Commit Graph

3019 Commits

Author SHA1 Message Date
Zach Copley
882b6862a3 OAuth: Fix rare problem in which request tokens were sometimes being
returned as access tokens.
2011-01-19 23:00:24 -08:00
Zach Copley
28f10ac528 Fix syntax error in error msg 2011-01-19 23:00:10 -08:00
Zach Copley
1543af748c Merge branch 'testing' of gitorious.org:statusnet/mainline into testing
* 'testing' of gitorious.org:statusnet/mainline: (63 commits)
  Add a scary 'experimental feture' warning & are-you-sure prompt on moveuser.php
  fix wrong datatypes (saving string instead of array) in AtomPub notice processing
  Account moving is a background activity
  return a 409 Conflict when subscription already exists
  OStatusPlugin does discovery in Profile::fromURI()
  considerably more logging and error checking in AccountMover
  add a log method to AccountMover
  normalize accounts and check for return in HTTP for moving
  move account-moving classes to their own libraries
  execution protection on discovery.php
  PHPCS discovery.php
  Move discovery library from OStatus plugin to core
  Revert "Revert "0.9.7alpha1""
  first example of moving a user
  Parse properties of links in XRD files
  Add the Atom username to the XRD output
  preserve activities in object
  let callers pass in an XMLOutputter to output to
  execution protection on discovery.php
  PHPCS linkheader.php
  ...
2011-01-19 22:58:07 -08:00
Zach Copley
e475bdfe77 OAuth: Fix rare problem in which request tokens were sometimes being
returned as access tokens.
2011-01-19 22:55:00 -08:00
Zach Copley
a79427d86f Fix syntax error in error msg 2011-01-19 16:13:42 -08:00
Brion Vibber
4026e208c2 Add a scary 'experimental feture' warning & are-you-sure prompt on moveuser.php
As with deleteuser.php, can pass -y to bypass the prompt if you're sure.
2011-01-19 15:13:46 -08:00
Brion Vibber
64844473f8 fix wrong datatypes (saving string instead of array) in AtomPub notice processing 2011-01-19 14:26:31 -08:00
Brion Vibber
963e7576f2 Merge branch 'testing' into moveaccount 2011-01-19 10:41:14 -08:00
Evan Prodromou
aa4a8e5051 wrap account actions in a section 2011-01-17 18:04:10 -05:00
Evan Prodromou
2a59453d4c Merge branch 'testing' into moveaccount 2011-01-17 17:34:03 -05:00
Evan Prodromou
6d429ce357 return a 409 Conflict when subscription already exists 2011-01-17 15:57:04 -05:00
Siebrand Mazeland
573925c52a * number parameters in messages
* add translator documentation
* remove superfluous whitespace
* small L10n update
2011-01-15 00:24:06 +01:00
Evan Prodromou
5c25364141 remove extraneous <dl> and <dt> tags 2011-01-14 15:36:06 -05:00
Siebrand Mazeland
7903a2504f * remove i18n for debug message.
* add i18n for some server exceptions.
* add translator documentation.
* L10n updates.
* remove superfluous whitespace.
2011-01-14 21:25:46 +01:00
Siebrand Mazeland
6e1dfab1b9 * change i18n for confirmation string to make a bit more certain that the confirmation string is consistent in all messages where it is used.
* add translator documentation.
* remove superfluous whitespace.
2011-01-14 20:48:17 +01:00
Brion Vibber
74a1c9def0 Fix error handling for missing group in apigroupmembership -- was trying to call methods on the variable before we checked it, which triggers PHP fatal error 2011-01-07 16:25:58 -08:00
Brion Vibber
5616bfb5ff Fix warning in subscribers/subscriptions list pages where we attempted to call free() an ArrayWrapper after it was used up, thus trying to forward the call to a nonexistent object.
Removed the free calls (unneeded since destructors now work), and added an error check w/ logging & an exception for future attempts to forward calls to nonexistent object.
