From 37c62c6356af22a7b1eb444b241083d9fa53166e Mon Sep 17 00:00:00 2001 From: Siebrand Mazeland Date: Wed, 11 Nov 2009 13:24:02 +0100 Subject: Remove double space in message --- actions/noticesearch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 79cf572cc..b68a2efe2 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -121,7 +121,7 @@ class NoticesearchAction extends SearchAction $message = sprintf(_('Be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } else { - $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); + $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } $this->elementStart('div', 'guide'); -- cgit v1.2.3-54-g00ecf From 014d6b1d19b6ae5de8d87f055397993f80579f74 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 14:02:57 -0500 Subject: Redid how URL shorteners work. This way is much more like how Evan wants events to work (and more like how the rest of SN works). --- EVENTS.txt | 14 ++++ actions/othersettings.php | 17 ++--- lib/Shorturl_api.php | 67 ------------------ lib/common.php | 1 - lib/util.php | 25 +++---- plugins/BitlyUrl/BitlyUrlPlugin.php | 31 ++++----- plugins/LilUrl/LilUrlPlugin.php | 38 +++++----- plugins/PtitUrl/PtitUrlPlugin.php | 31 ++++----- plugins/SimpleUrl/SimpleUrlPlugin.php | 41 +++-------- plugins/TightUrl/TightUrlPlugin.php | 31 ++++----- plugins/UrlShortener/UrlShortenerPlugin.php | 103 ++++++++++++++++++++++++++++ 11 files changed, 197 insertions(+), 202 deletions(-) delete mode 100644 lib/Shorturl_api.php create mode 100644 plugins/UrlShortener/UrlShortenerPlugin.php (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index f75dcebca..3acff277b 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -538,3 +538,17 @@ EndChangePassword: After changing a password UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object - &$related: array of DB_DataObject class names to delete entries on matching user_id. + +GetUrlShorteners: Specify URL shorteners that are available for use +- &$shorteners: append your shortener to this array like so: $shorteners[shortenerName]=array('display'=>display, 'freeService'=>boolean) + +StartShortenUrl: About to shorten a URL +- $url: url to be shortened +- $shortenerName: name of the requested shortener +- &$shortenedUrl: short version of the url + +EndShortenUrl: After a URL has been shortened +- $url: url to be shortened +- $shortenerName: name of the requested shortener +- $shortenedUrl: short version of the url + diff --git a/actions/othersettings.php b/actions/othersettings.php index d32a2d651..d52a634ac 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -97,20 +97,15 @@ class OthersettingsAction extends AccountSettingsAction $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); - $services=array(); - global $_shorteners; - if($_shorteners){ - foreach($_shorteners as $name=>$value) - { - $services[$name]=$name; - if(!empty($value['info']['freeService'])){ - // I18N - $services[$name].=' (free service)'; - } + Event::handle('GetUrlShorteners', array(&$shorteners)); + foreach($shorteners as $name=>$value) + { + $services[$name]=$name; + if($value['freeService']){ + $services[$name].=_(' (free service)'); } } asort($services); - $services['']='None'; $this->elementStart('ul', 'form_data'); $this->elementStart('li'); diff --git a/lib/Shorturl_api.php b/lib/Shorturl_api.php deleted file mode 100644 index de4d55012..000000000 --- a/lib/Shorturl_api.php +++ /dev/null @@ -1,67 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } - -abstract class ShortUrlApi -{ - protected $service_url; - protected $long_limit = 27; - - function __construct($service_url) - { - $this->service_url = $service_url; - } - - function shorten($url) - { - if ($this->is_long($url)) return $this->shorten_imp($url); - return $url; - } - - protected abstract function shorten_imp($url); - - protected function is_long($url) { - return strlen($url) >= common_config('site', 'shorturllength'); - } - - protected function http_post($data) - { - $request = HTTPClient::start(); - $response = $request->post($this->service_url, null, $data); - return $response->getBody(); - } - - protected function http_get($url) - { - $request = HTTPClient::start(); - $response = $request->get($this->service_url . urlencode($url)); - return $response->getBody(); - } - - protected function tidy($response) { - $response = str_replace(' ', ' ', $response); - $config = array('output-xhtml' => true); - $tidy = new tidy; - $tidy->parseString($response, $config, 'utf8'); - $tidy->cleanRepair(); - return (string)$tidy; - } -} - diff --git a/lib/common.php b/lib/common.php index 6aac46807..4958866d0 100644 --- a/lib/common.php +++ b/lib/common.php @@ -229,7 +229,6 @@ require_once INSTALLDIR.'/lib/util.php'; require_once INSTALLDIR.'/lib/action.php'; require_once INSTALLDIR.'/lib/mail.php'; require_once INSTALLDIR.'/lib/subs.php'; -require_once INSTALLDIR.'/lib/Shorturl_api.php'; require_once INSTALLDIR.'/lib/clientexception.php'; require_once INSTALLDIR.'/lib/serverexception.php'; diff --git a/lib/util.php b/lib/util.php index 7aca4af8d..68f3520db 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1423,25 +1423,18 @@ function common_shorten_url($long_url) if (empty($user)) { // common current user does not find a user when called from the XMPP daemon // therefore we'll set one here fix, so that XMPP given URLs may be shortened - $svc = 'ur1.ca'; + $shortenerName = 'ur1.ca'; } else { - $svc = $user->urlshorteningservice; + $shortenerName = $user->urlshorteningservice; } - global $_shorteners; - if (!isset($_shorteners[$svc])) { - //the user selected service doesn't exist, so default to ur1.ca - $svc = 'ur1.ca'; - } - if (!isset($_shorteners[$svc])) { - // no shortener plugins installed. - return $long_url; - } - - $reflectionObj = new ReflectionClass($_shorteners[$svc]['callInfo'][0]); - $short_url_service = $reflectionObj->newInstanceArgs($_shorteners[$svc]['callInfo'][1]); - $short_url = $short_url_service->shorten($long_url); - return $short_url; + if(Event::handle('StartShortenUrl', array($long_url,$shortenerName,&$shortenedUrl))){ + //URL wasn't shortened, so return the long url + return $long_url; + }else{ + //URL was shortened, so return the result + return $shortenedUrl; + } } function common_client_ip() diff --git a/plugins/BitlyUrl/BitlyUrlPlugin.php b/plugins/BitlyUrl/BitlyUrlPlugin.php index 478ef99d2..65d0f70e6 100644 --- a/plugins/BitlyUrl/BitlyUrlPlugin.php +++ b/plugins/BitlyUrl/BitlyUrlPlugin.php @@ -31,31 +31,24 @@ if (!defined('STATUSNET')) { exit(1); } -class BitlyUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class BitlyUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'bit.ly', - array(), - array('BitlyUrl',array('http://bit.ly/api?method=shorten&long_url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class BitlyUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { + protected function shorten($url) { $response = $this->http_get($url); - if(!