- Had to remove checking read vs. read-write in OAuth authenticated methods
- Will now pick up source attr from OAuth app
This commit is contained in:
parent
8b24b5ac7b
commit
4daf76212a
@ -82,4 +82,18 @@ class ApiAccountVerifyCredentialsAction extends ApiAuthAction
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Is this action read only?
|
||||||
|
*
|
||||||
|
* @param array $args other arguments
|
||||||
|
*
|
||||||
|
* @return boolean true
|
||||||
|
*
|
||||||
|
**/
|
||||||
|
|
||||||
|
function isReadOnly($args)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -85,6 +85,11 @@ class ApiStatusesUpdateAction extends ApiAuthAction
|
|||||||
$this->lat = $this->trimmed('lat');
|
$this->lat = $this->trimmed('lat');
|
||||||
$this->lon = $this->trimmed('long');
|
$this->lon = $this->trimmed('long');
|
||||||
|
|
||||||
|
// try to set the source attr from OAuth app
|
||||||
|
if (empty($this->source)) {
|
||||||
|
$this->source = $this->oauth_source;
|
||||||
|
}
|
||||||
|
|
||||||
if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
|
if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
|
||||||
$this->source = 'api';
|
$this->source = 'api';
|
||||||
}
|
}
|
||||||
|
@ -55,6 +55,7 @@ class ApiAuthAction extends ApiAction
|
|||||||
{
|
{
|
||||||
var $access_token;
|
var $access_token;
|
||||||
var $oauth_access_type;
|
var $oauth_access_type;
|
||||||
|
var $oauth_source;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Take arguments for running, and output basic auth header if needed
|
* Take arguments for running, and output basic auth header if needed
|
||||||
@ -90,13 +91,6 @@ class ApiAuthAction extends ApiAction
|
|||||||
function handle($args)
|
function handle($args)
|
||||||
{
|
{
|
||||||
parent::handle($args);
|
parent::handle($args);
|
||||||
|
|
||||||
if ($this->isReadOnly($args) == false) {
|
|
||||||
if ($this->access == self::READ_ONLY) {
|
|
||||||
$this->clientError(_('API method requires write access.'), 401);
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function checkOAuthRequest()
|
function checkOAuthRequest()
|
||||||
@ -116,8 +110,6 @@ class ApiAuthAction extends ApiAction
|
|||||||
$req = OAuthRequest::from_request();
|
$req = OAuthRequest::from_request();
|
||||||
$server->verify_request($req);
|
$server->verify_request($req);
|
||||||
|
|
||||||
common_debug("Good OAuth request!");
|
|
||||||
|
|
||||||
$app = Oauth_application::getByConsumerKey($this->consumer_key);
|
$app = Oauth_application::getByConsumerKey($this->consumer_key);
|
||||||
|
|
||||||
if (empty($app)) {
|
if (empty($app)) {
|
||||||
@ -129,6 +121,10 @@ class ApiAuthAction extends ApiAction
|
|||||||
throw new OAuthException('No application for that consumer key.');
|
throw new OAuthException('No application for that consumer key.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// set the source attr
|
||||||
|
|
||||||
|
$this->oauth_source = $app->name;
|
||||||
|
|
||||||
$appUser = Oauth_application_user::staticGet('token',
|
$appUser = Oauth_application_user::staticGet('token',
|
||||||
$this->access_token);
|
$this->access_token);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user