GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

fine-tuning the privacy flag 

darcs-hash:20081203183432-5ed1f-7626661b797f64594f990ee06d9e13b73b265b49.gz
This commit is contained in:
Evan Prodromou 2008-12-03 13:34:32 -05:00
parent 06b234c397
commit 8c10b0ac4d
3 changed files with 62 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
README
View File

@ -117,7 +117,7 @@ run correctly.
*must* support the MyISAM storage engine -- the default for most *must* support the MyISAM storage engine -- the default for most
MySQL servers -- *and* the InnoDB storage engine. MySQL servers -- *and* the InnoDB storage engine.
- A Web server. Preferably, you should have Apache 2.2.x with the - A Web server. Preferably, you should have Apache 2.2.x with the
mod_rewrite extension installed and enabled. mod_rewrite extension installed and enabled.
Your PHP installation must include the following PHP extensions: Your PHP installation must include the following PHP extensions:
@ -168,7 +168,7 @@ and the URLs are listed here for your convenience.
but won't work with OpenID. but won't work with OpenID.
http://pear.php.net/package/DB http://pear.php.net/package/DB
- OAuth.php from http://oauth.googlecode.com/svn/code/php/ - OAuth.php from http://oauth.googlecode.com/svn/code/php/
- markdown.php from http://michelf.com/projects/php-markdown/ - markdown.php from http://michelf.com/projects/php-markdown/
- PEAR Mail, for sending out mail notifications - PEAR Mail, for sending out mail notifications
http://pear.php.net/package/Mail http://pear.php.net/package/Mail
- PEAR Net_SMTP, if you use the SMTP factory for notifications - PEAR Net_SMTP, if you use the SMTP factory for notifications
@ -198,32 +198,32 @@ especially if you've previously installed PHP/MySQL packages.
1. Unpack the tarball you downloaded on your Web server. Usually a 1. Unpack the tarball you downloaded on your Web server. Usually a
command like this will work: command like this will work:
tar zxf laconica-0.6.2.tar.gz tar zxf laconica-0.6.2.tar.gz
...which will make a laconica-0.6.2 subdirectory in your current ...which will make a laconica-0.6.2 subdirectory in your current
directory. (If you don't have shell access on your Web server, you directory. (If you don't have shell access on your Web server, you
may have to unpack the tarball on your local computer and FTP the may have to unpack the tarball on your local computer and FTP the
files to the server.) files to the server.)
2. Move the tarball to a directory of your choosing in your Web root 2. Move the tarball to a directory of your choosing in your Web root
directory. Usually something like this will work: directory. Usually something like this will work:
mv laconica-0.6.2 /var/www/mublog mv laconica-0.6.2 /var/www/mublog
This will make your Laconica instance available in the mublog path of This will make your Laconica instance available in the mublog path of
your server, like "http://example.net/mublog". "microblog" or your server, like "http://example.net/mublog". "microblog" or
"laconica" might also be good path names. If you know how to "laconica" might also be good path names. If you know how to
configure virtual hosts on your web server, you can try setting up configure virtual hosts on your web server, you can try setting up
"http://micro.example.net/" or the like. "http://micro.example.net/" or the like.
3. You should also take this moment to make your avatar subdirectory 3. You should also take this moment to make your avatar subdirectory
writeable by the Web server. An insecure way to do this is: writeable by the Web server. An insecure way to do this is:
chmod a+w /var/www/mublog/avatar chmod a+w /var/www/mublog/avatar
On some systems, this will probably work: On some systems, this will probably work:
chgrp www-data /var/www/mublog/avatar chgrp www-data /var/www/mublog/avatar
chmod g+w /var/www/mublog/avatar chmod g+w /var/www/mublog/avatar
@ -233,13 +233,13 @@ especially if you've previously installed PHP/MySQL packages.
4. Create a database to hold your microblog data. Something like this 4. Create a database to hold your microblog data. Something like this
should work: should work:
mysqladmin -u "username" --password="password" create laconica mysqladmin -u "username" --password="password" create laconica
Note that Laconica must have its own database; you can't share the Note that Laconica must have its own database; you can't share the
database with another program. You can name it whatever you want, database with another program. You can name it whatever you want,
though. though.
(If you don't have shell access to your server, you may need to use (If you don't have shell access to your server, you may need to use
a tool like PHPAdmin to create a database. Check your hosting a tool like PHPAdmin to create a database. Check your hosting
service's documentation for how to create a new MySQL database.) service's documentation for how to create a new MySQL database.)
@ -252,22 +252,22 @@ especially if you've previously installed PHP/MySQL packages.
You may want to test by logging into the database and checking that You may want to test by logging into the database and checking that
the tables were created. Here's an example: the tables were created. Here's an example:
SHOW TABLES; SHOW TABLES;
