From 275002d88a758d47e15b2f6d97873c243a500451 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 14 May 2010 16:41:29 -0400 Subject: allow hyphens in subdomains for webfinger addresses --- plugins/OStatus/OStatusPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index f183bc7ae..5167842ca 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -257,7 +257,7 @@ class OStatusPlugin extends Plugin $matches = array(); // Webfinger matches: @user@example.com - if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+@(?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!', + if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+@(?:\w+\-?\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!', $text, $wmatches, PREG_OFFSET_CAPTURE)) { -- cgit v1.2.3-54-g00ecf From 1999b836c0681c44171d849028fb2d5d0c3d01b8 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 14 May 2010 16:43:21 -0400 Subject: accept either salmon endpoint (until they're unified in the spec) --- plugins/OStatus/lib/discoveryhints.php | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/OStatus/lib/discoveryhints.php b/plugins/OStatus/lib/discoveryhints.php index 80cfbbf15..ca54a0f5f 100644 --- a/plugins/OStatus/lib/discoveryhints.php +++ b/plugins/OStatus/lib/discoveryhints.php @@ -30,6 +30,7 @@ class DiscoveryHints { case Discovery::PROFILEPAGE: $hints['profileurl'] = $link['href']; break; + case Salmon::NS_MENTIONS: case Salmon::NS_REPLIES: $hints['salmon'] = $link['href']; break; -- cgit v1.2.3-54-g00ecf From e36df2921260a8970c81f2d729b121816be188e5 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 17 May 2010 19:37:47 +0000 Subject: Patch from g0: fix for conversation links in Realtime updates Previously was using the reply-to URL, which didn't match with other displays. Now sends to the right conversation page. --- plugins/Realtime/README | 1 - plugins/Realtime/RealtimePlugin.php | 40 ++++++++++++++++++++++++++----------- plugins/Realtime/realtimeupdate.js | 4 ++-- 3 files changed, 30 insertions(+), 15 deletions(-) diff --git a/plugins/Realtime/README b/plugins/Realtime/README index 524382696..99c79cfab 100644 --- a/plugins/Realtime/README +++ b/plugins/Realtime/README @@ -1,6 +1,5 @@ == TODO == * i18n -* Change in context URL to conversation (try not to construct the URL in JS) * Update mark behaviour (on notice send) * Pause, Send a notice ~ should not update counter * Pause ~ retain up to 50-100 most recent notices diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index b559d80c6..fa1b5e3e1 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -250,14 +250,7 @@ class RealtimePlugin extends Plugin $arr['url'] = $notice->bestUrl(); $arr['html'] = htmlspecialchars($notice->rendered); $arr['source'] = htmlspecialchars($arr['source']); - - if (!empty($notice->reply_to)) { - $reply_to = Notice::staticGet('id', $notice->reply_to); - if (!empty($reply_to)) { - $arr['in_reply_to_status_url'] = $reply_to->bestUrl(); - } - $reply_to = null; - } + $arr['conversation_url'] = $this->getConversationUrl($notice); $profile = $notice->getProfile(); $arr['user']['profile_url'] = $profile->profileurl; @@ -272,10 +265,7 @@ class RealtimePlugin extends Plugin $arr['retweeted_status']['source'] = htmlspecialchars($original->source); $originalProfile = $original->getProfile(); $arr['retweeted_status']['user']['profile_url'] = $originalProfile->profileurl; - if (!empty($original->reply_to)) { - $originalReply = Notice::staticGet('id', $original->reply_to); - $arr['retweeted_status']['in_reply_to_status_url'] = $originalReply->bestUrl(); - } + $arr['retweeted_status']['conversation_url'] = $this->getConversationUrl($original); } $original = null; } @@ -303,6 +293,32 @@ class RealtimePlugin extends Plugin return $tags; } + function getConversationUrl($notice) + { + $convurl = null; + + if ($notice->hasConversation()) { + $conv = Conversation::staticGet( + 'id', + $notice->conversation + ); + $convurl = $conv->uri; + + if(empty($convurl)) { + $msg = sprintf( + "Couldn't find Conversation ID %d to make 'in context'" + . "link for Notice ID %d", + $notice->conversation, + $notice->id + ); + + common_log(LOG_WARNING, $msg); + } + } + + return $convurl; + } + function _getScripts() { return array('plugins/Realtime/realtimeupdate.js'); diff --git a/plugins/Realtime/realtimeupdate.js b/plugins/Realtime/realtimeupdate.js index 2e5851ae5..25dc12d58 100644 --- a/plugins/Realtime/realtimeupdate.js +++ b/plugins/Realtime/realtimeupdate.js @@ -149,8 +149,8 @@ RealtimeUpdate = { "from "+ ""+source+""+ // may have a link ""; - if (data['in_reply_to_status_id']) { - ni = ni+" in context"; + if (data['conversation_url']) { + ni = ni+" in context"; } if (repeat) { -- cgit v1.2.3-54-g00ecf From b77878f46729d48588fb32b8a54ae13f3752c558 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 17 May 2010 19:47:44 +0000 Subject: Include notice fragment on 'in context' links in Realtime plugin family. --- plugins/Realtime/RealtimePlugin.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index fa1b5e3e1..352afcf78 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -313,6 +313,8 @@ class RealtimePlugin extends Plugin ); common_log(LOG_WARNING, $msg); + } else { + $convurl .= '#notice-' . $notice->id; } } -- cgit v1.2.3-54-g00ecf From 6da59fab58b3f517a9e48204faa4f29ceabc4ba9 Mon Sep 17 00:00:00 2001 From: James Walker Date: Tue, 18 May 2010 10:09:16 -0400 Subject: invalid mbox_sha1sum in the case where users don't have an email address (reported by pedantic-web.org) --- actions/foaf.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/actions/foaf.php b/actions/foaf.php index 9cb65a885..2f054de0c 100644 --- a/actions/foaf.php +++ b/actions/foaf.php @@ -95,7 +95,9 @@ class FoafAction extends Action // Would be nice to tell if they were a Person or not (e.g. a #person usertag?) $this->elementStart('Agent', array('rdf:about' => $this->user->uri)); - $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + if ($this->user->email) { + $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + } if ($this->profile->fullname) { $this->element('name', null, $this->profile->fullname); } -- cgit v1.2.3-54-g00ecf From 7c828ae5f8ab20f0daa8a1482fadce9b3e858975 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 18 May 2010 10:39:56 -0700 Subject: OpenID access control options: trusted provider URL, Launchpad team restrictions. Added an admin panel for setting these and OpenID-only mode, off by default. To enable the admin panel: $config['admin']['panels'][] = 'openid'; Or to set them manually: $config['openid']['trusted_provider'] = 'https://login.ubuntu.net/'; $config['openid']['required_team'] = 'my-project-cabal'; $config['site']['openidonly'] = true; OpenID-only