diff options
-rw-r--r-- | actions/foaf.php | 4 | ||||
-rw-r--r-- | actions/login.php | 22 | ||||
-rw-r--r-- | actions/register.php | 7 | ||||
-rw-r--r-- | lib/mail.php | 20 | ||||
-rw-r--r-- | lib/util.php | 17 | ||||
-rw-r--r-- | locale/en_GB/LC_MESSAGES/statusnet.po | 2 | ||||
-rw-r--r-- | plugins/Facebook/facebookutil.php | 6 | ||||
-rw-r--r-- | plugins/OStatus/OStatusPlugin.php | 2 | ||||
-rw-r--r-- | plugins/OStatus/lib/discoveryhints.php | 1 | ||||
-rw-r--r-- | plugins/OpenID/OpenIDPlugin.php | 67 | ||||
-rw-r--r-- | plugins/OpenID/extlib/README | 6 | ||||
-rw-r--r-- | plugins/OpenID/extlib/teams-extension.php | 175 | ||||
-rw-r--r-- | plugins/OpenID/finishaddopenid.php | 6 | ||||
-rw-r--r-- | plugins/OpenID/finishopenidlogin.php | 6 | ||||
-rw-r--r-- | plugins/OpenID/openid.php | 36 | ||||
-rw-r--r-- | plugins/OpenID/openidadminpanel.php | 270 | ||||
-rw-r--r-- | plugins/OpenID/openidlogin.php | 26 | ||||
-rw-r--r-- | plugins/OpenID/openidsettings.php | 70 | ||||
-rw-r--r-- | plugins/Realtime/README | 1 | ||||
-rw-r--r-- | plugins/Realtime/RealtimePlugin.php | 42 | ||||
-rw-r--r-- | plugins/Realtime/realtimeupdate.js | 4 | ||||
-rw-r--r-- | plugins/TwitterBridge/twitter.php | 6 |
22 files changed, 713 insertions, 83 deletions
diff --git a/actions/foaf.php b/actions/foaf.php index 9cb65a885..2f054de0c 100644 --- a/actions/foaf.php +++ b/actions/foaf.php @@ -95,7 +95,9 @@ class FoafAction extends Action // Would be nice to tell if they were a Person or not (e.g. a #person usertag?) $this->elementStart('Agent', array('rdf:about' => $this->user->uri)); - $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + if ($this->user->email) { + $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + } if ($this->profile->fullname) { $this->element('name', null, $this->profile->fullname); } diff --git a/actions/login.php b/actions/login.php index dc6352368..d3e4312f7 100644 --- a/actions/login.php +++ b/actions/login.php @@ -63,6 +63,28 @@ class LoginAction extends Action } /** + * Prepare page to run + * + * + * @param $args + * @return string title + */ + + function prepare($args) + { + parent::prepare($args); + + // @todo this check should really be in index.php for all sensitive actions + $ssl = common_config('site', 'ssl'); + if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { + common_redirect(common_local_url('login')); + // exit + } + + return true; + } + + /** * Handle input, produce output * * Switches on request method; either shows the form or handles its input. diff --git a/actions/register.php b/actions/register.php index 9b8161e08..7307bc689 100644 --- a/actions/register.php +++ b/actions/register.php @@ -74,6 +74,13 @@ class RegisterAction extends Action parent::prepare($args); $this->code = $this->trimmed('code'); + // @todo this check should really be in index.php for all sensitive actions + $ssl = common_config('site', 'ssl'); + if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { + common_redirect(common_local_url('register')); + // exit + } + if (empty($this->code)) { common_ensure_session(); if (array_key_exists('invitecode', $_SESSION)) { diff --git a/lib/mail.php b/lib/mail.php index 5fc584e28..a4065e8d5 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -224,9 +224,6 @@ function mail_subscribe_notify_profile($listenee, $other) if ($other->hasRight(Right::EMAILONSUBSCRIBE) && $listenee->email && $listenee->emailnotifysub) { - // use the recipient's localization - common_init_locale($listenee->language); - $profile = $listenee->getProfile(); $name = $profile->getBestName(); @@ -236,6 +233,9 @@ function mail_subscribe_notify_profile($listenee, $other) $recipients = $listenee->email; + // use the recipient's localization + common_switch_locale($listenee->language); + $headers = _mail_prepare_headers('subscribe', $listenee->nickname, $other->nickname); $headers['From'] = mail_notify_from(); $headers['To'] = $name . ' <' . $listenee->email . '>'; @@ -271,7 +271,7 @@ function mail_subscribe_notify_profile($listenee, $other) common_local_url('emailsettings')); // reset localization - common_init_locale(); + common_switch_locale(); mail_send($recipients, $headers, $body); } } @@ -473,7 +473,7 @@ function mail_confirm_sms($code, $nickname, $address) function mail_notify_nudge($from, $to) { - common_init_locale($to->language); + common_switch_locale($to->language); // TRANS: Subject for 'nudge' notification email $subject = sprintf(_('You\'ve been nudged by %s'), $from->nickname); @@ -491,7 +491,7 @@ function mail_notify_nudge($from, $to) $from->nickname, common_local_url('all', array('nickname' => $to->nickname)), common_config('site', 'name')); - common_init_locale(); + common_switch_locale(); $headers = _mail_prepare_headers('nudge', $to->nickname, $from->nickname); @@ -525,7 +525,7 @@ function mail_notify_message($message, $from=null, $to=null) return true; } - common_init_locale($to->language); + common_switch_locale($to->language); // TRANS: Subject for direct-message notification email $subject = sprintf(_('New private message from %s'), $from->nickname); @@ -549,7 +549,7 @@ function mail_notify_message($message, $from=null, $to=null) $headers = _mail_prepare_headers('message', $to->nickname, $from->nickname); - common_init_locale(); + common_switch_locale(); return mail_to_user($to, $subject, $body, $headers); } @@ -577,7 +577,7 @@ function mail_notify_fave($other, $user, $notice) $bestname = $profile->getBestName(); - common_init_locale($other->language); + common_switch_locale($other->language); // TRANS: Subject for favorite notification email $subject = sprintf(_('%s (@%s) added your notice as a favorite'), $bestname, $user->nickname); @@ -605,7 +605,7 @@ function mail_notify_fave($other, $user, $notice) $headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname); - common_init_locale(); + common_switch_locale(); mail_to_user($other, $subject, $body, $headers); } diff --git a/lib/util.php b/lib/util.php index 3e3153094..1e58f960c 100644 --- a/lib/util.php +++ b/lib/util.php @@ -34,6 +34,14 @@ function common_user_error($msg, $code=400) $err->showPage(); } +/** + * This should only be used at setup; processes switching languages + * to send text to other users should use common_switch_locale(). + * + * @param string $language Locale language code (optional; empty uses + * current user's preference or site default) + * @return mixed success + */ function common_init_locale($language=null) { if(!$language) { @@ -50,6 +58,15 @@ function common_init_locale($language=null) return $ok; } +/** + * Initialize locale and charset settings and gettext with our message catalog, + * using the current user's language preference or the site default. + * + * This should generally only be run at framework initialization; code switching + * languages at runtime should call common_switch_language(). + * + * @access private + */ function common_init_language() { mb_internal_encoding('UTF-8'); diff --git a/locale/en_GB/LC_MESSAGES/statusnet.po b/locale/en_GB/LC_MESSAGES/statusnet.po index 03e7a669f..a3c1605ee 100644 --- a/locale/en_GB/LC_MESSAGES/statusnet.po +++ b/locale/en_GB/LC_MESSAGES/statusnet.po @@ -4915,7 +4915,7 @@ msgstr "Primary site navigation" #: lib/action.php:432 msgctxt "TOOLTIP" msgid "Personal profile and friends timeline" -msgstr "ersonal profile and friends timeline" +msgstr "Personal profile and friends timeline" #. TRANS: Main menu option when logged in for access to personal profile and friends timeline #: lib/action.php:435 diff --git a/plugins/Facebook/facebookutil.php b/plugins/Facebook/facebookutil.php index ac532e18b..83664995a 100644 --- a/plugins/Facebook/facebookutil.php +++ b/plugins/Facebook/facebookutil.php @@ -272,12 +272,12 @@ function remove_facebook_app($flink) function mail_facebook_app_removed($user) { - common_init_locale($user->language); - $profile = $user->getProfile(); $site_name = common_config('site', 'name'); + common_switch_locale($user->language); + $subject = sprintf( _m('Your %1$s Facebook application access has been disabled.', $site_name)); @@ -291,7 +291,7 @@ function mail_facebook_app_removed($user) "re-installing the %2\$s Facebook application.