From 131292472c4bca7e99ee821ae62853f36f4c7bef Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sat, 19 Sep 2009 18:34:07 -0700 Subject: [PATCH 01/11] Make statuses/home_timeline return the same thing as statuses/friends_timeline to support apps trying to use the new retweet API method. --- actions/twitapistatuses.php | 5 +++++ lib/router.php | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index edee239a03..5e2867ea81 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -136,6 +136,11 @@ class TwitapistatusesAction extends TwitterapiAction } + function home_timeline($args, $apidata) + { + call_user_func(array($this, 'friends_timeline'), $args, $apidata); + } + function user_timeline($args, $apidata) { parent::handle($args); diff --git a/lib/router.php b/lib/router.php index 00e728f557..5309fe7530 100644 --- a/lib/router.php +++ b/lib/router.php @@ -268,12 +268,12 @@ class Router $m->connect('api/statuses/:method', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(public_timeline|friends_timeline|user_timeline|update|replies|mentions|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); + array('method' => '(public_timeline|home_timeline|friends_timeline|user_timeline|update|replies|mentions|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(|user_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); + array('method' => '(user_timeline|home_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); // users @@ -432,7 +432,7 @@ class Router $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(|user_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); + array('method' => '(user_timeline|home_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); $m->connect('api/statusnet/groups/:method/:argument', array('action' => 'api', From ecb75561af074160650ccf2a5fd79241701c347e Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 24 Sep 2009 22:25:30 -0400 Subject: [PATCH 02/11] Move configuration defaults to new module and variable Moved the default values of $config to $default. The code for setting up $default is moved to lib/default.php. --- lib/common.php | 212 ++----------------------------------------- lib/default.php | 232 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 240 insertions(+), 204 deletions(-) create mode 100644 lib/default.php diff --git a/lib/common.php b/lib/common.php index 194eb568f7..58e208a4e9 100644 --- a/lib/common.php +++ b/lib/common.php @@ -53,6 +53,7 @@ require_once('DB/DataObject/Cast.php'); # for dates if (!function_exists('gettext')) { require_once("php-gettext/gettext.inc"); } + require_once(INSTALLDIR.'/lib/language.php'); // This gets included before the config file, so that admin code and plugins @@ -93,214 +94,17 @@ if (isset($path)) { null; } -// default configuration, overwritten in config.php +require_once(INSTALLDIR.'/lib/default.php'); -$config = - array('site' => - array('name' => 'Just another StatusNet microblog', - 'server' => $_server, - 'theme' => 'default', - 'path' => $_path, - 'logfile' => null, - 'logo' => null, - 'logdebug' => false, - 'fancy' => false, - 'locale_path' => INSTALLDIR.'/locale', - 'language' => 'en_US', - 'languages' => get_all_languages(), - 'email' => - array_key_exists('SERVER_ADMIN', $_SERVER) ? $_SERVER['SERVER_ADMIN'] : null, - 'broughtby' => null, - 'timezone' => 'UTC', - 'broughtbyurl' => null, - 'closed' => false, - 'inviteonly' => false, - 'private' => false, - 'ssl' => 'never', - 'sslserver' => null, - 'shorturllength' => 30, - 'dupelimit' => 60, # default for same person saying the same thing - 'textlimit' => 140, - ), - 'syslog' => - array('appname' => 'statusnet', # for syslog - 'priority' => 'debug', # XXX: currently ignored - 'facility' => LOG_USER), - 'queue' => - array('enabled' => false, - 'subsystem' => 'db', # default to database, or 'stomp' - 'stomp_server' => null, - 'queue_basename' => 'statusnet', - 'stomp_username' => null, - 'stomp_password' => null, - ), - 'license' => - array('url' => 'http://creativecommons.org/licenses/by/3.0/', - 'title' => 'Creative Commons Attribution 3.0', - 'image' => 'http://i.creativecommons.org/l/by/3.0/80x15.png'), - 'mail' => - array('backend' => 'mail', - 'params' => null), - 'nickname' => - array('blacklist' => array(), - 'featured' => array()), - 'profile' => - array('banned' => array(), - 'biolimit' => null), - 'avatar' => - array('server' => null, - 'dir' => INSTALLDIR . '/avatar/', - 'path' => $_path . '/avatar/'), - 'background' => - array('server' => null, - 'dir' => INSTALLDIR . '/background/', - 'path' => $_path . '/background/'), - 'public' => - array('localonly' => true, - 'blacklist' => array(), - 'autosource' => array()), - 'theme' => - array('server' => null, - 'dir' => null, - 'path'=> null), - 'throttle' => - array('enabled' => false, // whether to throttle edits; false by default - 'count' => 20, // number of allowed messages in timespan - 'timespan' => 600), // timespan for throttling - 'xmpp' => - array('enabled' => false, - 'server' => 'INVALID SERVER', - 'port' => 5222, - 'user' => 'update', - 'encryption' => true, - 'resource' => 'uniquename', - 'password' => 'blahblahblah', - 'host' => null, # only set if != server - 'debug' => false, # print extra debug info - 'public' => array()), # JIDs of users who want to receive the public stream - 'invite' => - array('enabled' => true), - 'sphinx' => - array('enabled' => false, - 'server' => 'localhost', - 'port' => 3312), - 'tag' => - array('dropoff' => 864000.0), - 'popular' => - array('dropoff' => 864000.0), - 'daemon' => - array('piddir' => '/var/run', - 'user' => false, - 'group' => false), - 'emailpost' => - array('enabled' => true), - 'sms' => - array('enabled' => true), - 'twitter' => - array('enabled' => true), - 'twitterbridge' => - array('enabled' => false), - 'integration' => - array('source' => 'StatusNet', # source attribute for Twitter - 'taguri' => $_server.',2009'), # base for tag URIs - 'twitter' => - array('consumer_key' => null, - 'consumer_secret' => null), - 