6. Create a new database account that Laconica will use to access the 6. Create a new database account that Laconica will use to access the
database. If you have shell access, this will probably work from the database. If you have shell access, this will probably work from the
MySQL shell: MySQL shell:
GRANT SELECT,INSERT,DELETE,UPDATE on laconica.* GRANT SELECT,INSERT,DELETE,UPDATE on laconica.*
TO 'lacuser'@'localhost' TO 'lacuser'@'localhost'
IDENTIFIED BY 'lacpassword'; IDENTIFIED BY 'lacpassword';
You should change 'lacuser' and 'lacpassword' to your preferred new You should change 'lacuser' and 'lacpassword' to your preferred new
username and password. You may want to test logging in as this new username and password. You may want to test logging in as this new
user and testing that you can SELECT from some of the tables in the user and testing that you can SELECT from some of the tables in the
DB (use SHOW TABLES to see which ones are there). DB (use SHOW TABLES to see which ones are there).
7. Copy the config.php.sample in the Laconica directory to config.php. 7. Copy the config.php.sample in the Laconica directory to config.php.
8. Edit config.php to set the basic configuration for your system. 8. Edit config.php to set the basic configuration for your system.
@ -282,8 +282,8 @@ especially if you've previously installed PHP/MySQL packages.
will be empty. If not, magic has happened! You can now register a will be empty. If not, magic has happened! You can now register a
new user, post some notices, edit your profile, etc. However, you new user, post some notices, edit your profile, etc. However, you
may want to wait to do that stuff if you think you can set up may want to wait to do that stuff if you think you can set up
"fancy URLs" (see below), since some URLs are stored in the database. "fancy URLs" (see below), since some URLs are stored in the database.
Fancy URLs Fancy URLs
---------- ----------
@ -308,7 +308,7 @@ in your server.
import the .htaccess file into your conf file instead. If you're import the .htaccess file into your conf file instead. If you're
not sure how to do it, you may save yourself a lot of headache by not sure how to do it, you may save yourself a lot of headache by
just leaving the .htaccess file. just leaving the .htaccess file.
2. Change the "RewriteBase" in the new .htaccess file to be the URL path 2. Change the "RewriteBase" in the new .htaccess file to be the URL path
to your Laconica installation on your server. Typically this will to your Laconica installation on your server. Typically this will
be the path to your Laconica directory relative to your Web root. be the path to your Laconica directory relative to your Web root.
@ -316,7 +316,7 @@ in your server.
3. Add or uncomment or change a line in your config.php file so it says: 3. Add or uncomment or change a line in your config.php file so it says:
$config['site']['fancy'] = true; $config['site']['fancy'] = true;
You should now be able to navigate to a "fancy" URL on your server, You should now be able to navigate to a "fancy" URL on your server,
like: like:
@ -375,27 +375,27 @@ For this to work, there *must* be a domain or sub-domain for which all
2. Make sure the maildaemon.php file is executable: 2. Make sure the maildaemon.php file is executable:
chmod +x scripts/maildaemon.php chmod +x scripts/maildaemon.php
Note that "daemon" is kind of a misnomer here; the script is more Note that "daemon" is kind of a misnomer here; the script is more
of a filter than a daemon. of a filter than a daemon.
2. Edit /etc/aliases on your mail server and add the following line: 2. Edit /etc/aliases on your mail server and add the following line:
*: /path/to/laconica/scripts/maildaemon.php *: /path/to/laconica/scripts/maildaemon.php
3. Run whatever code you need to to update your aliases database. For 3. Run whatever code you need to to update your aliases database. For
many mail servers (Postfix, Exim, Sendmail), this should work: many mail servers (Postfix, Exim, Sendmail), this should work:
newaliases newaliases
You may need to restart your mail server for the new database to You may need to restart your mail server for the new database to
take effect. take effect.
4. Set the following in your config.php file: 4. Set the following in your config.php file:
$config['mail']['domain'] = 'yourdomain.example.net'; $config['mail']['domain'] = 'yourdomain.example.net';
At this point, post-by-email and post-by-SMS-gateway should work. Note At this point, post-by-email and post-by-SMS-gateway should work. Note
that if your mail server is on a different computer from your email that if your mail server is on a different computer from your email
server, you'll need to have a full installation of Laconica, a working server, you'll need to have a full installation of Laconica, a working
@ -413,19 +413,19 @@ well.
1. You may want to strongly consider setting up your own XMPP server. 1. You may want to strongly consider setting up your own XMPP server.
Ejabberd, OpenFire, and JabberD are all Open Source servers. Ejabberd, OpenFire, and JabberD are all Open Source servers.
Jabber, Inc. provides a high-performance commercial server. Jabber, Inc. provides a high-performance commercial server.
