diff options
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/LdapAuthentication/LdapAuthenticationPlugin.php | 5 | ||||
-rw-r--r-- | plugins/LdapAuthorization/LdapAuthorizationPlugin.php | 9 | ||||
-rw-r--r-- | plugins/MemcachedPlugin.php | 223 | ||||
-rw-r--r-- | plugins/OStatus/OStatusPlugin.php | 80 | ||||
-rw-r--r-- | plugins/OStatus/classes/HubSub.php | 2 | ||||
-rw-r--r-- | plugins/OStatus/classes/Ostatus_profile.php | 13 | ||||
-rw-r--r-- | plugins/OStatus/lib/feeddiscovery.php | 2 | ||||
-rw-r--r-- | plugins/OpenID/User_openid.php | 14 | ||||
-rw-r--r-- | plugins/OpenID/openidsettings.php | 70 | ||||
-rw-r--r-- | plugins/RSSCloud/RSSCloudNotifier.php | 2 | ||||
-rw-r--r-- | plugins/RSSCloud/RSSCloudRequestNotify.php | 7 |
11 files changed, 416 insertions, 11 deletions
diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index e0fd615dd..483209676 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -224,6 +224,11 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin $ldap->setErrorHandling(PEAR_ERROR_RETURN); $err=$ldap->bind(); if (Net_LDAP2::isError($err)) { + // if we were called with a config, assume caller will handle + // incorrect username/password (LDAP_INVALID_CREDENTIALS) + if (isset($config) && $err->getCode() == 0x31) { + return null; + } throw new Exception('Could not connect to LDAP server: '.$err->getMessage()); } if($config == null) $this->default_ldap=$ldap; diff --git a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php index 19aff42b8..042b2db8d 100644 --- a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php +++ b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php @@ -131,13 +131,13 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin { $ldap = $this->ldap_get_connection(); $link = $ldap->getLink(); - $r = ldap_compare($link, $groupDn, $this->uniqueMember_attribute, $userDn); + $r = @ldap_compare($link, $groupDn, $this->uniqueMember_attribute, $userDn); if ($r === true){ return true; }else if($r === false){ return false; }else{ - common_log(LOG_ERR, ldap_error($r)); + common_log(LOG_ERR, "LDAP error determining if userDn=$userDn is a member of groupDn=groupDn using uniqueMember_attribute=$this->uniqueMember_attribute error: ".ldap_error($link)); return false; } } @@ -167,6 +167,11 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin $ldap->setErrorHandling(PEAR_ERROR_RETURN); $err=$ldap->bind(); if (Net_LDAP2::isError($err)) { + // if we were called with a config, assume caller will handle + // incorrect username/password (LDAP_INVALID_CREDENTIALS) + if (isset($config) && $err->getCode() == 0x31) { + return null; + } throw new Exception('Could not connect to LDAP server: '.$err->getMessage()); return false; } diff --git a/plugins/MemcachedPlugin.php b/plugins/MemcachedPlugin.php new file mode 100644 index 000000000..707e6db9a --- /dev/null +++ b/plugins/MemcachedPlugin.php @@ -0,0 +1,223 @@ +<?php +/** + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2009, StatusNet, Inc. + * + * Plugin to implement cache interface for memcached + * + * PHP version 5 + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Cache + * @package StatusNet + * @author Evan Prodromou <evan@status.net>, Craig Andrews <candrews@integralblue.com> + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + // This check helps protect against security problems; + // your code file can't be executed directly from the web. + exit(1); +} + +/** + * A plugin to use memcached for the cache interface + * + * This used to be encoded as config-variable options in the core code; + * it's now broken out to a separate plugin. The same interface can be + * implemented by other plugins. + * + * @category Cache + * @package StatusNet + * @author Evan Prodromou <evan@status.net>, Craig Andrews <candrews@integralblue.com> + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class MemcachedPlugin extends Plugin +{ + static $cacheInitialized = false; + + private $_conn = null; + public $servers = array('127.0.0.1;11211'); + + public $defaultExpiry = 86400; // 24h + + /** + * Initialize the plugin + * + * Note that onStartCacheGet() may have been called before this! + * + * @return boolean flag value + */ + + function onInitializePlugin() + { + $this->_ensureConn(); + self::$cacheInitialized = true; + return