'memcached' => - array('enabled' => false, - 'server' => 'localhost', - 'base' => null, - 'port' => 11211), - 'ping' => - array('notify' => array()), - 'inboxes' => - array('enabled' => true), # on by default for new sites - 'newuser' => - array('default' => null, - 'welcome' => null), - 'snapshot' => - array('run' => 'web', - 'frequency' => 10000, - 'reporturl' => 'http://status.net/stats/report'), - 'attachments' => - array('server' => null, - 'dir' => INSTALLDIR . '/file/', - 'path' => $_path . '/file/', - 'supported' => array('image/png', - 'image/jpeg', - 'image/gif', - 'image/svg+xml', - 'audio/mpeg', - 'audio/x-speex', - 'application/ogg', - 'application/pdf', - 'application/vnd.oasis.opendocument.text', - 'application/vnd.oasis.opendocument.text-template', - 'application/vnd.oasis.opendocument.graphics', - 'application/vnd.oasis.opendocument.graphics-template', - 'application/vnd.oasis.opendocument.presentation', - 'application/vnd.oasis.opendocument.presentation-template', - 'application/vnd.oasis.opendocument.spreadsheet', - 'application/vnd.oasis.opendocument.spreadsheet-template', - 'application/vnd.oasis.opendocument.chart', - 'application/vnd.oasis.opendocument.chart-template', - 'application/vnd.oasis.opendocument.image', - 'application/vnd.oasis.opendocument.image-template', - 'application/vnd.oasis.opendocument.formula', - 'application/vnd.oasis.opendocument.formula-template', - 'application/vnd.oasis.opendocument.text-master', - 'application/vnd.oasis.opendocument.text-web', - 'application/x-zip', - 'application/zip', - 'text/plain', - 'video/mpeg', - 'video/mp4', - 'video/quicktime', - 'video/mpeg'), - 'file_quota' => 5000000, - 'user_quota' => 50000000, - 'monthly_quota' => 15000000, - 'uploads' => true, - 'filecommand' => '/usr/bin/file', - ), - 'group' => - array('maxaliases' => 3, - 'desclimit' => null), - 'oohembed' => array('endpoint' => 'http://oohembed.com/oohembed/'), - 'search' => - array('type' => 'fulltext'), - 'sessions' => - array('handle' => false, // whether to handle sessions ourselves - 'debug' => false), // debugging output for sessions - 'design' => - array('backgroundcolor' => null, // null -> 'use theme default' - 'contentcolor' => null, - 'sidebarcolor' => null, - 'textcolor' => null, - 'linkcolor' => null, - 'backgroundimage' => null, - 'disposition' => null), - 'notice' => - array('contentlimit' => null), - 'message' => - array('contentlimit' => null), - 'http' => - array('client' => 'curl'), // XXX: should this be the default? - ); +// Set config values initially to default values + +$config = $default; + +// default configuration, overwritten in config.php $config['db'] = &PEAR::getStaticProperty('DB_DataObject','options'); -$config['db'] = - array('database' => 'YOU HAVE TO SET THIS IN config.php', - 'schema_location' => INSTALLDIR . '/classes', - 'class_location' => INSTALLDIR . '/classes', - 'require_prefix' => 'classes/', - 'class_prefix' => '', - 'mirror' => null, - 'utf8' => true, - 'db_driver' => 'DB', # XXX: JanRain libs only work with DB - 'quote_identifiers' => false, - 'type' => 'mysql' ); +$config['db'] = $default['db']; // Backward compatibility diff --git a/lib/default.php b/lib/default.php new file mode 100644 index 0000000000..7af94d2ad6 --- /dev/null +++ b/lib/default.php @@ -0,0 +1,232 @@ +. + * + * @category Config + * @package StatusNet + * @author Evan Prodromou + * @copyright 2008-9 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +$default = + array('site' => + array('name' => 'Just another StatusNet microblog', + 'server' => $_server, + 'theme' => 'default', + 'path' => $_path, + 'logfile' => null, + 'logo' => null, + 'logdebug' => false, + 'fancy' => false, + 'locale_path' => INSTALLDIR.'/locale', + 'language' => 'en_US', + 'languages' => get_all_languages(), + 'email' => + array_key_exists('SERVER_ADMIN', $_SERVER) ? $_SERVER['SERVER_ADMIN'] : null, + 'broughtby' => null, + 'timezone' => 'UTC', + 'broughtbyurl' => null, + 'closed' => false, + 'inviteonly' => false, + 'private' => false, + 'ssl' => 'never', + 'sslserver' => null, + 'shorturllength' => 30, + 'dupelimit' => 60, # default for same person saying the same thing + 'textlimit' => 140, + ), + 'db' => + array('database' => 'YOU HAVE TO SET THIS IN config.php', + 'schema_location' => INSTALLDIR . '/classes', + 'class_location' => INSTALLDIR . '/classes', + 'require_prefix' => 'classes/', + 'class_prefix' => '', + 'mirror' => null, + 'utf8' => true, + 'db_driver' => 'DB', # XXX: JanRain libs only work with DB + 'quote_identifiers' => false, + 'type' => 'mysql' ), + 'syslog' => + array('appname' => 'statusnet', # for syslog + 'priority' => 'debug', # XXX: currently ignored + 'facility' => LOG_USER), + 'queue' => + array('enabled' => false, + 'subsystem' => 'db', # default to database, or 'stomp' + 'stomp_server' => null, + 'queue_basename' => 'statusnet', + 'stomp_username' => null, + 'stomp_password' => null, + ), + 'license' => + array('url' => 'http://creativecommons.org/licenses/by/3.0/', + 'title' => 'Creative Commons Attribution 3.0', + 'image' => 'http://i.creativecommons.org/l/by/3.0/80x15.png'), + 'mail' => + array('backend' => 'mail', + 'params' => null), + 'nickname' => + array('blacklist' => array(), + 'featured' => array()), + 'profile' => + array('banned' => array(), + 'biolimit' => null), + 'avatar' => + array('server' => null, + 'dir' => INSTALLDIR . '/avatar/', + 'path' => $_path . '/avatar/'), + 'background' => + array('server' => null, + 'dir' => INSTALLDIR . '/background/', + 'path' => $_path . '/background/'), + 'public' => + array('localonly' => true, + 'blacklist' => array(), + 'autosource' => array()), + 'theme' => + array('server' => null, + 'dir' => null, + 'path'=> null), + 'throttle' => + array('enabled' => false, // whether to throttle edits; false by default + 'count' => 20, // number of allowed messages in timespan + 'timespan' => 600), // timespan for throttling + 'xmpp' => + array('enabled' => false, + 'server' => 'INVALID SERVER', + 'port' => 5222, + 