2. You must register a Jabber ID (JID) with your new server. It helps 2. You must register a Jabber ID (JID) with your new server. It helps
to choose a name like "update@example.com" or "notice" or something to choose a name like "update@example.com" or "notice" or something
similar. Alternately, your "update JID" can be registered on a similar. Alternately, your "update JID" can be registered on a
publicly-available XMPP service, like jabber.org or GTalk. publicly-available XMPP service, like jabber.org or GTalk.
Laconica will not register the JID with your chosen XMPP server; Laconica will not register the JID with your chosen XMPP server;
you need to do this manually, with an XMPP client like Gajim, you need to do this manually, with an XMPP client like Gajim,
Telepathy, or Pidgin.im. Telepathy, or Pidgin.im.
3. Configure your site's XMPP variables, as described below in the 3. Configure your site's XMPP variables, as described below in the
configuration section. configuration section.
On a default installation, your site can broadcast messages using On a default installation, your site can broadcast messages using
XMPP. Users won't be able to post messages using XMPP unless you've XMPP. Users won't be able to post messages using XMPP unless you've
got the XMPP daemon running. See 'Queues and daemons' below for how got the XMPP daemon running. See 'Queues and daemons' below for how
@ -449,7 +449,7 @@ To configure a downstream site to receive your public stream, add
their "JID" (Jabber ID) to your config.php as follows: their "JID" (Jabber ID) to your config.php as follows:
$config['xmpp']['public'][] = 'downstream@example.net'; $config['xmpp']['public'][] = 'downstream@example.net';
(Don't miss those square brackets at the end.) Note that your XMPP (Don't miss those square brackets at the end.) Note that your XMPP
broadcasting must be configured as mentioned above. Although you can broadcasting must be configured as mentioned above. Although you can
send out messages at "Web time", high-volume sites should strongly send out messages at "Web time", high-volume sites should strongly
@ -483,11 +483,11 @@ server is probably a good idea for high-volume sites.
more daemon options. Note that if you set the 'user' and/or 'group' more daemon options. Note that if you set the 'user' and/or 'group'
options, you'll need to create that user and/or group by hand. options, you'll need to create that user and/or group by hand.
They're not created automatically. They're not created automatically.
4. On the queues server, run the command scripts/startdaemons.sh. It 4. On the queues server, run the command scripts/startdaemons.sh. It
needs as a parameter the install path; if you run it from the needs as a parameter the install path; if you run it from the
Laconica dir, "." should suffice. Laconica dir, "." should suffice.
This will run six (for now) queue handlers: This will run six (for now) queue handlers:
* xmppdaemon.php - listens for new XMPP messages from users and stores * xmppdaemon.php - listens for new XMPP messages from users and stores
@ -549,7 +549,7 @@ Laconica instance.
bots where to find all the sitemap files; it *must* be in the main bots where to find all the sitemap files; it *must* be in the main
installation directory or higher. Both types of file must be installation directory or higher. Both types of file must be
available through HTTP. available through HTTP.
2. To generate your sitemaps, run the following command on your server: 2. To generate your sitemaps, run the following command on your server:
php scripts/sitemap.php -f index-file-path -d sitemap-directory -u URL-prefix-for-sitemaps php scripts/sitemap.php -f index-file-path -d sitemap-directory -u URL-prefix-for-sitemaps
@ -559,7 +559,7 @@ Laconica instance.
you want the sitemaps stored, like './sitemaps/' (make sure the dir you want the sitemaps stored, like './sitemaps/' (make sure the dir
exists). URL-prefix-for-sitemaps is the full URL for the sitemap dir, exists). URL-prefix-for-sitemaps is the full URL for the sitemap dir,
typically something like 'http://example.net/mublog/sitemaps/'. typically something like 'http://example.net/mublog/sitemaps/'.
You can use several methods for submitting your sitemap index to You can use several methods for submitting your sitemap index to
search engines to get your site indexed. One is to add a line like the search engines to get your site indexed. One is to add a line like the
following to your robots.txt file: following to your robots.txt file:
@ -661,9 +661,9 @@ to the end first before trying them.
RewriteBase to use the correct path. RewriteBase to use the correct path.
10. Rebuild the database. Go to your Laconica directory and run the 10. Rebuild the database. Go to your Laconica directory and run the
rebuilddb.sh script like this: rebuilddb.sh script like this:
./scripts/rebuilddb.sh rootuser rootpassword database db/laconica.sql ./scripts/rebuilddb.sh rootuser rootpassword database db/laconica.sql
Here, rootuser and rootpassword are the username and password for a Here, rootuser and rootpassword are the username and password for a
user who can drop and create databases as well as tables; typically user who can drop and create databases as well as tables; typically
that's _not_ the user Laconica runs as. that's _not_ the user Laconica runs as.
