Merge branch 'anon-consumer' into 0.9.x

3 files changed, 235 insertions, 70 deletions

diff --git a/lib/apiauth.php b/lib/apiauth.php
index a1c698bba..0ebd7aa10 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -178,8 +178,10 @@ class ApiAuthAction extends ApiAction
             }
 
             // set the source attr
+            if ($app->name != 'anonymous') {
+                $this->source = $app->name;
+            }
 
-            $this->source = $app->name;
 
             $appUser = Oauth_application_user::staticGet('token', $access_token);
 
diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php
index 6e0039bdd..e30eea129 100644
--- a/lib/apioauthstore.php
+++ b/lib/apioauthstore.php
@@ -23,16 +23,43 @@ require_once INSTALLDIR . '/lib/oauthstore.php';
 
 class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
 {
-    function lookup_consumer($consumer_key)
+    function lookup_consumer($consumerKey)
     {
-        $con = Consumer::staticGet('consumer_key', $consumer_key);
+        $con = Consumer::staticGet('consumer_key', $consumerKey);
 
         if (!$con) {
-            return null;
+
+            // Create an anon consumer and anon application if one
+            // doesn't exist already
+            if ($consumerKey == 'anonymous') {
+                $con = new Consumer();
+                $con->consumer_key    = $consumerKey;
+                $con->consumer_secret = $consumerKey;
+                $result = $con->insert();
+                if (!$result) {
+                    $this->serverError(_("Could not create anonymous consumer."));
+                }
+                $app               = new OAuth_application();
+                $app->consumer_key = $con->consumer_key;
+                $app->name         = 'anonymous';
+
+                // XXX: allow the user to set the access type when
+                // authorizing? Currently we default to r+w for anonymous
+                // OAuth client applications
+                $app->access_type  = 3; // read + write
+                $id = $app->insert();
+                if (!$id) {
+                    $this->serverError(_("Could not create anonymous OAuth application."));
+                }
+            } else {
+                return null;
+            }
         }
 
-        return new OAuthConsumer($con->consumer_key,
-                                 $con->consumer_secret);
+        return new OAuthConsumer(
+            $con->consumer_key,
+            $con->consumer_secret
+        );
     }
 
     function getAppByRequestToken($token_key)
@@ -94,7 +121,7 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
 
         if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) { // authorized
 
-            common_debug('request token found.', __FILE__);
+            common_debug('request token found.');
 
             // find the associated user of the app
 
@@ -140,6 +167,7 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
                 // update the token from req to access for the user
 
                 $orig = clone($appUser);
+
                 $appUser->token = $at->tok;
 
                 // It's at this point that we change the access type
@@ -150,11 +178,10 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
 
                 $appUser->access_type = $app->access_type;
 
-                $result = $appUser->update($orig);
+                $result = $appUser->updateKeys($orig);
 
-                if (empty($result)) {
-                    common_debug('couldn\'t update OAuth app user.');
-                    return null;
+                if (!$result) {
+                    throw new Exception('Couldn\'t update OAuth app user.');
                 }
 
                 // Okay, good
@@ -179,9 +206,9 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
      * @return void
      */
     public function revoke_token($token_key, $type = 0) {
-        $rt = new Token();
-        $rt->tok = $token_key;
-        $rt->type = $type;
+        $rt        = new Token();
+        $rt->tok   = $token_key;
+        $rt->type  = $type;
         $rt->state = 0;
 
         if (!$rt->find(true)) {
diff --git a/lib/applicationlist.php b/lib/applicationlist.php
index 8b6e3a8ad..6801fb6cf 100644
--- a/lib/applicationlist.php
+++ b/lib/applicationlist.php
@@ -22,7 +22,7 @@
  * @category  Application
  * @package   StatusNet
  * @author    Zach Copley <zach@status.net>
- * @copyright 2008-2009 StatusNet, Inc.
+ * @copyright 2008-2010 StatusNet, Inc.
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link      http://status.net/
  */
@@ -55,14 +55,13 @@ class ApplicationList extends Widget
     /** Action object using us. */
     var $action = null;
 