$response){ - return $url; - }else{ - return current(json_decode($response)->results)->hashUrl; - } + if(!$response) return; + return current(json_decode($response)->results)->hashUrl; } } + diff --git a/plugins/LilUrl/LilUrlPlugin.php b/plugins/LilUrl/LilUrlPlugin.php index 852253b02..e906751e8 100644 --- a/plugins/LilUrl/LilUrlPlugin.php +++ b/plugins/LilUrl/LilUrlPlugin.php @@ -31,37 +31,31 @@ if (!defined('STATUSNET')) { exit(1); } -require_once(INSTALLDIR.'/lib/Shorturl_api.php'); +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; -class LilUrlPlugin extends Plugin +class LilUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'ur1.ca', - array('freeService'=>true), - array('LilUrl',array('http://ur1.ca/')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class LilUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $data['longurl'] = $url; - $response = $this->http_post($data); - if (!$response) return $url; - $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + protected function shorten($url) { + $data = array('longurl' => $url); + + $responseBody = $this->http_post($this->serviceUrl,$data); + + if (!$responseBody) return; + $y = @simplexml_load_string($responseBody); + if (!isset($y->body)) return; $x = $y->body->p[0]->a->attributes(); if (isset($x['href'])) { - common_log(LOG_INFO, __CLASS__ . ": shortened $url to $x[href]"); return $x['href']; } - return $url; } } + diff --git a/plugins/PtitUrl/PtitUrlPlugin.php b/plugins/PtitUrl/PtitUrlPlugin.php index f00d3e2f2..ef453e96d 100644 --- a/plugins/PtitUrl/PtitUrlPlugin.php +++ b/plugins/PtitUrl/PtitUrlPlugin.php @@ -30,33 +30,28 @@ if (!defined('STATUSNET')) { exit(1); } +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; -class PtitUrlPlugin extends Plugin +class PtitUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'ptiturl.com', - array(), - array('PtitUrl',array('http://ptiturl.com/?creer=oui&action=Reduire&url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class PtitUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; + protected function shorten($url) + { + $response = $this->http_get(sprintf($this->serviceUrl,urlencode($url))); + if (!$response) return; $response = $this->tidy($response); $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + if (!isset($y->body)) return; $xml = $y->body->center->table->tr->td->pre->a->attributes(); if (isset($xml['href'])) return $xml['href']; - return $url; } } + diff --git a/plugins/SimpleUrl/SimpleUrlPlugin.php b/plugins/SimpleUrl/SimpleUrlPlugin.php index d59d63e47..45b745b07 100644 --- a/plugins/SimpleUrl/SimpleUrlPlugin.php +++ b/plugins/SimpleUrl/SimpleUrlPlugin.php @@ -31,40 +31,21 @@ if (!defined('STATUSNET')) { exit(1); } -class SimpleUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class SimpleUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'is.gd', - array(), - array('SimpleUrl',array('http://is.gd/api.php?longurl=')) - ); - $this->registerUrlShortener( - 'snipr.com', - array(), - array('SimpleUrl',array('http://snipr.com/site/snip?r=simple&link=')) - ); - $this->registerUrlShortener( - 'metamark.net', - array(), - array('SimpleUrl',array('http://metamark.net/api/rest/simple?long_url=')) - ); - $this->registerUrlShortener( - 'tinyurl.com', - array(), - array('SimpleUrl',array('http://tinyurl.com/api-create.php?url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class SimpleUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - return $this->http_get($url); + protected function shorten($url) { + return $this->http_get(sprintf($this->serviceUrl,urlencode($url))); } } + diff --git a/plugins/TightUrl/TightUrlPlugin.php b/plugins/TightUrl/TightUrlPlugin.php index 48efb355f..56414c8c8 100644 --- a/plugins/TightUrl/TightUrlPlugin.php +++ b/plugins/TightUrl/TightUrlPlugin.php @@ -31,32 +31,27 @@ if (!defined('STATUSNET')) { exit(1); } -class TightUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class TightUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - '2tu.us', - array('freeService'=>true), - array('TightUrl',array('http://2tu.us/?save=y&url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class TightUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; + protected function shorten($url) + { + $response = $this->http_get(sprintf($this->serviceUrl,urlencode($url))); + if (!$response) return; $response = $this->tidy($response); $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + if (!isset($y->body)) return; $xml = $y->body->p[0]->code[0]->a->attributes(); if (isset($xml['href'])) return $xml['href']; - return $url; } } diff --git a/plugins/UrlShortener/UrlShortenerPlugin.php b/plugins/UrlShortener/UrlShortenerPlugin.php new file mode 100644 index 000000000..37206aa89 --- /dev/null +++ b/plugins/UrlShortener/UrlShortenerPlugin.php @@ -0,0 +1,103 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Superclass for plugins that do URL shortening + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +abstract class UrlShortenerPlugin extends Plugin +{ + public $shortenerName; + public $freeService=false; + //------------Url Shortener plugin should implement some (or all) of these methods------------\\ + + /** + * Short a URL + * @param url + * @return string shortened version of the url, or null if URL shortening failed + */ + protected abstract function shorten($url); + + //------------These methods may help you implement your plugin------------\\ + protected function http_get($url) + { + $request = HTTPClient::start(); + $response = $request->get($url); + return $response->getBody(); + } + + protected function http_post($url,$data) + { + $request = HTTPClient::start(); + $response = $request->post($url, null, $data); + return $response->getBody(); + } + + protected function tidy($response) { + $response = str_replace(' ', ' ', $response); + $config = array('output-xhtml' => true); + $tidy = new tidy; + $tidy->parseString($response, $config, 'utf8'); + $tidy->cleanRepair(); + return (string)$tidy; + } + //------------Below are the methods that connect StatusNet to the implementing Url Shortener plugin------------\\ + + function onInitializePlugin(){ + if(!isset($this->shortenerName)){ + throw new Exception("must specify a shortenerName"); + } + } + + function onGetUrlShorteners(&$shorteners) + { + $shorteners[$this->shortenerName]=array('freeService'=>$this->freeService); + } + + function onStartShortenUrl($url,$shortenerName,&$shortenedUrl) + { + if($shortenerName == $this->shortenerName && strlen($url) >= common_config('site', 'shorturllength')){ + $result = $this->shorten($url); + if(isset($result) && $result != null && $result !