- Had to remove checking read vs. read-write in OAuth authenticated methods

- Will now pick up source attr from OAuth app
This commit is contained in:
Zach Copley 2010-01-14 02:38:01 +00:00
parent c28c511438
commit 33df392289
3 changed files with 24 additions and 9 deletions

View File

@ -82,4 +82,18 @@ class ApiAccountVerifyCredentialsAction extends ApiAuthAction
}
/**
* Is this action read only?
*
* @param array $args other arguments
*
* @return boolean true
*
**/
function isReadOnly($args)
{
return true;
}
}

View File

@ -85,6 +85,11 @@ class ApiStatusesUpdateAction extends ApiAuthAction
$this->lat = $this->trimmed('lat');
$this->lon = $this->trimmed('long');
// try to set the source attr from OAuth app
if (empty($this->source)) {
$this->source = $this->oauth_source;
}
if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
$this->source = 'api';
}

View File

@ -55,6 +55,7 @@ class ApiAuthAction extends ApiAction
{
var $access_token;
var $oauth_access_type;
var $oauth_source;
/**
* Take arguments for running, and output basic auth header if needed
@ -90,13 +91,6 @@ class ApiAuthAction extends ApiAction
function handle($args)
{
parent::handle($args);
if ($this->isReadOnly($args) == false) {
if ($this->access == self::READ_ONLY) {
$this->clientError(_('API method requires write access.'), 401);
exit();
}
}
}
function checkOAuthRequest()
@ -116,8 +110,6 @@ class ApiAuthAction extends ApiAction
$req = OAuthRequest::from_request();
$server->verify_request($req);
common_debug("Good OAuth request!");
$app = Oauth_application::getByConsumerKey($this->consumer_key);
if (empty($app)) {
@ -129,6 +121,10 @@ class ApiAuthAction extends ApiAction
throw new OAuthException('No application for that consumer key.');
}
// set the source attr
$this->oauth_source = $app->name;
$appUser = Oauth_application_user::staticGet('token',
$this->access_token);