2011-01-07 15:29:30 -08:00
Brion Vibber
edf8101b29 allow group join/leave commands in api posting, at least for the moment (no other way to do remote subscribe without a preexisting local id number via api) 2011-01-06 13:46:39 -08:00
Brion Vibber
281076d5f6 Fix for PHP notice spew in group creation via API: set default 'mainpage' in User_group::register() rather than forcing all callers to do it manually. 2011-01-06 13:22:44 -08:00
Evan Prodromou
32eb4c5e2d Merge remote branch 'gitorious/0.9.x' into 1.0.x
Conflicts:
	lib/common.php
2010-12-30 15:52:08 -08:00
Evan Prodromou
d3b10959f4 Merge branch '0.9.x' into noactor 2010-12-29 15:29:29 -08:00
Evan Prodromou
26afe79ed9 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-12-29 14:53:38 -08:00
Evan Prodromou
48edbb3023 add hooks for the account-management tools 2010-12-29 14:02:04 -08:00
Brion Vibber
e211e6228d Merge branch '0.9.x' into 1.0.x 2010-12-28 11:38:34 -08:00
Brion Vibber
90c7ff1983 Merge branch 'master' into 0.9.x 2010-12-28 11:37:38 -08:00
Brion Vibber
d3d9797496 Prevent group creation by silenced users.
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Evan Prodromou
0bcc3ee005 include saved notice in atompub events 2010-12-27 22:11:30 -08:00
Evan Prodromou
a85bbd9088 Add a user parameter to atom pub api events 2010-12-27 20:49:08 -08:00
Evan Prodromou
ab92496ddc Stop using <activity:subject> for atom feeds 2010-12-27 10:03:34 -08:00
Brion Vibber
26baad63f2 Merge branch '0.9.x' into 1.0.x 2010-12-22 15:25:38 -08:00
Brion Vibber
d5c2b0d216 When queueing is off, restore runs immediately. Indicate that we've already finished processing on the success page in this case; otherwise continue to show the 'will take a few minutes' message. 2010-12-22 14:55:13 -08:00
Brion Vibber
055630516c Merge branch 'righttoleave' into 0.9.x 2010-12-22 11:28:34 -08:00
Evan Prodromou
9a6ceb3303 Merge branch 'righttoleave' into 0.9.x 2010-12-22 11:22:51 -08:00
Brion Vibber
754bc1b616 Error handling cleanup on backup/restore:
* avoid PHP notice from using wrong variable
* show a visible error instead of blank screen if no file submitted with restore form
* avoid PHP strict warning from using calling "non-static" DOMDocument::loadXML statically
* suppress PHP warning from XML parse errors
2010-12-22 11:13:57 -08:00
Brion Vibber
5abd2b7d0c fix notice error 2010-12-22 11:06:45 -08:00
Brion Vibber
d8a3a88ec8 Merge branch '0.9.x' into 1.0.x
Conflicts:
	classes/Memcached_DataObject.php
2010-12-17 17:13:21 -08:00
Brion Vibber
fb8312ebf4 Ticket #2959: implement api/users/profile_image endpoint in Twitter-compat API 2010-12-17 17:10:52 -08:00
Brion Vibber
c0669969f2 fix typo in showstream 2010-12-17 16:21:33 -08:00
Evan Prodromou
573bbeced1 action to restore a user's backup from the Web interface 2010-12-17 18:56:48 -05:00
Evan Prodromou
fd22f684bf syntax error in deleteaccount 2010-12-15 17:39:58 -05:00
Evan Prodromou
e16cb8c03a Merge branch '0.9.x' into righttoleave 2010-12-15 16:48:28 -05:00
Brion Vibber
bf20258f4b Merge branch '0.9.x' into 1.0.x 2010-12-15 11:59:31 -08:00
Brion Vibber
6c67114198 Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data) 2010-12-14 16:14:15 -08:00
Brion Vibber
82a9560a2d AtomPub fix: correct the response URL given from posting a new message (wrong parameter meant we got the main page instead of the message's URL) 2010-12-14 13:19:22 -08:00
Brion Vibber
54a0e801f3 AtomPub fixes: return '201 Created' on POST of new message; better error checking on Atom input 2010-12-14 13:12:24 -08:00
Evan Prodromou
d840578aa0 An action to delete your own account
The new DeleteaccountAction lets a user delete their own account
(subject to global rights set by the admin). It presents a form to
delete the account, with an "I am sure." text entry box.