'user' => 'update', + 'encryption' => true, + 'resource' => 'uniquename', + 'password' => 'blahblahblah', + 'host' => null, # only set if != server + 'debug' => false, # print extra debug info + 'public' => array()), # JIDs of users who want to receive the public stream + 'invite' => + array('enabled' => true), + 'sphinx' => + array('enabled' => false, + 'server' => 'localhost', + 'port' => 3312), + 'tag' => + array('dropoff' => 864000.0), + 'popular' => + array('dropoff' => 864000.0), + 'daemon' => + array('piddir' => '/var/run', + 'user' => false, + 'group' => false), + 'emailpost' => + array('enabled' => true), + 'sms' => + array('enabled' => true), + 'twitter' => + array('enabled' => true), + 'twitterbridge' => + array('enabled' => false), + 'integration' => + array('source' => 'StatusNet', # source attribute for Twitter + 'taguri' => $_server.',2009'), # base for tag URIs + 'twitter' => + array('consumer_key' => null, + 'consumer_secret' => null), + 'memcached' => + array('enabled' => false, + 'server' => 'localhost', + 'base' => null, + 'port' => 11211), + 'ping' => + array('notify' => array()), + 'inboxes' => + array('enabled' => true), # on by default for new sites + 'newuser' => + array('default' => null, + 'welcome' => null), + 'snapshot' => + array('run' => 'web', + 'frequency' => 10000, + 'reporturl' => 'http://status.net/stats/report'), + 'attachments' => + array('server' => null, + 'dir' => INSTALLDIR . '/file/', + 'path' => $_path . '/file/', + 'supported' => array('image/png', + 'image/jpeg', + 'image/gif', + 'image/svg+xml', + 'audio/mpeg', + 'audio/x-speex', + 'application/ogg', + 'application/pdf', + 'application/vnd.oasis.opendocument.text', + 'application/vnd.oasis.opendocument.text-template', + 'application/vnd.oasis.opendocument.graphics', + 'application/vnd.oasis.opendocument.graphics-template', + 'application/vnd.oasis.opendocument.presentation', + 'application/vnd.oasis.opendocument.presentation-template', + 'application/vnd.oasis.opendocument.spreadsheet', + 'application/vnd.oasis.opendocument.spreadsheet-template', + 'application/vnd.oasis.opendocument.chart', + 'application/vnd.oasis.opendocument.chart-template', + 'application/vnd.oasis.opendocument.image', + 'application/vnd.oasis.opendocument.image-template', + 'application/vnd.oasis.opendocument.formula', + 'application/vnd.oasis.opendocument.formula-template', + 'application/vnd.oasis.opendocument.text-master', + 'application/vnd.oasis.opendocument.text-web', + 'application/x-zip', + 'application/zip', + 'text/plain', + 'video/mpeg', + 'video/mp4', + 'video/quicktime', + 'video/mpeg'), + 'file_quota' => 5000000, + 'user_quota' => 50000000, + 'monthly_quota' => 15000000, + 'uploads' => true, + 'filecommand' => '/usr/bin/file', + ), + 'group' => + array('maxaliases' => 3, + 'desclimit' => null), + 'oohembed' => array('endpoint' => 'http://oohembed.com/oohembed/'), + 'search' => + array('type' => 'fulltext'), + 'sessions' => + array('handle' => false, // whether to handle sessions ourselves + 'debug' => false), // debugging output for sessions + 'design' => + array('backgroundcolor' => null, // null -> 'use theme default' + 'contentcolor' => null, + 'sidebarcolor' => null, + 'textcolor' => null, + 'linkcolor' => null, + 'backgroundimage' => null, + 'disposition' => null), + 'notice' => + array('contentlimit' => null), + 'message' => + array('contentlimit' => null), + 'http' => + array('client' => 'curl'), // XXX: should this be the default? + ); From 73c92045373d097d115d4016da092a6e0711ab04 Mon Sep 17 00:00:00 2001 From: unknown Date: Sun, 27 Sep 2009 13:58:48 +0200 Subject: [PATCH 03/11] fix for a misnamed variable in subscription function in the "create simulation data" script --- scripts/createsim.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/createsim.php b/scripts/createsim.php index 71ed3bf722..1266a9700b 100644 --- a/scripts/createsim.php +++ b/scripts/createsim.php @@ -101,7 +101,7 @@ function newSub($i) $to = User::staticGet('nickname', $tunic); - if (empty($from)) { + if (empty($to)) { throw new Exception("Can't find user '$tunic'."); } From 3ff8514f5ed8dac381cf24d9de9a25dcfa20af77 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Sat, 26 Sep 2009 17:14:10 -0700 Subject: [PATCH 04/11] Fix URL linkification test cases for addition of 'title' attribution with long URL in f3c8fccc After removing 103 false positives, this leaves 4 actually broken tests, showing two failure modes for mail links: * 'mail without mailto' formatting shortcut in common_linkify didn't get the 'title' attribute added with the other URLs * links including mailto: protocol are being incorrectly expanded to http: protocol in the long URL --- tests/URLDetectionTest.php | 218 ++++++++++++++++++------------------- 1 file changed, 109 insertions(+), 109 deletions(-) diff --git a/tests/URLDetectionTest.php b/tests/URLDetectionTest.php index 1c3f7cd96f..a7cdcaa242 100644 --- a/tests/URLDetectionTest.php +++ b/tests/URLDetectionTest.php @@ -28,69 +28,69 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('not a link :: no way', 'not a link :: no way'), array('link http://www.somesite.com/xyz/35637563@N00/52803365/ link', - 'link http://www.somesite.com/xyz/35637563@N00/52803365/ link'), + 'link http://www.somesite.com/xyz/35637563@N00/52803365/ link'), array('http://127.0.0.1', - 'http://127.0.0.1'), + 'http://127.0.0.1'), array('127.0.0.1', - '127.0.0.1'), + '127.0.0.1'), array('127.0.0.1:99', - '127.0.0.1:99'), + '127.0.0.1:99'), array('127.0.0.1/Name:test.php', - '127.0.0.1/Name:test.php'), + '127.0.0.1/Name:test.php'), array('127.0.0.1/~test', - '127.0.0.1/~test'), + '127.0.0.1/~test'), array('127.0.0.1/+test', - '127.0.0.1/+test'), + '127.0.0.1/+test'), array('127.0.0.1/$test', - '127.0.0.1/$test'), + '127.0.0.1/$test'), array('127.0.0.1/\'test', - '127.0.0.1/\'test'), + '127.0.0.1/\'test'), array('127.0.0.1/"test', - '127.0.0.1/"test'), + '127.0.0.1/"test'), array('127.0.0.1/-test', - '127.0.0.1/-test'), + '127.0.0.1/-test'), array('127.0.0.1/_test', - '127.0.0.1/_test'), + '127.0.0.1/_test'), array('127.0.0.1/!test', - '127.0.0.1/!test'), + '127.0.0.1/!test'), array('127.0.0.1/*test', - '127.0.0.1/*test'), + '127.0.0.1/*test'), array('127.0.0.1/test%20stuff', - '127.0.0.1/test%20stuff'), + '127.0.0.1/test%20stuff'), array('http://[::1]:99/test.php', - 