\n\nRegards,\n\n%2\$s"), $user->nickname, $site_name); - common_init_locale(); + common_switch_locale(); return mail_to_user($user, $subject, $body); } diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index d3a92755c..5b153216e 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -257,7 +257,7 @@ class OStatusPlugin extends Plugin $matches = array(); // Webfinger matches: @user@example.com - if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+@(?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!', + if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+@(?:\w+\-?\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!', $text, $wmatches, PREG_OFFSET_CAPTURE)) { diff --git a/plugins/OStatus/lib/discoveryhints.php b/plugins/OStatus/lib/discoveryhints.php index 80cfbbf15..ca54a0f5f 100644 --- a/plugins/OStatus/lib/discoveryhints.php +++ b/plugins/OStatus/lib/discoveryhints.php @@ -30,6 +30,7 @@ class DiscoveryHints { case Discovery::PROFILEPAGE: $hints['profileurl'] = $link['href']; break; + case Salmon::NS_MENTIONS: case Salmon::NS_REPLIES: $hints['salmon'] = $link['href']; break; diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index 6b723ad10..fdcfacfa5 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -20,7 +20,7 @@ * @category Plugin * @package StatusNet * @author Evan Prodromou <evan@status.net> - * @copyright 2009 StatusNet, Inc. + * @copyright 2009-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -45,7 +45,19 @@ if (!defined('STATUSNET')) { class OpenIDPlugin extends Plugin { - public $openidOnly = false; + // Plugin parameter: set true to disallow non-OpenID logins + // If set, overrides the setting in database or $config['site']['openidonly'] + public $openidOnly = null; + + function initialize() + { + parent::initialize(); + if ($this->openidOnly !== null) { + global $config; + $config['site']['openidonly'] = (bool)$this->openidOnly; + } + + } /** * Add OpenID-related paths to the router table @@ -67,6 +79,7 @@ class OpenIDPlugin extends Plugin $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid')); $m->connect('main/openidserver', array('action' => 'openidserver')); + $m->connect('admin/openid', array('action' => 'openidadminpanel')); return true; } @@ -84,7 +97,7 @@ class OpenIDPlugin extends Plugin function onStartConnectPath(&$path, &$defaults, &$rules, &$result) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { static $block = array('main/login', 'main/register', 'main/recoverpassword', @@ -108,7 +121,7 @@ class OpenIDPlugin extends Plugin function onArgsInitialize($args) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { if (array_key_exists('action', $args)) { $action = trim($args['action']); if (in_array($action, array('login', 'register'))) { @@ -199,7 +212,7 @@ class OpenIDPlugin extends Plugin function onStartPrimaryNav($action) { - if ($this->openidOnly && !common_logged_in()) { + if (common_config('site', 'openidonly') && !common_logged_in()) { // TRANS: Tooltip for main menu option "Login" $tooltip = _m('TOOLTIP', 'Login to the site'); $action->menuItem(common_local_url('openidlogin'), @@ -241,7 +254,7 @@ class OpenIDPlugin extends Plugin function onStartLoginGroupNav(&$action) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { $this->showOpenIDLoginTab($action); // Even though we replace this code, we // DON'T run the End* hook, to keep others from @@ -299,7 +312,7 @@ class OpenIDPlugin extends Plugin */ function onStartAccountSettingsPasswordMenuItem($menu, &$unused) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { return false; } return true; @@ -349,13 +362,19 @@ class OpenIDPlugin extends Plugin case 'OpenidsettingsAction': case 'OpenidserverAction': case 'OpenidtrustAction': - require_once INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php'; + case 'OpenidadminpanelAction': + require_once dirname(__FILE__) . '/' . strtolower(mb_substr($cls, 0, -6)) . '.php'; return false; case 'User_openid': - require_once INSTALLDIR.'