Commit Graph

3910 Commits

Author SHA1 Message Date
Brion Vibber
d3d9797496 Prevent group creation by silenced users.
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Evan Prodromou
8814fb3822 Merge branch '0.9.x' into socialbookmark 2010-12-27 22:38:36 -08:00
Evan Prodromou
1996545947 add events for restoring activities 2010-12-27 22:28:20 -08:00
Evan Prodromou
6393326557 Merge branch '0.9.x' into socialbookmark 2010-12-27 20:49:31 -08:00
Evan Prodromou
c78170a275 Better job making an ActivityObject from an <atom:author> 2010-12-27 10:19:51 -08:00
Evan Prodromou
ab92496ddc Stop using <activity:subject> for atom feeds 2010-12-27 10:03:34 -08:00
Evan Prodromou
f5128015be Use outputTo() instead of asString() for including sub-elements 2010-12-27 09:46:25 -08:00
Evan Prodromou
1188d5bab2 Don't output deprecated <activity:actor> element 2010-12-27 09:25:26 -08:00
Brion Vibber
464e0f8115 Don't trust text/xml mime types; generic content detection gives useless stuff like that on SVG images! Todo: replace the extension check in this case with better content-based checks. 2010-12-22 13:56:19 -08:00
Evan Prodromou
402cac2f93 Merge branch '0.9.x' into socialbookmark
Conflicts:
	lib/activityobject.php
2010-12-22 12:09:42 -08:00
Evan Prodromou
35d9a065fb Revert "initialize ActivityObject::$extra"
This reverts commit 3e82000d57.
2010-12-22 12:07:13 -08:00
Evan Prodromou
e11ca1e052 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-12-22 12:05:40 -08:00
Brion Vibber
448dfb69d4 Initialize $extra member to empty array on ActivityObject 2010-12-22 12:03:05 -08:00
Evan Prodromou
3e82000d57 initialize ActivityObject::$extra 2010-12-22 12:02:50 -08:00
Evan Prodromou
5fe8301129 disable account deletion by default 2010-12-22 11:25:47 -08:00
Evan Prodromou
9a6ceb3303 Merge branch 'righttoleave' into 0.9.x 2010-12-22 11:22:51 -08:00
Evan Prodromou
17515aacac drop previous in oembedhelperexception code 2010-12-20 18:32:43 -05:00
Evan Prodromou
f63355451d fixup exception constructor for php 5.2 2010-12-20 18:28:42 -05:00
Evan Prodromou
24f9a991b6 Let activity objects write directly to activity's own outputter 2010-12-20 13:30:33 -05:00
Evan Prodromou
6a6dd81d1f Let activity objects write directly to activity's own outputter 2010-12-20 13:26:57 -05:00
Evan Prodromou
688841fb41 ActivityObject has attribute for other elements 2010-12-19 10:16:44 -05:00
Evan Prodromou
25d03c42e6 Add events for representing objects as activity:object
Add 6 new events to make it easier to override the type of an activity object.
2010-12-18 17:24:41 -05:00
Brion Vibber
fb8312ebf4 Ticket #2959: implement api/users/profile_image endpoint in Twitter-compat API 2010-12-17 17:10:52 -08:00
Evan Prodromou
573bbeced1 action to restore a user's backup from the Web interface 2010-12-17 18:56:48 -05:00
Evan Prodromou
1d6091cad2 Two bug fixes in activityimporter 2010-12-17 18:56:17 -05:00
Evan Prodromou
120802b807 change code order to make shorter lines 2010-12-17 18:55:00 -05:00
Evan Prodromou
1a81356622 I'm still not sure when it's useful to reset a notice's author 2010-12-17 17:37:43 -05:00
Evan Prodromou
4b41d05a13 Make restoreuser use new FeedImporter queue handler 2010-12-17 16:27:20 -05:00
Evan Prodromou
044763cf06 move activity importing code to two different queuehandler classes 2010-12-17 13:12:17 -05:00
Evan Prodromou
6469d75fb0 Move accountrestorer class to feed importer 2010-12-17 13:10:23 -05:00
Evan Prodromou
16fc5314fb move code to get an author object for a feed to a library from Ostatus_profile 2010-12-17 13:09:37 -05:00
Brion Vibber
ed24c95ac2 Fix ticket #2929: router cache now clears itself when switching singleuser mode in and out 2010-12-16 13:42:10 -08:00
Evan Prodromou
39804809dd distribute flag for Notice::saveNew() 2010-12-16 16:17:38 -05:00
Evan Prodromou
2e2519afee Move account restoration code to a shared library
Moved most of the heavy-lifting for account restoration out of
restoreuser.php and into its own class, with the hope that we'll do
the work from the Web eventually.
2010-12-15 17:53:38 -05:00
Evan Prodromou
e16cb8c03a Merge branch '0.9.x' into righttoleave 2010-12-15 16:48:28 -05:00
Brion Vibber
6c67114198 Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data) 2010-12-14 16:14:15 -08:00
Brion Vibber
2ed1e9b126 AtomPub discovery fix: gets MarsEdit's auto API detection working.
Router entry for AtomPubService was slightly off, generating an incorrect link in the RSD data.
2010-12-14 14:43:50 -08:00
Evan Prodromou
d840578aa0 An action to delete your own account
The new DeleteaccountAction lets a user delete their own account
(subject to global rights set by the admin). It presents a form to
delete the account, with an "I am sure." text entry box.

