From 4daf76212a6802863d20c6af7597eddded227ae8 Mon Sep 17 00:00:00 2001
From: Zach Copley <zach@status.net>
Date: Thu, 14 Jan 2010 02:38:01 +0000
Subject: [PATCH] - Had to remove checking read vs. read-write in OAuth
 authenticated methods - Will now pick up source attr from OAuth app

---
 actions/apiaccountverifycredentials.php | 14 ++++++++++++++
 actions/apistatusesupdate.php           |  5 +++++
 lib/apiauth.php                         | 14 +++++---------
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/actions/apiaccountverifycredentials.php b/actions/apiaccountverifycredentials.php
index 08b201dbff..1095d51626 100644
--- a/actions/apiaccountverifycredentials.php
+++ b/actions/apiaccountverifycredentials.php
@@ -82,4 +82,18 @@ class ApiAccountVerifyCredentialsAction extends ApiAuthAction
 
     }
 
+    /**
+     * Is this action read only?
+     *
+     * @param array $args other arguments
+     * 
+     * @return boolean true
+     *
+     **/
+    
+    function isReadOnly($args)
+    {
+        return true;
+    }
+    
 }
diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php
index f594bbf393..f8bf7cf874 100644
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@@ -85,6 +85,11 @@ class ApiStatusesUpdateAction extends ApiAuthAction
         $this->lat    = $this->trimmed('lat');
         $this->lon    = $this->trimmed('long');
 
+        // try to set the source attr from OAuth app
+        if (empty($this->source)) {
+            $this->source = $this->oauth_source;
+        }
+
         if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
             $this->source = 'api';
         }
diff --git a/lib/apiauth.php b/lib/apiauth.php
index f513ed2c9a..37070d212f 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -55,6 +55,7 @@ class ApiAuthAction extends ApiAction
 {
     var $access_token;
     var $oauth_access_type;
+    var $oauth_source;
 
     /**
      * Take arguments for running, and output basic auth header if needed
@@ -90,13 +91,6 @@ class ApiAuthAction extends ApiAction
     function handle($args)
     {
         parent::handle($args);
-
-        if ($this->isReadOnly($args) == false) {
-            if ($this->access == self::READ_ONLY) {
-                $this->clientError(_('API method requires write access.'), 401);
-                exit();
-            }
-        }
     }
 
     function checkOAuthRequest()
@@ -116,8 +110,6 @@ class ApiAuthAction extends ApiAction
             $req  = OAuthRequest::from_request();
             $server->verify_request($req);
 
-            common_debug("Good OAuth request!");
-
             $app = Oauth_application::getByConsumerKey($this->consumer_key);
 
             if (empty($app)) {
@@ -129,6 +121,10 @@ class ApiAuthAction extends ApiAction
                 throw new OAuthException('No application for that consumer key.');
             }
 
+            // set the source attr
+
+            $this->oauth_source = $app->name;
+
             $appUser = Oauth_application_user::staticGet('token',
                                                          $this->access_token);