summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2009-11-17 14:51:38 -0500
committerEvan Prodromou <evan@status.net>2009-11-17 14:51:38 -0500
commit3a980a75fc04da27da693925ee8401fc33602b8e (patch)
treed3158177341f27d5083fe1b58dd7c4819595d2f8
parentcb4acd40bf6bedd32f8352e73654e0fbff730cf8 (diff)
parent4ff2d37b10977f77fe3e627f93176657a45270bb (diff)
Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
-rw-r--r--classes/Notice.php2
-rw-r--r--index.php41
-rw-r--r--plugins/LdapAuthentication/README65
3 files changed, 84 insertions, 24 deletions
diff --git a/classes/Notice.php b/classes/Notice.php
index 1db431f2a..ebb5022b9 100644
--- a/classes/Notice.php
+++ b/classes/Notice.php
@@ -207,7 +207,7 @@ class Notice extends Memcached_DataObject
# Sandboxed are non-false, but not 1, either
- if (!$user->hasRight(Right::PUBLICNOTICE) ||
+ if (!$profile->hasRight(Right::PUBLICNOTICE) ||
($source && $autosource && in_array($source, $autosource))) {
$notice->is_local = Notice::LOCAL_NONPUBLIC;
} else {
diff --git a/index.php b/index.php
index 577b491ed..997ee6197 100644
--- a/index.php
+++ b/index.php
@@ -76,11 +76,16 @@ function handleError($error)
if (common_config('site', 'logdebug')) {
$logmsg .= " : ". $error->getDebugInfo();
}
+ // DB queries often end up with a lot of newlines; merge to a single line
+ // for easier grepability...
+ $logmsg = str_replace("\n", " ", $logmsg);
common_log(LOG_ERR, $logmsg);
+
+ // @fixme backtrace output should be consistent with exception handling
if (common_config('site', 'logdebug')) {
$bt = $error->getBacktrace();
- foreach ($bt as $line) {
- common_log(LOG_ERR, $line);
+ foreach ($bt as $n => $line) {
+ common_log(LOG_ERR, formatBacktraceLine($n, $line));
}
}
if ($error instanceof DB_DataObject_Error
@@ -109,6 +114,38 @@ function handleError($error)
exit(-1);
}
+/**
+ * Format a backtrace line for debug output roughly like debug_print_backtrace() does.
+ * Exceptions already have this built in, but PEAR error objects just give us the array.
+ *
+ * @param int $n line number
+ * @param array $line per-frame array item from debug_backtrace()
+ * @return string
+ */
+function formatBacktraceLine($n, $line)
+{
+ $out = "#$n ";
+ if (isset($line['class'])) $out .= $line['class'];
+ if (isset($line['type'])) $out .= $line['type'];
+ if (isset($line['function'])) $out .= $line['function'];
+ $out .= '(';
+ if (isset($line['args'])) {
+ $args = array();
+ foreach ($line['args'] as $arg) {
+ // debug_print_backtrace seems to use var_export
+ // but this gets *very* verbose!
+ $args[] = gettype($arg);
+ }
+ $out .= implode(',', $args);
+ }
+ $out .= ')';
+ $out .= ' called at [';
+ if (isset($line['file'])) $out .= $line['file'];
+ if (isset($line['line'])) $out .= ':' . $line['line'];
+ $out .= ']';
+ return $out;
+}
+
function checkMirror($action_obj, $args)
{
global $config;
diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README
index b10a1eb93..dc3f4ba88 100644
--- a/plugins/LdapAuthentication/README
+++ b/plugins/LdapAuthentication/README
@@ -1,42 +1,63 @@
-The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP.
+The LDAP Authentication plugin allows for StatusNet to handle authentication
+through LDAP.
Installation
============
-add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php
+add "addPlugin('ldapAuthentication',
+ array('setting'=>'value', 'setting2'=>'value2', ...);"
+to the bottom of your config.php
Settings
========
provider_name*: a unique name for this authentication provider.
-authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database).
-autoregistration (false): Set to true if users should be automatically created when they attempt to login.
-email_changeable (true): Are users allowed to change their email address? (true or false)
-password_changeable (true): Are users allowed to change their passwords? (true or false)
-
-host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right.. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-version: LDAP version. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-starttls: TLS is started after connecting. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-binddn: The distinguished name to bind as (username). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-bindpw: Password for the binddn. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-basedn*: LDAP base name (root directory). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+authoritative (false): Set to true if LDAP's responses are authoritative
+ (if authorative and LDAP fails, no other password checking will be done).
+autoregistration (false): Set to true if users should be automatically created
+ when they attempt to login.
+email_changeable (true): Are users allowed to change their email address?
+ (true or false)
+password_changeable (true): Are users allowed to change their passwords?
+ (true or false)
+
+host*: LDAP server name to connect to. You can provide several hosts in an
+ array in which case the hosts are tried from left to right.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+port: Port on the server.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+version: LDAP version.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+starttls: TLS is started after connecting.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+binddn: The distinguished name to bind as (username).
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+bindpw: Password for the binddn.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+basedn*: LDAP base name (root directory).
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+filter: Default search filter.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
+scope: Default search scope.
+ See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
-attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name
- username*
- nickname*
+attributes: an array that relates StatusNet user attributes to LDAP ones
+ username*: LDAP attribute value entered when authenticating to StatusNet
+ nickname*: LDAP attribute value shown as the user's nickname
email
fullname
homepage
location
-
+
* required
default values are in (parenthesis)
+For most LDAP installations, the "nickname" and "username" attributes should
+ be the same.
+
Example
=======
-Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory.
+Here's an example of an LDAP plugin configuration that connects to
+ Microsoft Active Directory.
addPlugin('ldapAuthentication', array(
'provider_name'=>'Example',
@@ -47,7 +68,9 @@ addPlugin('ldapAuthentication', array(
'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
'host'=>array('server1', 'server2'),
'attributes'=>array(
+ 'username'=>'sAMAccountName',
'nickname'=>'sAMAccountName',
'email'=>'mail',
'fullname'=>'displayName')
));
+