mode can still be set from addPlugin() parameters as well for backwards compatibility. Note: if it's set there, that value will override the setting from the database or config.php. Note that team restrictions are only really meaningful if a trusted provider is set; otherwise, any OpenID server could report back that users are members of the given team. Restrictions are checked only at OpenID authentication time and will not kick off people currently with a session open; existing remembered logins may also survive these changes. Using code for Launchpad team support provided by Canonical under AGPLv3, pulled from r27 of WordPress teams integration plugin: https://code.edge.launchpad.net/~canonical-isd-hackers/wordpress-teams-integration/trunk --- plugins/OpenID/OpenIDPlugin.php | 67 ++++++-- plugins/OpenID/extlib/README | 6 + plugins/OpenID/extlib/teams-extension.php | 175 +++++++++++++++++++ plugins/OpenID/finishaddopenid.php | 6 + plugins/OpenID/finishopenidlogin.php | 6 + plugins/OpenID/openid.php | 36 ++++ plugins/OpenID/openidadminpanel.php | 270 ++++++++++++++++++++++++++++++ plugins/OpenID/openidlogin.php | 22 ++- plugins/OpenID/openidsettings.php | 70 ++++---- 9 files changed, 611 insertions(+), 47 deletions(-) create mode 100644 plugins/OpenID/extlib/README create mode 100644 plugins/OpenID/extlib/teams-extension.php create mode 100644 plugins/OpenID/openidadminpanel.php diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index 270e2c624..9eac9f6fc 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -20,7 +20,7 @@ * @category Plugin * @package StatusNet * @author Evan Prodromou - * @copyright 2009 StatusNet, Inc. + * @copyright 2009-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -45,7 +45,19 @@ if (!defined('STATUSNET')) { class OpenIDPlugin extends Plugin { - public $openidOnly = false; + // Plugin parameter: set true to disallow non-OpenID logins + // If set, overrides the setting in database or $config['site']['openidonly'] + public $openidOnly = null; + + function initialize() + { + parent::initialize(); + if ($this->openidOnly !== null) { + global $config; + $config['site']['openidonly'] = (bool)$this->openidOnly; + } + + } /** * Add OpenID-related paths to the router table @@ -67,6 +79,7 @@ class OpenIDPlugin extends Plugin $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid')); $m->connect('main/openidserver', array('action' => 'openidserver')); + $m->connect('admin/openid', array('action' => 'openidadminpanel')); return true; } @@ -84,7 +97,7 @@ class OpenIDPlugin extends Plugin function onStartConnectPath(&$path, &$defaults, &$rules, &$result) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { static $block = array('main/login', 'main/register', 'main/recoverpassword', @@ -108,7 +121,7 @@ class OpenIDPlugin extends Plugin function onArgsInitialize($args) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { if (array_key_exists('action', $args)) { $action = trim($args['action']); if (in_array($action, array('login', 'register'))) { @@ -199,7 +212,7 @@ class OpenIDPlugin extends Plugin function onStartPrimaryNav($action) { - if ($this->openidOnly && !common_logged_in()) { + if (common_config('site', 'openidonly') && !common_logged_in()) { // TRANS: Tooltip for main menu option "Login" $tooltip = _m('TOOLTIP', 'Login to the site'); // TRANS: Main menu option when not logged in to log in @@ -241,7 +254,7 @@ class OpenIDPlugin extends Plugin function onStartLoginGroupNav(&$action) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { $this->showOpenIDLoginTab($action); // Even though we replace this code, we // DON'T run the End* hook, to keep others from @@ -297,7 +310,7 @@ class OpenIDPlugin extends Plugin */ function onStartAccountSettingsPasswordMenuItem($menu, &$unused) { - if ($this->openidOnly) { + if (common_config('site', 'openidonly')) { return false; } return true; @@ -345,13 +358,19 @@ class OpenIDPlugin extends Plugin case 'OpenidsettingsAction': case 'OpenidserverAction': case 'OpenidtrustAction': - require_once INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php'; + case 'OpenidadminpanelAction': + require_once dirname(__FILE__) . '/' . strtolower(mb_substr($cls, 0, -6)) . '.php'; return false; case 'User_openid': - require_once INSTALLDIR.'/plugins/OpenID/User_openid.php'; + require_once dirname(__FILE__) . '/User_openid.php'; return false; case 'User_openid_trustroot': - require_once INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php'; + require_once dirname(__FILE__) . '/User_openid_trustroot.php'; + return false; + case 'Auth_OpenID_TeamsExtension': + case 'Auth_OpenID_TeamsRequest': + case 'Auth_OpenID_TeamsResponse': + require_once dirname(__FILE__) . '/extlib/teams-extension.php'; return false; default: return true; @@ -442,7 +461,7 @@ class OpenIDPlugin extends Plugin function onRedirectToLogin($action, $user) { - if ($this->openidOnly || (!empty($user) && User_openid::hasOpenID($user->id))) { + if (common_config('site', 'openid_only') || (!empty($user) && User_openid::hasOpenID($user->id))) { common_redirect(common_local_url('openidlogin'), 303); return false; } @@ -577,6 +596,32 @@ class OpenIDPlugin extends Plugin return true; } + /** + * Add an OpenID tab to the admin panel + * + * @param Widget $nav Admin panel nav + * + * @return boolean hook value + */ + + function onEndAdminPanelNav($nav) + { + if (AdminPanelAction::canAdmin('openid')) { + + $action_name = $nav->action->trimmed('action'); + + $nav->out->menuItem( + common_local_url('openidadminpanel'), + _m('OpenID'), + _m('OpenID configuration'), + $action_name == 'openidadminpanel', + 'nav_openid_admin_panel' + ); + } + + return true; + } + /** * Add our version information to output * diff --git a/plugins/OpenID/extlib/README b/plugins/OpenID/extlib/README new file mode 100644 index 000000000..1fe80d79b --- /dev/null +++ b/plugins/OpenID/extlib/README @@ -0,0 +1,6 @@ +team-extension.php + Support for Launchpad's OpenID Teams extension + Maintainer: Canonical + Source: https://code.edge.launchpad.net/wordpress-teams-integration + r27 2010-04-27 + License: AGPLv3 diff --git a/plugins/OpenID/extlib/teams-extension.php b/plugins/OpenID/extlib/teams-extension.php new file mode 100644 index 000000000..451f2fb19 --- /dev/null +++ b/plugins/OpenID/extlib/teams-extension.php @@ -0,0 +1,175 @@ +. + */ + +/** + * Provides an example OpenID extension to query user team/group membership + * + * This code is based on code supplied with the openid library for simple + * registration data. + */ + +/** + * Require the Message implementation. + */ +require_once 'Auth/OpenID/Message.php'; +require_once 'Auth/OpenID/Extension.php'; + +/** + * The team/group extension base