It then schedules the account for deletion and logs the user out.
2010-12-14 12:38:43 -05:00
Evan Prodromou
6a7bf9dbf9 don't show the backup link if the user can't backup 2010-12-13 16:49:01 -05:00
Evan Prodromou
5089d3065c add an action to backup the current account in ActivityStreams format 2010-12-13 16:32:39 -05:00
Evan Prodromou
027c73a4a1 Merge branch 'activityatompub' into 0.9.x 2010-12-13 14:35:42 -05:00
Evan Prodromou
1033e1e519 add the other three feeds to AtomPub service document 2010-12-13 14:35:29 -05:00
Evan Prodromou
c6d6f25b52 Atom pub feed for group memberships
Feed for group memberships, in activity streams format.

Shows a feed; has proper pagination; accepts activitystreams "join"
activities to start a new membership.
2010-12-13 13:56:54 -05:00
Evan Prodromou
156bd011af fix navigation links for favorite feed 2010-12-13 13:08:38 -05:00
Evan Prodromou
c5fee7573e fix navigation links for subscriptions feed 2010-12-13 13:07:25 -05:00
Evan Prodromou
1a58fdd695 add atompub show membership action 2010-12-13 12:40:22 -05:00
Zach Copley
bb55784e90 Move getConnectedApps() from Profile to User, where it belongs 2010-12-12 17:37:42 -08:00
Evan Prodromou
30f0defcf1 atompub favorite feed 2010-12-12 13:16:34 -05:00
Evan Prodromou
1817aedb5c fix subtitle in subscriptions feed 2010-12-12 12:13:54 -05:00
Evan Prodromou
d9a614c57e use new Subscription stream methods for AtomPub 2010-12-11 11:24:07 -05:00
Evan Prodromou
37c447be46 Show a single favorite for AtomPub 2010-12-10 18:50:50 -05:00
Evan Prodromou
5d56dba904 add a new subscription using POST to APP 2010-12-09 16:25:47 -05:00
Evan Prodromou
c619a257fe Add subscription feed for AtomPub 2010-12-09 16:05:07 -05:00
Evan Prodromou
34b8eb207d make HEAD work for AtomPubShowSubscription 2010-12-09 14:25:57 -05:00
Evan Prodromou
11a0bde459 AtomPub for single subscription 2010-12-09 13:11:02 -05:00
Brion Vibber
9df856e667 Merge branch '0.9.x' into merge
Conflicts:
	README
	actions/hostmeta.php
	classes/File_redirection.php
	lib/common.php
	lib/designsettings.php
	lib/router.php
	lib/util.php
	lib/xmppmanager.php
	plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Brion Vibber
aa96c3c1d9 Fix for tickets #2917, #2262: user URL shortening options not being applied in non-web channels
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.

Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.

Note also ticket #2919: there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Siebrand Mazeland
086d6c9f36 * Fix an incorrectly formatted message parameter in line 334.
* i18n/L10n updates
* translator documentation updated
2010-12-02 12:33:03 +01:00
Brion Vibber
5d9d0d7349 Ticket #2912 further cleanup: use JS on emailsettings form to help connect the 'I want to post by email' checkbox with the controls for adding or removing a post-by-email alias.
Now, when you first come up the checkbox will most likely be off and the button to create an address is grayed out.
Checking the box enables use of the 'new' button to generate an email address -- it's left disabled until you check the box, so you can't accidentally trip it.
Actually adding the address now enables the post-by-mail option, as well, thus ensuring that it's saved. WARNING: OTHER CHANGES ON THE FORM WILL STILL BE LOST.
