fine-tuning the privacy flag

darcs-hash:20081203183432-5ed1f-7626661b797f64594f990ee06d9e13b73b265b49.gz
This commit is contained in:
Evan Prodromou 2008-12-03 13:34:32 -05:00
parent 06b234c397
commit 8c10b0ac4d
3 changed files with 62 additions and 48 deletions

3
README
View File

@ -775,6 +775,9 @@ closed: If set to 'true', will disallow registration on your site.
the service, *then* set this variable to 'true'. the service, *then* set this variable to 'true'.
inviteonly: If set to 'true', will only allow registration if the user inviteonly: If set to 'true', will only allow registration if the user
was invited by an existing user. was invited by an existing user.
private: If set to 'true', anonymous users will be redirected to the
'login' page. Also, API methods that normally require no
authentication will require it.
db db
-- --

View File

@ -120,6 +120,12 @@ class ApiAction extends Action {
'statuses/followers', 'statuses/followers',
'favorites/favorites'); 'favorites/favorites');
# If the site is "private", all API methods need authentication
if (common_config('site', 'private')) {
return true;
}
$fullname = "$this->api_action/$this->api_method"; $fullname = "$this->api_action/$this->api_method";
if (in_array($fullname, $bareauth)) { if (in_array($fullname, $bareauth)) {

View File

@ -36,7 +36,12 @@ if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
common_redirect(common_local_url('public')); common_redirect(common_local_url('public'));
} }
if (!$user && common_config('site', 'private') && !in_array($action, array('login', 'api', 'doc')) { // If the site is private, and they're not on one of the "public"
// parts of the site, redirect to login
if (!$user && common_config('site', 'private') &&
!in_array($action, array('login', 'openidlogin', 'api', 'doc')))
{
common_redirect(common_local_url('login')); common_redirect(common_local_url('login'));
} }