class + */ +class Auth_OpenID_TeamsExtension extends Auth_OpenID_Extension { + var $ns_uri = 'http://ns.launchpad.net/2007/openid-teams'; + var $ns_alias = 'lp'; + var $request_field = 'query_membership'; + var $response_field = 'is_member'; + + /** + * Get the string arguments that should be added to an OpenID + * message for this extension. + */ + function getExtensionArgs() { + $args = array(); + + if ($this->_teams) { + $args[$this->request_field] = implode(',', $this->_teams); + } + + return $args; + } + + /** + * Add the arguments from this extension to the provided message. + * + * Returns the message with the extension arguments added. + */ + function toMessage(&$message) { + if ($message->namespaces->addAlias($this->ns_uri, $this->ns_alias) === null) { + if ($message->namespaces->getAlias($this->ns_uri) != $this->ns_alias) { + return null; + } + } + + $message->updateArgs($this->ns_uri, $this->getExtensionArgs()); + return $message; + } + + /** + * Extract the team/group namespace URI from the given OpenID message. + * Handles OpenID 1 and 2. + * + * $message: The OpenID message from which to parse team/group data. + * This may be a request or response message. + * + * Returns the sreg namespace URI for the supplied message. + * + * @access private + */ + function _getExtensionNS(&$message) { + $alias = null; + $found_ns_uri = null; + + // See if there exists an alias for the namespace + $alias = $message->namespaces->getAlias($this->ns_uri); + + if ($alias !== null) { + $found_ns_uri = $this->ns_uri; + } + + if ($alias === null) { + // There is no alias for this extension, so try to add one. + $found_ns_uri = Auth_OpenID_TYPE_1_0; + + if ($message->namespaces->addAlias($this->ns_uri, $this->ns_alias) === null) { + // An alias for the string 'lp' already exists, but + // it's defined for something other than team/group membership + return null; + } + } + + return $found_ns_uri; + } +} + +/** + * The team/group extension request class + */ +class Auth_OpenID_TeamsRequest extends Auth_OpenID_TeamsExtension { + function __init($teams) { + if (!is_array($teams)) { + if (!empty($teams)) { + $teams = explode(',', $teams); + } else { + $teams = Array(); + } + } + + $this->_teams = $teams; + } + + function Auth_OpenID_TeamsRequest($teams) { + $this->__init($teams); + } +} + +/** + * The team/group extension response class + */ +class Auth_OpenID_TeamsResponse extends Auth_OpenID_TeamsExtension { + var $_teams = array(); + + function __init(&$resp, $signed_only=true) { + $this->ns_uri = $this->_getExtensionNS($resp->message); + + if ($signed_only) { + $args = $resp->getSignedNS($this->ns_uri); + } else { + $args = $resp->message->getArgs($this->ns_uri); + } + + if ($args === null) { + return null; + } + + // An OpenID 2.0 response will handle the namespaces + if (in_array($this->response_field, array_keys($args)) && !empty($args[$this->response_field])) { + $this->_teams = explode(',', $args[$this->response_field]); + } + + // Piggybacking on a 1.x request, however, won't so the field name will + // be different + elseif (in_array($this->ns_alias.'.'.$this->response_field, array_keys($args)) && !empty($args[$this->ns_alias.'.'.$this->response_field])) { + $this->_teams = explode(',', $args[$this->ns_alias.'.'.$this->response_field]); + } + } + + function Auth_OpenID_TeamsResponse(&$resp, $signed_only=true) { + $this->__init($resp, $signed_only); + } + + /** + * Get the array of teams the user is a member of + * + * @return array + */ + function getTeams() { + return $this->_teams; + } +} + +?> diff --git a/plugins/OpenID/finishaddopenid.php b/plugins/OpenID/finishaddopenid.php index 991e6584e..df1763a52 100644 --- a/plugins/OpenID/finishaddopenid.php +++ b/plugins/OpenID/finishaddopenid.php @@ -103,6 +103,12 @@ class FinishaddopenidAction extends Action $sreg = $sreg_resp->contents(); } + // Launchpad teams extension + if (!oid_check_teams($response)) { + $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.')); + return; + } + $cur = common_current_user(); $other = oid_get_user($canonical); diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php index 32b092a0b..57723ff97 100644 --- a/plugins/OpenID/finishopenidlogin.php +++ b/plugins/OpenID/finishopenidlogin.php @@ -177,6 +177,12 @@ class FinishopenidloginAction extends Action $sreg = $sreg_resp->contents(); } + // Launchpad teams extension + if (!oid_check_teams($response)) { + $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.')); + return; + } + $user = oid_get_user($canonical); if ($user) { diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index 4ec336e1c..5ee9343d2 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -164,6 +164,15 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $auth_request->addExtension($sreg_request); } + $requiredTeam = common_config('openid', 'required_team'); + if ($requiredTeam) { + // LaunchPad OpenID extension + $team_request = new Auth_OpenID_TeamsRequest(array($requiredTeam)); + if ($team_request) { + $auth_request->addExtension($team_request); + } + } + $trust_root = common_root_url(true); $process_url = common_local_url($returnto); @@ -286,6 +295,33 @@ function oid_assert_allowed($url) return; } +/** + * Check the teams available in the given OpenID response + * Using Launchpad's OpenID teams extension + * + * @return boolean whether this user is acceptable + */ +function oid_check_teams($response) +{ + $requiredTeam = common_config('openid', 'required_team'); + if ($requiredTeam) { + $team_resp = new Auth_OpenID_TeamsResponse($response); + if ($team_resp) { + $teams = $team_resp->getTeams(); + } else { + $teams = array(); + } + + $match = in_array($requiredTeam, $teams); + $is = $match ? 'is' : 'is not'; + common_log(LOG_DEBUG, "Remote user $is in required team $requiredTeam: [" . implode(', ', $teams) . "]"); + + return $match; + } + + return true; +} + class AutosubmitAction extends Action { var $form_html = null; diff --git a/plugins/OpenID/openidadminpanel.php b/plugins/OpenID/openidadminpanel.php new file mode 100644 index 000000000..063306366 --- /dev/null +++ b/plugins/OpenID/openidadminpanel.php @@ -0,0 +1,270 @@ +. + * + * @category Settings + * @package StatusNet + * @author Zach Copley + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Administer global OpenID settings + * + * @category Admin + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class OpenidadminpanelAction extends AdminPanelAction +{ + /** + * Returns the page title + * + * @return string page title + */ + + function title() + { + return _m('OpenID'); + } + + /** + * Instructions for using this form. + * + * @return string instructions + */ + + function getInstructions() + { + return _m('OpenID settings'); + } + + /** + * Show the OpenID admin panel form + * + * @return void + */ + + function showForm() + { + $form = new OpenIDAdminPanelForm($this); + $form->show(); + return; + } + + /** + * Save settings from the form + * + * @return void + */ + + function saveSettings() + { + static $settings = array( + 'openid' => array('trusted_provider', 'required_team') + ); + + static $booleans = array( + 'site' => array('openidonly') + ); + + $values = array(); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] + = $this->trimmed($setting); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] + = ($this->boolean($setting)) ? 