== false){ + $shortenedUrl=$result; + common_log(LOG_INFO, __CLASS__ . ": $this->shortenerName shortened $url to $shortenedUrl"); + return false; + } + } + } +} -- cgit v1.2.3-54-g00ecf From 23290f746f7ef9567e95ecbb06baf17f246a3fe7 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 17:05:24 -0500 Subject: Do not show the URL shortener selection drop down if no shorteners are available --- actions/othersettings.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'actions') diff --git a/actions/othersettings.php b/actions/othersettings.php index d52a634ac..1d252f34e 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -96,6 +96,7 @@ class OthersettingsAction extends AccountSettingsAction common_local_url('othersettings'))); $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); + $this->elementStart('ul', 'form_data'); Event::handle('GetUrlShorteners', array(&$shorteners)); foreach($shorteners as $name=>$value) @@ -105,14 +106,16 @@ class OthersettingsAction extends AccountSettingsAction $services[$name].=_(' (free service)'); } } - asort($services); + if($services) + { + asort($services); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->dropdown('urlshorteningservice', _('Shorten URLs with'), - $services, _('Automatic shortening service to use.'), - false, $user->urlshorteningservice); - $this->elementEnd('li'); + $this->elementStart('li'); + $this->dropdown('urlshorteningservice', _('Shorten URLs with'), + $services, _('Automatic shortening service to use.'), + false, $user->urlshorteningservice); + $this->elementEnd('li'); + } $this->elementStart('li'); $this->checkbox('viewdesigns', _('View profile designs'), $user->viewdesigns, _('Show or hide profile designs.')); -- cgit v1.2.3-54-g00ecf From 8a6590a7e800e33787ffc55dbd0b2b36ff140504 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 17:09:00 -0500 Subject: initialize these variables before use to prevent warnings --- actions/othersettings.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'actions') diff --git a/actions/othersettings.php b/actions/othersettings.php index 1d252f34e..0de7cd908 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -98,7 +98,9 @@ class OthersettingsAction extends AccountSettingsAction $this->hidden('token', common_session_token()); $this->elementStart('ul', 'form_data'); + $shorteners = array(); Event::handle('GetUrlShorteners', array(&$shorteners)); + $services = array(); foreach($shorteners as $name=>$value) { $services[$name]=$name; -- cgit v1.2.3-54-g00ecf From 6e601c11718d075cf17c463e997023058f18aa99 Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Thu, 12 Nov 2009 14:21:47 +0000 Subject: Wrong XRDS service type for OMB was being supplied. Wrong since commit 54696f7c I think --- actions/xrds.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 8f09557d1..5db3489ad 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -117,7 +117,7 @@ class XrdsAction extends Action //omb $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', + 'xml:id' => 'omb', 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', 'version' => '2.0')); $xrdsOutputter->element('Type', null, 'xri://$xrds*simple'); -- cgit v1.2.3-54-g00ecf From 707efadbd4b44435741ad9b2b972a77f4069e689 Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Thu, 12 Nov 2009 14:46:16 +0000 Subject: Some more XRDS fixes. With this and the previous commit, remote subs seem to work. Otherwise they don't. --- actions/xrds.php | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 5db3489ad..76ccc9c6e 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -97,22 +97,18 @@ class XrdsAction extends Action $xrdsOutputter->element('Type', null, 'xri://$xrds*simple'); $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_REQUEST, common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); - $xrdsOutputter->showXrdsService( OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1), null, - $this->user->getIdentifierURI()); + $this->user->uri); + $xrdsOutputter->showXrdsService( OAUTH_ENDPOINT_AUTHORIZE, + common_local_url('userauthorization'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_ACCESS, common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1), - null, - $this->user->getIdentifierURI()); + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_RESOURCE, null, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1), - null, - $this->user->getIdentifierURI()); + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); $xrdsOutputter->elementEnd('XRD'); //omb -- cgit v1.2.3-54-g00ecf From d8296df5d73fc189d393cddd9e2277f7c8a4cbf6 Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Thu, 12 Nov 2009 20:57:09 +0000 Subject: A further change to the XRDS is required if 0.9.x is to be able to remote sub to a 0.8.x account, with the OpenID plugin enabled. --- actions/xrds.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 76ccc9c6e..534182e3e 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -123,10 +123,10 @@ class XrdsAction extends Action common_local_url('updateprofile')); $xrdsOutputter->elementEnd('XRD'); + Event::handle('EndUserXRDS', array($this,&$xrdsOutputter)); + //misc $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', 'version' => '2.0')); $xrdsOutputter->showXrdsService(OAUTH_DISCOVERY, '#oauth'); @@ -134,8 +134,6 @@ class XrdsAction extends Action '#omb'); $xrdsOutputter->elementEnd('XRD'); - Event::handle('EndUserXRDS', array($this,&$xrdsOutputter)); - $xrdsOutputter->endXRDS(); } -- cgit v1.2.3-54-g00ecf From ed690615de8f6433a1a4d9a8fc7c28385af47d8a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 12 Nov 2009 20:12:00 -0500 Subject: Added a User_username table that links the external username with a StatusNet user_id Added EmailAuthenticationPlugin Added ReverseUsernameAuthenticationPlugin Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static --- EVENTS.txt | 4 +- actions/passwordsettings.php | 4 +- classes/User.php | 16 +- classes/statusnet.ini | 10 ++ index.php | 1 - lib/util.php | 1 + plugins/Authentication/AuthenticationPlugin.php | 177 ++++++++++++++------- plugins/Authentication/User_username.php | 25 +++ .../EmailAuthenticationPlugin.php | 54 +++++++ plugins/EmailAuthentication/README | 7 + .../LdapAuthenticationPlugin.php | 56 +++---- plugins/LdapAuthentication/README | 5 +- plugins/ReverseUsernameAuthentication/README | 26 +++ .../ReverseUsernameAuthenticationPlugin.php | 58 +++++++ 14 files changed, 349 insertions(+), 95 deletions(-) create mode 100644 plugins/Authentication/User_username.php create mode 100644 plugins/EmailAuthentication/EmailAuthenticationPlugin.php create mode 100644 plugins/EmailAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index 3acff277b..c788a9215 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -528,12 +528,12 @@ EndCheckPassword: After checking a username/password pair - $authenticatedUser: User object if credentials match a user, else null. StartChangePassword: Before