Commit Graph

701 Commits

Author SHA1 Message Date
Craig Andrews
d07df8a796 Added Authorization plugin
Added LDAPAuthorization plugin
2009-11-18 14:19:43 -05:00
Evan Prodromou
3a980a75fc Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2009-11-17 14:51:38 -05:00
Zach Copley
638df94f88 Need to check the Profile rather than the User. 2009-11-17 08:48:16 -08:00
Evan Prodromou
bac2d80c91 Merge branch '0.9.x' into adminpanel
Conflicts:
	classes/User.php
2009-11-17 08:04:14 -05:00
Evan Prodromou
6a1afda259 Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	classes/statusnet.ini
2009-11-17 06:25:07 -05:00
Craig Andrews
a373d07ae0 Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them 2009-11-16 15:24:25 -05:00
Evan Prodromou
d59af02960 disallow email on faves from sandboxed users 2009-11-16 14:28:55 -05:00
Evan Prodromou
440af7ed7a silenced users can't send direct messages 2009-11-16 19:51:41 +01:00
Evan Prodromou
e9321a1806 more rights denied to silenced and sandboxed 2009-11-16 19:46:08 +01:00
Evan Prodromou
f1efb845e4 don't allow sandboxed users to post public notices 2009-11-16 19:22:22 +01:00
Evan Prodromou
d2145a5b7f Move rights check to profile and add right for new notices
Added a right for new notices, realized that the hasRight() method
should be on the profile, and moved it.

Makes this a less atomic commit but that's the way it goes sometimes.
2009-11-16 19:03:59 +01:00
Craig Andrews
7177585630 getGroups was not handling the case where limit=null correctly 2009-11-16 11:22:45 -05:00
Evan Prodromou
3e08309826 change uses of User_role to Profile_role 2009-11-16 16:06:52 +01:00
Evan Prodromou
dd10e9729b fix exe flag after createTable 2009-11-16 16:05:22 +01:00
Evan Prodromou
fa00aed88b remove User_role class 2009-11-16 16:04:51 +01:00
Evan Prodromou
4e00ce01a9 Rename user_role to profile_role
Renamed the user_role table to profile_role. Remote users can have a
role on the site; that 'role' may be negative (silenced or sandboxed).
2009-11-16 16:02:47 +01:00
Evan Prodromou
792590bcdc move role functions to Profile class 2009-11-16 15:52:33 +01:00
Craig Andrews
6470ccd1b8 getSubscribers and getSubscriptions were not handling the case where limit=null correctly 2009-11-16 00:19:19 -05:00
Evan Prodromou
c9475c76a8 define rights around how to silence, sandbox, and delete a user 2009-11-15 15:59:10 +01:00
Craig Andrews
ed690615de Added a User_username table that links the external username with a StatusNet user_id
Added EmailAuthenticationPlugin
Added ReverseUsernameAuthenticationPlugin
Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname
User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static
2009-11-12 20:12:36 -05:00
Evan Prodromou
935410e8dc Merge branch '0.9.x' into adminpanel 2009-11-11 00:22:42 -05:00
Brion Vibber
53c86c43c4 Bringing Sphinx search support up to code: broken out to a plugin, now supports multiple sites on a single server.
Upgrade notes:
* Index names have changed from hardcoded 'Identica_people' and 'Identica_notices' to use the database name and actual table names. Must reindex.

New events:
* GetSearchEngine to override default search engine class selection from plugins

New scripts:
* gen_config.php generates a sphinx.conf from database configuration (with theoretical support for status_network table, but it doesn't seem to be cleanly queriable right now without knowing the db setup info for that. Needs generalized support.)
* Replaced old sphinx-indexer.sh and sphinx-cron.sh with index_update.php

Other fixes:
* sphinx.conf.sample better matches our live config, skipping unused stopword list and using a more realistic indexer memory limit

Further notes:
* Probably doesn't work right with PostgreSQL yet; Sphinx can pull from PG but the extraction queries currently look like they use some MySQL-specific functions.
2009-11-10 13:44:40 -08:00
Evan Prodromou
1f5f5474f1 Merge branch '0.9.x' into adminpanel 2009-11-10 16:27:23 -05:00
Evan Prodromou
cb64cfb44c add geo output to statuses in json, xml, atom, rss in API 2009-11-10 16:15:05 -05:00
Brion Vibber
088081675f Revert "Remove more contractions"
This reverts commit 5ab709b739.