1 : 0; + } + } + + // This throws an exception on validation errors + + $this->validate($values); + + // assert(all values are valid); + + $config = new Config(); + + $config->query('BEGIN'); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + $config->query('COMMIT'); + + return; + } + + function validate(&$values) + { + // Validate consumer key and secret (can't be too long) + + if (mb_strlen($values['openid']['trusted_provider']) > 255) { + $this->clientError( + _m("Invalid provider URL. Max length is 255 characters.") + ); + } + + if (mb_strlen($values['openid']['required_team']) > 255) { + $this->clientError( + _m("Invalid team name. Max length is 255 characters.") + ); + } + } +} + +class OpenIDAdminPanelForm extends AdminForm +{ + /** + * ID of the form + * + * @return int ID of the form + */ + + function id() + { + return 'openidadminpanel'; + } + + /** + * class of the form + * + * @return string class of the form + */ + + function formClass() + { + return 'form_settings'; + } + + /** + * Action of the form + * + * @return string URL of the action + */ + + function action() + { + return common_local_url('openidadminpanel'); + } + + /** + * Data elements of the form + * + * @return void + * + * @todo Some of the options could prevent users from logging in again. + * Make sure that the acting administrator has a valid OpenID matching, + * or more carefully warn folks. + */ + + function formData() + { + $this->out->elementStart( + 'fieldset', + array('id' => 'settings_openid') + ); + $this->out->element('legend', null, _m('Trusted provider')); + $this->out->element('p', 'form_guide', + _m('By default, users are allowed to authenticate with any OpenID provider. ' . + 'If you are using your own OpenID service for shared sign-in, ' . + 'you can restrict access to only your own users here.')); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input( + 'trusted_provider', + _m('Provider URL'), + _m('All OpenID logins will be sent to this URL; other providers may not be used.'), + 'openid' + ); + $this->unli(); + + $this->li(); + $this->input( + 'required_team', + _m('Required team'), + _m('Only allow logins from users in the given team (Launchpad extension).'), + 'openid' + ); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + + $this->out->elementStart( + 'fieldset', + array('id' => 'settings_openid-options') + ); + $this->out->element('legend', null, _m('Options')); + + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + + $this->out->checkbox( + 'openidonly', _m('Enable OpenID-only mode'), + (bool) $this->value('openidonly', 'site'), + _m('Require all users to login via OpenID. WARNING: disables password authentication for all users!'), + 'true' + ); + $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + } + + /** + * Action elements + * + * @return void + */ + + function formActions() + { + $this->out->submit('submit', _('Save'), 'submit', null, _m('Save OpenID settings')); + } +} diff --git a/plugins/OpenID/openidlogin.php b/plugins/OpenID/openidlogin.php index 2a743672c..8c559c934 100644 --- a/plugins/OpenID/openidlogin.php +++ b/plugins/OpenID/openidlogin.php @@ -29,7 +29,12 @@ class OpenidloginAction extends Action if (common_is_real_login()) { $this->clientError(_m('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $openid_url = $this->trimmed('openid_url'); + $provider = common_config('openid', 'trusted_provider'); + if ($provider) { + $openid_url = $provider; + } else { + $openid_url = $this->trimmed('openid_url'); + } oid_assert_allowed($openid_url); @@ -116,9 +121,18 @@ class OpenidloginAction extends Action $this->elementStart('ul', 'form_data'); $this->elementStart('li'); - $this->input('openid_url', _m('OpenID URL'), - $this->openid_url, - _m('Your OpenID URL')); + $provider = common_config('openid', 'trusted_provider'); + if ($provider) { + $this->element('label', array(), _m('OpenID provider')); + $this->element('span', array(), $provider); + $this->element('p', 'form_guide', + _m('You will be sent to the provider\'s site for authentication.')); + $this->hidden('openid_url', $provider); + } else { + $this->input('openid_url', _m('OpenID URL'), + $this->openid_url, + _m('Your OpenID URL')); + } $this->elementEnd('li'); $this->elementStart('li', array('id' => 'settings_rememberme')); $this->checkbox('rememberme', _m('Remember me'), false, diff --git a/plugins/OpenID/openidsettings.php b/plugins/OpenID/openidsettings.php index 16142cf48..505e7d0ee 100644 --- a/plugins/OpenID/openidsettings.php +++ b/plugins/OpenID/openidsettings.php @@ -90,34 +90,36 @@ class OpenidsettingsAction extends AccountSettingsAction { $user = common_current_user(); - $this->elementStart('form', array('method' => 'post', - 'id' => 'form_settings_openid_add', - 'class' => 'form_settings', - 'action' => - common_local_url('openidsettings'))); - $this->elementStart('fieldset', array('id' => 'settings_openid_add')); - $this->element('legend', null, _m('Add OpenID')); - $this->hidden('token', common_session_token()); - $this->element('p', 'form_guide', - _m('If you want to add an OpenID to your account, ' . - 'enter it in the box below and click "Add".')); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->element('label', array('for' => 'openid_url'), - _m('OpenID URL')); - $this->element('input', array('name' => 'openid_url', - 'type' => 'text', - 'id' => 'openid_url')); - $this->elementEnd('li'); - $this->elementEnd('ul'); - $this->element('input', array('type' => 'submit', - 'id' => 'settings_openid_add_action-submit', - 'name' => 'add', - 'class' => 'submit', - 'value' => _m('Add'))); - $this->elementEnd('fieldset'); - $this->elementEnd('form'); - + if (!common_config('openid', 'trusted_provider')) { + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_openid_add', + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset', array('id' => 'settings_openid_add')); + + $this->element('legend', null, _m('Add OpenID')); + $this->hidden('token', common_session_token()); + $this->element('p', 'form_guide', + _m('If you want to add an OpenID to your account, ' . + 'enter it in the box below and click "Add".')