Merge branch '0.9.x' into 1.0.x

2010-12-28 11:38:34 -08:00 · 2010-12-28 11:38:34 -08:00 · e211e6228d
parent 26baad63f2 90c7ff1983
commit e211e6228d
8 changed files with 79 additions and 27 deletions
--- a/EVENTS.txt
+++ b/EVENTS.txt
@ -987,9 +987,12 @@ EndRevokeRole: when a role has been revoked

 StartAtomPubNewActivity: When a new activity comes in through Atom Pub API
 - &$activity: received activity
+- $user: user publishing the entry
+- &$notice: notice created; initially null, can be set

 EndAtomPubNewActivity: When a new activity comes in through Atom Pub API
 - $activity: received activity
+- $user: user publishing the entry
 - $notice: notice that was created

 StartXrdActionAliases: About to set aliases for the XRD object for a user
@ -1041,3 +1044,17 @@ StartActivityObjectFromGroup: When converting a group to an activity:object
 EndActivityObjectFromGroup:  After converting a group to an activity:object
 - $group:  The group being converted
 - &$object: The finished object. Tweak as needed.
+
+StartImportActivity: when we start to import an activity
+- $user: User to make the author import
+- $author: Author of the feed; good for comparisons
+- $activity: The current activity
+- $trusted: How "trusted" the process is
+- &$done: Return value; whether to continue
+
+EndImportActivity: when we finish importing an activity
+- $user: User to make the author import
+- $author: Author of the feed; good for comparisons
+- $activity: The current activity
+- $trusted: How "trusted" the process is
+
--- a/actions/apitimelineuser.php
+++ b/actions/apitimelineuser.php
@ -324,7 +324,9 @@ class ApiTimelineUserAction extends ApiBareAuthAction

        $activity = new Activity($dom->documentElement);

-        if (Event::handle('StartAtomPubNewActivity', array(&$activity))) {
+        $saved = null;
+
+        if (Event::handle('StartAtomPubNewActivity', array(&$activity, $this->user, &$saved))) {

            if ($activity->verb != ActivityVerb::POST) {
                // TRANS: Client error displayed when not using the POST verb.
@ -347,7 +349,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction

            $saved = $this->postNote($activity);

-            Event::handle('EndAtomPubNewActivity', array($activity, $saved));
+            Event::handle('EndAtomPubNewActivity', array($activity, $this->user, $saved));
        }

        if (!empty($saved)) {
--- a/actions/newgroup.php
+++ b/actions/newgroup.php
@ -66,6 +66,13 @@ class NewgroupAction extends Action
            return false;
        }

+        $user = common_current_user();
+        $profile = $user->getProfile();
+        if (!$profile->hasRight(Right::CREATEGROUP)) {
+            // TRANS: Client exception thrown when a user tries to create a group while banned.
+            throw new ClientException(_('You are not allowed to create groups on this site.'), 403);
+        }
+
        return true;
    }

--- a/classes/Notice.php
+++ b/classes/Notice.php
@ -109,6 +109,11 @@ class Notice extends Memcached_DataObject
        // @fixme we have some cases where things get re-run and so the
        // insert fails.
        $deleted = Deleted_notice::staticGet('id', $this->id);
+
+        if (!$deleted) {
+            $deleted = Deleted_notice::staticGet('uri', $this->uri);
+        }
+
        if (!$deleted) {
            $deleted = new Deleted_notice();