/plugins/OpenID/User_openid.php'; + require_once dirname(__FILE__) . '/User_openid.php'; return false; case 'User_openid_trustroot': - require_once INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php'; + require_once dirname(__FILE__) . '/User_openid_trustroot.php'; + return false; + case 'Auth_OpenID_TeamsExtension': + case 'Auth_OpenID_TeamsRequest': + case 'Auth_OpenID_TeamsResponse': + require_once dirname(__FILE__) . '/extlib/teams-extension.php'; return false; default: return true; @@ -446,7 +465,7 @@ class OpenIDPlugin extends Plugin function onRedirectToLogin($action, $user) { - if ($this->openidOnly || (!empty($user) && User_openid::hasOpenID($user->id))) { + if (common_config('site', 'openid_only') || (!empty($user) && User_openid::hasOpenID($user->id))) { common_redirect(common_local_url('openidlogin'), 303); return false; } @@ -582,6 +601,32 @@ class OpenIDPlugin extends Plugin } /** + * Add an OpenID tab to the admin panel + * + * @param Widget $nav Admin panel nav + * + * @return boolean hook value + */ + + function onEndAdminPanelNav($nav) + { + if (AdminPanelAction::canAdmin('openid')) { + + $action_name = $nav->action->trimmed('action'); + + $nav->out->menuItem( + common_local_url('openidadminpanel'), + _m('OpenID'), + _m('OpenID configuration'), + $action_name == 'openidadminpanel', + 'nav_openid_admin_panel' + ); + } + + return true; + } + + /** * Add our version information to output * * @param array &$versions Array of version-data arrays diff --git a/plugins/OpenID/extlib/README b/plugins/OpenID/extlib/README new file mode 100644 index 000000000..1fe80d79b --- /dev/null +++ b/plugins/OpenID/extlib/README @@ -0,0 +1,6 @@ +team-extension.php + Support for Launchpad's OpenID Teams extension + Maintainer: Canonical + Source: https://code.edge.launchpad.net/wordpress-teams-integration + r27 2010-04-27 + License: AGPLv3 diff --git a/plugins/OpenID/extlib/teams-extension.php b/plugins/OpenID/extlib/teams-extension.php new file mode 100644 index 000000000..451f2fb19 --- /dev/null +++ b/plugins/OpenID/extlib/teams-extension.php @@ -0,0 +1,175 @@ +<?php +/* + * Wordpress Teams plugin + * Copyright (C) 2009-2010 Canonical Ltd. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +/** + * Provides an example OpenID extension to query user team/group membership + * + * This code is based on code supplied with the openid library for simple + * registration data. + */ + +/** + * Require the Message implementation. + */ +require_once 'Auth/OpenID/Message.php'; +require_once 'Auth/OpenID/Extension.php'; + +/** + * The team/group extension base class + */ +class Auth_OpenID_TeamsExtension extends Auth_OpenID_Extension { + var $ns_uri = 'http://ns.launchpad.net/2007/openid-teams'; + var $ns_alias = 'lp'; + var $request_field = 'query_membership'; + var $response_field = 'is_member'; + + /** + * Get the string arguments that should be added to an OpenID + * message for this extension. + */ + function getExtensionArgs() { + $args = array(); + + if ($this->_teams) { + $args[$this->request_field] = implode(',', $this->_teams); + } + + return $args; + } + + /** + * Add the arguments from this extension to the provided message. + * + * Returns the message with the extension arguments added. + */ + function toMessage(&$message) { + if ($message->namespaces->addAlias($this->ns_uri, $this->ns_alias) === null) { + if ($message->namespaces->getAlias($this->ns_uri) != $this->ns_alias) { + return null; + } + } + + $message->updateArgs($this->ns_uri, $this->getExtensionArgs()); + return $message; + } + + /** + * Extract the team/group namespace URI from the given OpenID message. + * Handles OpenID 1 and 2. + * + * $message: The OpenID message from which to parse team/group data. + * This may be a request or response message. + * + * Returns the sreg namespace URI for the supplied message. + * + * @access private + */ + function _getExtensionNS(&$message) { + $alias = null; + $found_ns_uri = null; + + // See if there exists an alias for the namespace + $alias = $message->namespaces->getAlias($this->ns_uri); + + if ($alias !