summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-05-19 12:51:25 -0700
committerBrion Vibber <brion@pobox.com>2010-05-19 12:51:25 -0700
commit7005ef66617b265ddccdd9082c2368bf014a7e83 (patch)
tree52f853c4d47063f0af488a7ff5fb52df50b430bb
parent48dc899acb9a0ac87140353092dab1f5e67753d8 (diff)
parenta39a934dd4a133bad6e76fa9a5018cedcb70225c (diff)
Merge branch 'testing' into 0.9.x
Conflicts: plugins/OpenID/openidlogin.php
-rw-r--r--actions/foaf.php4
-rw-r--r--actions/login.php22
-rw-r--r--actions/register.php7
-rw-r--r--lib/mail.php20
-rw-r--r--lib/util.php17
-rw-r--r--locale/en_GB/LC_MESSAGES/statusnet.po2
-rw-r--r--plugins/Facebook/facebookutil.php6
-rw-r--r--plugins/OStatus/OStatusPlugin.php2
-rw-r--r--plugins/OStatus/lib/discoveryhints.php1
-rw-r--r--plugins/OpenID/OpenIDPlugin.php67
-rw-r--r--plugins/OpenID/extlib/README6
-rw-r--r--plugins/OpenID/extlib/teams-extension.php175
-rw-r--r--plugins/OpenID/finishaddopenid.php6
-rw-r--r--plugins/OpenID/finishopenidlogin.php6
-rw-r--r--plugins/OpenID/openid.php36
-rw-r--r--plugins/OpenID/openidadminpanel.php270
-rw-r--r--plugins/OpenID/openidlogin.php26
-rw-r--r--plugins/OpenID/openidsettings.php70
-rw-r--r--plugins/Realtime/README1
-rw-r--r--plugins/Realtime/RealtimePlugin.php42
-rw-r--r--plugins/Realtime/realtimeupdate.js4
-rw-r--r--plugins/TwitterBridge/twitter.php6
22 files changed, 713 insertions, 83 deletions
diff --git a/actions/foaf.php b/actions/foaf.php
index 9cb65a885..2f054de0c 100644
--- a/actions/foaf.php
+++ b/actions/foaf.php
@@ -95,7 +95,9 @@ class FoafAction extends Action
// Would be nice to tell if they were a Person or not (e.g. a #person usertag?)
$this->elementStart('Agent', array('rdf:about' =>
$this->user->uri));
- $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email));
+ if ($this->user->email) {
+ $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email));
+ }
if ($this->profile->fullname) {
$this->element('name', null, $this->profile->fullname);
}
diff --git a/actions/login.php b/actions/login.php
index dc6352368..d3e4312f7 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -63,6 +63,28 @@ class LoginAction extends Action
}
/**
+ * Prepare page to run
+ *
+ *
+ * @param $args
+ * @return string title
+ */
+
+ function prepare($args)
+ {
+ parent::prepare($args);
+
+ // @todo this check should really be in index.php for all sensitive actions
+ $ssl = common_config('site', 'ssl');
+ if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) {
+ common_redirect(common_local_url('login'));
+ // exit
+ }
+
+ return true;
+ }
+
+ /**
* Handle input, produce output
*
* Switches on request method; either shows the form or handles its input.
diff --git a/actions/register.php b/actions/register.php
index 9b8161e08..7307bc689 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -74,6 +74,13 @@ class RegisterAction extends Action
parent::prepare($args);
$this->code = $this->trimmed('code');
+ // @todo this check should really be in index.php for all sensitive actions
+ $ssl = common_config('site', 'ssl');
+ if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) {
+ common_redirect(common_local_url('register'));
+ // exit
+ }
+
if (empty($this->code)) {
common_ensure_session();
if (array_key_exists('invitecode', $_SESSION)) {
diff --git a/lib/mail.php b/lib/mail.php
index 5fc584e28..a4065e8d5 100644
--- a/lib/mail.php
+++ b/lib/mail.php
@@ -224,9 +224,6 @@ function mail_subscribe_notify_profile($listenee, $other)
if ($other->hasRight(Right::EMAILONSUBSCRIBE) &&
$listenee->email && $listenee->emailnotifysub) {
- // use the recipient's localization
- common_init_locale($listenee->language);
-
$profile = $listenee->getProfile();
$name = $profile->getBestName();
@@ -236,6 +233,9 @@ function mail_subscribe_notify_profile($listenee, $other)
$recipients = $listenee->email;
+ // use the recipient's localization
+ common_switch_locale($listenee->language);
+
$headers = _mail_prepare_headers('subscribe', $listenee->nickname, $other->nickname);
$headers['From'] = mail_notify_from();
$headers['To'] = $name . ' <' . $listenee->email . '>';
@@ -271,7 +271,7 @@ function mail_subscribe_notify_profile($listenee, $other)
common_local_url('emailsettings'));
// reset localization
- common_init_locale();
+ common_switch_locale();
mail_send($recipients, $headers, $body);
}
}
@@ -473,7 +473,7 @@ function mail_confirm_sms($code, $nickname, $address)
function mail_notify_nudge($from, $to)
{
- common_init_locale($to->language);
+ common_switch_locale($to->language);
// TRANS: Subject for 'nudge' notification email
$subject = sprintf(_('You\'ve been nudged by %s'), $from->nickname);
@@ -491,7 +491,7 @@ function mail_notify_nudge($from, $to)
$from->nickname,
common_local_url('all', array('nickname' => $to->nickname)),
common_config('site', 'name'));
- common_init_locale();
+ common_switch_locale();
$headers = _mail_prepare_headers('nudge', $to->nickname, $from->nickname);