true; + } + + /** + * Get a value associated with a key + * + * The value should have been set previously. + * + * @param string &$key in; Lookup key + * @param mixed &$value out; value associated with key + * + * @return boolean hook success + */ + + function onStartCacheGet(&$key, &$value) + { + $this->_ensureConn(); + $value = $this->_conn->get($key); + Event::handle('EndCacheGet', array($key, &$value)); + return false; + } + + /** + * Associate a value with a key + * + * @param string &$key in; Key to use for lookups + * @param mixed &$value in; Value to associate + * @param integer &$flag in; Flag empty or Cache::COMPRESSED + * @param integer &$expiry in; Expiry (passed through to Memcache) + * @param boolean &$success out; Whether the set was successful + * + * @return boolean hook success + */ + + function onStartCacheSet(&$key, &$value, &$flag, &$expiry, &$success) + { + $this->_ensureConn(); + if ($expiry === null) { + $expiry = $this->defaultExpiry; + } + $success = $this->_conn->set($key, $value, $expiry); + Event::handle('EndCacheSet', array($key, $value, $flag, + $expiry)); + return false; + } + + /** + * Atomically increment an existing numeric key value. + * Existing expiration time will not be changed. + * + * @param string &$key in; Key to use for lookups + * @param int &$step in; Amount to increment (default 1) + * @param mixed &$value out; Incremented value, or false if key not set. + * + * @return boolean hook success + */ + function onStartCacheIncrement(&$key, &$step, &$value) + { + $this->_ensureConn(); + $value = $this->_conn->increment($key, $step); + Event::handle('EndCacheIncrement', array($key, $step, $value)); + return false; + } + + /** + * Delete a value associated with a key + * + * @param string &$key in; Key to lookup + * @param boolean &$success out; whether it worked + * + * @return boolean hook success + */ + + function onStartCacheDelete(&$key, &$success) + { + $this->_ensureConn(); + $success = $this->_conn->delete($key); + Event::handle('EndCacheDelete', array($key)); + return false; + } + + function onStartCacheReconnect(&$success) + { + // nothing to do + return true; + } + + /** + * Ensure that a connection exists + * + * Checks the instance $_conn variable and connects + * if it is empty. + * + * @return void + */ + + private function _ensureConn() + { + if (empty($this->_conn)) { + $this->_conn = new Memcached(common_config('site', 'nickname')); + + if (!count($this->_conn->getServerList())) { + if (is_array($this->servers)) { + $servers = $this->servers; + } else { + $servers = array($this->servers); + } + foreach ($servers as $server) { + if (strpos($server, ';') !== false) { + list($host, $port) = explode(';', $server); + } else { + $host = $server; + $port = 11211; + } + + $this->_conn->addServer($host, $port); + } + + // Compress items stored in the cache. + + // Allows the cache to store objects larger than 1MB (if they + // compress to less than 1MB), and improves cache memory efficiency. + + $this->_conn->setOption(Memcached::OPT_COMPRESSION, true); + } + } + } + + /** + * Translate general flags to Memcached-specific flags + * @param int $flag + * @return int + */ + protected function flag($flag) + { + //no flags are presently supported + return $flag; + } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Memcached', + 'version' => STATUSNET_VERSION, + 'author' => 'Evan Prodromou, Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:Memcached', + 'rawdescription' => + _m('Use <a href="http://memcached.org/">Memcached</a> to cache query results.')); + return true; + } +} + diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index efb630297..38042803f 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -322,6 +322,86 @@ class OStatusPlugin extends Plugin } /** + * Allow remote profile references to be used in commands: + * sub update@status.net + * whois evan@identi.ca + * reply http://identi.ca/evan hey what's up + * + * @param Command $command + * @param string $arg + * @param Profile &$profile + * @return hook return code + */ + function onStartCommandGetProfile($command, $arg, &$profile) + { + $oprofile = $this->pullRemoteProfile($arg); + if ($oprofile && !