diff options
| author | Zach Copley <zach@status.net> | 2009-10-13 09:36:26 -0700 |
|---|---|---|
| committer | Zach Copley <zach@status.net> | 2009-10-13 09:36:26 -0700 |
| commit | b4b992bca77d34b8643910e8d590b5be7fede94b (patch) | |
| tree | 3b91cd2913f49fb90b4edfc5c282c9f4d40e7495 /classes | |
| parent | 0190785b73b52e2c6069c31542f578f812a5e0ab (diff) | |
| parent | 870b091693531ba9aca20a0b0fa64ec326d72725 (diff) | |
Merge branch '0.9.x' into pluginize-twitter-bridge
* 0.9.x: (247 commits)
Added in credits.
Use site's name for basic auth realm
Make apigroupcreate.php pass phpcs
Took out some unnecessary intializations
Implemented create group api
CamelCase all function names in the API code
These same params are used in most API actions; moved to base API class
Missed some of the references to the old TwitterApiAction - removed
Remove more redundant $formats
Remove dead code
Move all basic auth output and processing to base classes
$format is used by every API action. Set it in the base class.
Delete action/api.php and rename lib/twitterapi.php to lib/api.php
New actions for blocks via API
fix FBConnect so it doesn't muffle EndPrimaryNav
don't write session if it's unchanged
Fixed facebook connect primary nav to hide search option when site is private and user is not logged in
Fixed facebook connect primary nav to obey sms/twitter/openid settings
Fixed facebook connect login nav to obey openid settings
Fixed facebook connect nav to obey sms/twitter disabled
...
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/File.php | 8 | ||||
| -rw-r--r-- | classes/File_redirection.php | 3 | ||||
| -rw-r--r-- | classes/Notice.php | 54 | ||||
| -rw-r--r-- | classes/Profile.php | 75 | ||||
| -rw-r--r-- | classes/Session.php | 13 | ||||
| -rw-r--r-- | classes/User.php | 87 |
6 files changed, 214 insertions, 26 deletions
diff --git a/classes/File.php b/classes/File.php index 9758cf7f5..e04a9d525 100644 --- a/classes/File.php +++ b/classes/File.php @@ -94,7 +94,13 @@ class File extends Memcached_DataObject $file_redir = File_redirection::staticGet('url', $given_url); if (empty($file_redir)) { $redir_data = File_redirection::where($given_url); - $redir_url = $redir_data['url']; + if (is_array($redir_data)) { + $redir_url = $redir_data['url']; + } elseif (is_string($redir_data)) { + $redir_url = $redir_data; + } else { + throw new ServerException("Can't process url '$given_url'"); + } // TODO: max field length if ($redir_url === $given_url || strlen($redir_url) > 255) { $x = File::saveNew($redir_data, $given_url); diff --git a/classes/File_redirection.php b/classes/File_redirection.php index 76b18f672..79052bf7d 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -79,6 +79,9 @@ class File_redirection extends Memcached_DataObject } } + if(strpos($short_url,'://') === false){ + return $short_url; + } $curlh = File_redirection::_commonCurl($short_url, $redirs); // Don't include body in output curl_setopt($curlh, CURLOPT_NOBODY, true); diff --git a/classes/Notice.php b/classes/Notice.php index 2138e0561..ba2227c0a 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1,5 +1,5 @@ <?php -/* +/** * StatusNet - the distributed open-source microblogging tool * Copyright (C) 2008, 2009, StatusNet, Inc. * @@ -15,9 +15,26 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Notices + * @package StatusNet + * @author Brenda Wallace <shiny@cpan.org> + * @author Christopher Vollick <psycotica0@gmail.com> + * @author CiaranG <ciaran@ciarang.com> + * @author Craig Andrews <candrews@integralblue.com> + * @author Evan Prodromou <evan@controlezvous.ca> + * @author Gina Haeussge <osd@foosel.net> + * @author Jeffery To <jeffery.to@gmail.com> + * @author Mike Cochrane <mikec@mikenz.geek.nz> + * @author Robin Millette <millette@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @author Tom Adams <tom@holizz.com> + * @license GNU Affero General Public License http://www.gnu.org/licenses/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} /** * Table Definition for notice @@ -153,30 +170,30 @@ class Notice extends Memcached_DataObject $final = common_shorten_links($content); if (Notice::contentTooLong($final)) { - common_log(LOG_INFO, 'Rejecting notice that is too long.'); - return _('Problem saving notice. Too long.'); + throw new ClientException(_('Problem saving notice. Too long.')); } if (!