@@ -525,7 +525,7 @@ function mail_notify_message($message, $from=null, $to=null)
return true;
}
- common_init_locale($to->language);
+ common_switch_locale($to->language);
// TRANS: Subject for direct-message notification email
$subject = sprintf(_('New private message from %s'), $from->nickname);
@@ -549,7 +549,7 @@ function mail_notify_message($message, $from=null, $to=null)
$headers = _mail_prepare_headers('message', $to->nickname, $from->nickname);
- common_init_locale();
+ common_switch_locale();
return mail_to_user($to, $subject, $body, $headers);
}
@@ -577,7 +577,7 @@ function mail_notify_fave($other, $user, $notice)
$bestname = $profile->getBestName();
- common_init_locale($other->language);
+ common_switch_locale($other->language);
// TRANS: Subject for favorite notification email
$subject = sprintf(_('%s (@%s) added your notice as a favorite'), $bestname, $user->nickname);
@@ -605,7 +605,7 @@ function mail_notify_fave($other, $user, $notice)
$headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname);
- common_init_locale();
+ common_switch_locale();
mail_to_user($other, $subject, $body, $headers);
}
diff --git a/lib/util.php b/lib/util.php
index 3e3153094..1e58f960c 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -34,6 +34,14 @@ function common_user_error($msg, $code=400)
$err->showPage();
}
+/**
+ * This should only be used at setup; processes switching languages
+ * to send text to other users should use common_switch_locale().
+ *
+ * @param string $language Locale language code (optional; empty uses
+ * current user's preference or site default)
+ * @return mixed success
+ */
function common_init_locale($language=null)
{
if(!$language) {
@@ -50,6 +58,15 @@ function common_init_locale($language=null)
return $ok;
}
+/**
+ * Initialize locale and charset settings and gettext with our message catalog,
+ * using the current user's language preference or the site default.
+ *
+ * This should generally only be run at framework initialization; code switching
+ * languages at runtime should call common_switch_language().
+ *
+ * @access private
+ */
function common_init_language()
{
mb_internal_encoding('UTF-8');
diff --git a/locale/en_GB/LC_MESSAGES/statusnet.po b/locale/en_GB/LC_MESSAGES/statusnet.po
index 03e7a669f..a3c1605ee 100644
--- a/locale/en_GB/LC_MESSAGES/statusnet.po
+++ b/locale/en_GB/LC_MESSAGES/statusnet.po
@@ -4915,7 +4915,7 @@ msgstr "Primary site navigation"
#: lib/action.php:432
msgctxt "TOOLTIP"
msgid "Personal profile and friends timeline"
-msgstr "ersonal profile and friends timeline"
+msgstr "Personal profile and friends timeline"
#. TRANS: Main menu option when logged in for access to personal profile and friends timeline
#: lib/action.php:435
diff --git a/plugins/Facebook/facebookutil.php b/plugins/Facebook/facebookutil.php
index ac532e18b..83664995a 100644
--- a/plugins/Facebook/facebookutil.php
+++ b/plugins/Facebook/facebookutil.php
@@ -272,12 +272,12 @@ function remove_facebook_app($flink)
function mail_facebook_app_removed($user)
{
- common_init_locale($user->language);
-
$profile = $user->getProfile();
$site_name = common_config('site', 'name');
+ common_switch_locale($user->language);
+
$subject = sprintf(
_m('Your %1$s Facebook application access has been disabled.',
$site_name));
@@ -291,7 +291,7 @@ function mail_facebook_app_removed($user)
"re-installing the %2\$s Facebook application.\n\nRegards,\n\n%2\$s"),
$user->nickname, $site_name);
- common_init_locale();
+ common_switch_locale();
return mail_to_user($user, $subject, $body);
}
diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php
index d3a92755c..5b153216e 100644
--- a/plugins/OStatus/OStatusPlugin.php
+++ b/plugins/OStatus/OStatusPlugin.php
@@ -257,7 +257,7 @@ class OStatusPlugin extends Plugin
$matches = array();
// Webfinger matches: @user@example.com
- if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+@(?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!',
+ if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+@(?:\w+\-?\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!',
$text,
$wmatches,
PREG_OFFSET_CAPTURE)) {
diff --git a/plugins/OStatus/lib/discoveryhints.php b/plugins/OStatus/lib/discoveryhints.php
index 80cfbbf15..ca54a0f5f 100644
--- a/plugins/OStatus/lib/discoveryhints.php
+++ b/plugins/OStatus/lib/discoveryhints.php
@@ -30,6 +30,7 @@ class DiscoveryHints {
case Discovery::PROFILEPAGE:
$hints['profileurl'] = $link['href'];
break;
+ case Salmon::NS_MENTIONS:
case Salmon::NS_REPLIES:
$hints['salmon'] = $link['href'];
break;
diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php
index 6b723ad10..fdcfacfa5 100644
--- a/plugins/OpenID/OpenIDPlugin.php
+++ b/plugins/OpenID/OpenIDPlugin.php
@@ -20,7 +20,7 @@
* @category Plugin
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
- * @copyright 2009 StatusNet, Inc.
