From 40cde2f7109cace8f37cd36c31420c38ad475d40 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 15 Mar 2010 22:10:32 +0000 Subject: Initial Twitpic-like media upload endpoint /api/statusnet/media/upload --- actions/apimediaupload.php | 141 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 141 insertions(+) create mode 100644 actions/apimediaupload.php (limited to 'actions') diff --git a/actions/apimediaupload.php b/actions/apimediaupload.php new file mode 100644 index 000000000..ec316edc8 --- /dev/null +++ b/actions/apimediaupload.php @@ -0,0 +1,141 @@ +. + * + * @category API + * @author Zach Copley + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; +require_once INSTALLDIR . '/lib/mediafile.php'; + +/** + * Upload an image via the API. Returns a shortened URL for the image + * to the user. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiMediaUploadAction extends ApiAuthAction +{ + /** + * Handle the request + * + * Grab the file from the 'media' param, then store, and shorten + * + * @todo Upload throttle! + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + + $upload = null; + + try { + $upload = MediaFile::fromUpload('media', $this->auth_user); + } catch (ClientException $ce) { + $this->clientError($ce->getMessage()); + return; + } + + if (isset($upload)) { + $this->showResponse($upload); + } else { + $this->clientError('Upload failed.'); + return; + } + } + + /** + * Show a Twitpic-like response with the ID of the media file + * and a (hopefully) shortened URL for it. + * + * @param File $upload the uploaded file + * + * @return void + */ + function showResponse($upload) + { + $this->initDocument(); + $this->elementStart('rsp', array('stat' => 'ok')); + $this->element('mediaid', null, $upload->fileRecord->id); + $this->element('mediaurl', null, $upload->shortUrl()); + $this->elementEnd('rsp'); + $this->endDocument(); + } + + /** + * Overrided clientError to show a more Twitpic-like error + * + * @param String $msg an error message + * + */ + function clientError($msg) + { + $this->initDocument(); + $this->elementStart('rsp', array('stat' => 'fail')); + + // @todo add in error code + $errAttr = array('msg' => $msg); + + $this->element('err', $errAttr, null); + $this->elementEnd('rsp'); + $this->endDocument(); + } + +} -- cgit v1.2.3-54-g00ecf From 441e52718e4db4eb45bd5c76c5af446496f56f96 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 15 Mar 2010 15:08:16 -0700 Subject: Background deletion of user accounts. Notices are deleted in chunks, then the user itself when they're all gone. While deletion is in progress, the account is locked with the 'deleted' role, which disables all actions with rights control. Todo: * Pretty up the notice on the profile page about the pending delete. Show status? * Possibly more thorough account disabling, such as disallowing all use for login and access. * Improve error recovery; worst case is that an account gets left locked in 'deleted' state but the queue jobs have gotten dropped out. This would leave the username in use and any undeleted notices in place. --- actions/deleteuser.php | 10 ++++- classes/Profile.php | 3 ++ classes/Profile_role.php | 1 + lib/deluserqueuehandler.php | 95 +++++++++++++++++++++++++++++++++++++++++++++ lib/queuemanager.php | 3 ++ lib/userprofile.php | 11 ++++++ 6 files changed, 122 insertions(+), 1 deletion(-) create mode 100644 lib/deluserqueuehandler.php (limited to 'actions') diff --git a/actions/deleteuser.php b/actions/deleteuser.php index c4f84fad2..4e6b27395 100644 --- a/actions/deleteuser.php +++ b/actions/deleteuser.php @@ -162,7 +162,15 @@ class DeleteuserAction extends ProfileFormAction function handlePost() { if (Event::handle('StartDeleteUser', array($this, $this->user))) { - $this->user->delete(); + // Mark the account as deleted and shove low-level deletion tasks + // to background queues. Removing a lot of posts can take a while... + if (!$this->user->hasRole(Profile_role::DELETED)) { + $this->user->grantRole(Profile_role::DELETED); + } + + $qm = QueueManager::get(); + $qm->enqueue($this->user, 'deluser'); + Event::handle('EndDeleteUser', array($this, $this->user)); } } diff --git a/classes/Profile.php b/classes/Profile.php index 91f6e4692..eded1ff71 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -732,6 +732,9 @@ class Profile extends Memcached_DataObject function hasRight($right) { $result = false; + if ($this->hasRole(Profile_role::DELETED)) { + return false; + } if (Event::handle('UserRightsCheck', array($this, $right, &$result))) { switch ($right) { diff --git a/classes/Profile_role.php b/classes/Profile_role.php index d0a0b31f0..e7aa1f0f0 100644 --- a/classes/Profile_role.php +++ b/classes/Profile_role.php @@ -53,6 +53,7 @@ class