Missed this one yesterday...
2009-11-09 20:01:46 +01:00
Evan Prodromou
691beefd0f Merge branch '0.9.x' into adminpanel 2009-11-08 21:41:43 -05:00
Evan Prodromou
76b0e6e6f4 Merge branch '0.9.x' into adminpanel 2009-11-08 21:23:09 -05:00
Siebrand Mazeland
b10f362ede Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2009-11-08 23:33:58 +01:00
Siebrand Mazeland
5ab709b739 Remove more contractions
* doesn't
* won't
* isn't
* don't
2009-11-08 23:32:15 +01:00
Brion Vibber
fc5002015b Revert "* [Cc]an't -> [Cc]annot"
This reverts commit 0ab17f382b.
2009-11-08 23:28:51 +01:00
Siebrand Mazeland
104a47e4a2 Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2009-11-08 23:22:50 +01:00
Siebrand Mazeland
0ab17f382b * [Cc]an't -> [Cc]annot
* [Cc]ould't -> [Cc]ould not
2009-11-08 23:22:38 +01:00
Evan Prodromou
111f6a775d Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2009-11-08 17:06:41 -05:00
Evan Prodromou
b7e2e3fd2b Restructure theme.php to define a class Theme
For various reasons, it's nicer to have a class for theme-file paths
and such. So, I've rewritten the code for determining the locations of
theme files to be more OOPy.

I changed all the uses of the two functions in the module (theme_file
and theme_path) to use Theme::file and Theme::path respectively.

I've also removed the code in common.php that require's the module;
using a class means we can autoload it instead.
2009-11-08 17:04:46 -05:00
Brion Vibber
8d44b6a5a2 Fix bug 1962: deleteuser.php regression when OpenID plugin not enabled
The User_openid data object was explicitly listed as a related field to delete from in User::delete(); this class doesn't exist anymore by default since OpenID was broken out to a plugin.
Added UserDeleteRelated event for plugins to add related tables to delete from at user delete time.
2009-11-08 14:40:30 +01:00
Evan Prodromou
408510f527 pkeyGet() and save() methods for Config 2009-11-07 23:16:59 -05:00
Evan Prodromou
144f817109 add a break to switch in hasRight() 2009-11-07 23:15:59 -05:00
Evan Prodromou
38833af6f1 use upper-case constants for roles and rights in hasRight() 2009-11-07 19:16:54 -05:00
Evan Prodromou
eaec5b03f5 add constants for user roles 2009-11-07 19:16:33 -05:00
Evan Prodromou
1319002e15 don't distribute group notices to inboxes for users who've blocked the author 2009-11-07 12:22:00 -05:00
Craig Andrews
b9d40f723b Added 'login' command that gives you a link that can be used to login to the website 2009-11-02 18:40:49 -05:00
Evan Prodromou
a2b8303925 Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	classes/User.php
2009-11-02 18:13:04 -05:00
Evan Prodromou
61419038e5 Merge branch '0.8.x' into 0.9.x
Conflicts:
	README
2009-11-02 18:11:45 -05:00
Craig Andrews
15d0055c6f allowed_nickname blocks top level url router names 2009-11-02 15:18:56 -05:00
Brion Vibber
5581143bee Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions.
Caching support will be added in future work after unit tests have been added.

* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries
* adapted GeonamesPlugin for new HTTPResponse interface

Note some plugins haven't been fully tested yet.
2009-11-02 09:14:15 -08:00
Brion Vibber
b22fc5b74a Revert "Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions."
Going to restructure a little more before finalizing this...

This reverts commit fa37967858.
2009-11-02 07:51:29 -08:00
Brion Vibber
fa37967858 Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions.
Caching support will be added in future work after unit tests have been added.

* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries

Note some plugins haven't been tested yet.
2009-11-02 06:31:28 -08:00
Evan Prodromou
6664528244 Revert "Blacklist all files and directories in the web root (INSTALLDIR). Much more elegant than manually keep tracking of these invalid usernames."
This reverts commit 15f9c80c28.

So, so, elegant! And so, so, incorrect!

We can't have a user named 'notice' because that would interfere with
URLs like /notice/1234. However, there is no file named 'notice' in
the Web root.

If there were a way to automatically pull out the virtual paths in the
root dir, this may make sense. Until then, we keep track here.
2009-11-01 11:09:14 -05:00
Craig Andrews
acaf07f6e8 Added an "Verify Your Identity" page to the OpenID provider 2009-10-30 13:21:37 -04:00
Craig Andrews
005f85b5ea Removed reference to 'api' action which no longer exists since api refactor 2009-10-30 01:25:52 -04:00