+ * @copyright 2009-2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
@@ -45,7 +45,19 @@ if (!defined('STATUSNET')) {
class OpenIDPlugin extends Plugin
{
- public $openidOnly = false;
+ // Plugin parameter: set true to disallow non-OpenID logins
+ // If set, overrides the setting in database or $config['site']['openidonly']
+ public $openidOnly = null;
+
+ function initialize()
+ {
+ parent::initialize();
+ if ($this->openidOnly !== null) {
+ global $config;
+ $config['site']['openidonly'] = (bool)$this->openidOnly;
+ }
+
+ }
/**
* Add OpenID-related paths to the router table
@@ -67,6 +79,7 @@ class OpenIDPlugin extends Plugin
$m->connect('index.php?action=finishaddopenid',
array('action' => 'finishaddopenid'));
$m->connect('main/openidserver', array('action' => 'openidserver'));
+ $m->connect('admin/openid', array('action' => 'openidadminpanel'));
return true;
}
@@ -84,7 +97,7 @@ class OpenIDPlugin extends Plugin
function onStartConnectPath(&$path, &$defaults, &$rules, &$result)
{
- if ($this->openidOnly) {
+ if (common_config('site', 'openidonly')) {
static $block = array('main/login',
'main/register',
'main/recoverpassword',
@@ -108,7 +121,7 @@ class OpenIDPlugin extends Plugin
function onArgsInitialize($args)
{
- if ($this->openidOnly) {
+ if (common_config('site', 'openidonly')) {
if (array_key_exists('action', $args)) {
$action = trim($args['action']);
if (in_array($action, array('login', 'register'))) {
@@ -199,7 +212,7 @@ class OpenIDPlugin extends Plugin
function onStartPrimaryNav($action)
{
- if ($this->openidOnly && !common_logged_in()) {
+ if (common_config('site', 'openidonly') && !common_logged_in()) {
// TRANS: Tooltip for main menu option "Login"
$tooltip = _m('TOOLTIP', 'Login to the site');
$action->menuItem(common_local_url('openidlogin'),
@@ -241,7 +254,7 @@ class OpenIDPlugin extends Plugin
function onStartLoginGroupNav(&$action)
{
- if ($this->openidOnly) {
+ if (common_config('site', 'openidonly')) {
$this->showOpenIDLoginTab($action);
// Even though we replace this code, we
// DON'T run the End* hook, to keep others from
@@ -299,7 +312,7 @@ class OpenIDPlugin extends Plugin
*/
function onStartAccountSettingsPasswordMenuItem($menu, &$unused) {
- if ($this->openidOnly) {
+ if (common_config('site', 'openidonly')) {
return false;
}
return true;
@@ -349,13 +362,19 @@ class OpenIDPlugin extends Plugin
case 'OpenidsettingsAction':
case 'OpenidserverAction':
case 'OpenidtrustAction':
- require_once INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php';
+ case 'OpenidadminpanelAction':
+ require_once dirname(__FILE__) . '/' . strtolower(mb_substr($cls, 0, -6)) . '.php';
return false;
case 'User_openid':
- require_once INSTALLDIR.'/plugins/OpenID/User_openid.php';
+ require_once dirname(__FILE__) . '/User_openid.php';
return false;
case 'User_openid_trustroot':
- require_once INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php';
+ require_once dirname(__FILE__) . '/User_openid_trustroot.php';
+ return false;
+ case 'Auth_OpenID_TeamsExtension':
+ case 'Auth_OpenID_TeamsRequest':
+ case 'Auth_OpenID_TeamsResponse':
+ require_once dirname(__FILE__) . '/extlib/teams-extension.php';
return false;
default:
return true;
@@ -446,7 +465,7 @@ class OpenIDPlugin extends Plugin
function onRedirectToLogin($action, $user)
{
- if ($this->openidOnly || (!empty($user) && User_openid::hasOpenID($user->id))) {
+ if (common_config('site', 'openid_only') || (!empty($user) && User_openid::hasOpenID($user->id))) {