$profile) { - common_log(LOG_ERR, 'Problem saving notice. Unknown user.'); - return _('Problem saving notice. Unknown user.'); + throw new ClientException(_('Problem saving notice. Unknown user.')); } if (common_config('throttle', 'enabled') && !Notice::checkEditThrottle($profile_id)) { common_log(LOG_WARNING, 'Excessive posting by profile #' . $profile_id . '; throttled.'); - return _('Too many notices too fast; take a breather and post again in a few minutes.'); + throw new ClientException(_('Too many notices too fast; take a breather '. + 'and post again in a few minutes.')); } if (common_config('site', 'dupelimit') > 0 && !Notice::checkDupes($profile_id, $final)) { common_log(LOG_WARNING, 'Dupe posting by profile #' . $profile_id . '; throttled.'); - return _('Too many duplicate messages too quickly; take a breather and post again in a few minutes.'); + throw new ClientException(_('Too many duplicate messages too quickly;'. + ' take a breather and post again in a few minutes.')); } - $banned = common_config('profile', 'banned'); + $banned = common_config('profile', 'banned'); if ( in_array($profile_id, $banned) || in_array($profile->nickname, $banned)) { common_log(LOG_WARNING, "Attempted post from banned user: $profile->nickname (user id = $profile_id)."); - return _('You are banned from posting notices on this site.'); + throw new ClientException(_('You are banned from posting notices on this site.')); } $notice = new Notice(); @@ -200,12 +217,12 @@ class Notice extends Memcached_DataObject $notice->created = common_sql_now(); } - $notice->content = $final; - $notice->rendered = common_render_content($final, $notice); - $notice->source = $source; - $notice->uri = $uri; + $notice->content = $final; + $notice->rendered = common_render_content($final, $notice); + $notice->source = $source; + $notice->uri = $uri; - $notice->reply_to = self::getReplyTo($reply_to, $profile_id, $source, $final); + $notice->reply_to = self::getReplyTo($reply_to, $profile_id, $source, $final); if (!empty($notice->reply_to)) { $reply = Notice::staticGet('id', $notice->reply_to); @@ -222,7 +239,7 @@ class Notice extends Memcached_DataObject if (!$id) { common_log_db_error($notice, 'INSERT', __FILE__); - return _('Problem saving notice.'); + throw new ServerException(_('Problem saving notice.')); } // Update ID-dependent columns: URI, conversation @@ -247,7 +264,7 @@ class Notice extends Memcached_DataObject if ($changed) { if (!$notice->update($orig)) { common_log_db_error($notice, 'UPDATE', __FILE__); - return _('Problem saving notice.'); + throw new ServerException(_('Problem saving notice.')); } } @@ -909,7 +926,8 @@ class Notice extends Memcached_DataObject $qry .= '('.$id.', '.$this->id.', '.$source.", '".$this->created. "') "; $cnt++; if (rand() % NOTICE_INBOX_SOFT_LIMIT == 0) { - Notice_inbox::gc($id); + // FIXME: Causes lag in replicated servers + // Notice_inbox::gc($id); } if ($cnt >= MAX_BOXCARS) { $inbox = new Notice_inbox(); diff --git a/classes/Profile.php b/classes/Profile.php index 7f0d12758..4a069ee84 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -476,4 +476,79 @@ class Profile extends Memcached_DataObject $biolimit = self::maxBio(); return ($biolimit > 0 && !empty($bio) && (mb_strlen($bio) > $biolimit)); } + + function delete() + { + $this->_deleteNotices(); + $this->_deleteSubscriptions(); + $this->_deleteMessages(); + $this->_deleteTags(); + $this->_deleteBlocks(); + + $related = array('Avatar', + 'Reply', + 'Group_member', + ); + + foreach ($related as $cls) { + $inst = new $cls(); + $inst->profile_id = $this->id; + $inst->delete(); + } + + parent::delete(); + } + + function _deleteNotices() + { + $notice = new Notice(); + $notice->profile_id = $this->id; + + if ($notice->find()) { + while ($notice->fetch()) { + $other = clone($notice); + $other->delete(); + } + } + } + + function _deleteSubscriptions() + { + $sub = new Subscription(); + $sub->subscriber = $this->id; + $sub->delete(); + + $subd = new Subscription(); + $subd->subscribed = $this->id; + $subd->delete(); + } + + function _deleteMessages() + { + $msg = new Message(); + $msg->from_profile = $this->id; + $msg->delete(); + + $msg = new Message(); + $msg->to_profile = $this->id; + $msg->delete(); + } + + function _deleteTags() + { + $tag = new Profile_tag(); + $tag->tagged = $this->id; + $tag->delete(); + } + + function _deleteBlocks() + { + $block = new Profile_block(); + $block->blocked = $this->id; + $block->delete(); + + $block = new Group_block(); + $block->blocked = $this->id; + $block->delete(); + } } diff --git a/classes/Session.php b/classes/Session.php index d641edbbe..79a69a96e 100644 --- a/classes/Session.php +++ b/classes/Session.php @@ -85,9 +85,18 @@ class Session extends Memcached_DataObject return $session->insert(); } else { - $session->session_data = $session_data; + if (strcmp($session->session_data, $session_data) == 0) { + self::logdeb("Not writing session '$id'; unchanged"); + return true; + } else { + self::logdeb("Session '$id' data changed; updating"); + + $orig = clone($session); + + $session->session_data = $session_data; - return $session->update(); + return $session->update($orig); + } } } diff --git a/classes/User.php b/classes/User.php index 11cb4f08b..48df0cdd7 100644 --- a/classes/User.php +++ b/classes/User.php @@ -117,11 +117,15 @@ class User extends Memcached_DataObject function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. - static $blacklist = array('rss', 'xrds', 'doc', 'main', - 'settings', 'notice', 'user', - 'search', 'avatar', 'tag', 'tags', - 'api', 'message', 'group', 'groups', - 'local'); + + $blacklist = array(); + + //all directory and file names should be blacklisted + $d = dir(INSTALLDIR); + while (false !== ($entry = $d->read())) { + $blacklist[]=$entry; + } + $d->close(); $merged = array_merge($blacklist, common_config('nickname', 'blacklist')); return !in_array($nickname, $merged); } @@ -707,4 +711,77 @@ class User extends Memcached_DataObject return true; } + + /** + * Does this user have the right to do X? + * + * With our role-based authorization, this is merely a lookup for whether the user + * has a particular role. The implementation currently uses a switch statement + * to determine if the user has the pre-defined role to exercise the right. Future + * implementations may allow per-site roles, and different mappings of roles to rights. + * + * @param $right string Name of the right, usually a constant in class Right + * @return boolean whether the user has the right in question + */ + + function hasRight($right) + { + $result = false; + if (Event::handle('UserRightsCheck', array($this, $right, &$result))) { + switch ($right) + { + case Right::deleteOthersNotice: + $result = $this->hasRole('moderator'); + break; + default: + $result = false; + break; + } + } + return $result; + } + + function delete() + { + $profile = $this->getProfile(); + $profile->delete(); + + $related = array('Fave', + 'User_openid', + 'Confirm_address', + 'Remember_me', + 'Foreign_link', + 'Invitation', + ); + + if (common_config('inboxes', 'enabled')) { + $related[] = 'Notice_inbox'; + } + + foreach ($related as $cls) { + $inst = new $cls(); + $inst->user_id = $this->id; + $inst->delete(); + } + + $this->_deleteTags(); + $this->_deleteBlocks(); + + parent::delete(); + } + + function _deleteTags() + { + $tag = new Profile_tag(); + $tag->tagger = $this->id; + $tag->delete(); + } + + function _deleteBlocks() + { + $block = new Profile_block(); + $block->blocker = $this->id; + $block->delete(); + // XXX delete group block? Reset blocker? + } } |