== null) { + $found_ns_uri = $this->ns_uri; + } + + if ($alias === null) { + // There is no alias for this extension, so try to add one. + $found_ns_uri = Auth_OpenID_TYPE_1_0; + + if ($message->namespaces->addAlias($this->ns_uri, $this->ns_alias) === null) { + // An alias for the string 'lp' already exists, but + // it's defined for something other than team/group membership + return null; + } + } + + return $found_ns_uri; + } +} + +/** + * The team/group extension request class + */ +class Auth_OpenID_TeamsRequest extends Auth_OpenID_TeamsExtension { + function __init($teams) { + if (!is_array($teams)) { + if (!empty($teams)) { + $teams = explode(',', $teams); + } else { + $teams = Array(); + } + } + + $this->_teams = $teams; + } + + function Auth_OpenID_TeamsRequest($teams) { + $this->__init($teams); + } +} + +/** + * The team/group extension response class + */ +class Auth_OpenID_TeamsResponse extends Auth_OpenID_TeamsExtension { + var $_teams = array(); + + function __init(&$resp, $signed_only=true) { + $this->ns_uri = $this->_getExtensionNS($resp->message); + + if ($signed_only) { + $args = $resp->getSignedNS($this->ns_uri); + } else { + $args = $resp->message->getArgs($this->ns_uri); + } + + if ($args === null) { + return null; + } + + // An OpenID 2.0 response will handle the namespaces + if (in_array($this->response_field, array_keys($args)) && !empty($args[$this->response_field])) { + $this->_teams = explode(',', $args[$this->response_field]); + } + + // Piggybacking on a 1.x request, however, won't so the field name will + // be different + elseif (in_array($this->ns_alias.'.'.$this->response_field, array_keys($args)) && !empty($args[$this->ns_alias.'.'.$this->response_field])) { + $this->_teams = explode(',', $args[$this->ns_alias.'.'.$this->response_field]); + } + } + + function Auth_OpenID_TeamsResponse(&$resp, $signed_only=true) { + $this->__init($resp, $signed_only); + } + + /** + * Get the array of teams the user is a member of + * + * @return array + */ + function getTeams() { + return $this->_teams; + } +} + +?> diff --git a/plugins/OpenID/finishaddopenid.php b/plugins/OpenID/finishaddopenid.php index 77fcc3805..e07ab764e 100644 --- a/plugins/OpenID/finishaddopenid.php +++ b/plugins/OpenID/finishaddopenid.php @@ -106,6 +106,12 @@ class FinishaddopenidAction extends Action $sreg = $sreg_resp->contents(); } + // Launchpad teams extension + if (!oid_check_teams($response)) { + $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.')); + return; + } + $cur = common_current_user(); $other = oid_get_user($canonical); diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php index 5b1a7cee0..a9ab14199 100644 --- a/plugins/OpenID/finishopenidlogin.php +++ b/plugins/OpenID/finishopenidlogin.php @@ -193,6 +193,12 @@ class FinishopenidloginAction extends Action $sreg = $sreg_resp->contents(); } + // Launchpad teams extension + if (!oid_check_teams($response)) { + $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.')); + return; + } + $user = oid_get_user($canonical); if ($user) { diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index 68b5c29e2..4dc924695 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -168,6 +168,15 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $auth_request->addExtension($sreg_request); } + $requiredTeam = common_config('openid', 'required_team'); + if ($requiredTeam) { + // LaunchPad OpenID extension + $team_request = new Auth_OpenID_TeamsRequest(array($requiredTeam)); + if ($team_request) { + $auth_request->addExtension($team_request); + } + } + $trust_root = common_root_url(true); $process_url = common_local_url($returnto); @@ -298,6 +307,33 @@ function oid_assert_allowed($url) return; } +/** + * Check the teams available in the given OpenID response + * Using Launchpad's OpenID teams extension + * + * @return boolean whether this user is acceptable + */ +function oid_check_teams($response) +{ + $requiredTeam = common_config('openid', 'required_team'); + if ($requiredTeam) { + $team_resp = new Auth_OpenID_TeamsResponse($response); + if ($team_resp) { + $teams = $team_resp->getTeams(); + } else { + $teams = array(); + } + + $match = in_array($requiredTeam, $teams); + $is = $match ? 