-    function __construct($application, $owner=null, $action=null, $connections = false)
+    function __construct($application, $owner=null, $action=null)
     {
         parent::__construct($action);
 
         $this->application = $application;
         $this->owner       = $owner;
         $this->action      = $action;
-        $this->connections = $connections;
     }
 
     function show()
@@ -88,24 +87,34 @@ class ApplicationList extends Widget
     {
         $user = common_current_user();
 
-        $this->out->elementStart('li', array('class' => 'application',
-                                             'id' => 'oauthclient-' . $this->application->id));
+        $this->out->elementStart(
+            'li',
+            array(
+                'class' => 'application',
+                'id'    => 'oauthclient-' . $this->application->id
+            )
+        );
 
         $this->out->elementStart('span', 'vcard author');
-        if (!$this->connections) {
-            $this->out->elementStart('a',
-                                     array('href' => common_local_url('showapplication',
-                                                                      array('id' => $this->application->id)),
-                                                                      'class' => 'url'));
-
-        } else {
-            $this->out->elementStart('a', array('href' =>  $this->application->source_url,
-                                                'class' => 'url'));
-        }
+
+        $this->out->elementStart(
+            'a',
+            array(
+                'href' => common_local_url(
+                    'showapplication',
+                    array('id' => $this->application->id)),
+                    'class' => 'url'
+            )
+        );
 
         if (!empty($this->application->icon)) {
-            $this->out->element('img', array('src' => $this->application->icon,
-                                             'class' => 'photo avatar'));
+            $this->out->element(
+                'img',
+                array(
+                    'src' => $this->application->icon,
+                    'class' => 'photo avatar'
+                )
+            );
         }
 
         $this->out->element('span', 'fn', $this->application->name);
@@ -114,51 +123,58 @@ class ApplicationList extends Widget
 
         $this->out->raw(' by ');
 
-        $this->out->element('a', array('href' => $this->application->homepage,
-                                       'class' => 'url'),
-                                 $this->application->organization);
+        $this->out->element(
+            'a',
+            array(
+                'href' => $this->application->homepage,
+                'class' => 'url'
+            ),
+            $this->application->organization
+        );
 
         $this->out->element('p', 'note', $this->application->description);
         $this->out->elementEnd('li');
 
-        if ($this->connections) {
-            $appUser = Oauth_application_user::getByKeys($this->owner, $this->application);
+    }
 
-            if (empty($appUser)) {
-                common_debug("empty appUser!");
-            }
+    /* Override this in subclasses. */
+    function showOwnerControls()
+    {
+        return;
+    }
 
-            $this->out->elementStart('li');
-
-            // TRANS: Application access type
-            $readWriteText = _('read-write');
-            // TRANS: Application access type
-            $readOnlyText = _('read-only');
-
-            $access = ($this->application->access_type & Oauth_application::$writeAccess)
-              ? $readWriteText : $readOnlyText;
-            $modifiedDate = common_date_string($appUser->modified);
-            // TRANS: Used in application list. %1$s is a modified date, %2$s is access type ("read-write" or "read-only")
-            $txt = sprintf(_('Approved %1$s - "%2$s" access.'),$modifiedDate,$access);
-
-            $this->out->raw($txt);
-            $this->out->elementEnd('li');
-
-            $this->out->elementStart('li', 'entity_revoke');
-            $this->out->elementStart('form', array('id' => 'form_revoke_app',
-                                                   'class' => 'form_revoke_app',
-                                                   'method' => 'POST',
-                                                   'action' =>
-                                                   common_local_url('oauthconnectionssettings')));
-            $this->out->elementStart('fieldset');
-            $this->out->hidden('id', $this->application->id);
-            $this->out->hidden('token', common_session_token());
-            // TRANS: Button label
-            $this->out->submit('revoke', _m('BUTTON','Revoke'));
-            $this->out->elementEnd('fieldset');
-            $this->out->elementEnd('form');
-            $this->out->elementEnd('li');
-        }
+}
+
+
+/**
+ * Widget to show a list of connected OAuth clients
+ *
+ * @category Application
+ * @package  StatusNet
+ * @author   Zach Copley <zach@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link     http://status.net/
+ */
+class ConnectedAppsList extends Widget
+{
+    /** Current connected application query */
+    var $connection = null;
+
+    /** Owner of this list */
+    var $owner = null;
+
+    /** Action object using us. */
+    var $action = null;
+
+    function __construct($connection, $owner=null, $action=null)
+    {
+        parent::__construct($action);
+
+        common_debug("ConnectedAppsList constructor");
+
+        $this->connection = $connection;
+        $this->owner       = $owner;
+        $this->action      = $action;
     }
 