Removing the address now disables the post-by-mail option, so it's not sitting around confusingly enabled but useless.

You can still disable the checkbox manually without removing the address, in case you want to keep it for later.
It's also still possible to actually save it in the state where the option is enabled, but there's no configured address, but that shouldn't happen too often. Possibly that should be prevented outright though.
2010-12-01 14:23:56 -08:00
Brion Vibber
36d605a1e9 Ticket #2912 tweaks: clean up wording on the incoming email generator box a bit. 2010-12-01 13:10:54 -08:00
Brion Vibber
3048f9100d Ticket #2912: move 'I want to post notices by email" checkbox up from the email *output* prefs up into the box for the address to post to, so they're next to each other. 2010-12-01 13:04:18 -08:00
Brion Vibber
dc350b5463 Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh. 2010-11-29 14:15:25 -08:00
Evan Prodromou
edf660c6ff Make userxrd work without OStatus enabled 2010-11-26 22:09:51 -05:00
Evan Prodromou
fcc0825b14 Make userxrd part of the default hostmeta 2010-11-26 21:46:51 -05:00
Evan Prodromou
0a4911552e Move user xrd action to core and use hooks to extend
Moved the Webfinger user XRD action from the OStatus plugin to core.
Added hooks to add OStatus-specific stuff, but kept general stuff in
the core.
2010-11-26 21:38:38 -05:00
Craig Andrews
3f3b38766f move xrd and hostmeta out of the OStatus plugin and into core
add event for setting up hostmeta, and use them in the OStatus plugin
2010-11-26 21:12:14 -05:00
Brion Vibber
e0e7cb7c53 Merge branch 'master' into 0.9.x 2010-11-19 14:03:59 -08:00
Brion Vibber
ca55d6c514 Ticket #1987: support since_id on API notice search methods.
max_id is not yet implemented, as it'll need support added to the search backends. (since_id we get 'for free' by just cropping off the list, it'll do for now)
2010-11-19 14:00:22 -08:00
Brion Vibber
fa6c6077d6 Merge branch 'master' into 0.9.x 2010-11-16 11:17:29 -08:00
Brion Vibber
9b9db3b28a Prep for ticket #2895: consolidate common code from PopularNoticeList and FavoritedAction for fetching popular notice lists 2010-11-16 11:10:32 -08:00
Brion Vibber
89d5993674 Include width/height of locally-uploaded images in our oembed provider data for attachment pages. 2010-11-15 12:57:15 -08:00
Evan Prodromou
d038d0fa46 AtomPub-related actions are only read-only on GET 2010-11-15 14:14:09 -05:00
Evan Prodromou
8a21b13ee9 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-11-15 11:57:31 -05:00
Evan Prodromou
c1cee3b27f Merge branch 'atompub' into 0.9.x
Conflicts:
	actions/apistatusesshow.php
	actions/apitimelineuser.php
2010-11-15 11:57:19 -05:00
Evan Prodromou
cb371d65c1 add hooks for atom pub posts 2010-11-15 11:54:42 -05:00
Evan Prodromou
01f32e3998 Merge remote branch 'gitorious/1.0.x' into 1.0.x
Conflicts:
	actions/urlsettings.php
2010-11-14 06:49:43 -05:00
Brion Vibber
e4913f9722 fix syntax error introduced in i18n tweaks: newgroup action 2010-11-12 13:35:19 -08:00
Brion Vibber
9621904cac Revert "Missing one close-paren in newgroup.php" - incorrect fix for paren bug
This reverts commit 3afb031d92.