@ -2033,7 +2038,7 @@ class Notice extends Memcached_DataObject
     */
    public static function addWhereSinceId(DB_DataObject $obj, $id, $idField='id', $createdField='created')
    {
-        $since = self::whereSinceId($id);
+        $since = self::whereSinceId($id, $idField, $createdField);
        if ($since) {
            $obj->whereAdd($since);
        }
@ -2072,7 +2077,7 @@ class Notice extends Memcached_DataObject
     */
    public static function addWhereMaxId(DB_DataObject $obj, $id, $idField='id', $createdField='created')
    {
-        $max = self::whereMaxId($id);
+        $max = self::whereMaxId($id, $idField, $createdField);
        if ($max) {
            $obj->whereAdd($max);
        }
--- a/classes/Profile.php
+++ b/classes/Profile.php
@ -850,6 +850,7 @@ class Profile extends Memcached_DataObject
            case Right::NEWNOTICE:
            case Right::NEWMESSAGE:
            case Right::SUBSCRIBE:
+            case Right::CREATEGROUP:
                $result = !$this->isSilenced();
                break;
            case Right::PUBLICNOTICE:
--- a/classes/User_group.php
+++ b/classes/User_group.php
@ -476,6 +476,16 @@ class User_group extends Memcached_DataObject
    }

    static function register($fields) {
+        if (!empty($fields['userid'])) {
+            $profile = Profile::staticGet('id', $fields['userid']);
+            if ($profile && !$profile->hasRight(Right::CREATEGROUP)) {
+                common_log(LOG_WARNING, "Attempted group creation from banned user: " . $profile->nickname);
+
+                // TRANS: Client exception thrown when a user tries to create a group while banned.
+                throw new ClientException(_('You are not allowed to create groups on this site.'), 403);
+            }
+        }
+
        // MAGICALLY put fields into current scope

        extract($fields);
--- a/lib/activityimporter.php
+++ b/lib/activityimporter.php
@ -63,31 +63,40 @@ class ActivityImporter extends QueueHandler

        $this->trusted = $trusted;

-        try {
-            switch ($activity->verb) {
-            case ActivityVerb::FOLLOW:
-                $this->subscribeProfile($user, $author, $activity);
-                break;
-            case ActivityVerb::JOIN:
-                $this->joinGroup($user, $activity);
-                break;
-            case ActivityVerb::POST:
-                $this->postNote($user, $author, $activity);
-                break;
-            default:
-                throw new Exception("Unknown verb: {$activity->verb}");
+        $done = null;
+
+        if (Event::handle('StartImportActivity', 
+                          array($user, $author, $activity, $trusted, &$done))) {
+
+            try {
+                switch ($activity->verb) {
+                case ActivityVerb::FOLLOW:
+                    $this->subscribeProfile($user, $author, $activity);
+                    break;
+                case ActivityVerb::JOIN:
+                    $this->joinGroup($user, $activity);
+                    break;
+                case ActivityVerb::POST:
+                    $this->postNote($user, $author, $activity);
+                    break;
+                default:
+                    throw new ClientException("Unknown verb: {$activity->verb}");
+                }
+                Event::handle('EndImportActivity', 
+                              array($user, $author, $activity, $trusted));
+                $done = true;
+            } catch (ClientException $ce) {
+                common_log(LOG_WARNING, $ce->getMessage());
+                $done = true;
+            } catch (ServerException $se) {
+                common_log(LOG_ERR, $se->getMessage());
+                $done = false;
+            } catch (Exception $e) {
+                common_log(LOG_ERR, $e->getMessage());
+                $done = false;
            }
-        } catch (ClientException $ce) {
-            common_log(LOG_WARNING, $ce->getMessage());
-            return true;
-        } catch (ServerException $se) {
-            common_log(LOG_ERR, $se->getMessage());
-            return false;
-        } catch (Exception $e) {
-            common_log(LOG_ERR, $e->getMessage());
-            return false;
        }
-        return true;
+        return $done;
    }
    
    function subscribeProfile($user, $author, $activity)
--- a/lib/right.php
+++ b/lib/right.php
@ -65,5 +65,6 @@ class Right
    const RESTOREACCOUNT     = 'restoreaccount';
    const DELETEACCOUNT      = 'deleteaccount';
    const MOVEACCOUNT        = 'moveaccount';
+    const CREATEGROUP        = 'creategroup';
 }