It then schedules the account for deletion and logs the user out.
2010-12-14 12:38:43 -05:00
Evan Prodromou
5089d3065c add an action to backup the current account in ActivityStreams format 2010-12-13 16:32:39 -05:00
Evan Prodromou
75aaa98462 define rights for account maintenance and default rules 2010-12-13 16:28:32 -05:00
Evan Prodromou
7c7b91e61a define configuration settings for account maintenance security 2010-12-13 16:28:02 -05:00
Evan Prodromou
4be9c0a0e9 fix URL for memberships feed 2010-12-13 13:50:57 -05:00
Evan Prodromou
4b7a0d366c add atompub membership actions to router 2010-12-13 12:40:01 -05:00
Evan Prodromou
37c447be46 Show a single favorite for AtomPub 2010-12-10 18:50:50 -05:00
Evan Prodromou
167f760ab8 Merge branch '0.9.x' into activityatompub
Conflicts:
	lib/router.php
2010-12-10 17:04:55 -05:00
Brion Vibber
d55f606cf8 Tweaking nickname format regexes: added one that explicitly allows numbers, to be used in router setup. 2010-12-09 16:43:35 -08:00
Evan Prodromou
c619a257fe Add subscription feed for AtomPub 2010-12-09 16:05:07 -05:00
Evan Prodromou
11a0bde459 AtomPub for single subscription 2010-12-09 13:11:02 -05:00
Evan Prodromou
94ff04e190 Don't cache user-specific information for Notice atom entries 2010-12-08 13:59:12 -05:00
Evan Prodromou
db519d3ffb whitespace problems in lib/router 2010-12-07 16:23:12 -05:00
Evan Prodromou
57859a4bc8 generate links for apinamespace.org/atom and /twitter in userxrd 2010-12-07 15:53:34 -05:00
Evan Prodromou
eab8d752e8 allow <Property> elements in <Link> in XRD 2010-12-07 15:53:08 -05:00
Evan Prodromou
d5466ac87e fix whitespace in lib/xrdaction.php 2010-12-07 15:26:43 -05:00
Evan Prodromou
1fb506c27d use codeKey() in activity caching 2010-12-06 17:28:22 -05:00
Evan Prodromou
25f644f4b9 Merge branch '0.9.x' into cacheactivity 2010-12-06 17:22:34 -05:00
Evan Prodromou
b35352790f Merge branch 'master' of gitorious.org:statusnet/mainline 2010-12-06 17:21:38 -05:00
Evan Prodromou
49757c79ee Config flag to disable router caching if needed 2010-12-06 17:21:01 -05:00
Evan Prodromou
a33d1d6090 use Cache::codeKey() in Router class 2010-12-06 17:20:44 -05:00
Evan Prodromou
004d58fdb8 Make code-dependent cache entries more volatile
If a cache entry is dependent on the code that's running, upgrading
(or enabling/disabling plugins) can generate hard-to-track
inconsistencies.

This change adds a close-to-unique fingerprint of the running code to
some cache keys, so that if the fingerprint changes, the old values
are ignored and new values are used.