     /* Override this in subclasses. */
@@ -166,4 +182,124 @@ class ApplicationList extends Widget
     {
         return;
     }
+
+    function show()
+    {
+        $this->out->elementStart('ul', 'applications');
+
+        $cnt = 0;
+
+        while ($this->connection->fetch()) {
+            $cnt++;
+            if($cnt > APPS_PER_PAGE) {
+                break;
+            }
+            $this->showConnection();
+        }
+
+        $this->out->elementEnd('ul');
+
+        return $cnt;
+    }
+
+    function showConnection()
+    {
+        $app = Oauth_application::staticGet('id', $this->connection->application_id);
+
+        $this->out->elementStart(
+            'li',
+            array(
+                'class' => 'application',
+                'id'    => 'oauthclient-' . $app->id
+            )
+        );
+
+        $this->out->elementStart('span', 'vcard author');
+
+        $this->out->elementStart(
+            'a',
+            array(
+                'href' => $app->source_url,
+                'class' => 'url'
+            )
+        );
+
+        if (!empty($app->icon)) {
+            $this->out->element(
+                'img',
+                array(
+                    'src' => $app->icon,
+                    'class' => 'photo avatar'
+                )
+            );
+        }
+        if ($app->name != 'anonymous') {
+            $this->out->element('span', 'fn', $app->name);
+        }
+        $this->out->elementEnd('a');
+
+        if ($app->name == 'anonymous') {
+            $this->out->element('span', 'fn', "Unknown application");
+        }
+
+        $this->out->elementEnd('span');
+
+        if ($app->name != 'anonymous') {
+
+            $this->out->raw(_(' by '));
+
+            $this->out->element(
+                'a',
+                array(
+                    'href' => $app->homepage,
+                    'class' => 'url'
+                ),
+                $app->organization
+            );
+        }
+
+        // TRANS: Application access type
+        $readWriteText = _('read-write');
+        // TRANS: Application access type
+        $readOnlyText = _('read-only');
+
+        $access = ($this->connection->access_type & Oauth_application::$writeAccess)
+            ? $readWriteText : $readOnlyText;
+        $modifiedDate = common_date_string($this->connection->modified);
+        // TRANS: Used in application list. %1$s is a modified date, %2$s is access type ("read-write" or "read-only")
+        $txt = sprintf(_('Approved %1$s - "%2$s" access.'), $modifiedDate, $access);
+
+        $this->out->raw(" - $txt");
+        if (!empty($app->description)) {
+            $this->out->element(
+                'p', array('class' => 'application_description'),
+                $app->description
+            );
+        }
+        $this->out->element(
+            'p', array(
+            'class' => 'access_token'),
+            _('Access token starting with: ') . substr($this->connection->token, 0, 7)
+        );
+
+        $this->out->elementStart(
+            'form',
+            array(
+                'id' => 'form_revoke_app',
+                'class' => 'form_revoke_app',
+                'method' => 'POST',
+                'action' => common_local_url('oauthconnectionssettings')
+            )
+        );
+        $this->out->elementStart('fieldset');
+        $this->out->hidden('oauth_token', $this->connection->token);
+        $this->out->hidden('token', common_session_token());
+        // TRANS: Button label
+        $this->out->submit('revoke', _('Revoke'));
+        $this->out->elementEnd('fieldset');
+        $this->out->elementEnd('form');
+
+        $this->out->elementEnd('li');
+
+    }
 }