common_redirect(common_local_url('openidlogin'), 303);
return false;
}
@@ -582,6 +601,32 @@ class OpenIDPlugin extends Plugin
}
/**
+ * Add an OpenID tab to the admin panel
+ *
+ * @param Widget $nav Admin panel nav
+ *
+ * @return boolean hook value
+ */
+
+ function onEndAdminPanelNav($nav)
+ {
+ if (AdminPanelAction::canAdmin('openid')) {
+
+ $action_name = $nav->action->trimmed('action');
+
+ $nav->out->menuItem(
+ common_local_url('openidadminpanel'),
+ _m('OpenID'),
+ _m('OpenID configuration'),
+ $action_name == 'openidadminpanel',
+ 'nav_openid_admin_panel'
+ );
+ }
+
+ return true;
+ }
+
+ /**
* Add our version information to output
*
* @param array &$versions Array of version-data arrays
diff --git a/plugins/OpenID/extlib/README b/plugins/OpenID/extlib/README
new file mode 100644
index 000000000..1fe80d79b
--- /dev/null
+++ b/plugins/OpenID/extlib/README
@@ -0,0 +1,6 @@
+team-extension.php
+ Support for Launchpad's OpenID Teams extension
+ Maintainer: Canonical
+ Source: https://code.edge.launchpad.net/wordpress-teams-integration
+ r27 2010-04-27
+ License: AGPLv3
diff --git a/plugins/OpenID/extlib/teams-extension.php b/plugins/OpenID/extlib/teams-extension.php
new file mode 100644
index 000000000..451f2fb19
--- /dev/null
+++ b/plugins/OpenID/extlib/teams-extension.php
@@ -0,0 +1,175 @@
+<?php
+/*
+ * Wordpress Teams plugin
+ * Copyright (C) 2009-2010 Canonical Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * Provides an example OpenID extension to query user team/group membership
+ *
+ * This code is based on code supplied with the openid library for simple
+ * registration data.
+ */
+
+/**
+ * Require the Message implementation.
+ */
+require_once 'Auth/OpenID/Message.php';
+require_once 'Auth/OpenID/Extension.php';
+
+/**
+ * The team/group extension base class
+ */
+class Auth_OpenID_TeamsExtension extends Auth_OpenID_Extension {
+ var $ns_uri = 'http://ns.launchpad.net/2007/openid-teams';
+ var $ns_alias = 'lp';
+ var $request_field = 'query_membership';
+ var $response_field = 'is_member';
+
+ /**
+ * Get the string arguments that should be added to an OpenID
+ * message for this extension.
+ */
+ function getExtensionArgs() {
+ $args = array();
+
+ if ($this->_teams) {
+ $args[$this->request_field] = implode(',', $this->_teams);
+ }
+
+ return $args;
+ }
+
+ /**
+ * Add the arguments from this extension to the provided message.
+ *
+ * Returns the message with the extension arguments added.
+ */
+ function toMessage(&$message) {
+ if ($message->namespaces->addAlias($this->ns_uri, $this->ns_alias) === null) {
+ if ($message->namespaces->getAlias($this->ns_uri) != $this->ns_alias) {
+ return null;
+ }
+ }
+
+ $message->updateArgs($this->ns_uri, $this->getExtensionArgs());
+ return $message;
+ }
+
+ /**
+ * Extract the team/group namespace URI from the given OpenID message.
+ * Handles OpenID 1 and 2.
+ *
+ * $message: The OpenID message from which to parse team/group data.
+ * This may be a request or response message.
+ *
+ * Returns the sreg namespace URI for the supplied message.
+ *
+ * @access private
+ */
+ function _getExtensionNS(&$message) {
+ $alias = null;
+ $found_ns_uri = null;
+
+ // See if there exists an alias for the namespace
+ $alias = $message->namespaces->getAlias($this->ns_uri);
+
+ if ($alias !== null) {
+ $found_ns_uri = $this->ns_uri;
+ }
+
+ if ($alias === null) {
+ // There is no alias for this extension, so try to add one.