'is' : 'is not'; + common_log(LOG_DEBUG, "Remote user $is in required team $requiredTeam: [" . implode(', ', $teams) . "]"); + + return $match; + } + + return true; +} + class AutosubmitAction extends Action { var $form_html = null; diff --git a/plugins/OpenID/openidadminpanel.php b/plugins/OpenID/openidadminpanel.php new file mode 100644 index 000000000..063306366 --- /dev/null +++ b/plugins/OpenID/openidadminpanel.php @@ -0,0 +1,270 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * OpenID bridge administration panel + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Administer global OpenID settings + * + * @category Admin + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class OpenidadminpanelAction extends AdminPanelAction +{ + /** + * Returns the page title + * + * @return string page title + */ + + function title() + { + return _m('OpenID'); + } + + /** + * Instructions for using this form. + * + * @return string instructions + */ + + function getInstructions() + { + return _m('OpenID settings'); + } + + /** + * Show the OpenID admin panel form + * + * @return void + */ + + function showForm() + { + $form = new OpenIDAdminPanelForm($this); + $form->show(); + return; + } + + /** + * Save settings from the form + * + * @return void + */ + + function saveSettings() + { + static $settings = array( + 'openid' => array('trusted_provider', 'required_team') + ); + + static $booleans = array( + 'site' => array('openidonly') + ); + + $values = array(); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] + = $this->trimmed($setting); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] + = ($this->boolean($setting)) ? 1 : 0; + } + } + + // This throws an exception on validation errors + + $this->validate($values); + + // assert(all values are valid); + + $config = new Config(); + + $config->query('BEGIN'); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + $config->query('COMMIT'); + + return; + } + + function validate(&$values) + { + // Validate consumer key and secret (can't be too long) + + if (mb_strlen($values['openid']['trusted_provider']) > 255) { + $this->clientError( + _m("Invalid provider URL. Max length is 255 characters.") + ); + } + + if (mb_strlen($values['openid']['required_team']) > 255) { + $this->clientError( + _m("Invalid team name. Max length is 255 characters.") + ); + } + } +} + +class OpenIDAdminPanelForm extends AdminForm +{ + /** + * ID of the form + * + * @return int ID of the form + */ + + function id() + { + return 'openidadminpanel'; + } + + /** + * class of the form + * + * @return string class of the form + */ + + function formClass() + { + return 'form_settings'; + } + + /** + * Action of the form + * + * @return string URL of the action + */ + + function action() + { + return common_local_url('openidadminpanel'); + } + + /** + * Data elements of the form + * + * @return void + * + * @todo Some of the options could prevent users from logging in again. + * Make sure that the acting administrator has a valid OpenID matching, + * or more carefully warn folks. + */ + + function formData() + { + $this->out->elementStart( + 'fieldset', + array('id' => 'settings_openid') + ); + $this->out->element('legend', null, _m('Trusted provider')); + $this->out->element('p', 'form_guide', + _m('By default, users are allowed to authenticate with any OpenID provider. ' . + 'If you are using your own OpenID service for shared sign-in, ' . + 'you can restrict access to only your own users here.')); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input( + 'trusted_provider', + _m('Provider URL'), + _m('All OpenID logins will be sent to this URL; other providers may not be used.'), + 'openid' + ); + $this->unli(); + + $this->li(); + $this->input( + 'required_team', + _m('Required team'), + _m('Only allow logins from users in the given team (Launchpad extension).'), + 'openid' + ); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + + $this->out->elementStart( + 'fieldset', + array('id' => 'settings_openid-options') + ); + $this->out->element('legend', null, _m('Options')); + + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + + $this->out->checkbox( + 'openidonly', _m('Enable OpenID-only mode'), + (bool) $this->value('openidonly', 'site'), + _m('Require all users to login via OpenID. WARNING: disables password authentication for all users!'), + 'true' + ); + $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + } + + /** + * Action elements + * + * @return void + */ + + function formActions() + { + $this->out->submit('submit', _('Save'), 