2010-11-12 13:34:04 -08:00
Brion Vibber
5d12ec0532 Merge branch 'oembed-thumbnails' into 0.9.x 2010-11-12 12:28:44 -08:00
Zach Copley
0ed572ff3f Fix missing close of comment block 2010-11-11 10:39:05 -08:00
Zach Copley
09aaf21e8d Fix missing close of comment block 2010-11-11 10:33:26 -08:00
Evan Prodromou
3afb031d92 Missing one close-paren in newgroup.php 2010-11-09 17:08:11 -05:00
Evan Prodromou
a988e2e97b hook points for the email settings form 2010-11-09 15:00:30 -05:00
Brion Vibber
f25accc43e split out InlineAttachmentList from AttachmentList 2010-11-09 10:45:19 -08:00
Brion Vibber
6d7f02ff31 Pass file attachment thumbnails along with oEmbed data. 2010-11-08 17:22:01 -08:00
Brion Vibber
551b196a35 doomy doom doom 2010-11-08 15:32:41 -08:00
Evan Prodromou
719b480eaa use subclassing to change notice list output for single notice 2010-11-08 13:08:59 -05:00
Siebrand Mazeland
f5b037c169 Update translator documentation. 2010-11-07 22:32:52 +01:00
Siebrand Mazeland
66e34a28f7 screen_name -> nick names. Spotted by The Evil IP address. 2010-11-07 22:31:02 +01:00
Brion Vibber
b716d01a41 Merge branch '0.9.x' into 1.0.x 2010-11-03 16:09:49 -07:00
Brion Vibber
51a756c211 Fix ticket #2860: clarify API doc comments for 'source' parameter's interaction with OAuth on api/statuses/update 2010-11-03 14:58:33 -07:00
Brion Vibber
6e03456753 Migrate some more code from manually constructing "fullname (nickname)" to using Profile->getFancyName(). Encapsulates common logic and allows for localization of the parens. 2010-11-03 13:10:42 -07:00
Brion Vibber
dc4fafbbd1 General cleanup & part of ticket #2864: use User_group->getFancyName() instead of replicating the logic in various places. Encapsulates and allows for localization of parens. 2010-11-03 12:59:19 -07:00
Siebrand Mazeland
973a48bded i18n/L10n fixes and translator documentation addded/updated. 2010-11-02 23:48:36 +01:00
Siebrand Mazeland
a65362f7fa Add context for different uses of "%1$s (%2$s)" 2010-11-02 23:08:59 +01:00
Brion Vibber
04ca706601 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
Conflicts:
	actions/confirmaddress.php
	actions/othersettings.php
2010-11-02 15:02:10 -07:00
Brion Vibber
81e0653080 Merge branch 'pretty-title2' into 0.9.x 2010-11-02 14:21:23 -07:00
Brion Vibber
6a181bb128 Unrolled tagged vs untagged, page 1 vs page N message variants for showstream title. #2668 2010-11-02 14:20:06 -07:00
Brion Vibber
bc85f6914b fix syntax error introduced in i18n tweaks: newgroup action 2010-11-02 14:03:50 -07:00
Brion Vibber
426cda5e1f Alternate pretty-title tweaks for #2668 2010-11-02 13:42:44 -07:00
Siebrand Mazeland
760a1c27bc Update translator documentation. 2010-11-01 16:49:36 +01:00
Siebrand Mazeland
6ab34fd8e8 * i18n/L10n updates.
* translator documentation added.
* superfluous whitespace removed.
2010-11-01 16:49:35 +01:00
Siebrand Mazeland
5c6732c4bb Update translator documentation. 2010-11-01 16:49:35 +01:00
Siebrand Mazeland
1c0e84f066 Add forgotten translator documentation. 2010-10-31 01:26:39 +02:00
Siebrand Mazeland
5406873007 * translator documentation updated.
* superfluous whitespace removed.
* added FIXMEs for missing documentation and un-i18n-able timestamps.
2010-10-31 01:16:59 +02:00
Siebrand Mazeland
08edd1fedf * i18n/L10n updates.
* translator documentation added/updated.
* superfluous whitespace removed.
2010-10-31 00:58:35 +02:00
Siebrand Mazeland
234b03d945 * translator documentation updates.
* added FIXMEs in actions/showgroup.php.
* superfluous whitespace removed.