+ $found_ns_uri = Auth_OpenID_TYPE_1_0;
+
+ if ($message->namespaces->addAlias($this->ns_uri, $this->ns_alias) === null) {
+ // An alias for the string 'lp' already exists, but
+ // it's defined for something other than team/group membership
+ return null;
+ }
+ }
+
+ return $found_ns_uri;
+ }
+}
+
+/**
+ * The team/group extension request class
+ */
+class Auth_OpenID_TeamsRequest extends Auth_OpenID_TeamsExtension {
+ function __init($teams) {
+ if (!is_array($teams)) {
+ if (!empty($teams)) {
+ $teams = explode(',', $teams);
+ } else {
+ $teams = Array();
+ }
+ }
+
+ $this->_teams = $teams;
+ }
+
+ function Auth_OpenID_TeamsRequest($teams) {
+ $this->__init($teams);
+ }
+}
+
+/**
+ * The team/group extension response class
+ */
+class Auth_OpenID_TeamsResponse extends Auth_OpenID_TeamsExtension {
+ var $_teams = array();
+
+ function __init(&$resp, $signed_only=true) {
+ $this->ns_uri = $this->_getExtensionNS($resp->message);
+
+ if ($signed_only) {
+ $args = $resp->getSignedNS($this->ns_uri);
+ } else {
+ $args = $resp->message->getArgs($this->ns_uri);
+ }
+
+ if ($args === null) {
+ return null;
+ }
+
+ // An OpenID 2.0 response will handle the namespaces
+ if (in_array($this->response_field, array_keys($args)) && !empty($args[$this->response_field])) {
+ $this->_teams = explode(',', $args[$this->response_field]);
+ }
+
+ // Piggybacking on a 1.x request, however, won't so the field name will
+ // be different
+ elseif (in_array($this->ns_alias.'.'.$this->response_field, array_keys($args)) && !empty($args[$this->ns_alias.'.'.$this->response_field])) {
+ $this->_teams = explode(',', $args[$this->ns_alias.'.'.$this->response_field]);
+ }
+ }
+
+ function Auth_OpenID_TeamsResponse(&$resp, $signed_only=true) {
+ $this->__init($resp, $signed_only);
+ }
+
+ /**
+ * Get the array of teams the user is a member of
+ *
+ * @return array
+ */
+ function getTeams() {
+ return $this->_teams;
+ }
+}
+
+?>
diff --git a/plugins/OpenID/finishaddopenid.php b/plugins/OpenID/finishaddopenid.php
index 77fcc3805..e07ab764e 100644
--- a/plugins/OpenID/finishaddopenid.php
+++ b/plugins/OpenID/finishaddopenid.php
@@ -106,6 +106,12 @@ class FinishaddopenidAction extends Action
$sreg = $sreg_resp->contents();
}
+ // Launchpad teams extension
+ if (!oid_check_teams($response)) {
+ $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.'));
+ return;
+ }
+
$cur = common_current_user();
$other = oid_get_user($canonical);
diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php
index 5b1a7cee0..a9ab14199 100644
--- a/plugins/OpenID/finishopenidlogin.php
+++ b/plugins/OpenID/finishopenidlogin.php
@@ -193,6 +193,12 @@ class FinishopenidloginAction extends Action
$sreg = $sreg_resp->contents();
}
+ // Launchpad teams extension
+ if (!oid_check_teams($response)) {
+ $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.'));
+ return;
+ }
+
$user = oid_get_user($canonical);
if ($user) {
diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index 68b5c29e2..4dc924695 100644
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -168,6 +168,15 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
$auth_request->addExtension($sreg_request);
}
+ $requiredTeam = common_config('openid', 'required_team');
+ if ($requiredTeam) {
+ // LaunchPad OpenID extension
+ $team_request = new Auth_OpenID_TeamsRequest(array($requiredTeam));
+ if ($team_request) {
+ $auth_request->addExtension($team_request);
+ }
+ }
+
$trust_root = common_root_url(true);
$process_url = common_local_url($returnto);
@@ -298,6 +307,33 @@ function oid_assert_allowed($url)
return;
}
+/**
+ * Check the teams available in the given OpenID response
+ * Using Launchpad's OpenID teams extension
+ *
+ * @return boolean whether this user is acceptable
+ */
+function oid_check_teams($response)
+{
+ $requiredTeam = common_config('openid', 'required_team');
+ if ($requiredTeam) {
+ $team_resp = new Auth_OpenID_TeamsResponse($response);
+ if ($team_resp) {
+ $teams = $team_resp->getTeams();
+ } else {
+ $teams = array();
+ }
+
+ $match = in_array($requiredTeam, $teams);
+ $is = $match ? 'is' : 'is not';
+ common_log(LOG_DEBUG, "Remote user $is in required team $requiredTeam: [" . implode(', ', $teams) . "]");
+
+ return $match;
+ }
+
+ return true;
+}
+
class AutosubmitAction extends Action
{
var $form_html = null;
diff --git a/plugins/OpenID/openidadminpanel.php b/plugins/OpenID/openidadminpanel.php
new file mode 100644
index 000000000..063306366
--- /dev/null
+++ b/plugins/OpenID/openidadminpanel.php
@@ -0,0 +1,270 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * OpenID bridge administration panel
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Settings
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET')) {
+ exit(1);
+}
+
+/**
+ * Administer global OpenID settings
+ *
+ * @category Admin
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+
+class OpenidadminpanelAction extends AdminPanelAction
+{
+ /**
+ * Returns the page title
+ *
+ * @return string page title
+ */
+
+ function title()
+ {
+ return _m('OpenID');
+ }
+
+ /**
+ * Instructions for using this form.