'submit', null, _m('Save OpenID settings')); + } +} diff --git a/plugins/OpenID/openidlogin.php b/plugins/OpenID/openidlogin.php index ec05daeb1..34e00ccce 100644 --- a/plugins/OpenID/openidlogin.php +++ b/plugins/OpenID/openidlogin.php @@ -30,7 +30,12 @@ class OpenidloginAction extends Action // TRANS: Client error message trying to log on with OpenID while already logged on. $this->clientError(_m('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $openid_url = $this->trimmed('openid_url'); + $provider = common_config('openid', 'trusted_provider'); + if ($provider) { + $openid_url = $provider; + } else { + $openid_url = $this->trimmed('openid_url'); + } oid_assert_allowed($openid_url); @@ -124,11 +129,20 @@ class OpenidloginAction extends Action $this->elementStart('ul', 'form_data'); $this->elementStart('li'); - // TRANS: OpenID plugin logon form field label. - $this->input('openid_url', _m('OpenID URL'), - $this->openid_url, - // TRANS: OpenID plugin logon form field instructions. - _m('Your OpenID URL')); + $provider = common_config('openid', 'trusted_provider'); + if ($provider) { + $this->element('label', array(), _m('OpenID provider')); + $this->element('span', array(), $provider); + $this->element('p', 'form_guide', + _m('You will be sent to the provider\'s site for authentication.')); + $this->hidden('openid_url', $provider); + } else { + // TRANS: OpenID plugin logon form field label. + $this->input('openid_url', _m('OpenID URL'), + $this->openid_url, + // TRANS: OpenID plugin logon form field instructions. + _m('Your OpenID URL')); + } $this->elementEnd('li'); $this->elementStart('li', array('id' => 'settings_rememberme')); // TRANS: OpenID plugin logon form checkbox label for setting to put the OpenID information in a cookie. diff --git a/plugins/OpenID/openidsettings.php b/plugins/OpenID/openidsettings.php index 16142cf48..505e7d0ee 100644 --- a/plugins/OpenID/openidsettings.php +++ b/plugins/OpenID/openidsettings.php @@ -90,34 +90,36 @@ class OpenidsettingsAction extends AccountSettingsAction { $user = common_current_user(); - $this->elementStart('form', array('method' => 'post', - 'id' => 'form_settings_openid_add', - 'class' => 'form_settings', - 'action' => - common_local_url('openidsettings'))); - $this->elementStart('fieldset', array('id' => 'settings_openid_add')); - $this->element('legend', null, _m('Add OpenID')); - $this->hidden('token', common_session_token()); - $this->element('p', 'form_guide', - _m('If you want to add an OpenID to your account, ' . - 'enter it in the box below and click "Add".')); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->element('label', array('for' => 'openid_url'), - _m('OpenID URL')); - $this->element('input', array('name' => 'openid_url', - 'type' => 'text', - 'id' => 'openid_url')); - $this->elementEnd('li'); - $this->elementEnd('ul'); - $this->element('input', array('type' => 'submit', - 'id' => 'settings_openid_add_action-submit', - 'name' => 'add', - 'class' => 'submit', - 'value' => _m('Add'))); - $this->elementEnd('fieldset'); - $this->elementEnd('form'); - + if (!common_config('openid', 'trusted_provider')) { + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_openid_add', + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset', array('id' => 'settings_openid_add')); + + $this->element('legend', null, _m('Add OpenID')); + $this->hidden('token', common_session_token()); + $this->element('p', 'form_guide', + _m('If you want to add an OpenID to your account, ' . + 'enter it in the box below and click "Add".')