'http://[::1]:99/test.php'), + 'http://[::1]:99/test.php'), array('http://::1/test.php', - 'http://::1/test.php'), + 'http://::1/test.php'), array('http://::1', - 'http://::1'), + 'http://::1'), array('2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php', - '2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php'), + '2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php'), array('[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php', - '[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php'), + '[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php'), array('2001:4978:1b5:0:21d:e0ff:fe66:59ab', - '2001:4978:1b5:0:21d:e0ff:fe66:59ab'), + '2001:4978:1b5:0:21d:e0ff:fe66:59ab'), array('http://127.0.0.1', - 'http://127.0.0.1'), + 'http://127.0.0.1'), array('example.com', - 'example.com'), + 'example.com'), array('example.com', - 'example.com'), + 'example.com'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('/var/lib/example.so', '/var/lib/example.so'), array('example', 'example'), array('user@example.com', - 'user@example.com'), + 'user@example.com'), array('user_name+other@example.com', - 'user_name+other@example.com'), + 'user_name+other@example.com'), array('mailto:user@example.com', - 'mailto:user@example.com'), + 'mailto:user@example.com'), array('mailto:user@example.com?subject=test', - 'mailto:user@example.com?subject=test'), + 'mailto:user@example.com?subject=test'), array('#example', '#'), array('#example.com', @@ -98,165 +98,165 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('#.net', '#'), array('http://example', - 'http://example'), + 'http://example'), array('http://3xampl3', - 'http://3xampl3'), + 'http://3xampl3'), array('http://example/', - 'http://example/'), + 'http://example/'), array('http://example/path', - 'http://example/path'), + 'http://example/path'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('https://example.com', - 'https://example.com'), + 'https://example.com'), array('ftp://example.com', - 'ftp://example.com'), + 'ftp://example.com'), array('ftps://example.com', - 'ftps://example.com'), + 'ftps://example.com'), array('http://user@example.com', - 'http://user@example.com'), + 'http://user@example.com'), array('http://user:pass@example.com', - 'http://user:pass@example.com'), + 'http://user:pass@example.com'), array('http://example.com:8080', - 'http://example.com:8080'), + 'http://example.com:8080'), array('http://example.com:8080/test.php', - 'http://example.com:8080/test.php'), + 'http://example.com:8080/test.php'), array('example.com:8080/test.php', - 'example.com:8080/test.php'), + 'example.com:8080/test.php'), array('http://www.example.com', - 'http://www.example.com'), + 'http://www.example.com'), array('http://example.com/', - 'http://example.com/'), + 'http://example.com/'), array('http://example.com/path', - 'http://example.com/path'), + 'http://example.com/path'), array('http://example.com/path.html', - 'http://example.com/path.html'), + 'http://example.com/path.html'), array('http://example.com/path.html#fragment', - 'http://example.com/path.html#fragment'), + 'http://example.com/path.html#fragment'), array('http://example.com/path.php?foo=bar&bar=foo', - 'http://example.com/path.php?foo=bar&bar=foo'), + 'http://example.com/path.php?foo=bar&bar=foo'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('http://müllärör.de', - 'http://müllärör.de'), + 'http://müllärör.de'), array('http://ﺱﺲﺷ.com', - 'http://ﺱﺲﺷ.com'), + 'http://ﺱﺲﺷ.com'), array('http://сделаткартинки.com', - 'http://сделаткартинки.com'), + 'http://сделаткартинки.com'), array('http://tūdaliņ.lv', - 'http://tūdaliņ.lv'), + 'http://tūdaliņ.lv'), array('http://brændendekærlighed.com', - 'http://brændendekærlighed.com'), + 'http://brændendekærlighed.com'), array('http://あーるいん.com', - 'http://あーるいん.com'), + 'http://あーるいん.com'), array('http://예비교사.com', - 'http://예비교사.com'), + 'http://예비교사.com'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('http://example.com?', - 'http://example.com?'), + 'http://example.com?'), array('http://example.com!', - 'http://example.com!'), + 'http://example.com!'), array('http://example.com,', - 'http://example.com,'), + 'http://example.com,'), array('http://example.com;', - 'http://example.com;'), + 'http://example.com;'), array('http://example.com:', - 'http://example.com:'), + 'http://example.com:'), array('\'http://example.com\'', - '\'http://example.com\''), + '\'http://example.com\''), array('"http://example.com"', - '"http://example.com"'), + '"http://example.com"'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('(http://example.com)', - '(http://example.com)'), + '(http://example.com)'), array('[http://example.com]', - '[http://example.com]'), + '[http://example.com]'), array('', - '<http://example.com>'), + '<http://example.com>'), array('http://example.com/path/(foo)/bar', - 'http://example.com/path/(foo)/bar'), + 'http://example.com/path/(foo)/bar'), array('http://example.com/path/[foo]/bar', - 'http://example.com/path/[foo]/bar'), + 'http://example.com/path/[foo]/bar'), array('http://example.com/path/foo/(bar)', - 'http://example.com/path/foo/(bar)'), + 'http://example.com/path/foo/(bar)'), //Not a valid url - urls cannot contain unencoded square brackets array('http://example.com/path/foo/[bar]', - 'http://example.com/path/foo/[bar]'), + 'http://example.com/path/foo/[bar]'), array('Hey, check out my cool site http://example.com okay?', - 'Hey, check out my cool site http://example.com okay?'), + 'Hey, check out my cool site http://example.com okay?'), array('What about parens (e.g. http://example.com/path/foo/(bar))?', - 'What about parens (e.g. http://example.com/path/foo/(bar))?'), + 'What about parens (e.g. http://example.com/path/foo/(bar))?'), array('What about parens (e.g. http://example.com/path/foo/(bar)?', - 'What about parens (e.g. http://example.com/path/foo/(bar)?'), + 'What about parens (e.g. http://example.com/path/foo/(bar)?'), array('What about parens (e.g. http://example.com/path/foo/(bar).)