+ *
+ * @return string instructions
+ */
+
+ function getInstructions()
+ {
+ return _m('OpenID settings');
+ }
+
+ /**
+ * Show the OpenID admin panel form
+ *
+ * @return void
+ */
+
+ function showForm()
+ {
+ $form = new OpenIDAdminPanelForm($this);
+ $form->show();
+ return;
+ }
+
+ /**
+ * Save settings from the form
+ *
+ * @return void
+ */
+
+ function saveSettings()
+ {
+ static $settings = array(
+ 'openid' => array('trusted_provider', 'required_team')
+ );
+
+ static $booleans = array(
+ 'site' => array('openidonly')
+ );
+
+ $values = array();
+
+ foreach ($settings as $section => $parts) {
+ foreach ($parts as $setting) {
+ $values[$section][$setting]
+ = $this->trimmed($setting);
+ }
+ }
+
+ foreach ($booleans as $section => $parts) {
+ foreach ($parts as $setting) {
+ $values[$section][$setting]
+ = ($this->boolean($setting)) ? 1 : 0;
+ }
+ }
+
+ // This throws an exception on validation errors
+
+ $this->validate($values);
+
+ // assert(all values are valid);
+
+ $config = new Config();
+
+ $config->query('BEGIN');
+
+ foreach ($settings as $section => $parts) {
+ foreach ($parts as $setting) {
+ Config::save($section, $setting, $values[$section][$setting]);
+ }
+ }
+
+ foreach ($booleans as $section => $parts) {
+ foreach ($parts as $setting) {
+ Config::save($section, $setting, $values[$section][$setting]);
+ }
+ }
+
+ $config->query('COMMIT');
+
+ return;
+ }
+
+ function validate(&$values)
+ {
+ // Validate consumer key and secret (can't be too long)
+
+ if (mb_strlen($values['openid']['trusted_provider']) > 255) {
+ $this->clientError(
+ _m("Invalid provider URL. Max length is 255 characters.")
+ );
+ }
+
+ if (mb_strlen($values['openid']['required_team']) > 255) {
+ $this->clientError(
+ _m("Invalid team name. Max length is 255 characters.")
+ );
+ }
+ }
+}
+
+class OpenIDAdminPanelForm extends AdminForm
+{
+ /**
+ * ID of the form
+ *
+ * @return int ID of the form
+ */
+
+ function id()
+ {
+ return 'openidadminpanel';
+ }
+
+ /**
+ * class of the form
+ *
+ * @return string class of the form
+ */
+
+ function formClass()
+ {
+ return 'form_settings';
+ }
+
+ /**
+ * Action of the form
+ *
+ * @return string URL of the action
+ */
+
+ function action()
+ {
+ return common_local_url('openidadminpanel');
+ }
+
+ /**
+ * Data elements of the form
+ *
+ * @return void
+ *
+ * @todo Some of the options could prevent users from logging in again.
+ * Make sure that the acting administrator has a valid OpenID matching,
+ * or more carefully warn folks.
+ */
+
+ function formData()
+ {
+ $this->out->elementStart(
+ 'fieldset',
+ array('id' => 'settings_openid')
+ );
+ $this->out->element('legend', null, _m('Trusted provider'));
+ $this->out->element('p', 'form_guide',
+ _m('By default, users are allowed to authenticate with any OpenID provider. ' .
+ 'If you are using your own OpenID service for shared sign-in, ' .
+ 'you can restrict access to only your own users here.'));
+ $this->out->elementStart('ul', 'form_data');
+
+ $this->li();
+ $this->input(
+ 'trusted_provider',
+ _m('Provider URL'),
+ _m('All OpenID logins will be sent to this URL; other providers may not be used.'),
+ 'openid'
+ );
+ $this->unli();
+
+ $this->li();
+ $this->input(
+ 'required_team',
+ _m('Required team'),
+ _m('Only allow logins from users in the given team (Launchpad extension).'),
+ 'openid'
+ );
+ $this->unli();
+
+ $this->out->elementEnd('ul');
+ $this->out->elementEnd('fieldset');
+
+ $this->out->elementStart(
+ 'fieldset',
+ array('id' => 'settings_openid-options')
+ );
+ $this->out->element('legend', null, _m('Options'));
+
+ $this->out->elementStart('ul', 'form_data');
+
+ $this->li();
+
+ $this->out->checkbox(
+ 'openidonly', _m('Enable OpenID-only mode'),
+ (bool) $this->value('openidonly', 'site'),
+ _m('Require all users to login via OpenID. WARNING: disables password authentication for all users!'),
+ 'true'
+ );
+ $this->unli();
+
+ $this->out->elementEnd('ul');
+
+ $this->out->elementEnd('fieldset');
+ }
+
+ /**
+ * Action elements
+ *
+ * @return void
+ */
+
+ function formActions()
+ {
+ $this->out->submit('submit', _('Save'), 'submit', null, _m('Save OpenID settings'));
+ }
+}
diff --git a/plugins/OpenID/openidlogin.php b/plugins/OpenID/openidlogin.php
index ec05daeb1..34e00ccce 100644
--- a/plugins/OpenID/openidlogin.php
+++ b/plugins/OpenID/openidlogin.php
@@ -30,7 +30,12 @@ class OpenidloginAction extends Action
// TRANS: Client error message trying to log on with OpenID while already logged on.