changing a password -- $nickname: user's nickname +- $user: user - $oldpassword: the user's old password - $newpassword: the desired new password EndChangePassword: After changing a password -- $nickname: user's nickname +- $user: user UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 9e79501e2..11d7bf785 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -170,7 +170,7 @@ class PasswordsettingsAction extends AccountSettingsAction } $success = false; - if(! Event::handle('StartChangePassword', array($user->nickname, $oldpassword, $newpassword))){ + if(! Event::handle('StartChangePassword', array($user, $oldpassword, $newpassword))){ //no handler changed the password, so change the password internally $original = clone($user); @@ -186,7 +186,7 @@ class PasswordsettingsAction extends AccountSettingsAction $this->serverError(_('Can\'t save new password.')); return; } - Event::handle('EndChangePassword', array($nickname)); + Event::handle('EndChangePassword', array($user)); } $this->showForm(_('Password saved.'), true); diff --git a/classes/User.php b/classes/User.php index 9b90ce61b..9f1ee53f4 100644 --- a/classes/User.php +++ b/classes/User.php @@ -114,7 +114,7 @@ class User extends Memcached_DataObject return $result; } - function allowed_nickname($nickname) + static function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. $blacklist = common_config('nickname', 'blacklist'); @@ -190,7 +190,17 @@ class User extends Memcached_DataObject $profile->query('BEGIN'); + if(!empty($email)) + { + $email = common_canonical_email($email); + } + + $nickname = common_canonical_nickname($nickname); $profile->nickname = $nickname; + if(! User::allowed_nickname($nickname)){ + common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), + __FILE__); + } $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { @@ -242,6 +252,10 @@ class User extends Memcached_DataObject } } + if(isset($email_confirmed) && $email_confirmed) { + $user->email = $email; + } + // This flag is ignored but still set to 1 $user->inboxed = 1; diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 912d05cdf..19ab7bf97 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -566,3 +566,13 @@ modified = 384 user_id = K token = K +[user_username] +user_id = 129 +provider_name = 130 +username = 130 +created = 142 +modified = 384 + +[user_username__keys] +provider_name = K +username = K diff --git a/index.php b/index.php index b1e4f651e..577b491ed 100644 --- a/index.php +++ b/index.php @@ -68,7 +68,6 @@ function getPath($req) */ function handleError($error) { -//error_log(print_r($error,1)); if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { return; } diff --git a/lib/util.php b/lib/util.php index 68f3520db..4b2a25ead 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1058,6 +1058,7 @@ function common_log($priority, $msg, $filename=null) } } else { common_ensure_syslog(); + error_log($msg); syslog($priority, $msg); } } diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index e3e55fea6..99b61b808 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -48,20 +48,20 @@ abstract class AuthenticationPlugin extends Plugin //should accounts be automatically created after a successful login attempt? public $autoregistration = false; - //can the user change their email address - public $email_changeable=true; - //can the user change their email address public $password_changeable=true; + //unique name for this authentication provider + public $provider_name; + //------------Auth plugin should implement some (or all) of these methods------------\\ /** * Check if a nickname/password combination is valid - * @param nickname + * @param username * @param password * @return boolean true if the credentials are valid, false if they are invalid. */ - function checkPassword($nickname, $password) + function checkPassword($username, $password) { return false; } @@ -69,88 +69,116 @@ abstract class AuthenticationPlugin extends Plugin /** * Automatically register a user when they attempt to login with valid credentials. * User::register($data) is a very useful method for this implementation - * @param nickname - * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + * @param username + * @return boolean true if the user was created, false if not */ - function autoRegister($nickname) + function autoRegister($username) { - return null; + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); } /** * Change a user's password * The old password has been verified to be valid by this plugin before this call is made - * @param nickname + * @param username * @param oldpassword * @param newpassword - * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + * @return boolean true if the password was changed, false if password changing failed for some reason */ - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { - return null; - } - - /** - * Can a user change this field in his own profile? - * @param nickname - * @param field - * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname - */ - function canUserChangeField($nickname, $field) - { - return null; + return false; } //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + if(!isset($this->provider_name)){ + throw new Exception("must specify a provider_name for this authentication provider"); + } } - + function onStartCheckPassword($nickname, $password, &$authenticatedUser){ - if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $password); + //map the nickname to a username + $user_username = new User_username(); + $user_username->username=$nickname; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $username = $user_username->username; + $authenticated = $this->checkPassword($username, $password); if($authenticated){ - $authenticatedUser = User::staticGet('nickname', $nickname); - if(!$authenticatedUser && $this->autoregistration){ - if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('id', $user_username->user_id); + return false; + } + }else{ + $user = User::staticGet('nickname', $nickname); + if($user){ + //make sure a different provider isn't handling this nickname + $user_username = new User_username(); + $user_username->username=$nickname; + if(!