?', - 'What about parens (e.g. http://example.com/path/foo/(bar).)?'), + 'What about parens (e.g. http://example.com/path/foo/(bar).)?'), //Not a valid url - urls cannot contain unencoded commas array('What about parens (e.g. http://example.com/path/(foo,bar)?', - 'What about parens (e.g. http://example.com/path/(foo,bar)?'), + 'What about parens (e.g. http://example.com/path/(foo,bar)?'), array('Unbalanced too (e.g. http://example.com/path/((((foo)/bar)?', - 'Unbalanced too (e.g. http://example.com/path/((((foo)/bar)?'), + 'Unbalanced too (e.g. http://example.com/path/((((foo)/bar)?'), array('Unbalanced too (e.g. http://example.com/path/(foo))))/bar)?', - 'Unbalanced too (e.g. http://example.com/path/(foo))))/bar)?'), + 'Unbalanced too (e.g. http://example.com/path/(foo))))/bar)?'), array('Unbalanced too (e.g. http://example.com/path/foo/((((bar)?', - 'Unbalanced too (e.g. http://example.com/path/foo/((((bar)?'), + 'Unbalanced too (e.g. http://example.com/path/foo/((((bar)?'), array('Unbalanced too (e.g. http://example.com/path/foo/(bar))))?', - 'Unbalanced too (e.g. http://example.com/path/foo/(bar))))?'), + 'Unbalanced too (e.g. http://example.com/path/foo/(bar))))?'), array('example.com', - 'example.com'), + 'example.com'), array('example.org', - 'example.org'), + 'example.org'), array('example.co.uk', - 'example.co.uk'), + 'example.co.uk'), array('www.example.co.uk', - 'www.example.co.uk'), + 'www.example.co.uk'), array('farm1.images.example.co.uk', - 'farm1.images.example.co.uk'), + 'farm1.images.example.co.uk'), array('example.museum', - 'example.museum'), + 'example.museum'), array('example.travel', - 'example.travel'), + 'example.travel'), array('example.com.', - 'example.com.'), + 'example.com.'), array('example.com?', - 'example.com?'), + 'example.com?'), array('example.com!', - 'example.com!'), + 'example.com!'), array('example.com,', - 'example.com,'), + 'example.com,'), array('example.com;', - 'example.com;'), + 'example.com;'), array('example.com:', - 'example.com:'), + 'example.com:'), array('\'example.com\'', - '\'example.com\''), + '\'example.com\''), array('"example.com"', - '"example.com"'), + '"example.com"'), array('example.com', - 'example.com'), + 'example.com'), array('(example.com)', - '(example.com)'), + '(example.com)'), array('[example.com]', - '[example.com]'), + '[example.com]'), array('', - '<example.com>'), + '<example.com>'), array('Hey, check out my cool site example.com okay?', - 'Hey, check out my cool site example.com okay?'), + 'Hey, check out my cool site example.com okay?'), array('Hey, check out my cool site example.com.I made it.', - 'Hey, check out my cool site example.com.I made it.'), + 'Hey, check out my cool site example.com.I made it.'), array('Hey, check out my cool site example.com.Funny thing...', - 'Hey, check out my cool site example.com.Funny thing...'), + 'Hey, check out my cool site example.com.Funny thing...'), array('Hey, check out my cool site example.com.You will love it.', - 'Hey, check out my cool site example.com.You will love it.'), + 'Hey, check out my cool site example.com.You will love it.'), array('What about parens (e.g. example.com/path/foo/(bar))?', - 'What about parens (e.g. example.com/path/foo/(bar))?'), + 'What about parens (e.g. example.com/path/foo/(bar))?'), array('What about parens (e.g. example.com/path/foo/(bar)?', - 'What about parens (e.g. example.com/path/foo/(bar)?'), + 'What about parens (e.g. example.com/path/foo/(bar)?'), array('What about parens (e.g. example.com/path/foo/(bar).)?', - 'What about parens (e.g. example.com/path/foo/(bar).)?'), + 'What about parens (e.g. example.com/path/foo/(bar).)?'), array('What about parens (e.g. example.com/path/(foo,bar)?', - 'What about parens (e.g. example.com/path/(foo,bar)?'), + 'What about parens (e.g. example.com/path/(foo,bar)?'), array('file.ext', 'file.ext'), array('file.html', From fc2426d7ce33bba0e1ad4dfc1ed9af7749695b20 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sun, 27 Sep 2009 16:52:15 -0400 Subject: [PATCH 05/11] Fix some bugs in the URL linkification, and fixed the unit test. --- classes/File.php | 8 +- classes/File_redirection.php | 3 + lib/util.php | 23 +++--- tests/HashTagDetectionTests.php | 1 + tests/URLDetectionTest.php | 131 ++++++++++++++++---------------- 5 files changed, 90 insertions(+), 76 deletions(-) diff --git a/classes/File.php b/classes/File.php index 9758cf7f55..e04a9d5255 100644 --- a/classes/File.php +++ b/classes/File.php @@ -94,7 +94,13 @@ class File extends Memcached_DataObject $file_redir = File_redirection::staticGet('url', $given_url); if (empty($file_redir)) { $redir_data = File_redirection::where($given_url); - $redir_url = $redir_data['url']; + if (is_array($redir_data)) { + $redir_url = $redir_data['url']; + } elseif (is_string($redir_data)) { + $redir_url = $redir_data; + } else { + throw new ServerException("Can't process url '$given_url'"); + } // TODO: max field length if ($redir_url === $given_url || strlen($redir_url) > 255) { $x = File::saveNew($redir_data, $given_url); diff --git a/classes/File_redirection.php b/classes/File_redirection.php index 76b18f672d..79052bf7d3 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -79,6 +79,9 @@ class File_redirection extends Memcached_DataObject } } + if(strpos($short_url,'://') === false){ + return $short_url; + } $curlh = File_redirection::_commonCurl($short_url, $redirs); // Don't include body in output curl_setopt($curlh, CURLOPT_NOBODY, true); diff --git a/lib/util.php b/lib/util.php index 56753debe0..d249b154fc 100644 --- a/lib/util.php +++ b/lib/util.php @@ -522,20 +522,21 @@ function common_linkify($url) { if(strpos($url, '@') !