If the automated uniqueness fails, an administrator can add an extra
config value, $config['site']['build'], that's thrown into the key also.
2010-12-06 17:20:26 -05:00
Evan Prodromou
bb63fd4b75 Config flag to disable router caching if needed 2010-12-06 17:19:41 -05:00
Evan Prodromou
8c4e14b59c use Cache::codeKey() in Router class 2010-12-06 17:08:52 -05:00
Evan Prodromou
b3d47ed6cc Make code-dependent cache entries more volatile
If a cache entry is dependent on the code that's running, upgrading
(or enabling/disabling plugins) can generate hard-to-track
inconsistencies.

This change adds a close-to-unique fingerprint of the running code to
some cache keys, so that if the fingerprint changes, the old values
are ignored and new values are used.

If the automated uniqueness fails, an administrator can add an extra
config value, $config['site']['build'], that's thrown into the key also.
2010-12-06 17:05:32 -05:00
Evan Prodromou
8564fc51c5 cache generated activity info 2010-12-06 16:38:02 -05:00
Evan Prodromou
da8b268e06 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-12-06 15:52:03 -05:00
Evan Prodromou
0c0418bdfb correctly generate enclosure in Activity::asString() 2010-12-06 15:51:42 -05:00
Brion Vibber
2617c40e04 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	classes/User.php
2010-12-06 12:44:19 -08:00
Brion Vibber
76f3dc32e0 Added User::singleUserNickname() as (temporary?) fallback for single-user lookup as a workaround for site setup of 1user sites. We found that an external tool attempting to spin up StatusNet and then register the user would fail because StatusNet's router setup dies on being unable to find its single-user account, since the nickname is needed in setting up routing entries. This tweak will let it survive, using the configured setting as a fallback if it can't actually find the user account. 2010-12-06 12:39:09 -08:00
Evan Prodromou
1f0949f9ac remove common_debug() from Activity::asString() 2010-12-06 15:22:52 -05:00
Evan Prodromou
b28266b3d6 Convert Notice::asAtomEntry() to use Notice::asActivity() and Activity::asString()
We had two ways to generate an activity entry from a notice; one through
Notice::asAtomEntry() and one through Notice::asActivity() and
Activity::asString(). The code paths had already diverged somewhat. I
took the conditions that were in Notice::asAtomEntry() and made sure
they were replicated in the other two functions. Then, I rewrote
Notice::asAtomEntry() to use the other two functions instead.

This change passes the ActivityGenerationTests unit tests, but there
may be some other stuff that's not getting covered.
2010-12-05 16:15:05 -05:00
Brion Vibber
aa96c3c1d9 Fix for tickets #2917, #2262: user URL shortening options not being applied in non-web channels
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.

Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.

Note also ticket #2919: there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Brion Vibber
f68d4e7d06 Fix dumb mistake -- changed function names partway through writing Nickname and forgot to update a couple places. :) 2010-12-01 11:21:00 -08:00
Evan Prodromou
7aa201fa52 Merge branch 'master' into 0.9.x
Conflicts:
	lib/router.php
2010-11-30 14:46:26 -05:00
Evan Prodromou
af31767b63 was using Cache::get() and ::set() wrong 2010-11-30 14:44:16 -05:00
Evan Prodromou
c86dff9901 use a CRC32 of the plugin names rather than actual names 2010-11-30 10:11:53 -05:00
Evan Prodromou
8c993a502c use a CRC32 of the plugin names rather than actual names 2010-11-30 10:11:39 -05:00
Evan Prodromou
f5c8549068 Squashed commit of the following:
commit 39fdd181d95d2c39a3ea1ca330b10a99a92b961f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Nov 29 10:37:49 2010 -0500

    use cache key prefix for router cache key

commit 4cb9e56941922489b83d6425c059cf770991e68f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Nov 29 10:31:21 2010 -0500

    use a unique hashkey based on the software version and loaded plugins

commit 44458b48aef719543e11f83b41fded65cbcb8be9
Author: Evan Prodromou <evan@status.net>
Date:   Sat Nov 27 17:04:15 2010 -0500

    cache the NUM object

commit 809c188307a9b4ada15f3d7fa573a6034341efef
Author: Evan Prodromou <evan@status.net>
Date:   Sat Nov 27 15:44:12 2010 -0500