Profile_role extends Memcached_DataObject const ADMINISTRATOR = 'administrator'; const SANDBOXED = 'sandboxed'; const SILENCED = 'silenced'; + const DELETED = 'deleted'; // Pending final deletion of notices... public static function isValid($role) { diff --git a/lib/deluserqueuehandler.php b/lib/deluserqueuehandler.php new file mode 100644 index 000000000..4a1233a5e --- /dev/null +++ b/lib/deluserqueuehandler.php @@ -0,0 +1,95 @@ +. + */ + +/** + * Background job to delete prolific users without disrupting front-end too much. + * + * Up to 50 messages are deleted on each run through; when all messages are gone, + * the actual account is deleted. + * + * @package QueueHandler + * @maintainer Brion Vibber + */ + +class DelUserQueueHandler extends QueueHandler +{ + const DELETION_WINDOW = 50; + + public function transport() + { + return 'deluser'; + } + + public function handle($user) + { + if (!($user instanceof User)) { + common_log(LOG_ERR, "Got a bogus user, not deleting"); + return true; + } + + $user = User::staticGet('id', $user->id); + if (!$user) { + common_log(LOG_INFO, "User {$user->nickname} was deleted before we got here."); + return true; + } + + if (!$user->hasRole(Profile_role::DELETED)) { + common_log(LOG_INFO, "User {$user->nickname} is not pending deletion; aborting."); + return true; + } + + $notice = $this->getNextBatch($user); + if ($notice->N) { + common_log(LOG_INFO, "Deleting next {$notice->N} notices by {$user->nickname}"); + while ($notice->fetch()) { + $del = clone($notice); + $del->delete(); + } + + // @todo improve reliability in case we died during the above deletions + // with a fatal error. If the job is lost, we should perform some kind + // of garbage collection later. + + // Queue up the next batch. + $qm = QueueManager::get(); + $qm->enqueue($user, 'deluser'); + } else { + // Out of notices? Let's finish deleting this guy! + $user->delete(); + common_log(LOG_INFO, "User $user->id $user->nickname deleted."); + return true; + } + + return true; + } + + /** + * Fetch the next self::DELETION_WINDOW messages for this user. + * @return Notice + */ + protected function getNextBatch(User $user) + { + $notice = new Notice(); + $notice->profile_id = $user->id; + $notice->limit(self::DELETION_WINDOW); + $notice->find(); + return $notice; + } + +} diff --git a/lib/queuemanager.php b/lib/queuemanager.php index 87bd356aa..0829c8a8b 100644 --- a/lib/queuemanager.php +++ b/lib/queuemanager.php @@ -264,6 +264,9 @@ abstract class QueueManager extends IoManager $this->connect('sms', 'SmsQueueHandler'); } + // Background user management tasks... + $this->connect('deluser', 'DelUserQueueHandler'); + // Broadcasting profile updates to OMB remote subscribers $this->connect('profile', 'ProfileQueueHandler'); diff --git a/lib/userprofile.php b/lib/userprofile.php index 8464c2446..2c3b1ea45 100644 --- a/lib/userprofile.php +++ b/lib/userprofile.php @@ -228,6 +228,17 @@ class UserProfile extends Widget function showEntityActions() { + if ($this->profile->hasRole(Profile_role::DELETED)) { + $this->out->elementStart('div', 'entity_actions'); + $this->out->element('h2', null, _('User actions')); + $this->out->elementStart('ul'); + $this->out->elementStart('p', array('class' => 'profile_deleted')); + $this->out->text(_('User deletion in progress...')); + $this->out->elementEnd('p'); + $this->out->elementEnd('ul'); + $this->out->elementEnd('div'); + return; + } if (Event::handle('StartProfilePageActionsSection', array(&$this->out, $this->profile))) { $cur = common_current_user(); -- cgit v1.2.3-54-g00ecf From d1ea448c274334cfee49c8d53e61866145084433 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 15 Mar 2010 18:41:15 -0700 Subject: Always output a site logo via /api/statusnet/config.:format (so client devs have something to use) --- actions/apistatusnetconfig.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/apistatusnetconfig.php b/actions/apistatusnetconfig.php index bff8313b5..66b23c02d 100644 --- a/actions/apistatusnetconfig.php +++ b/actions/apistatusnetconfig.php @@ -97,8 +97,6 @@ class ApiStatusnetConfigAction extends ApiAction // XXX: check that all sections and settings are legal XML elements - common_debug(var_export($this->keys, true)); - foreach ($this->keys as $section => $settings) { $this->elementStart($section); foreach ($settings as $setting) { @@ -110,6 +108,14 @@ class ApiStatusnetConfigAction extends ApiAction } else if ($value === true) { $value = 'true'; } + + // return theme logo if there's no site specific one + if (empty($value)) { + if ($section == 'site' && $setting == 'logo') { + $value = Theme::path('logo.png'); + } + } + $this->element($setting, null, $value); } $this->elementEnd($section); -- cgit v1.2.3-54-g00ecf