$user_username->find()){ + //no other provider claims this username, so it's safe for us to handle it + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; } } - return false; }else{ - if($this->authoritative){ - return false; + if($this->autoregistration){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated && $this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; + } } } - //we're not authoritative, so let other handlers try + } + if($this->authoritative){ + return false; }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing is not allowed')); - } + //we're not authoritative, so let other handlers try + return; } } - function onStartChangePassword($nickname,$oldpassword,$newpassword) + function onStartChangePassword($user,$oldpassword,$newpassword) { if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $oldpassword); - if($authenticated){ - $result = $this->changePassword($nickname,$oldpassword,$newpassword); - if($result){ - //stop handling of other handlers, because what was requested was done - return false; - }else{ - throw new Exception(_('Password changing failed')); - } - }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing failed')); + $user_username = new User_username(); + $user_username->user_id=$user->id; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $authenticated = $this->checkPassword($user_username->username, $oldpassword); + if($authenticated){ + $result = $this->changePassword($user_username->username,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } }else{ - //let another handler try - return null; + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } } } }else{ @@ -164,9 +192,42 @@ abstract class AuthenticationPlugin extends Plugin function onStartAccountSettingsPasswordMenuItem($widget) { if($this->authoritative && !$this->password_changeable){ - //since we're authoritative, no other plugin could change passwords, so do render the menu item + //since we're authoritative, no other plugin could change passwords, so do not render the menu item + return false; + } + } + + function onAutoload($cls) + { + switch ($cls) + { + case 'User_username': + require_once(INSTALLDIR.'/plugins/Authentication/User_username.php'); return false; + default: + return true; } } + + function onCheckSchema() { + $schema = Schema::get(); + $schema->ensureTable('user_username', + array(new ColumnDef('provider_name', 'varchar', + '255', false, 'PRI'), + new ColumnDef('username', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + return true; + } + + function onUserDeleteRelated($user, &$tables) + { + $tables[] = 'User_username'; + return true; + } } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php new file mode 100644 index 000000000..79adeb189 --- /dev/null +++ b/plugins/Authentication/User_username.php @@ -0,0 +1,25 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +class EmailAuthenticationPlugin extends Plugin +{ + //---interface implementation---// + + function onStartCheckPassword($nickname, $password, &$authenticatedUser) + { + if(strpos($nickname, '@')) + { + $user = User::staticGet('email',$nickname); + if($user && isset($user->email)) + { + if(common_check_user($user->nickname,$password)) + { + $authenticatedUser = $user; + return false; + } + } + } + } +} + diff --git a/plugins/EmailAuthentication/README b/plugins/EmailAuthentication/README new file mode 100644 index 000000000..320815689 --- /dev/null +++ b/plugins/EmailAuthentication/README @@ -0,0 +1,7 @@ +The Email Authentication plugin allows users to login using their email address. + +The provided email address is used to lookup the user's nickname, then that nickname and the provided password is checked. + +Installation +============ +add "addPlugin('emailAuthentication');" to the bottom of your config.php diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index ded5cf299..865154730 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -48,20 +48,31 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin public $scope=null; public $attributes=array(); - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->host)){ + throw new Exception("must specify a host"); + } + if(!isset($this->basedn)){ + throw new Exception("must specify a basedn"); + } + if(!isset($this->attributes['nickname'])){ + throw new Exception("must specify a nickname attribute"); + } + if(!isset($this->attributes['username'])){ + throw new Exception("must specify a username attribute"); + } } //---interface implementation---// - function checkPassword($nickname, $password) + function checkPassword($username, $password) { $ldap = $this->ldap_get_connection(); if(!$ldap){ return false; } - $entry = $this->ldap_get_user($nickname); + $entry = $this->ldap_get_user($username); if(!$entry){ return false; }else{ @@ -76,48 +87,33 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin } } - function autoRegister($nickname) + function autoRegister($username) { - $entry = $this->ldap_get_user($nickname,$this->attributes); + $entry = $this->ldap_get_user($username,$this->attributes); if($entry){ $registration_data = array(); foreach($this->attributes as $sn_attribute=>$ldap_attribute){ - if($sn_attribute=='email'){ - $registration_data[$sn_attribute]=common_canonical_email($entry->getValue($ldap_attribute,'single')); - }else if($sn_attribute=='nickname'){ - $registration_data[$sn_attribute]=common_canonical_nickname($entry->getValue($ldap_attribute,'single')); - }else{ - $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); - } + $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + } + if(isset($registration_data['email']) && !empty($registration_data['email'])){ + $registration_data['email_confirmed']=true; } //set the database saved password to a random string. $registration_data['password']=common_good_rand(16); - $user = User::register($registration_data); - return true; + return User::register($registration_data); }else{ //user isn't in ldap, so we cannot register him - return null; + return false; } } - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { //TODO implement this throw new Exception(_('Sorry, changing LDAP passwords is not supported at this time')); return false; } - - function canUserChangeField($nickname, $field) - { - switch($field) - { - case 'password': - case 'nickname': - case 'email': - return false; - } - } //---utility functions---// function ldap_get_config(){ @@ -159,7 +155,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin */ function ldap_get_user($username,$attributes=array()){ $ldap = $this->ldap_get_connection(); - $filter = Net_LDAP2_Filter::create($this->attributes['nickname'], 'equals', $username); + $filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username); $options = array( 'scope' => 'sub', 'attributes' => $attributes diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 03647e7c7..b10a1eb93 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -6,7 +6,8 @@ add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'valu Settings ======== -authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). +provider_name*: a unique name for this authentication provider. +authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database). autoregistration (false): Set to true if users should be automatically created when they attempt to login. email_changeable (true): Are users allowed to change their email address? (true or false) password_changeable (true): Are users allowed to change their passwords? (true or false) @@ -23,6 +24,7 @@ filter: Default search filter. See http://pear.php.net/manual/en/package.network scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name + username* nickname* email fullname @@ -37,6 +39,7 @@ Example Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. addPlugin('ldapAuthentication', array( + 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', diff --git a/plugins/ReverseUsernameAuthentication/README b/plugins/ReverseUsernameAuthentication/README new file mode 100644 index 000000000..e9160ed9b --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/README @@ -0,0 +1,26 @@ +The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username. + +THIS PLUGIN IS FOR TESTING PURPOSES ONLY + +Installation +============ +add "addPlugin('reverseUsernameAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php + +Settings +======== +provider_name*: a unique name for this authentication provider. +password_changeable*: must be set to false. This plugin does not support changing passwords. +authoritative (false): Set to true if this plugin's responses are authoritative (meaning if this fails, do check any other plugins or the internal password database). +autoregistration (false): Set to true if users should be automatically created when they attempt to login. + +* required +default values are in (parenthesis) + +Example +======= +addPlugin('reverseUsernameAuthentication', array( + 'provider_name'=>'Example', + 'password_changeable'=>false, + 'authoritative'=>true, + 'autoregistration'=>true +)); diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php new file mode 100644 index 000000000..d48283b2e --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -0,0 +1,58 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; + +class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin +{ + //---interface implementation---// + + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->password_changeable) && $this->password_changeable){ + throw new Exception("password_changeable cannot be set to true. This plugin does not support changing passwords."); + } + } + + function checkPassword($username, $password) + { + return $username == strrev($password); + } + + function autoRegister($username) + { + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); + } +} -- cgit v1.2.3-54-g00ecf From ff88ef407a344749c02d9d1d0dc104b4b720d7ae Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 14:40:04 +0100 Subject: make block actions use profileformaction superclass --- actions/block.php | 6 ++-- actions/unblock.php | 72 +++++++++-------------------------------------- lib/profileformaction.php | 2 +- 3 files changed, 17 insertions(+), 63 deletions(-) (limited to 'actions') diff --git a/actions/block.php b/actions/block.php index b125d2d8b..2443b3010 100644 --- a/actions/block.php +++ b/actions/block.php @@ -64,7 +64,7 @@ class BlockAction extends Action $this->clientError(_('There was a problem with your session token. Try again, please.')); return; } - $id = $this->trimmed('blockto'); + $id = $this->trimmed('profileid'); if (!$id) { $this->clientError(_('No profile specified.')); return false; @@ -97,7 +97,7 @@ class BlockAction extends Action 303); } elseif ($this->arg('yes')) { $this->blockProfile(); - } elseif ($this->arg('blockto')) { + } else { $this->showPage(); } } @@ -138,7 +138,7 @@ class BlockAction extends Action 'unable to subscribe to you in the future, and '. 'you will not be notified of any @-replies from them.')); $this->element('input', array('id' => 'blockto-' . $id, - 'name' => 'blockto', + 'name' => 'profileid', 'type' => 'hidden', 'value' => $id)); foreach ($this->args as $k => $v) { diff --git a/actions/unblock.php b/actions/unblock.php index dc28d5d54..c60458cd3 100644 --- a/actions/unblock.php +++ b/actions/unblock.php @@ -42,57 +42,25 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ */ -class UnblockAction extends Action -{ - var $profile = null; - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - */ +class UnblockAction extends ProfileFormAction +{ function prepare($args) { - parent::prepare($args); - if (!common_logged_in()) { - $this->clientError(_('Not logged in.')); - return false; - } - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->clientError(_('There was a problem with your session token. Try again, please.')); - return; - } - $id = $this->trimmed('unblockto'); - if (!$id) { - $this->clientError(_('No profile specified.')); + if (!parent::prepare($args)) { return false; } - $this->profile = Profile::staticGet('id', $id); - if (!$this->profile) { - $this->clientError(_('No profile with that ID.')); + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasBlocked($this->profile)) { + $this->clientError(_("You haven't blocked that user.")); return false; } - return true; - } - /** - * Handle request - * - * Shows a page with list of favorite notices - * - * @param array $args $_REQUEST args; handled in prepare() - * - * @return void - */ - function handle($args) - { - parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->unblockProfile(); - } + return true; } /** @@ -100,7 +68,8 @@ class UnblockAction extends Action * * @return void */ - function unblockProfile() + + function handlePost() { $cur = common_current_user(); $result = $cur->unblock($this->profile); @@ -108,20 +77,5 @@ class UnblockAction extends Action $this->serverError(_('Error removing the block.')); return; } - foreach ($this->args as $k => $v) { - if ($k == 'returnto-action') { - $action = $v; - } else if (substr($k, 0, 9) == 'returnto-') { - $args[substr($k, 9)] = $v; - } - } - if ($action) { - common_redirect(common_local_url($action, $args), 303); - } else { - common_redirect(common_local_url('subscribers', - array('nickname' => $cur->nickname)), - 303); - } } } - diff --git a/lib/profileformaction.php b/lib/profileformaction.php index 92e8611b9..8cb5f6a93 100644 --- a/lib/profileformaction.php +++ b/lib/profileformaction.php @@ -134,6 +134,6 @@ class ProfileFormAction extends Action function handlePost() { - return; + $this->serverError(_("unimplemented method")); } } -- cgit v1.2.3-54-g00ecf From 985986e7e94862a943271b9c3030b35e74bc28e1 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 16:08:06 +0100 Subject: add sandbox and silence actions --- actions/sandbox.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ actions/silence.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ actions/unsandbox.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ actions/unsilence.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 356 insertions(+) create mode 100644 actions/sandbox.php create mode 100644 actions/silence.php create mode 100644 actions/unsandbox.php create mode 100644 actions/unsilence.php (limited to 'actions') diff --git a/actions/sandbox.php b/actions/sandbox.php new file mode 100644 index 000000000..5b034ff07 --- /dev/null +++ b/actions/sandbox.