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->element('label', array('for' => 'openid_url'), + _m('OpenID URL')); + $this->element('input', array('name' => 'openid_url', + 'type' => 'text', + 'id' => 'openid_url')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->element('input', array('type' => 'submit', + 'id' => 'settings_openid_add_action-submit', + 'name' => 'add', + 'class' => 'submit', + 'value' => _m('Add'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } $oid = new User_openid(); $oid->user_id = $user->id; @@ -234,10 +236,14 @@ class OpenidsettingsAction extends AccountSettingsAction } if ($this->arg('add')) { - $result = oid_authenticate($this->trimmed('openid_url'), - 'finishaddopenid'); - if (is_string($result)) { // error message - $this->showForm($result); + if (common_config('openid', 'trusted_provider')) { + $this->showForm(_m("Can't add new providers.")); + } else { + $result = oid_authenticate($this->trimmed('openid_url'), + 'finishaddopenid'); + if (is_string($result)) { // error message + $this->showForm($result); + } } } else if ($this->arg('remove')) { $this->removeOpenid(); -- cgit v1.2.3-54-g00ecf From 813bbc912d73910943b966d1be80f27c3ff3584a Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 18 May 2010 13:44:23 -0700 Subject: typo fix in en_GB localization (also updated @ translatewiki) --- locale/en_GB/LC_MESSAGES/statusnet.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locale/en_GB/LC_MESSAGES/statusnet.po b/locale/en_GB/LC_MESSAGES/statusnet.po index 38caf74c6..bb3c577b6 100644 --- a/locale/en_GB/LC_MESSAGES/statusnet.po +++ b/locale/en_GB/LC_MESSAGES/statusnet.po @@ -4889,7 +4889,7 @@ msgstr "Primary site navigation" #: lib/action.php:432 msgctxt "TOOLTIP" msgid "Personal profile and friends timeline" -msgstr "ersonal profile and friends timeline" +msgstr "Personal profile and friends timeline" #. TRANS: Main menu option when logged in for access to personal profile and friends timeline #: lib/action.php:435 -- cgit v1.2.3-54-g00ecf From 14a76926a225dec3d29aeffa13ab7ece74f708e5 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 18 May 2010 21:52:17 +0000 Subject: Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in. The forms would already submit to SSL, but people are happier if they start on a secure page! Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo! --- actions/login.php | 22 ++++++++++++++++++++++ actions/register.php | 7 +++++++ 2 files changed, 29 insertions(+) diff --git a/actions/login.php b/actions/login.php index dc6352368..d3e4312f7 100644 --- a/actions/login.php +++ b/actions/login.php @@ -62,6 +62,28 @@ class LoginAction extends Action return false; } + /** + * Prepare page to run + * + * + * @param $args + * @return string title + */ + + function prepare($args) + { + parent::prepare($args); + + // @todo this check should really be in index.php for all sensitive actions + $ssl = common_config('site', 'ssl'); + if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { + common_redirect(common_local_url('login')); + // exit + } + + return true; + } + /** * Handle input, produce output * diff --git a/actions/register.php b/actions/register.php index 7fdbb4ded..2fc7ef921 100644 --- a/actions/register.php +++ b/actions/register.php @@ -74,6 +74,13 @@ class RegisterAction extends Action parent::prepare($args); $this->code = $this->trimmed('code'); + // @todo this check should really be in index.php for all sensitive actions + $ssl = common_config('site', 'ssl'); + if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { + common_redirect(common_local_url('register')); + // exit + } + if (empty($this->code)) { common_ensure_session(); if (array_key_exists('invitecode', $_SESSION)) { -- cgit v1.2.3-54-g00ecf From d9fddff5395e77287c4de0796fd072b3073f1eb9 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 5 May 2010 22:35:16 -0700 Subject: Add xmlns:statusnet and statusnet:notice_info element to Atom entries for notices --- classes/Notice.php | 17 +++++++++++++++-- lib/atomnoticefeed.php | 9 ++++++++- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 0b1b2e402..9a9172cba 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1171,7 +1171,7 @@ class Notice extends Memcached_DataObject return $groups; } - function asAtomEntry($namespace=false, $source=false, $author=true) + function asAtomEntry($namespace=false, $source=false, $author=true, $cur=null) { $profile = $this->getProfile(); @@ -1184,7 +1184,8 @@ class Notice extends Memcached_DataObject 'xmlns:activity' => 'http://activitystrea.ms/spec/1.0/', 'xmlns:media' => 'http://purl.org/syndication/atommedia', 'xmlns:poco' => 'http://portablecontacts.net/spec/1.0', - 'xmlns:ostatus' => 'http://ostatus.org/schema/1.0'); + 'xmlns:ostatus' => 'http://ostatus.org/schema/1.0', + 'xmlns:statusnet' => 'http://status.net/ont/'); } else { $attrs = array(); } @@ -1210,6 +1211,18 @@ class Notice extends Memcached_DataObject $xs->element('icon', null, $profile->avatarUrl(AVATAR_PROFILE_SIZE)); $xs->element('updated', null, common_date_w3dtf($this->created)); + + $noticeInfoAttr = array( + 'local_id' => $this->id, // local notice ID (useful to clients for ordering) + 'source' => $this->source // the client name (source attribution) + // @todo source source_link + ); + + if (!empty($cur)) { + $noticeInfoAttr['favorited'] = ($cur->hasFave($this)) ? 'true' : 'false'; + } + + $xs->element('statusnet:notice_info', $noticeInfoAttr, null); } if ($source) { diff --git a/lib/atomnoticefeed.php b/lib/atomnoticefeed.php index e4df731fe..35a45118c 100644 --- a/lib/atomnoticefeed.php +++ b/lib/atomnoticefeed.php @@ -79,6 +79,11 @@ class AtomNoticeFeed extends Atom10Feed 'ostatus', 'http://ostatus.org/schema/1.0' ); + + $this->addNamespace( + 'statusnet', + 'http://status.net/ont/' + ); } /** @@ -110,7 +115,9 @@ class AtomNoticeFeed extends Atom10Feed $source = $this->showSource(); $author = $this->showAuthor(); - $this->addEntryRaw($notice->asAtomEntry(false, $source, $author)); + $cur = common_current_user(); + + $this->addEntryRaw($notice->asAtomEntry(false, $source, $author, $cur)); } function showSource() -- cgit v1.2.3-54-g00ecf From c78f67aa7367acab5f9156ecf8963e2d5243e400 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 6 May 2010 00:20:10 -0700 Subject: Refactor and centralize notice source link calculation --- actions/twitapisearchatom.php | 15 ++++++++++-- classes/Notice.php | 39 +++++++++++++++++++++++++++++- lib/apiaction.php | 51 ++++++++++----------------------------- lib/noticelist.php | 56 ++++++++++++++++++++----------------------- 4 files changed, 90 insertions(+), 71 deletions(-) diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php