diff options
author | Zach Copley <zach@status.net> | 2009-11-04 22:09:46 -0800 |
---|---|---|
committer | Zach Copley <zach@status.net> | 2009-11-04 22:09:46 -0800 |
commit | 3252f6ec1b0e97fe2db8b40b8236a7652f87a47e (patch) | |
tree | e1944cd2a909acb9938343482efdebc2b43ceb3d /lib | |
parent | 2149168d2995da0b89ee9eb6875d3899e04c783b (diff) | |
parent | 1ef1f59fe8ec8c3fd012838cfe0d20051287c2d6 (diff) |
Merge branch 'fix-private-auth' into 0.9.x
* fix-private-auth:
Fix for Ticket #1957 - API methods are not accessible when site is private (0.8->0.9 regression)
Allow all API calls, even if the site is configured as private. The
Diffstat (limited to 'lib')
-rw-r--r-- | lib/apiauth.php | 1 | ||||
-rw-r--r-- | lib/apibareauth.php | 2 | ||||
-rw-r--r-- | lib/apiprivateauth.php | 82 |
3 files changed, 85 insertions, 0 deletions
diff --git a/lib/apiauth.php b/lib/apiauth.php index 2f2e44a26..2a3377013 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -66,6 +66,7 @@ class ApiAuthAction extends ApiAction function prepare($args) { + common_debug('ApiAction::prepare()'); parent::prepare($args); if ($this->requiresAuth()) { diff --git a/lib/apibareauth.php b/lib/apibareauth.php index 2d29c1ddd..a127a5bf3 100644 --- a/lib/apibareauth.php +++ b/lib/apibareauth.php @@ -74,6 +74,8 @@ class ApiBareAuthAction extends ApiAuthAction function prepare($args) { + common_debug("ApiBareAuthAction::prepare()"); + parent::prepare($args); return true; } diff --git a/lib/apiprivateauth.php b/lib/apiprivateauth.php new file mode 100644 index 000000000..5d0033005 --- /dev/null +++ b/lib/apiprivateauth.php @@ -0,0 +1,82 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Base class for API actions that only require auth when a site + * is configured to be private + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category API + * @package StatusNet + * @author Adrian Lang <mail@adrianlang.de> + * @author Brenda Wallace <shiny@cpan.org> + * @author Craig Andrews <candrews@integralblue.com> + * @author Dan Moore <dan@moore.cx> + * @author Evan Prodromou <evan@status.net> + * @author mEDI <medi@milaro.net> + * @author Sarven Capadisli <csarven@status.net> + * @author Zach Copley <zach@status.net> + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Actions extending this class will require auth only if a site is private + * + * @category API + * @package StatusNet + * @author Adrian Lang <mail@adrianlang.de> + * @author Brenda Wallace <shiny@cpan.org> + * @author Craig Andrews <candrews@integralblue.com> + * @author Dan Moore <dan@moore.cx> + * @author Evan Prodromou <evan@status.net> + * @author mEDI <medi@milaro.net> + * @author Sarven Capadisli <csarven@status.net> + * @author Zach Copley <zach@status.net> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiPrivateAuthAction extends ApiAuthAction +{ + + /** + * Does this API resource require authentication? + * + * @return boolean true or false + */ + + function requiresAuth() + { + // If the site is "private", all API methods except statusnet/config + // need authentication + + if (common_config('site', 'private')) { + return true; + } + + return false; + } + +} |