== false && strpos($url, ':') === false) { //url is an email address without the mailto: protocol - return XMLStringer::estring('a', array('href' => "mailto:$url", 'rel' => 'external'), $url); - } + $canon = "mailto:$url"; + $longurl = "mailto:$url"; + }else{ - $canon = File_redirection::_canonUrl($url); + $canon = File_redirection::_canonUrl($url); - $longurl_data = File_redirection::where($url); - if (is_array($longurl_data)) { - $longurl = $longurl_data['url']; - } elseif (is_string($longurl_data)) { - $longurl = $longurl_data; - } else { - throw new ServerException("Can't linkify url '$url'"); + $longurl_data = File_redirection::where($canon); + if (is_array($longurl_data)) { + $longurl = $longurl_data['url']; + } elseif (is_string($longurl_data)) { + $longurl = $longurl_data; + } else { + throw new ServerException("Can't linkify url '$url'"); + } } - $attrs = array('href' => $canon, 'title' => $longurl, 'rel' => 'external'); $is_attachment = false; diff --git a/tests/HashTagDetectionTests.php b/tests/HashTagDetectionTests.php index aeac4a5e3f..483d7135e1 100644 --- a/tests/HashTagDetectionTests.php +++ b/tests/HashTagDetectionTests.php @@ -7,6 +7,7 @@ if (isset($_SERVER) && array_key_exists('REQUEST_METHOD', $_SERVER)) { define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); define('STATUSNET', true); +define('LACONICA', true); require_once INSTALLDIR . '/lib/common.php'; diff --git a/tests/URLDetectionTest.php b/tests/URLDetectionTest.php index a7cdcaa242..45203bf6e3 100644 --- a/tests/URLDetectionTest.php +++ b/tests/URLDetectionTest.php @@ -7,6 +7,7 @@ if (isset($_SERVER) && array_key_exists('REQUEST_METHOD', $_SERVER)) { define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); define('STATUSNET', true); +define('LACONICA', true); require_once INSTALLDIR . '/lib/common.php'; @@ -30,11 +31,11 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('link http://www.somesite.com/xyz/35637563@N00/52803365/ link', 'link http://www.somesite.com/xyz/35637563@N00/52803365/ link'), array('http://127.0.0.1', - 'http://127.0.0.1'), + 'http://127.0.0.1'), array('127.0.0.1', - '127.0.0.1'), + '127.0.0.1'), array('127.0.0.1:99', - '127.0.0.1:99'), + '127.0.0.1:99'), array('127.0.0.1/Name:test.php', '127.0.0.1/Name:test.php'), array('127.0.0.1/~test', @@ -62,23 +63,23 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('http://::1/test.php', 'http://::1/test.php'), array('http://::1', - 'http://::1'), + 'http://::1'), array('2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php', '2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php'), array('[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php', '[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php'), array('2001:4978:1b5:0:21d:e0ff:fe66:59ab', - '2001:4978:1b5:0:21d:e0ff:fe66:59ab'), + '2001:4978:1b5:0:21d:e0ff:fe66:59ab'), array('http://127.0.0.1', - 'http://127.0.0.1'), + 'http://127.0.0.1'), array('example.com', - 'example.com'), + 'example.com'), array('example.com', - 'example.com'), + 'example.com'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('/var/lib/example.so', '/var/lib/example.so'), array('example', @@ -91,6 +92,8 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase 'mailto:user@example.com'), array('mailto:user@example.com?subject=test', 'mailto:user@example.com?subject=test'), + array('xmpp:user@example.com', + 'xmpp:user@example.com'), array('#example', '#'), array('#example.com', @@ -98,33 +101,33 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('#.net', '#'), array('http://example', - 'http://example'), + 'http://example'), array('http://3xampl3', - 'http://3xampl3'), + 'http://3xampl3'), array('http://example/', 'http://example/'), array('http://example/path', 'http://example/path'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('https://example.com', - 'https://example.com'), + 'https://example.com'), array('ftp://example.com', - 'ftp://example.com'), + 'ftp://example.com'), array('ftps://example.com', - 'ftps://example.com'), + 'ftps://example.com'), array('http://user@example.com', - 'http://user@example.com'), + 'http://user@example.com'), array('http://user:pass@example.com', - 'http://user:pass@example.com'), + 'http://user:pass@example.com'), array('http://example.com:8080', - 'http://example.com:8080'), + 'http://example.com:8080'), array('http://example.com:8080/test.php', 'http://example.com:8080/test.php'), array('example.com:8080/test.php', 'example.com:8080/test.php'), array('http://www.example.com', - 'http://www.example.com'), + 'http://www.example.com'), array('http://example.com/', 'http://example.com/'), array('http://example.com/path', @@ -136,45 +139,45 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('http://example.com/path.php?foo=bar&bar=foo', 'http://example.com/path.php?foo=bar&bar=foo'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('http://müllärör.de', - 'http://müllärör.de'), + 'http://müllärör.de'), array('http://ﺱﺲﺷ.com', - 'http://ﺱﺲﺷ.com'), + 'http://ﺱﺲﺷ.com'), array('http://сделаткартинки.com', - 'http://сделаткартинки.com'), + 'http://сделаткартинки.com'), array('http://tūdaliņ.lv', - 'http://tūdaliņ.lv'), + 'http://tūdaliņ.lv'), array('http://brændendekærlighed.com', - 'http://brændendekærlighed.com'), + 'http://brændendekærlighed.com'), array('http://あーるいん.com', - 'http://あーるいん.com'), + 'http://あーるいん.com'), array('http://예비교사.com', - 'http://예비교사.com'), + 'http://예비교사.com'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('http://example.com?', - 'http://example.com?'), + 'http://example.com?'), array('http://example.com!', - 'http://example.com!'), + 'http://example.com!'), array('http://example.com,', - 'http://example.com,'), + 'http://example.com,'), array('http://example.com;', - 'http://example.com;'), + 'http://example.com;'), array('http://example.com:', - 'http://example.com:'), + 