$this->clientError(_m('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- $openid_url = $this->trimmed('openid_url');
+ $provider = common_config('openid', 'trusted_provider');
+ if ($provider) {
+ $openid_url = $provider;
+ } else {
+ $openid_url = $this->trimmed('openid_url');
+ }
oid_assert_allowed($openid_url);
@@ -124,11 +129,20 @@ class OpenidloginAction extends Action
$this->elementStart('ul', 'form_data');
$this->elementStart('li');
- // TRANS: OpenID plugin logon form field label.
- $this->input('openid_url', _m('OpenID URL'),
- $this->openid_url,
- // TRANS: OpenID plugin logon form field instructions.
- _m('Your OpenID URL'));
+ $provider = common_config('openid', 'trusted_provider');
+ if ($provider) {
+ $this->element('label', array(), _m('OpenID provider'));
+ $this->element('span', array(), $provider);
+ $this->element('p', 'form_guide',
+ _m('You will be sent to the provider\'s site for authentication.'));
+ $this->hidden('openid_url', $provider);
+ } else {
+ // TRANS: OpenID plugin logon form field label.
+ $this->input('openid_url', _m('OpenID URL'),
+ $this->openid_url,
+ // TRANS: OpenID plugin logon form field instructions.
+ _m('Your OpenID URL'));
+ }
$this->elementEnd('li');
$this->elementStart('li', array('id' => 'settings_rememberme'));
// TRANS: OpenID plugin logon form checkbox label for setting to put the OpenID information in a cookie.
diff --git a/plugins/OpenID/openidsettings.php b/plugins/OpenID/openidsettings.php
index 16142cf48..505e7d0ee 100644
--- a/plugins/OpenID/openidsettings.php
+++ b/plugins/OpenID/openidsettings.php
@@ -90,34 +90,36 @@ class OpenidsettingsAction extends AccountSettingsAction
{
$user = common_current_user();
- $this->elementStart('form', array('method' => 'post',
- 'id' => 'form_settings_openid_add',
- 'class' => 'form_settings',
- 'action' =>
- common_local_url('openidsettings')));
- $this->elementStart('fieldset', array('id' => 'settings_openid_add'));
- $this->element('legend', null, _m('Add OpenID'));
- $this->hidden('token', common_session_token());
- $this->element('p', 'form_guide',
- _m('If you want to add an OpenID to your account, ' .
- 'enter it in the box below and click "Add".'));
- $this->elementStart('ul', 'form_data');
- $this->elementStart('li');
- $this->element('label', array('for' => 'openid_url'),
- _m('OpenID URL'));
- $this->element('input', array('name' => 'openid_url',
- 'type' => 'text',
- 'id' => 'openid_url'));
- $this->elementEnd('li');
- $this->elementEnd('ul');
- $this->element('input', array('type' => 'submit',
- 'id' => 'settings_openid_add_action-submit',
- 'name' => 'add',
- 'class' => 'submit',
- 'value' => _m('Add')));
- $this->elementEnd('fieldset');
- $this->elementEnd('form');
-
+ if (!common_config('openid', 'trusted_provider')) {
+ $this->elementStart('form', array('method' => 'post',
+ 'id' => 'form_settings_openid_add',
+ 'class' => 'form_settings',
+ 'action' =>
+ common_local_url('openidsettings')));
+ $this->elementStart('fieldset', array('id' => 'settings_openid_add'));
+
+ $this->element('legend', null, _m('Add OpenID'));
+ $this->hidden('token', common_session_token());
+ $this->element('p', 'form_guide',
+ _m('If you want to add an OpenID to your account, ' .