2010-10-30 14:36:54 +02:00
Evan Prodromou
c4b8f68a1a Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-29 11:14:02 -04:00
Brion Vibber
b26eccf33c Merge branch '0.9.x' into 1.0.x 2010-10-28 16:26:34 -07:00
Brion Vibber
8d0c014ced Merge branch 'master' into 0.9.x 2010-10-28 13:01:10 -07:00
Brion Vibber
9ea7cafd27 Fix for regression: fatal error on group page display when not logged in.
Bug was introduced with group deletion feature.
2010-10-28 12:19:19 -07:00
Siebrand Mazeland
796d7b4939 Update translator documentation. 2010-10-28 01:42:09 +02:00
Siebrand Mazeland
04ae500749 * i18n/L10n fixes.
* translator documentation updated.
* superfluous whitespace removed.
2010-10-28 01:21:21 +02:00
Siebrand Mazeland
a12474a99d * i18n/L10n fixes.
* translator documentation updated.
* superfluous whitespace removed.
2010-10-28 01:21:09 +02:00
Zach Copley
b3cd558fe7 Fix OAuth verifier display page title and msgs for i18n 2010-10-26 13:19:23 -07:00
Evan Prodromou
93a8718f97 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-26 09:22:21 -04:00
Zach Copley
1a1ca22aca Supress header, footer, sidebar on OAuth verifier pin page when in "desktop" mode 2010-10-25 13:30:38 -07:00
Brion Vibber
ca489631db Merge branch '0.9.x' into 1.0.x
Conflicts:
	actions/subscriptions.php
	lib/router.php
	lib/xmppmanager.php
	lib/xmppoutqueuehandler.php
2010-10-25 13:08:57 -07:00
Zach Copley
82c280979d Add special CSS classes to OAuth authorization and pin pages when
in desktop mode
2010-10-25 11:25:35 -07:00
Zach Copley
479096c8d7 Less scary OAuth authorization messages when using anonymous consumer 2010-10-25 10:38:40 -07:00
Evan Prodromou
e6ba379c8b navigation links in user timeline (for AtomPub) 2010-10-25 11:08:10 -04:00
Evan Prodromou
59a7d78acb Atom Service Document 2010-10-24 23:43:26 -04:00
Evan Prodromou
c0664599aa allow posting to user timeline using AtomPub 2010-10-24 22:50:13 -04:00
Evan Prodromou
292e789584 delete a notice using AtomPub 2010-10-24 21:24:23 -04:00
Evan Prodromou
43a67b150a show a single notice in atom entry format 2010-10-24 15:58:53 -04:00
Siebrand Mazeland
0b6cc7c33d * translator documentation added.
* superfluous whitespace removed.
2010-10-23 19:20:51 +02:00
Zach Copley
3913b6a5d8 Updated styling for OAuth authorization page's desktop mode.
TODO: move these styles into the main CSS file.
2010-10-22 11:21:44 -07:00
Evan Prodromou
568cb8a205 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-22 09:24:50 -04:00
Zach Copley
131c339c5a Pass OAuth authorize page's mode paramater to OpenID plugin so it can create a correct
returnto URL
2010-10-22 02:08:38 +00:00
Zach Copley
ac45f661f6 Fix regression (whoops!) 2010-10-21 18:38:54 -07:00
Zach Copley
c5a84ef76f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 18:16:35 -07:00
Zach Copley
0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
aa6ec40c51 Fix syntax errors 2010-10-22 00:48:26 +00:00
Zach Copley
ce0d81c190 OAuth - inform consumer when user refused to authorize a request token
http://status.net/open-source/issues/2848
2010-10-21 17:11:59 -07:00
Zach Copley
94f7bfa50a Don't show 'anonymous' app in OAuth application list. 2010-10-21 16:42:59 -07:00
Zach Copley
4ab110e071 Fix bad reference. 2010-10-21 14:52:41 -07:00
Zach Copley
a548861dbf OAuth - proper callback handling and better styling for authorization
page when in desktop mode
2010-10-21 14:45:42 -07:00
Zach Copley
648f79be10 Change OAuth authorization page's action name to be inline with
other web page action names so the body id outputs correctly. Fix
some other bugs.