'http://example.com:'), array('\'http://example.com\'', - '\'http://example.com\''), + '\'http://example.com\''), array('"http://example.com"', - '"http://example.com"'), + '"http://example.com"'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('(http://example.com)', - '(http://example.com)'), + '(http://example.com)'), array('[http://example.com]', - '[http://example.com]'), + '[http://example.com]'), array('', - '<http://example.com>'), + '<http://example.com>'), array('http://example.com/path/(foo)/bar', 'http://example.com/path/(foo)/bar'), array('http://example.com/path/[foo]/bar', @@ -185,7 +188,7 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('http://example.com/path/foo/[bar]', 'http://example.com/path/foo/[bar]'), array('Hey, check out my cool site http://example.com okay?', - 'Hey, check out my cool site http://example.com okay?'), + 'Hey, check out my cool site http://example.com okay?'), array('What about parens (e.g. http://example.com/path/foo/(bar))?', 'What about parens (e.g. http://example.com/path/foo/(bar))?'), array('What about parens (e.g. http://example.com/path/foo/(bar)?', @@ -204,51 +207,51 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('Unbalanced too (e.g. http://example.com/path/foo/(bar))))?', 'Unbalanced too (e.g. http://example.com/path/foo/(bar))))?'), array('example.com', - 'example.com'), + 'example.com'), array('example.org', - 'example.org'), + 'example.org'), array('example.co.uk', - 'example.co.uk'), + 'example.co.uk'), array('www.example.co.uk', - 'www.example.co.uk'), + 'www.example.co.uk'), array('farm1.images.example.co.uk', - 'farm1.images.example.co.uk'), + 'farm1.images.example.co.uk'), array('example.museum', - 'example.museum'), + 'example.museum'), array('example.travel', - 'example.travel'), + 'example.travel'), array('example.com.', - 'example.com.'), + 'example.com.'), array('example.com?', - 'example.com?'), + 'example.com?'), array('example.com!', - 'example.com!'), + 'example.com!'), array('example.com,', - 'example.com,'), + 'example.com,'), array('example.com;', - 'example.com;'), + 'example.com;'), array('example.com:', - 'example.com:'), + 'example.com:'), array('\'example.com\'', - '\'example.com\''), + '\'example.com\''), array('"example.com"', - '"example.com"'), + '"example.com"'), array('example.com', - 'example.com'), + 'example.com'), array('(example.com)', - '(example.com)'), + '(example.com)'), array('[example.com]', - '[example.com]'), + '[example.com]'), array('', - '<example.com>'), + '<example.com>'), array('Hey, check out my cool site example.com okay?', - 'Hey, check out my cool site example.com okay?'), + 'Hey, check out my cool site example.com okay?'), array('Hey, check out my cool site example.com.I made it.', - 'Hey, check out my cool site example.com.I made it.'), + 'Hey, check out my cool site example.com.I made it.'), array('Hey, check out my cool site example.com.Funny thing...', - 'Hey, check out my cool site example.com.Funny thing...'), + 'Hey, check out my cool site example.com.Funny thing...'), array('Hey, check out my cool site example.com.You will love it.', - 'Hey, check out my cool site example.com.You will love it.'), + 'Hey, check out my cool site example.com.You will love it.'), array('What about parens (e.g. example.com/path/foo/(bar))?', 'What about parens (e.g. example.com/path/foo/(bar))?'), array('What about parens (e.g. example.com/path/foo/(bar)?', From a8d1b7e9c26b4449a4a1e0e250f9b6766b2d8e62 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:10:17 -0400 Subject: [PATCH 06/11] Merge DeleteAction class into DeletenoticeAction The DeleteAction class checked for notice information, and only had one subclass: DeletenoticeAction. I couldn't figure out any other class that would subclass it, so I combined the two into a single class. --- actions/deletenotice.php | 37 +++++++++++++++++--- lib/deleteaction.php | 74 ---------------------------------------- 2 files changed, 33 insertions(+), 78 deletions(-) delete mode 100644 lib/deleteaction.php diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 3d040f2fa9..617fa9c17a 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -32,15 +32,44 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/lib/deleteaction.php'; - -class DeletenoticeAction extends DeleteAction +class DeletenoticeAction extends Action { - var $error = null; + var $error = null; + var $user = null; + var $notice = null; + var $profile = null; + var $user_profile = null; + + function prepare($args) + { + parent::prepare($args); + + $this->user = common_current_user(); + $notice_id = $this->trimmed('notice'); + $this->notice = Notice::staticGet($notice_id); + + if (!$this->notice) { + common_user_error(_('No such notice.')); + exit; + } + + $this->profile = $this->notice->getProfile(); + $this->user_profile = $this->user->getProfile(); + + return true; + } function handle($args) { parent::handle($args); + + if (!common_logged_in()) { + common_user_error(_('Not logged in.')); + exit; + } else if ($this->notice->profile_id != $this->user_profile->id) { + common_user_error(_('Can\'t delete this notice.')); + exit; + } // XXX: Ajax! if ($_SERVER['REQUEST_METHOD'] == 'POST') { diff --git a/lib/deleteaction.php b/lib/deleteaction.php deleted file mode 100644 index f702820c61..0000000000 --- a/lib/deleteaction.php +++ /dev/null @@ -1,74 +0,0 @@ -. - * - * @category Personal - * @package StatusNet - * @author Evan Prodromou - * @author Sarven Capadisli - * @copyright 2008 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -class DeleteAction extends Action -{ - var $user = null; - var $notice = null; - var $profile = null; - var $user_profile = null; - - function prepare($args) - { - parent::prepare($args); - - $this->user = common_current_user(); - $notice_id = $this->trimmed('notice'); - $this->notice = Notice::staticGet($notice_id); - - if (!