$oprofile->isGroup()) { + $profile = $oprofile->localProfile(); + return false; + } else { + return true; + } + } + + /** + * Allow remote group references to be used in commands: + * join group+statusnet@identi.ca + * join http://identi.ca/group/statusnet + * drop identi.ca/group/statusnet + * + * @param Command $command + * @param string $arg + * @param User_group &$group + * @return hook return code + */ + function onStartCommandGetGroup($command, $arg, &$group) + { + $oprofile = $this->pullRemoteProfile($arg); + if ($oprofile && $oprofile->isGroup()) { + $group = $oprofile->localGroup(); + return false; + } else { + return true; + } + } + + protected function pullRemoteProfile($arg) + { + $oprofile = null; + if (preg_match('!^((?:\w+\.)*\w+@(?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+)$!', $arg)) { + // webfinger lookup + try { + return Ostatus_profile::ensureWebfinger($arg); + } catch (Exception $e) { + common_log(LOG_ERR, 'Webfinger lookup failed for ' . + $arg . ': ' . $e->getMessage()); + } + } + + // Look for profile URLs, with or without scheme: + $urls = array(); + if (preg_match('!^https?://((?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+(?:/\w+)+)$!', $arg)) { + $urls[] = $arg; + } + if (preg_match('!^((?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+(?:/\w+)+)$!', $arg)) { + $schemes = array('http', 'https'); + foreach ($schemes as $scheme) { + $urls[] = "$scheme://$arg"; + } + } + + foreach ($urls as $url) { + try { + return Ostatus_profile::ensureProfile($url); + } catch (Exception $e) { + common_log(LOG_ERR, 'Profile lookup failed for ' . + $arg . ': ' . $e->getMessage()); + } + } + return null; + } + + /** * Make sure necessary tables are filled out. */ function onCheckSchema() { diff --git a/plugins/OStatus/classes/HubSub.php b/plugins/OStatus/classes/HubSub.php index 3120a70f9..c420b3eef 100644 --- a/plugins/OStatus/classes/HubSub.php +++ b/plugins/OStatus/classes/HubSub.php @@ -192,7 +192,7 @@ class HubSub extends Memcached_DataObject // Any existing query string parameters must be preserved $url = $this->callback; - if (strpos('?', $url) !== false) { + if (strpos($url, '?') !== false) { $url .= '&'; } else { $url .= '?'; diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index fcca1a252..abc8100ce 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -428,10 +428,18 @@ class Ostatus_profile extends Memcached_DataObject * Currently assumes that all items in the feed are new, * coming from a PuSH hub. * - * @param DOMDocument $feed + * @param DOMDocument $doc + * @param string $source identifier ("push") */ - public function processFeed($feed, $source) + public function processFeed(DOMDocument $doc, $source) { + $feed = $doc->documentElement; + + if ($feed->localName != 'feed' || $feed->namespaceURI != Activity::ATOM) { + common_log(LOG_ERR, __METHOD__ . ": not an Atom feed, ignoring"); + return; + } + $entries = $feed->getElementsByTagNameNS(Activity::ATOM, 'entry'); if ($entries->length == 0) { common_log(LOG_ERR, __METHOD__ . ": no entries in feed update, ignoring"); @@ -449,6 +457,7 @@ class Ostatus_profile extends Memcached_DataObject * * @param DOMElement $entry * @param DOMElement $feed for context + * @param string $source identifier ("push" or "salmon") */ public function processEntry($entry, $feed, $source) { diff --git a/plugins/OStatus/lib/feeddiscovery.php b/plugins/OStatus/lib/feeddiscovery.php index 7afb71bdc..ff76b229e 100644 --- a/plugins/OStatus/lib/feeddiscovery.php +++ b/plugins/OStatus/lib/feeddiscovery.php @@ -129,7 +129,7 @@ class FeedDiscovery function initFromResponse($response) { if (!$response->isOk()) { - throw new FeedSubBadResponseException($response->getCode()); + throw new FeedSubBadResponseException($response->getStatus()); } $sourceurl = $response->getUrl(); diff --git a/plugins/OpenID/User_openid.php b/plugins/OpenID/User_openid.php index 801b49ecc..5ef05b4c7 100644 --- a/plugins/OpenID/User_openid.php +++ b/plugins/OpenID/User_openid.php @@ -39,9 +39,21 @@ class User_openid extends Memcached_DataObject ); } + /** + * List primary and unique keys in this table. + * Unique keys used for lookup *MUST* be listed to ensure proper caching. + */ function keys() { - return array('canonical' => 'K', 'display' => 'U'); + return array('canonical' => 'K', 'display' => 'U', 'user_id' => 'U'); + } + + /** + * No sequence keys in this table. + */ + function sequenceKey() + { + return array(false, false, false); } Static function hasOpenID($user_id) diff --git a/plugins/OpenID/openidsettings.php b/plugins/OpenID/openidsettings.php index 3fc3d6128..16142cf48 100644 --- a/plugins/OpenID/openidsettings.php +++ b/plugins/OpenID/openidsettings.php @@ -176,6 +176,43 @@ class OpenidsettingsAction extends AccountSettingsAction } } } + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_openid_trustroots', + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset', array('id' => 'settings_openid_trustroots')); + $this->element('legend', null, _m('OpenID Trusted Sites')); + $this->hidden('token', common_session_token()); + $this->element('p', 'form_guide', + _m('The following sites are allowed to access your ' . + 'identity and log you in. You can remove a site from ' . + 'this list to deny it access to your OpenID.')); + $this->elementStart('ul', 'form_data'); + $user_openid_trustroot = new User_openid_trustroot(); + $user_openid_trustroot->user_id=$user->id; + if($user_openid_trustroot->find()) { + while($user_openid_trustroot->fetch()) { + $this->elementStart('li'); + $this->element('input', array('name' => 'openid_trustroot[]', + 'type' => 'checkbox', + 'class' => 'checkbox', + 'value' => $user_openid_trustroot->trustroot, + 'id' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot))); + $this->element('label', array('class'=>'checkbox', 'for' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot)), + $user_openid_trustroot->trustroot); + $this->elementEnd('li'); + } + } + $this->elementEnd('ul'); + $this->element('input', array('type' => 'submit', + 'id' => 'settings_openid_trustroots_action-submit', + 'name' => 'remove_trustroots', + 'class' => 'submit', + 'value' => _m('Remove'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); } /** @@ -204,12 +241,45 @@ class OpenidsettingsAction extends AccountSettingsAction } } else if ($this->arg('remove')) { $this->removeOpenid(); + } else if($this->arg('remove_trustroots')) { + $this->removeTrustroots(); } else { $this->showForm(_m('Something weird happened.')); } } /** + * Handles a request to remove OpenID trustroots from the user's account + * + * Validates input and, if everything is OK, deletes the trustroots. + * Reloads the form with a success or error notification. + * + * @return void + */ + + function removeTrustroots() + { + $user = common_current_user(); + $trustroots = $this->arg('openid_trustroot'); + if($trustroots) { + foreach($trustroots as $trustroot) { + $user_openid_trustroot = User_openid_trustroot::pkeyGet( + array('user_id'=>$user->id, 'trustroot'=>$trustroot)); + if($user_openid_trustroot) { + $user_openid_trustroot->delete(); + } else { + $this->showForm(_m('No such OpenID trustroot.')); + return; + } + } + $this->showForm(_m('Trustroots removed'), true); + } else { + $this->showForm(); + } + return; + } + + /** * Handles a request to remove an OpenID from the user's account * * Validates input and, if everything is OK, deletes the OpenID. diff --git a/plugins/RSSCloud/RSSCloudNotifier.php b/plugins/RSSCloud/RSSCloudNotifier.php index d454691c8..9e7b53680 100644 --- a/plugins/RSSCloud/RSSCloudNotifier.php +++ b/plugins/RSSCloud/RSSCloudNotifier.php @@ -152,7 +152,7 @@ class RSSCloudNotifier function notify($profile) { $feed = common_path('api/statuses/user_timeline/') . - $profile->nickname . '.rss'; + $profile->id . '.rss'; $cloudSub = new RSSCloudSubscription(); diff --git a/plugins/RSSCloud/RSSCloudRequestNotify.php b/plugins/RSSCloud/RSSCloudRequestNotify.php index d76c08d37..030529534 100644 --- a/plugins/RSSCloud/RSSCloudRequestNotify.php +++ b/plugins/RSSCloud/RSSCloudRequestNotify.php @@ -270,13 +270,14 @@ class RSSCloudRequestNotifyAction extends Action function userFromFeed($feed) { - // We only do profile feeds + // We only do canonical RSS2 profile feeds (specified by ID), e.g.: + // http://www.example.com/api/statuses/user_timeline/2.rss $path = common_path('api/statuses/user_timeline/'); - $valid = '%^' . $path . '(?<nickname>.*)\.rss$%'; + $valid = '%^' . $path . '(?<id>.*)\.rss$%'; if (preg_match($valid, $feed, $matches)) { - $user = User::staticGet('nickname', $matches['nickname']); + $user = User::staticGet('id', $matches['id']); if (!empty($user)) { return $user; } |