+ 'enter it in the box below and click "Add".'));
+ $this->elementStart('ul', 'form_data');
+ $this->elementStart('li');
+ $this->element('label', array('for' => 'openid_url'),
+ _m('OpenID URL'));
+ $this->element('input', array('name' => 'openid_url',
+ 'type' => 'text',
+ 'id' => 'openid_url'));
+ $this->elementEnd('li');
+ $this->elementEnd('ul');
+ $this->element('input', array('type' => 'submit',
+ 'id' => 'settings_openid_add_action-submit',
+ 'name' => 'add',
+ 'class' => 'submit',
+ 'value' => _m('Add')));
+ $this->elementEnd('fieldset');
+ $this->elementEnd('form');
+ }
$oid = new User_openid();
$oid->user_id = $user->id;
@@ -234,10 +236,14 @@ class OpenidsettingsAction extends AccountSettingsAction
}
if ($this->arg('add')) {
- $result = oid_authenticate($this->trimmed('openid_url'),
- 'finishaddopenid');
- if (is_string($result)) { // error message
- $this->showForm($result);
+ if (common_config('openid', 'trusted_provider')) {
+ $this->showForm(_m("Can't add new providers."));
+ } else {
+ $result = oid_authenticate($this->trimmed('openid_url'),
+ 'finishaddopenid');
+ if (is_string($result)) { // error message
+ $this->showForm($result);
+ }
}
} else if ($this->arg('remove')) {
$this->removeOpenid();
diff --git a/plugins/Realtime/README b/plugins/Realtime/README
index 524382696..99c79cfab 100644
--- a/plugins/Realtime/README
+++ b/plugins/Realtime/README
@@ -1,6 +1,5 @@
== TODO ==
* i18n
-* Change in context URL to conversation (try not to construct the URL in JS)
* Update mark behaviour (on notice send)
* Pause, Send a notice ~ should not update counter
* Pause ~ retain up to 50-100 most recent notices
diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php
index b559d80c6..352afcf78 100644
--- a/plugins/Realtime/RealtimePlugin.php
+++ b/plugins/Realtime/RealtimePlugin.php
@@ -250,14 +250,7 @@ class RealtimePlugin extends Plugin
$arr['url'] = $notice->bestUrl();
$arr['html'] = htmlspecialchars($notice->rendered);
$arr['source'] = htmlspecialchars($arr['source']);
-
- if (!empty($notice->reply_to)) {
- $reply_to = Notice::staticGet('id', $notice->reply_to);
- if (!empty($reply_to)) {
- $arr['in_reply_to_status_url'] = $reply_to->bestUrl();
- }
- $reply_to = null;
- }
+ $arr['conversation_url'] = $this->getConversationUrl($notice);
$profile = $notice->getProfile();
$arr['user']['profile_url'] = $profile->profileurl;
@@ -272,10 +265,7 @@ class RealtimePlugin extends Plugin
$arr['retweeted_status']['source'] = htmlspecialchars($original->source);
$originalProfile = $original->getProfile();
$arr['retweeted_status']['user']['profile_url'] = $originalProfile->profileurl;
- if (!empty($original->reply_to)) {
- $originalReply = Notice::staticGet('id', $original->reply_to);
- $arr['retweeted_status']['in_reply_to_status_url'] = $originalReply->bestUrl();
- }
+ $arr['retweeted_status']['conversation_url'] = $this->getConversationUrl($original);
}
$original = null;
}
@@ -303,6 +293,34 @@ class RealtimePlugin extends Plugin
return $tags;
}
+ function getConversationUrl($notice)
+ {
+ $convurl = null;
+
+ if ($notice->hasConversation()) {
+ $conv = Conversation::staticGet(
+ 'id',
+ $notice->conversation
+ );
+ $convurl = $conv->uri;
+
+ if(empty($convurl)) {
+ $msg = sprintf(
+ "Couldn't find Conversation ID %d to make 'in context'"
+ . "link for Notice ID %d",
+ $notice->conversation,
+ $notice->id
+ );
+
+ common_log(LOG_WARNING, $msg);
+ } else {
+ $convurl .= '#notice-' . $notice->id;
+ }
+ }
+
+ return $convurl;
+ }
+
function _getScripts()
{
return array('plugins/Realtime/realtimeupdate.js');
diff --git a/plugins/Realtime/realtimeupdate.js b/plugins/Realtime/realtimeupdate.js
index 2e5851ae5..25dc12d58 100644
--- a/plugins/Realtime/realtimeupdate.js
+++ b/plugins/Realtime/realtimeupdate.js
@@ -149,8 +149,8 @@ RealtimeUpdate = {
"from "+
"<span class=\"device\">"+source+"</span>"+ // may have a link
"</span>";
- if (data['in_reply_to_status_id']) {
- ni = ni+" <a class=\"response\" href=\""+data['in_reply_to_status_url']+"\">in context</a>";
+ if (data['conversation_url']) {
+ ni = ni+" <a class=\"response\" href=\""+data['conversation_url']+"\">in context</a>";
}
if (repeat) {
diff --git a/plugins/TwitterBridge/twitter.php b/plugins/TwitterBridge/twitter.php
index 21adc7a90..896eee2da 100644
--- a/plugins/TwitterBridge/twitter.php
+++ b/plugins/TwitterBridge/twitter.php
@@ -335,10 +335,10 @@ function remove_twitter_link($flink)
function mail_twitter_bridge_removed($user)
{
- common_init_locale($user->language);
-
$profile = $user->getProfile();
+ common_switch_locale($user->language);
+
$subject = sprintf(_m('Your Twitter bridge has been disabled.'));
$site_name = common_config('site', 'name');
@@ -354,7 +354,7 @@ function mail_twitter_bridge_removed($user)
common_local_url('twittersettings'),
common_config('site', 'name'));
- common_init_locale();
+ common_switch_locale();
return mail_to_user($user, $subject, $body);
}