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Sandbox a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class SandboxAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SANDBOXUSER)) { + $this->clientError(_("You cannot sandbox users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if ($this->profile->isSandboxed()) { + $this->clientError(_("User is already sandboxed.")); + return false; + } + + return true; + } + + /** + * Sandbox a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->sandbox(); + } +} diff --git a/actions/silence.php b/actions/silence.php new file mode 100644 index 000000000..206e5ba87 --- /dev/null +++ b/actions/silence.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Silence a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class SilenceAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SILENCEUSER)) { + $this->clientError(_("You cannot silence users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if ($this->profile->isSilenced()) { + $this->clientError(_("User is already silenced.")); + return false; + } + + return true; + } + + /** + * Silence a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->silence(); + } +} diff --git a/actions/unsandbox.php b/actions/unsandbox.php new file mode 100644 index 000000000..22f4d8e76 --- /dev/null +++ b/actions/unsandbox.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Unsandbox a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class UnsandboxAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SANDBOXUSER)) { + $this->clientError(_("You cannot sandbox users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if (!$this->profile->isSandboxed()) { + $this->clientError(_("User is not sandboxed.")); + return false; + } + + return true; + } + + /** + * Unsandbox a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->unsandbox(); + } +} diff --git a/actions/unsilence.php b/actions/unsilence.php new file mode 100644 index 000000000..9ff1b828b --- /dev/null +++ b/actions/unsilence.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Silence a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class UnsilenceAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SILENCEUSER)) { + $this->clientError(_("You cannot silence users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if (!$this->profile->isSilenced()) { + $this->clientError(_("User is not silenced.")); + return false; + } + + return true; + } + + /** + * Silence a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->unsilence(); + } +} -- cgit v1.2.3-54-g00ecf From e290f86c99f64385a9fdb9c94424beff0d3e3e82 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 16:14:49 +0100 Subject: make block action use ProfileFormAction superclass --- actions/block.php | 65 +++++++++++++++++-------------------------------------- 1 file changed, 20 insertions(+), 45 deletions(-) (limited to 'actions') diff --git a/actions/block.php b/actions/block.php index 2443b3010..71a34e087 100644 --- a/actions/block.php +++ b/actions/block.php @@ -42,9 +42,11 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ */ -class BlockAction extends Action + +class BlockAction extends ProfileFormAction { var $profile = null; + /** * Take arguments for running * @@ -52,28 +54,22 @@ class BlockAction extends Action * * @return boolean success flag */ + function prepare($args) { - parent::prepare($args); - if (!common_logged_in()) { - $this->clientError(_('Not logged in.')); - return false; - } - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->clientError(_('There was a problem with your session token. Try again, please.')); - return; - } - $id = $this->trimmed('profileid'); - if (!$id) { - $this->clientError(_('No profile specified.')); + if (!parent::prepare($args)) { return false; } - $this->profile = Profile::staticGet('id', $id); - if (!$this->profile) { - $this->clientError(_('No profile with that ID.')); + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if ($cur->hasBlocked($this->profile)) { + $this->clientError(_("You already blocked that user.")); return false; } + return true; } @@ -86,17 +82,15 @@ class BlockAction extends Action * * @return void */ + function handle($args) { - parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { - $cur = common_current_user(); - $other = Profile::staticGet('id', $this->arg('blockto')); - common_redirect(common_local_url('showstream', array('nickname' => $other->nickname)), - 303); + $this->returnToArgs(); } elseif ($this->arg('yes')) { - $this->blockProfile(); + $this->handlePost(); + $this->returnToArgs(); } else { $this->showPage(); } @@ -157,36 +151,17 @@ class BlockAction extends Action * * @return void */ - function blockProfile() + + function handlePost() { $cur = common_current_user(); - if ($cur->hasBlocked($this->profile)) { - $this->clientError(_('You have already blocked this user.')); - return; - } $result = $cur->block($this->profile); + if (!$result) { $this->serverError(_('Failed to save block information.')); return; } - - // Now, gotta figure where we go back to - foreach ($this->args as $k => $v) { - if ($k == 'returnto-action') { - $action = $v; - } elseif (substr($k, 0, 9) == 'returnto-') { - $args[substr($k, 9)] = $v; - } - } - - if ($action) { - common_redirect(common_local_url($action, $args), 303); - } else { - common_redirect(common_local_url('subscribers', - array('nickname' => $cur->nickname)), - 303); - } } } -- cgit v1.2.3-54-g00ecf From a2acb2eec506e642f6f4b122277e13e724524af8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 17:04:40 +0100 Subject: DeleteUserAction --- actions/deleteuser.php | 164 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 164 insertions(+) create mode 100644 actions/deleteuser.php (limited to 'actions') diff --git a/actions/deleteuser.php b/actions/deleteuser.php new file mode 100644 index 000000000..32b703aa7 --- /dev/null +++ b/actions/deleteuser.php @@ -0,0 +1,164 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Delete a user + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class DeleteuserAction extends ProfileFormAction +{ + var $user = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::DELETEUSER)) { + $this->clientError(_("You cannot delete users.")); + return false; + } + + $this->user = User::staticGet('id', $this->profile->id); + + if (empty($this->user)) { + $this->clientError(_("You can only delete local users.")); + return false; + } + + return true; + } + + /** + * Handle request + * + * Shows a page with list of favorite notices + * + * @param array $args $_REQUEST args; handled in prepare() + * + * @return void + */ + + function handle($args) + { + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + if ($this->arg('no')) { + $this->returnToArgs(); + } elseif ($this->arg('yes')) { + $this->handlePost(); + $this->returnToArgs(); + } else { + $this->showPage(); + } + } + } + + function showContent() { + $this->areYouSureForm(); + } + + function title() { + return _('Delete user'); + } + + function showNoticeForm() { + // nop + } + + /** + * Confirm with user. + * + * Shows a confirmation form. + * + * @return void + */ + function areYouSureForm() + { + $id = $this->profile->id; + $this->elementStart('form', array('id' => 'deleteuser-' . $id, + 'method' => 'post', + 'class' => 'form_settings form_entity_block', + 'action' => common_local_url('deleteuser'))); + $this->elementStart('fieldset'); + $this->hidden('token', common_session_token()); + $this->element('legend', _('Delete user')); + $this->element('p', null, + _('Are you sure you want to delete this user? '. + 'This will clear all data about the user from the '. + 'database, without a backup.')); + $this->element('input', array('id' => 'deleteuserto-' . $id, + 'name' => 'profileid', + 'type' => 'hidden', + 'value' => $id)); + foreach ($this->args as $k => $v) { + if (substr($k, 0, 9) == 'returnto-') { + $this->hidden($k, $v); + } + } + $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user")); + $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Delete this user')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Actually delete a user. + * + * @return void + */ + + function handlePost() + { + $this->user->delete(); + } +} + -- cgit v1.2.3-54-g00ecf From e14c88f6c52fddeeb26c71f13e93db7a8fabdd3b Mon Sep 17 00:00:00 2001 From: Eric Helgeson Date: Mon, 16 Nov 2009 14:59:32 -0500 Subject: Consistant error for groups that dont exist in API --- actions/apigroupismember.php | 2 +- actions/apigroupjoin.php | 2 +- actions/apigroupleave.php | 2 +- actions/apigroupmembership.php | 5 +++++ actions/apigroupshow.php | 2 +- actions/apitimelinegroup.php | 8 +++++++- 6 files changed, 16 insertions(+), 5 deletions(-) (limited to 'actions') diff --git a/actions/apigroupismember.php b/actions/apigroupismember.php index a822d18dd..08348e97b 100644 --- a/actions/apigroupismember.php +++ b/actions/apigroupismember.php @@ -92,7 +92,7 @@ class ApiGroupIsMemberAction extends ApiBareAuthAction } if (empty($this->group)) { - $this->clientError('Group not found!', 404, $this->format); + $this->clientError(_('Group not found!'), 404, $this->format); return false; } diff --git a/actions/apigroupjoin.php b/actions/apigroupjoin.php index ffda3986f..b531d9501 100644 --- a/actions/apigroupjoin.php +++ b/actions/apigroupjoin.php @@ -101,7 +101,7 @@ class ApiGroupJoinAction extends ApiAuthAction } if (empty($this->group)) { - $this->clientError('Group not found!', 404, $this->format); + $this->clientError(_('Group not found!'), 404, $this->format); return false; } diff --git a/actions/apigroupleave.php b/actions/apigroupleave.php index 8665ea1aa..514a3a557 100644 --- a/actions/apigroupleave.php +++ b/actions/apigroupleave.php @@ -101,7 +101,7 @@ class ApiGroupLeaveAction extends ApiAuthAction } if (empty($this->group)) { - $this->clientError('Group not found!', 404, $this->format); + $this->clientError(_('Group not found!'), 404, $this->format); return false; } diff --git a/actions/apigroupmembership.php b/actions/apigroupmembership.php index d221a6418..dd2843161 100644 --- a/actions/apigroupmembership.php +++ b/actions/apigroupmembership.php @@ -87,6 +87,11 @@ class ApiGroupMembershipAction extends ApiPrivateAuthAction { parent::handle($args); + if (empty($this->group)) { + $this->clientError(_('Group not found!'), 404, $this->format); + return false; + } + // XXX: RSS and Atom switch($this->format) { diff --git a/actions/apigroupshow.php b/actions/apigroupshow.php index b745ff92f..f9b960747 100644 --- a/actions/apigroupshow.php +++ b/actions/apigroupshow.php @@ -87,7 +87,7 @@ class ApiGroupShowAction extends ApiPrivateAuthAction if (empty($this->group)) { $this->clientError( - 'Group not found!', + _('Group not found!'), 404, $this->format ); diff --git a/actions/apitimelinegroup.php b/actions/apitimelinegroup.php index f25f6ba51..de13e7eb9 100644 --- a/actions/apitimelinegroup.php +++ b/actions/apitimelinegroup.php @@ -69,7 +69,6 @@ class ApiTimelineGroupAction extends ApiPrivateAuthAction parent::prepare($args); $this->group = $this->getTargetGroup($this->arg('id')); - $this->notices = $this->getNotices(); return true; } @@ -87,6 +86,13 @@ class ApiTimelineGroupAction extends ApiPrivateAuthAction function handle($args) { parent::handle($args); + + if (empty($this->group)) { + $this->clientError(_('Group not found!'), 404, $this->format); + return false; + } + + $this->notices = $this->getNotices(); $this->showTimeline(); } -- cgit v1.2.3-54-g00ecf From 75c00f0054c08c7b49515c849260afbb6913f525 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 16 Nov 2009 17:25:38 -0800 Subject: Bug 1655/bug 1905: fix for Internet Explorer receiving FOAF output when clicking user links. User links using the ID number (such as created for @-replies) have been failing on Internet Explorer, since IE doesn't bother to actually say it supports text/html... We usually get something like this from IE, up through at least IE 8: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* The */* ended up matching application/rdf+xml instead of text/html, so only other browsers which are more explicit would actually get sent on to the user profile/notice stream; IE visitors were directed on to the FOAF download. :( Swapping the order of items in the server-side of the negotiation list fixes this; clients actually asking for FOAF at a higher priority than HTML will still get it, but the wildcard */* now matches text/html which is usually what we want. Content negotiation for the user links was added August 2008 in commit 48fcfb8b0daeb272cb9d116af617daf15930d909. --- actions/userbyid.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/userbyid.php b/actions/userbyid.php index 802bcb081..86a61f20b 100644 --- a/actions/userbyid.php +++ b/actions/userbyid.php @@ -74,8 +74,11 @@ class UserbyidAction extends Action $this->clientError(_('No such user.')); } - // support redirecting to FOAF rdf/xml if the agent prefers it - $page_prefs = 'application/rdf+xml,text/html,application/xhtml+xml,application/xml;q=0.3,text/xml;q=0.2'; + // Support redirecting to FOAF rdf/xml if the agent prefers it... + // Internet Explorer doesn't specify "text/html" and does list "*/*" + // at least through version 8. We need to list text/html up front to + // ensure that only user-agents who specifically ask for RDF get it. + $page_prefs = 'text/html,application/xhtml+xml,application/rdf+xml,application/xml;q=0.3,text/xml;q=0.2'; $httpaccept = isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : null; $type = common_negotiate_type(common_accept_to_prefs($httpaccept), -- cgit v1.2.3-54-g00ecf