),
+ name varchar(255) not null comment 'name of the application',
+ description varchar(255) comment 'description of the application',
+ icon varchar(255) not null comment 'application icon',
+ source_url varchar(255) comment 'application homepage - used for source link',
+ organization varchar(255) comment 'name of the organization running the application',
+ homepage varchar(255) comment 'homepage for the organization',
+ callback_url varchar(255) comment 'url to redirect to after authentication',
+ type tinyint default 0 comment 'type of app, 1 = browser, 2 = desktop',
+ access_type tinyint default 0 comment 'default access type, bit 1 = read, bit 2 = write',
+ created datetime not null comment 'date this record was created',
+ modified timestamp comment 'date this record was modified'
+) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
+
+create table oauth_application_user (
+ profile_id integer not null comment 'user of the application' references profile (id),
+ application_id integer not null comment 'id of the application' references oauth_application (id),
+ access_type tinyint default 0 comment 'access type, bit 1 = read, bit 2 = write, bit 3 = revoked',
+ token varchar(255) comment 'request or access token',
+ created datetime not null comment 'date this record was created',
+ modified timestamp comment 'date this record was modified',
+ constraint primary key (profile_id, application_id)
+) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
+
diff --git a/lib/apiauth.php b/lib/apiauth.php
index ad9651ff2..ac5e997c7 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -84,16 +84,22 @@ class ApiAuthAction extends ApiAction
} else {
$this->checkBasicAuthUser();
}
+ } else {
- // Reject API calls with the wrong access level
+ // Check to see if a basic auth user is there even
+ // if one's not required
- if ($this->isReadOnly($args) == false) {
- if ($this->access != self::READ_WRITE) {
- $msg = 'API resource requires read-write access, ' .
- 'but you only have read access.';
- $this->clientError($msg, 401, $this->format);
- exit();
- }
+ $this->checkBasicAuthUser(false);
+ }
+
+ // Reject API calls with the wrong access level
+
+ if ($this->isReadOnly($args) == false) {
+ if ($this->access != self::READ_WRITE) {
+ $msg = 'API resource requires read-write access, ' .
+ 'but you only have read access.';
+ $this->clientError($msg, 401, $this->format);
+ exit;
}
}
@@ -206,13 +212,13 @@ class ApiAuthAction extends ApiAction
* @return boolean true or false
*/
- function checkBasicAuthUser()
+ function checkBasicAuthUser($required = true)
{
$this->basicAuthProcessHeader();
$realm = common_config('site', 'name') . ' API';
- if (!isset($this->auth_user_nickname)) {
+ if (!isset($this->auth_user_nickname) && $required) {
header('WWW-Authenticate: Basic realm="' . $realm . '"');
// show error if the user clicks 'cancel'
@@ -222,11 +228,10 @@ class ApiAuthAction extends ApiAction
} else {
- $user = common_check_user($this->auth_user_nickname,
- $this->auth_user_password);
-
if (Event::handle('StartSetApiUser', array(&$user))) {
- $this->auth_user = $user;
+ $this->auth_user = common_check_user($this->auth_user_nickname,
+ $this->auth_user_password);
+
Event::handle('EndSetApiUser', array($user));
}