index 24aa619bd..3eb54ccc3 100644 --- a/actions/twitapisearchatom.php +++ b/actions/twitapisearchatom.php @@ -342,10 +342,21 @@ class TwitapisearchatomAction extends ApiAction 'rel' => 'related', 'href' => $profile->avatarUrl())); - // TODO: Here is where we'd put in a link to an atom feed for threads + // @todo: Here is where we'd put in a link to an atom feed for threads + + $source = null; + + $ns = $notice->getSource(); + if ($ns) { + if (!empty($ns->name) && !empty($ns->url)) { + $source = '' . $ns->name . ''; + } else { + $source = $ns->code; + } + } $this->element("twitter:source", null, - htmlentities($this->sourceLink($notice->source))); + htmlentities($source)); $this->elementStart('author'); diff --git a/classes/Notice.php b/classes/Notice.php index 9a9172cba..2c2c87d56 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -703,7 +703,7 @@ class Notice extends Memcached_DataObject /** * Is this notice part of an active conversation? - * + * * @return boolean true if other messages exist in the same * conversation, false if this is the only one */ @@ -1809,4 +1809,41 @@ class Notice extends Memcached_DataObject return $result; } + + /** + * Get the source of the notice + * + * @return Notice_source $ns A notice source object. 'code' is the only attribute + * guaranteed to be populated. + */ + function getSource() + { + $ns = new Notice_source(); + if (!empty($this->source)) { + switch ($this->source) { + case 'web': + case 'xmpp': + case 'mail': + case 'omb': + case 'system': + case 'api': + $ns->code = $this->source; + break; + default: + $ns = Notice_source::staticGet($this->source); + if (!$ns) { + $ns = new Notice_source(); + $ns->code = $this->source; + $app = Oauth_application::staticGet('name', $this->source); + if ($app) { + $ns->name = $app->name; + $ns->url = $app->source_url; + } + } + break; + } + } + return $ns; + } + } diff --git a/lib/apiaction.php b/lib/apiaction.php index f87b04611..7a6a5549b 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -260,7 +260,19 @@ class ApiAction extends Action $twitter_status['created_at'] = $this->dateTwitter($notice->created); $twitter_status['in_reply_to_status_id'] = ($notice->reply_to) ? intval($notice->reply_to) : null; - $twitter_status['source'] = $this->sourceLink($notice->source); + + $source = null; + + $ns = $notice->getSource(); + if ($ns) { + if (!empty($ns->name) && !empty($ns->url)) { + $source = '' . $ns->name . ''; + } else { + $source = $ns->code; + } + } + + $twitter_status['source'] = $source; $twitter_status['id'] = intval($notice->id); $replier_profile = null; @@ -1298,43 +1310,6 @@ class ApiAction extends Action } } - function sourceLink($source) - { - $source_name = _($source); - switch ($source) { - case 'web': - case 'xmpp': - case 'mail': - case 'omb': - case 'api': - break; - default: - - $name = null; - $url = null; - - $ns = Notice_source::staticGet($source); - - if ($ns) { - $name = $ns->name; - $url = $ns->url; - } else { - $app = Oauth_application::staticGet('name', $source); - if ($app) { - $name = $app->name; - $url = $app->source_url; - } - } - - if (!empty($name) && !empty($url)) { - $source_name = '' . $name . ''; - } - - break; - } - return $source_name; - } - /** * Returns query argument or default value if not found. Certain * parameters used throughout the API are lightly scrubbed and diff --git a/lib/noticelist.php b/lib/noticelist.php index 4f997a328..e0d8bf560 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -480,48 +480,44 @@ class NoticeListItem extends Widget function showNoticeSource() { - if ($this->notice->source) { + $ns = $this->notice->getSource(); + + if ($ns) { + $source_name = _($ns->code); $this->out->text(' '); $this->out->elementStart('span', 'source'); $this->out->text(_('from')); - $source_name = _($this->notice->source); $this->out->text(' '); - switch ($this->notice->source) { - case 'web': - case 'xmpp': - case 'mail': - case 'omb': - case 'system': - case 'api': - $this->out->element('span', 'device', $source_name); - break; - default: - $name = $source_name; - $url = null; + // if $ns->name and $ns->url are populated we have + // configured a source attr somewhere + if (empty($ns->name) && empty($ns->url)) { + // otherwise it's from normal channel such as web or api + $this->out->element('span', 'device', $source_name); + } else { + $name = null; + $url = null; + $title = null; if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) { - $ns = Notice_source::staticGet($this->notice->source); - - if ($ns) { - $name = $ns->name; - $url = $ns->url; - } else { - $app = Oauth_application::staticGet('name', $this->notice->source); - if ($app) { - $name = $app->name; - $url = $app->source_url; - } - } + $name = $source_name; + $url = $ns->url; } Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title)); if (!empty($name) && !empty($url)) { $this->out->elementStart('span', 'device'); - $this->out->element('a', array('href' => $url, - 'rel' => 'external', - 'title' => $title), - $name); + + $attrs = array( + 'href' => $url, + 'rel' => 'external' + ); + + if (isset($title)) { + $attrs['title'] = $title; + } + + $this->out->element('a', $attrs, $name); $this->out->elementEnd('span'); } else { $this->out->element('span', 'device', $name); -- cgit v1.2.3-54-g00ecf From 68634f04969d2d7bcbd1d657c466090990dea501 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 6 May 2010 00:44:56 -0700 Subject: Add source link attr to statusnet:notice_info element in Atom output for notices --- classes/Notice.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 2c2c87d56..196501279 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1215,8 +1215,14 @@ class Notice extends Memcached_DataObject $noticeInfoAttr = array( 'local_id' => $this->id, // local notice ID (useful to clients for ordering) 'source' => $this->source // the client name (source attribution) - // @todo source source_link - ); + ); + + $ns = $this->getSource(); + if ($ns) { + if (!empty($ns->url)) { + $noticeInfoAttr['source_link'] = htmlentities($ns->url); + } + } if (!empty($cur)) { $noticeInfoAttr['favorited'] = ($cur->hasFave($this)) ? 'true' : 'false'; -- cgit v1.2.3-54-g00ecf From 0dfef88cacde19cf0afaefbd422a7f5230091064 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 6 May 2010 00:55:17 -0700 Subject: HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them --- actions/twitapisearchatom.php | 2 +- lib/apiaction.