2010-10-21 13:00:59 -07:00
Zach Copley
bab012bd67 New "desktop" mode for the OAuth authorization page. If mode=deskstop
is specified in the request the page is probably meant to be displayed
in a small webview of another application, so suppress header, aside
and footer.
2010-10-21 12:23:04 -07:00
Siebrand Mazeland
cb74822e7a i18n/L10n consistency updates. 2010-10-21 13:20:21 +02:00
Siebrand Mazeland
fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Craig Andrews
90c87553ee Redirect to https when making an http request for a sensitive action 2010-10-20 20:26:35 -04:00
Zach Copley
e56385a7bb Use a new table (oauth_token_association) to associate authorized
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
1603b7afc9 i18n/L10n updates, translator comments added/fixed, superfluous whitespace removed. 2010-10-21 01:53:42 +02:00
Brion Vibber
c24f4ddfdb Pretty up the OpenID variant of the OAuth login form a bit; change the 'Allow' button to 'Continue' so we're not confused why we get the form again after authenticating. 2010-10-20 16:14:32 -07:00
Brion Vibber
bcc06d05e8 Initial OpenID+OAuth thingy. 2010-10-20 15:59:27 -07:00
Siebrand Mazeland
ac4afb31e8 Consistent punctuation. 2010-10-20 20:29:59 +02:00
Siebrand Mazeland
59d0be4761 * i18n for many missing messages (???)
* add translator documentation.
2010-10-20 20:28:04 +02:00
Siebrand Mazeland
dc62cf1c0b * i18n/L10n fixes.
* translator documentation updated/added.
* superfluous whitespace removed.
2010-10-20 19:34:27 +02:00
Zach Copley
2760ef07f5 Stick OAuth developer help info in a section 2010-10-19 21:24:19 -07:00
Zach Copley
5ca29ab0de Merge branch 'anon-consumer' into 0.9.x 2010-10-19 21:01:53 -07:00
Zach Copley
e8b6d7c946 Add support for an anonymous OAuth consumer. Note: this requires a
small DB tweak.  Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).

http://status.net/open-source/issues/2761

This should also make it possible to have multiple access tokens
per application.

http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Siebrand Mazeland
0157df7396 Add missing "address" 2010-10-20 00:49:12 +02:00
Siebrand Mazeland
4b4894b121 Many i18n/L10n updates and lots of descriptions for translators added. 2010-10-20 00:35:39 +02:00
Brion Vibber
3593f3f132 Merge branch '0.9.x' into 1.0.x 2010-10-19 15:18:07 -07:00
Brion Vibber
d358c88f94 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-19 15:10:47 -07:00
Brion Vibber
e13eb797c7 Fix PHP notice when submitting 'design' admin panel on a browser that doesn't support file uploads such as Mobile Safari 2010-10-19 15:09:45 -07:00
Zach Copley
d48f4a81d6 Relax restrictions on URL validation for oauth_callback. We need to
allow custom schemes like mustard:// etc.
2010-10-19 19:29:21 +00:00
Zach Copley
5ac694c74f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-19 12:08:48 -07:00
Zach Copley
5866493cae OAuth - better log messages 2010-10-19 12:07:59 -07:00
Brion Vibber
53d45d7ffb Merge branch '0.9.x' 2010-10-18 15:21:02 -07:00
Siebrand Mazeland
24b94ebb2c * fix bugs in parameter numbering for two messages
* add translator documentation
2010-10-18 22:47:50 +02:00
Evan Prodromou
3a36714847 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-18 15:42:21 -04:00
Brion Vibber
7765ddae81 Merge branch '0.9.x' into 1.0.x
Conflicts:
	README
	lib/default.php
2010-10-18 12:17:11 -07:00
Evan Prodromou
7c05b0dafc options to nofollow external links in notices 2010-10-18 11:29:52 -04:00
Siebrand Mazeland
505ac6eba0 * add plural support where missing
* update translator documentation.