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->element('label', array('for' => 'openid_url'), + _m('OpenID URL')); + $this->element('input', array('name' => 'openid_url', + 'type' => 'text', + 'id' => 'openid_url')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->element('input', array('type' => 'submit', + 'id' => 'settings_openid_add_action-submit', + 'name' => 'add', + 'class' => 'submit', + 'value' => _m('Add'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } $oid = new User_openid(); $oid->user_id = $user->id; @@ -234,10 +236,14 @@ class OpenidsettingsAction extends AccountSettingsAction } if ($this->arg('add')) { - $result = oid_authenticate($this->trimmed('openid_url'), - 'finishaddopenid'); - if (is_string($result)) { // error message - $this->showForm($result); + if (common_config('openid', 'trusted_provider')) { + $this->showForm(_m("Can't add new providers.")); + } else { + $result = oid_authenticate($this->trimmed('openid_url'), + 'finishaddopenid'); + if (is_string($result)) { // error message + $this->showForm($result); + } } } else if ($this->arg('remove')) { $this->removeOpenid(); diff --git a/plugins/Realtime/README b/plugins/Realtime/README index 524382696..99c79cfab 100644 --- a/plugins/Realtime/README +++ b/plugins/Realtime/README @@ -1,6 +1,5 @@ == TODO == * i18n -* Change in context URL to conversation (try not to construct the URL in JS) * Update mark behaviour (on notice send) * Pause, Send a notice ~ should not update counter * Pause ~ retain up to 50-100 most recent notices diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index b559d80c6..352afcf78 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -250,14 +250,7 @@ class RealtimePlugin extends Plugin $arr['url'] = $notice->bestUrl(); $arr['html'] = htmlspecialchars($notice->rendered); $arr['source'] = htmlspecialchars($arr['source']); - - if (!empty($notice->reply_to)) { - $reply_to = Notice::staticGet('id', $notice->reply_to); - if (!empty($reply_to)) { - $arr['in_reply_to_status_url'] = $reply_to->bestUrl(); - } - $reply_to = null; - } + $arr['conversation_url'] = $this->getConversationUrl($notice); $profile = $notice->getProfile(); $arr['user']['profile_url'] = $profile->profileurl; @@ -272,10 +265,7 @@ class RealtimePlugin extends Plugin $arr['retweeted_status']['source'] = htmlspecialchars($original->source); $originalProfile = $original->getProfile(); $arr['retweeted_status']['user']['profile_url'] = $originalProfile->profileurl; - if (!empty($original->reply_to)) { - $originalReply = Notice::staticGet('id', $original->reply_to); - $arr['retweeted_status']['in_reply_to_status_url'] = $originalReply->bestUrl(); - } + $arr['retweeted_status']['conversation_url'] = $this->getConversationUrl($original); } $original = null; } @@ -303,6 +293,34 @@ class RealtimePlugin extends Plugin return $tags; } + function getConversationUrl($notice) + { + $convurl = null; + + if ($notice->hasConversation()) { + $conv = Conversation::staticGet( + 'id', + $notice->conversation + ); + $convurl = $conv->uri; + + if(empty($convurl)) { + $msg = sprintf( + "Couldn't find Conversation ID %d to make 'in context'" + . "link for Notice ID %d", + $notice->conversation, + $notice->id + ); + + common_log(LOG_WARNING, $msg); + } else { + $convurl .= '#notice-' . $notice->id; + } + } + + return $convurl; + } + function _getScripts() { return array('plugins/Realtime/realtimeupdate.js'); diff --git a/plugins/Realtime/realtimeupdate.js b/plugins/Realtime/realtimeupdate.js index 2e5851ae5..25dc12d58 100644 --- a/plugins/Realtime/realtimeupdate.js +++ b/plugins/Realtime/realtimeupdate.js @@ -149,8 +149,8 @@ RealtimeUpdate = { "from "+ "<span class=\"device\">"+source+"</span>"+ // may have a link "</span>"; - if (data['in_reply_to_status_id']) { - ni = ni+" <a class=\"response\" href=\""+data['in_reply_to_status_url']+"\">in context</a>"; + if (data['conversation_url']) { + ni = ni+" <a class=\"response\" href=\""+data['conversation_url']+"\">in context</a>"; } if (repeat) { diff --git a/plugins/TwitterBridge/twitter.php b/plugins/TwitterBridge/twitter.php index 21adc7a90..896eee2da 100644 --- a/plugins/TwitterBridge/twitter.php +++ b/plugins/TwitterBridge/twitter.php @@ -335,10 +335,10 @@ function remove_twitter_link($flink) function mail_twitter_bridge_removed($user) { - common_init_locale($user->language); - $profile = $user->getProfile(); + common_switch_locale($user->language); + $subject = sprintf(_m('Your Twitter bridge has been disabled.')); $site_name = common_config('site', 'name'); @@ -354,7 +354,7 @@ function mail_twitter_bridge_removed($user) common_local_url('twittersettings'), common_config('site', 'name')); - common_init_locale(); + common_switch_locale(); return mail_to_user($user, $subject, $body); } |