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php index 3eb54ccc3..6c740c490 100644 --- a/actions/twitapisearchatom.php +++ b/actions/twitapisearchatom.php @@ -349,7 +349,7 @@ class TwitapisearchatomAction extends ApiAction $ns = $notice->getSource(); if ($ns) { if (!empty($ns->name) && !empty($ns->url)) { - $source = '' . $ns->name . ''; + $source = '' . $ns->name . ''; } else { $source = $ns->code; } diff --git a/lib/apiaction.php b/lib/apiaction.php index 7a6a5549b..f3efff402 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -266,13 +266,13 @@ class ApiAction extends Action $ns = $notice->getSource(); if ($ns) { if (!empty($ns->name) && !empty($ns->url)) { - $source = '' . $ns->name . ''; + $source = '' . $ns->name . ''; } else { $source = $ns->code; } } - $twitter_status['source'] = $source; + $twitter_status['source'] = htmlentities($source); $twitter_status['id'] = intval($notice->id); $replier_profile = null; -- cgit v1.2.3-54-g00ecf From 6187266205a55db0298e02df7d6996a735d42eba Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 6 May 2010 19:52:25 +0000 Subject: - OStatusPlugin should return true if it doesn't need to handle source attribution - Remove stray break statement from NoticeList --- lib/noticelist.php | 1 - plugins/OStatus/OStatusPlugin.php | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/noticelist.php b/lib/noticelist.php index e0d8bf560..d22010335 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -522,7 +522,6 @@ class NoticeListItem extends Widget } else { $this->out->element('span', 'device', $name); } - break; } $this->out->elementEnd('span'); } diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 5167842ca..5b153216e 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -452,6 +452,7 @@ class OStatusPlugin extends Plugin return false; } } + return true; } /** -- cgit v1.2.3-54-g00ecf From 3708341857a8ae26c2936df53fede09aa17b09f8 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 6 May 2010 20:25:20 +0000 Subject: Allow OStatusPlugin to set the source attribution title --- lib/noticelist.php | 51 ++++++++++++++++++++++++--------------------------- 1 file changed, 24 insertions(+), 27 deletions(-) diff --git a/lib/noticelist.php b/lib/noticelist.php index d22010335..81da9edc0 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -489,40 +489,37 @@ class NoticeListItem extends Widget $this->out->text(_('from')); $this->out->text(' '); - // if $ns->name and $ns->url are populated we have - // configured a source attr somewhere - if (empty($ns->name) && empty($ns->url)) { - // otherwise it's from normal channel such as web or api - $this->out->element('span', 'device', $source_name); - } else { - $name = null; - $url = null; - $title = null; + $name = $source_name; + $url = $ns->url; + $title = null; - if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) { - $name = $source_name; - $url = $ns->url; - } - Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title)); + if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) { + $name = $source_name; + $url = $ns->url; + } + Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title)); - if (!empty($name) && !empty($url)) { - $this->out->elementStart('span', 'device'); + // if $ns->name and $ns->url are populated we have + // configured a source attr somewhere + if (!empty($name) && !empty($url)) { - $attrs = array( - 'href' => $url, - 'rel' => 'external' - ); + $this->out->elementStart('span', 'device'); - if (isset($title)) { - $attrs['title'] = $title; - } + $attrs = array( + 'href' => $url, + 'rel' => 'external' + ); - $this->out->element('a', $attrs, $name); - $this->out->elementEnd('span'); - } else { - $this->out->element('span', 'device', $name); + if (!empty($title)) { + $attrs['title'] = $title; } + + $this->out->element('a', $attrs, $name); + $this->out->elementEnd('span'); + } else { + $this->out->element('span', 'device', $name); } + $this->out->elementEnd('span'); } } -- cgit v1.2.3-54-g00ecf From 5ea019c41ac4d6c161f3c8f287d405971d4aadea Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 6 May 2010 21:36:13 +0000 Subject: Remove errant double HTML entity encoding in API source attribution --- actions/twitapisearchatom.php | 9 ++++++--- classes/Notice.php | 2 +- lib/apiaction.php | 8 ++++++-- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php index 6c740c490..51e8a8881 100644 --- a/actions/twitapisearchatom.php +++ b/actions/twitapisearchatom.php @@ -349,14 +349,17 @@ class TwitapisearchatomAction extends ApiAction $ns = $notice->getSource(); if ($ns) { if (!empty($ns->name) && !empty($ns->url)) { - $source = '' . $ns->name . ''; + $source = '' + . htmlspecialchars($ns->name) + . ''; } else { $source = $ns->code; } } - $this->element("twitter:source", null, - htmlentities($source)); + $this->element("twitter:source", null, $source); $this->elementStart('author'); diff --git a/classes/Notice.php b/classes/Notice.php index 196501279..0dc7e10e7 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1220,7 +1220,7 @@ class Notice extends Memcached_DataObject $ns = $this->getSource(); if ($ns) { if (!empty($ns->url)) { - $noticeInfoAttr['source_link'] = htmlentities($ns->url); + $noticeInfoAttr['source_link'] = $ns->url; } } diff --git a/lib/apiaction.php b/lib/apiaction.php index f3efff402..68198effc 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -266,13 +266,17 @@ class ApiAction extends Action $ns = $notice->getSource(); if ($ns) { if (!empty($ns->name) && !empty($ns->url)) { - $source = '' . $ns->name . ''; + $source = '' + . htmlspecialchars($ns->name) + . ''; } else { $source = $ns->code; } } - $twitter_status['source'] = htmlentities($source); + $twitter_status['source'] = $source; $twitter_status['id'] = intval($notice->id); $replier_profile = null; -- cgit v1.2.3-54-g00ecf From 114df39822d7007f1b08b83b4e9a26202936e8c8 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 12 May 2010 15:08:01 -0700 Subject: Need to always emit statusnet:notice_info so it's available in profile feeds --- classes/Notice.php | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 0dc7e10e7..e173a2469 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1211,24 +1211,6 @@ class Notice extends Memcached_DataObject $xs->element('icon', null, $profile->avatarUrl(AVATAR_PROFILE_SIZE)); $xs->element('updated', null, common_date_w3dtf($this->created)); - - $noticeInfoAttr = array( - 'local_id' => $this->id, // local notice ID (useful to clients for ordering) - 'source' => $this->source // the client name (source attribution) - ); - - $ns = $this->getSource(); - if ($ns) { - if (!empty($ns->url)) { - $noticeInfoAttr['source_link'] = $ns->url; - } - } - - if (!empty($cur)) { - $noticeInfoAttr['favorited'] = ($cur->hasFave($this)) ? 