@ -744,7 +744,7 @@ path: The path part of your site's URLs, like 'mublog' or '/'
(installed in root). (installed in root).
fancy: whether or not your site uses fancy URLs (see Fancy URLs fancy: whether or not your site uses fancy URLs (see Fancy URLs
section above). Default is false. section above). Default is false.
logfile: full path to a file for Laconica to save logging logfile: full path to a file for Laconica to save logging
information to. You may want to use this if you don't have information to. You may want to use this if you don't have
access to syslog. access to syslog.
locale_path: full path to the directory for locale data. Unless you locale_path: full path to the directory for locale data. Unless you
@ -775,6 +775,9 @@ closed: If set to 'true', will disallow registration on your site.
the service, *then* set this variable to 'true'. the service, *then* set this variable to 'true'.
inviteonly: If set to 'true', will only allow registration if the user inviteonly: If set to 'true', will only allow registration if the user
was invited by an existing user. was invited by an existing user.
private: If set to 'true', anonymous users will be redirected to the
'login' page. Also, API methods that normally require no
authentication will require it.
db db
-- --
@ -798,7 +801,7 @@ db_driver: You can try changing this to 'MDB2' to use the other driver
debug: On a database error, you may get a message saying to set this debug: On a database error, you may get a message saying to set this
value to 5 to see debug messages in the browser. This breaks value to 5 to see debug messages in the browser. This breaks
just about all pages, and will also expose the username and just about all pages, and will also expose the username and
password password
quote_identifiers: Set this to true if you're using postgresql. quote_identifiers: Set this to true if you're using postgresql.
type: either 'mysql' or 'postgresql' (used for some bits of type: either 'mysql' or 'postgresql' (used for some bits of
database-type-specific SQL in the code). Defaults to mysql. database-type-specific SQL in the code). Defaults to mysql.
@ -853,7 +856,7 @@ backend: the backend to use for mail, one of 'mail', 'sendmail', and
'smtp'. Defaults to PEAR's default, 'mail'. 'smtp'. Defaults to PEAR's default, 'mail'.
params: if the mail backend requires any parameters, you can provide params: if the mail backend requires any parameters, you can provide
them in an associative array. them in an associative array.
nickname nickname
-------- --------
@ -941,7 +944,7 @@ Miscellaneous tagging stuff.
dropoff: Decay factor for tag listing, in seconds. dropoff: Decay factor for tag listing, in seconds.
Defaults to exponential decay over ten days; you can twiddle Defaults to exponential decay over ten days; you can twiddle
with it to try and get better results for your site. with it to try and get better results for your site.
daemon daemon
------ ------
@ -1027,7 +1030,7 @@ assumptions.
emit oodles of print lines directly to the browser of your users. emit oodles of print lines directly to the browser of your users.
Among these lines will be your database username and password. Do Among these lines will be your database username and password. Do
not enable this option on a production Web site for any reason. not enable this option on a production Web site for any reason.
- "Edit dataobject.ini with the following settings..." dataobject.ini - "Edit dataobject.ini with the following settings..." dataobject.ini
is a development file for the DB_DataObject framework and is not is a development file for the DB_DataObject framework and is not
used by the running software. It was removed from the Laconica used by the running software. It was removed from the Laconica
@ -1044,8 +1047,8 @@ development version of Laconica. To get it, use the darcs version
control tool (http://darcs.net/) like so: control tool (http://darcs.net/) like so:
darcs get http://laconi.ca/darcs/ mublog darcs get http://laconi.ca/darcs/ mublog
To keep it up-to-date, use 'darcs pull'. Watch for conflicts! To keep it up-to-date, use 'darcs pull'. Watch for conflicts!
Further information Further information
=================== ===================

6
actions/api.php
View File

@ -120,6 +120,12 @@ class ApiAction extends Action {
'statuses/followers', 'statuses/followers',
'favorites/favorites'); 'favorites/favorites');
# If the site is "private", all API methods need authentication
if (common_config('site', 'private')) {
return true;
}
$fullname = "$this->api_action/$this->api_method"; $fullname = "$this->api_action/$this->api_method";
if (in_array($fullname, $bareauth)) { if (in_array($fullname, $bareauth)) {

7
index.php
View File

@ -36,7 +36,12 @@ if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
common_redirect(common_local_url('public')); common_redirect(common_local_url('public'));
} }
if (!$user && common_config('site', 'private') && !in_array($action, array('login', 'api', 'doc')) { // If the site is private, and they're not on one of the "public"
// parts of the site, redirect to login
if (!$user && common_config('site', 'private') &&
!in_array($action, array('login', 'openidlogin', 'api', 'doc')))
{
common_redirect(common_local_url('login')); common_redirect(common_local_url('login'));
} }