$this->notice) { - common_user_error(_('No such notice.')); - exit; - } - - $this->profile = $this->notice->getProfile(); - $this->user_profile = $this->user->getProfile(); - - return true; - } - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - exit; - } else if ($this->notice->profile_id != $this->user_profile->id) { - common_user_error(_('Can\'t delete this notice.')); - exit; - } - } - -} From 6c069312e2911d3b2fe54d051354f579fde7bb63 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 15 Sep 2009 15:28:11 -0400 Subject: [PATCH 07/11] user rights --- classes/User.php | 26 ++++++++++++++++++ lib/right.php | 50 ++++++++++++++++++++++++++++++++++ tests/UserRightsTest.php | 59 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 135 insertions(+) create mode 100644 lib/right.php create mode 100644 tests/UserRightsTest.php diff --git a/classes/User.php b/classes/User.php index 5e74c7fde4..bea81af4d2 100644 --- a/classes/User.php +++ b/classes/User.php @@ -711,4 +711,30 @@ class User extends Memcached_DataObject return true; } + + /** + * Does this user have the right to do X? + * + * With our role-based authorization, this is merely a lookup for whether the user + * has a particular role. The implementation currently uses a switch statement + * to determine if the user has the pre-defined role to exercise the right. Future + * implementations may allow per-site roles, and different mappings of roles to rights. + * + * @param $right string Name of the right, usually a constant in class Right + * @return boolean whether the user has the right in question + */ + + function hasRight($right) + { + switch ($right) + { + case Right::deleteOthersNotice: + return $this->hasRole('moderator'); + break; + default: + $result = false; + Event::handle('UserRightsCheck', array($this, &$result)); + return $result; + } + } } diff --git a/lib/right.php b/lib/right.php new file mode 100644 index 0000000000..4e0096d46a --- /dev/null +++ b/lib/right.php @@ -0,0 +1,50 @@ +. + * + * @category Authorization + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * class for rights + * + * Mostly for holding the rights constants + * + * @category Authorization + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class Right +{ + const deleteOthersNotice = 'deleteothersnotice'; +} + diff --git a/tests/UserRightsTest.php b/tests/UserRightsTest.php new file mode 100644 index 0000000000..6544ee53d7 --- /dev/null +++ b/tests/UserRightsTest.php @@ -0,0 +1,59 @@ +user = User::register(array('nickname' => 'userrightstestuser')); + } + + function tearDown() + { + $profile = $this->user->getProfile(); + $this->user->delete(); + $profile->delete(); + } + + function testInvalidRole() + { + $this->assertFalse($this->user->hasRole('invalidrole')); + } + + function standardRoles() + { + return array('admin', 'moderator'); + } + + /** + * @dataProvider standardRoles + * + */ + + function testUngrantedRole($role) + { + $this->assertFalse($this->user->hasRole($role)); + } + + /** + * @dataProvider standardRoles + * + */ + + function testGrantedRole($role) + { + $this->user->grantRole($role); + $this->assertFalse($this->user->hasRole($role)); + } +} \ No newline at end of file From 38345d078343d4631eab2c883a39d87380f7b1af Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 16 Sep 2009 21:08:44 -0400 Subject: [PATCH 08/11] let hooks override standard user rights --- classes/User.php | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/classes/User.php b/classes/User.php index bea81af4d2..3f7ed09bb7 100644 --- a/classes/User.php +++ b/classes/User.php @@ -726,15 +726,18 @@ class User extends Memcached_DataObject function hasRight($right) { - switch ($right) - { - case Right::deleteOthersNotice: - return $this->hasRole('moderator'); - break; - default: - $result = false; - Event::handle('UserRightsCheck', array($this, &$result)); - return $result; + $result = false; + if (Event::handle('UserRightsCheck', array($this, $right, &$result))) { + switch ($right) + { + case Right::deleteOthersNotice: + $result = $this->hasRole('moderator'); + break; + default: + $result = false; + break; + } } + return $result; } } From ee236e68df8a8b7ee7917fd60ef36b57c0bd64db Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:05:29 -0400 Subject: [PATCH 09/11] show delete button when user has deleteOthersNotice right --- lib/noticelist.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/noticelist.php b/lib/noticelist.php index c2ff7c26b3..6c296f82a7 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -472,7 +472,10 @@ class NoticeListItem extends Widget function showDeleteLink() { $user = common_current_user(); - if ($user && $this->notice->profile_id == $user->id) { + + if (!empty($user) && + ($this->notice->profile_id == $user->id || $user->hasRight(Right::deleteOthersNotice))) { + $deleteurl = common_local_url('deletenotice', array('notice' => $this->notice->id)); $this->out->element('a', array('href' => $deleteurl, From ee9856c452a7e54994c30cd9138dd6faa2107001 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:14:49 -0400 Subject: [PATCH 10/11] moderator can delete another user's notice --- actions/deletenotice.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 617fa9c17a..4a48a9c346 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -66,7 +66,8 @@ class DeletenoticeAction extends Action if (!common_logged_in()) { common_user_error(_('Not logged in.')); exit; - } else if ($this->notice->profile_id != $this->user_profile->id) { + } else if ($this->notice->profile_id != $this->user_profile->id && + !$this->user->hasRight(Right::deleteOthersNotice)) { common_user_error(_('Can\'t delete this notice.')); exit; } From 4e6c7302072eb6e11ae0025795a7a96fb28f2f29 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 20:21:16 -0700 Subject: [PATCH 11/11] Forgot to add home_timeline to the list of methods that only require bareauth. --- actions/api.php | 1 + 1 file changed, 1 insertion(+) diff --git a/actions/api.php b/actions/api.php index d570bb0174..1bc90de110 100644 --- a/actions/api.php +++ b/actions/api.php @@ -160,6 +160,7 @@ class ApiAction extends Action static $bareauth = array('statuses/user_timeline', 'statuses/friends_timeline', + 'statuses/home_timeline', 'statuses/friends', 'statuses/replies', 'statuses/mentions',