2010-10-16 14:38:12 +02:00
Siebrand Mazeland
31415b5853 Update translator documentation. 2010-10-16 14:31:41 +02:00
Brion Vibber
9a35e48ee2 Fix for ticket #2837: white screen when hitting 'make admin' button on group members list.
RedirectingAction->returnToArgs() has been renamed to returnToPrevious() to avoid confusion with the existing Action->returnToArgs which gives the arguments that would be used to pass to one of those. :)
Switching to the correct function call gets it working.

Thanks to Siebrand for catching it when I could debug it live!
2010-10-15 15:33:54 -07:00
Evan Prodromou
9abe6fa666 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-15 13:46:44 -04:00
Evan Prodromou
9b9ba29791 add SSL servers and paths to pathadminpanel.php 2010-10-15 13:46:21 -04:00
Craig Andrews
0721d8d3e2 Merge remote branch 'statusnet/0.9.x' into 1.0.x 2010-10-14 15:27:17 -04:00
Evan Prodromou
fc6711327b let users set their SSL logo through the admin panel 2010-10-14 15:06:11 -04:00
Evan Prodromou
07963a2a10 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-13 15:18:33 -04:00
Craig Andrews
f79dbaf9a7 Add a doc page that links to the StatusNet wiki API page
Add a redirect action that merely redirects to another action
Redirect /api to /doc/api so users don't get the "lame" "No such user" error message
2010-10-12 23:38:16 -04:00
Zach Copley
04f3f57e2e Merge branch 'oauth-1.0a' into 0.9.x 2010-10-12 17:52:04 -07:00
Brion Vibber
5f81f6119b Merge branch '0.9.x' into 1.0.x 2010-10-12 16:33:36 -07:00
Zach Copley
d8e06e66e9 Print a proper error message 2010-10-12 16:19:53 -07:00
Brion Vibber
f4f16af8ac Add a basic group deletion for moderator users. 2010-10-12 15:49:20 -07:00
Zach Copley
a77bc11326 Output a log message when issuing a request token 2010-10-12 12:25:34 -07:00
Evan Prodromou
4580d6065c Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-12 11:16:32 -04:00
Brion Vibber
aa02f6020e Merge branch '0.9.x' into 1.0.x 2010-10-08 11:47:50 -07:00
Brion Vibber
f62e7c461f Fix PHP fatal error in DeletenoticeAction: died when we had a valid notice, but weren't logged in due to accessing $this->user before the login check. Moved check up to prepare() from handle() so it's done before usage 2010-10-08 10:33:43 -07:00
Zach Copley
459727bd61 Update ApiOauthAccessTokenAction to OAuth 1.0a 2010-10-07 18:32:27 -07:00
Zach Copley
f8808b0761 Added a comment about an open question: Should we allow pin-based
workflow for clients registered as web applications?
2010-10-07 14:19:42 -07:00
Zach Copley
b8f2cc4e6f Make the verifier pin display a little nicer 2010-10-07 13:51:47 -07:00
Zach Copley
69e621a3e8 - Update ApiOauthAuthorizeAction to 1.0a
- Fix enumerable bugs
- New page for displaying 1.0a verifier (still needs work)
2010-10-06 19:20:47 -07:00
Zach Copley
f97b863fd7 Update ApiOauthRequestTokenAction to support OAuth 1.0a 2010-10-06 13:40:03 -07:00
Evan Prodromou
8aa9c271df Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-05 14:09:17 -04:00
Brion Vibber
5c4723919f Merge branch '0.9.x' into 1.0.x 2010-10-04 13:06:40 -07:00
Brion Vibber
59119482ca Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
Conflicts:
	actions/hostmeta.php
	actions/imsettings.php
	classes/User.php
	lib/adminpanelaction.php
	lib/channel.php
	lib/default.php
	lib/router.php
	lib/util.php
2010-10-04 12:54:36 -07:00
Brion Vibber
5c19d33b27 Bugfix in FB-sharing header for empty profile avatar 2010-10-01 14:42:12 -07:00