- Had to remove checking read vs. read-write in OAuth authenticated methods

- Will now pick up source attr from OAuth app
2010-01-14 02:38:01 +00:00 · 2010-01-14 02:38:01 +00:00 · 4daf76212a
parent 8b24b5ac7b
commit 4daf76212a
3 changed files with 24 additions and 9 deletions
--- a/actions/apiaccountverifycredentials.php
+++ b/actions/apiaccountverifycredentials.php
@ -82,4 +82,18 @@ class ApiAccountVerifyCredentialsAction extends ApiAuthAction

    }

+    /**
+     * Is this action read only?
+     *
+     * @param array $args other arguments
+     * 
+     * @return boolean true
+     *
+     **/
+    
+    function isReadOnly($args)
+    {
+        return true;
+    }
+    
 }
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@ -85,6 +85,11 @@ class ApiStatusesUpdateAction extends ApiAuthAction
        $this->lat    = $this->trimmed('lat');
        $this->lon    = $this->trimmed('long');

+        // try to set the source attr from OAuth app
+        if (empty($this->source)) {
+            $this->source = $this->oauth_source;
+        }
+
        if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
            $this->source = 'api';
        }
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@ -55,6 +55,7 @@ class ApiAuthAction extends ApiAction
 {
    var $access_token;
    var $oauth_access_type;
+    var $oauth_source;

    /**
     * Take arguments for running, and output basic auth header if needed
@ -90,13 +91,6 @@ class ApiAuthAction extends ApiAction
    function handle($args)
    {
        parent::handle($args);
-
-        if ($this->isReadOnly($args) == false) {
-            if ($this->access == self::READ_ONLY) {
-                $this->clientError(_('API method requires write access.'), 401);
-                exit();
-            }
-        }
    }

    function checkOAuthRequest()
@ -116,8 +110,6 @@ class ApiAuthAction extends ApiAction
            $req  = OAuthRequest::from_request();
            $server->verify_request($req);

-            common_debug("Good OAuth request!");
-
            $app = Oauth_application::getByConsumerKey($this->consumer_key);

            if (empty($app)) {
@ -129,6 +121,10 @@ class ApiAuthAction extends ApiAction
                throw new OAuthException('No application for that consumer key.');
            }

+            // set the source attr
+
+            $this->oauth_source = $app->name;
+
            $appUser = Oauth_application_user::staticGet('token',
                                                         $this->access_token);