'true' : 'false'; - } - - $xs->element('statusnet:notice_info', $noticeInfoAttr, null); } if ($source) { @@ -1251,6 +1233,24 @@ class Notice extends Memcached_DataObject $xs->element('published', null, common_date_w3dtf($this->created)); $xs->element('updated', null, common_date_w3dtf($this->created)); + $noticeInfoAttr = array( + 'local_id' => $this->id, // local notice ID (useful to clients for ordering) + 'source' => $this->source // the client name (source attribution) + ); + + $ns = $this->getSource(); + if ($ns) { + if (!empty($ns->url)) { + $noticeInfoAttr['source_link'] = $ns->url; + } + } + + if (!empty($cur)) { + $noticeInfoAttr['favorited'] = ($cur->hasFave($this)) ? 'true' : 'false'; + } + + $xs->element('statusnet:notice_info', $noticeInfoAttr, null); + if ($this->reply_to) { $reply_notice = Notice::staticGet('id', $this->reply_to); if (!empty($reply_notice)) { -- cgit v1.2.3-54-g00ecf From 74a89b1fc37067d91d31bd66922053361eb4e616 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 19 May 2010 10:10:55 -0700 Subject: Locale switch cleanup: use common_switch_locale() which is safer for updating gettext state. Also moved a few calls to reduce chance of hitting an exception before switching back. Should help with problems where xmppdaemon would get stuck in wrong locale. --- lib/mail.php | 20 ++++++++++---------- lib/util.php | 17 +++++++++++++++++ plugins/Facebook/facebookutil.php | 6 +++--- plugins/TwitterBridge/twitter.php | 6 +++--- 4 files changed, 33 insertions(+), 16 deletions(-) diff --git a/lib/mail.php b/lib/mail.php index 5fc584e28..a4065e8d5 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -224,9 +224,6 @@ function mail_subscribe_notify_profile($listenee, $other) if ($other->hasRight(Right::EMAILONSUBSCRIBE) && $listenee->email && $listenee->emailnotifysub) { - // use the recipient's localization - common_init_locale($listenee->language); - $profile = $listenee->getProfile(); $name = $profile->getBestName(); @@ -236,6 +233,9 @@ function mail_subscribe_notify_profile($listenee, $other) $recipients = $listenee->email; + // use the recipient's localization + common_switch_locale($listenee->language); + $headers = _mail_prepare_headers('subscribe', $listenee->nickname, $other->nickname); $headers['From'] = mail_notify_from(); $headers['To'] = $name . ' <' . $listenee->email . '>'; @@ -271,7 +271,7 @@ function mail_subscribe_notify_profile($listenee, $other) common_local_url('emailsettings')); // reset localization - common_init_locale(); + common_switch_locale(); mail_send($recipients, $headers, $body); } } @@ -473,7 +473,7 @@ function mail_confirm_sms($code, $nickname, $address) function mail_notify_nudge($from, $to) { - common_init_locale($to->language); + common_switch_locale($to->language); // TRANS: Subject for 'nudge' notification email $subject = sprintf(_('You\'ve been nudged by %s'), $from->nickname); @@ -491,7 +491,7 @@ function mail_notify_nudge($from, $to) $from->nickname, common_local_url('all', array('nickname' => $to->nickname)), common_config('site', 'name')); - common_init_locale(); + common_switch_locale(); $headers = _mail_prepare_headers('nudge', $to->nickname, $from->nickname); @@ -525,7 +525,7 @@ function mail_notify_message($message, $from=null, $to=null) return true; } - common_init_locale($to->language); + common_switch_locale($to->language); // TRANS: Subject for direct-message notification email $subject = sprintf(_('New private message from %s'), $from->nickname); @@ -549,7 +549,7 @@ function mail_notify_message($message, $from=null, $to=null) $headers = _mail_prepare_headers('message', $to->nickname, $from->nickname); - common_init_locale(); + common_switch_locale(); return mail_to_user($to, $subject, $body, $headers); } @@ -577,7 +577,7 @@ function mail_notify_fave($other, $user, $notice) $bestname = $profile->getBestName(); - common_init_locale($other->language); + common_switch_locale($other->language); // TRANS: Subject for favorite notification email $subject = sprintf(_('%s (@%s) added your notice as a favorite'), $bestname, $user->nickname); @@ -605,7 +605,7 @@ function mail_notify_fave($other, $user, $notice) $headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname); - common_init_locale(); + common_switch_locale(); mail_to_user($other, $subject, $body, $headers); } diff --git a/lib/util.php b/lib/util.php index efede1d4b..597da22c0 100644 --- a/lib/util.php +++ b/lib/util.php @@ -34,6 +34,14 @@ function common_user_error($msg, $code=400) $err->showPage(); } +/** + * This should only be used at setup; processes switching languages + * to send text to other users should use common_switch_locale(). + * + * @param string $language Locale language code (optional; empty uses + * current user's preference or site default) + * @return mixed success + */ function common_init_locale($language=null) { if(!$language) { @@ -50,6 +58,15 @@ function common_init_locale($language=null) return $ok; } +/** + * Initialize locale and charset settings and gettext with our message catalog, + * using the current user's language preference or the site default. + * + * This should generally only be run at framework initialization; code switching + * languages at runtime should call common_switch_language(). + * + * @access private + */ function common_init_language() { mb_internal_encoding('UTF-8'); diff --git a/plugins/Facebook/facebookutil.php b/plugins/Facebook/facebookutil.php index ac532e18b..83664995a 100644 --- a/plugins/Facebook/facebookutil.php +++ b/plugins/Facebook/facebookutil.php @@ -272,12 +272,12 @@ function remove_facebook_app($flink) function mail_facebook_app_removed($user) { - common_init_locale($user->language); - $profile = $user->getProfile(); $site_name = common_config('site', 'name'); + common_switch_locale($user->language); + $subject = sprintf( _m('Your %1$s Facebook application access has been disabled.', $site_name)); @@ -291,7 +291,7 @@ function mail_facebook_app_removed($user) "re-installing the %2\$s Facebook application.\n\nRegards,\n\n%2\$s"), $user->nickname, $site_name); - common_init_locale(); + common_switch_locale(); return mail_to_user($user, $subject, $body); } diff --git a/plugins/TwitterBridge/twitter.php b/plugins/TwitterBridge/twitter.php index 21adc7a90..896eee2da 100644 --- a/plugins/TwitterBridge/twitter.php +++ b/plugins/TwitterBridge/twitter.php @@ -335,10 +335,10 @@ function remove_twitter_link($flink) function mail_twitter_bridge_removed($user) { - common_init_locale($user->language); - $profile = $user->getProfile(); + common_switch_locale($user->language); + $subject = sprintf(_m('Your Twitter bridge has been disabled.')); $site_name = common_config('site', 'name'); @@ -354,7 +354,7 @@ function mail_twitter_bridge_removed($user) common_local_url('twittersettings'), common_config('site', 'name')); - common_init_locale(); + common_switch_locale(); return mail_to_user($user, $subject, $body); } -- cgit v1.2.3-54-g00ecf