    accelerate routing by pivoting paths on actions
2010-11-30 09:58:00 -05:00
Evan Prodromou
02da858cef Squashed commit of the following:
commit 39fdd181d95d2c39a3ea1ca330b10a99a92b961f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Nov 29 10:37:49 2010 -0500

    use cache key prefix for router cache key

commit 4cb9e56941922489b83d6425c059cf770991e68f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Nov 29 10:31:21 2010 -0500

    use a unique hashkey based on the software version and loaded plugins

commit 44458b48aef719543e11f83b41fded65cbcb8be9
Author: Evan Prodromou <evan@status.net>
Date:   Sat Nov 27 17:04:15 2010 -0500

    cache the NUM object

commit 809c188307a9b4ada15f3d7fa573a6034341efef
Author: Evan Prodromou <evan@status.net>
Date:   Sat Nov 27 15:44:12 2010 -0500

    accelerate routing by pivoting paths on actions
2010-11-30 09:57:02 -05:00
Brion Vibber
3be352551a Normalize username strings in command parsing 2010-11-29 16:44:40 -08:00
Brion Vibber
3f0557aa8e General code safety: validate input and escape SQL strings in common_relative_profile() 2010-11-29 16:44:01 -08:00
Brion Vibber
e03d2584aa Use Nickname::DISPLAY_FMT instead of manual regex fragments in router setup for nickname parameters. 2010-11-29 16:02:35 -08:00
Brion Vibber
82799f675f Add Nickname test cases for @-reply regexes in common_find_mentions 2010-11-29 15:07:55 -08:00
Brion Vibber
fffc10a230 Nickname class to encapsulate validation & common regexes for nickname formats.
This provides initial infrastructure for decoupling display names from internal canonical names, but continues to have us storing and using the canonical forms.

It should be/become possible to provide mixed-case and underscore-containing names in links, @-mention, !-group, etc, but we don't store those alternate forms generally.
2010-11-29 14:46:10 -08:00
Brion Vibber
dc350b5463 Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh. 2010-11-29 14:15:25 -08:00
Brion Vibber
6c4e5a89c1 Add some doc comments on nickname-related stuff in util.php 2010-11-29 11:31:10 -08:00
Evan Prodromou
edf660c6ff Make userxrd work without OStatus enabled 2010-11-26 22:09:51 -05:00
Evan Prodromou
fcc0825b14 Make userxrd part of the default hostmeta 2010-11-26 21:46:51 -05:00
Evan Prodromou
0a4911552e Move user xrd action to core and use hooks to extend
Moved the Webfinger user XRD action from the OStatus plugin to core.
Added hooks to add OStatus-specific stuff, but kept general stuff in
the core.
2010-11-26 21:38:38 -05:00
Craig Andrews
3f3b38766f move xrd and hostmeta out of the OStatus plugin and into core
add event for setting up hostmeta, and use them in the OStatus plugin
2010-11-26 21:12:14 -05:00
Brion Vibber
cff14c7e10 Merge branch 'master' into 0.9.x 2010-11-19 16:18:53 -08:00
Brion Vibber
b615998309 Fix ticket #2700: some numeric IDs were misinterpreted as hex numbers instead of strings when '0x123' passed in.
Switched from is_numeric() to a custom self::is_decimal() which is more strict.
This makes our behavior match Twitter's API a bit better, so eg this:

  http://identi.ca/api/statuses/home_timeline/0x6d686b.xml

should now be equivalent to:

  http://identi.ca/api/statuses/home_timeline.xml?screen_name=0x6d686b

instead of:

  http://identi.ca/api/statuses/home_timeline.xml?user_id=7170155
2010-11-19 16:12:28 -08:00
Brion Vibber
826a695077 Ticket #2797: replace addslashes() with explicit escape calls on the DB objects 2010-11-19 15:06:26 -08:00
Brion Vibber
e0e7cb7c53 Merge branch 'master' into 0.9.x 2010-11-19 14:03:59 -08:00
Brion Vibber
ca55d6c514 Ticket #1987: support since_id on API notice search methods.
max_id is not yet implemented, as it'll need support added to the search backends. (since_id we get 'for free' by just cropping off the list, it'll do for now)
2010-11-19 14:00:22 -08:00
Brion Vibber
834acaaa79 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-19 12:00:42 -08:00
Brion Vibber
d961925874 Ticket #2899: clean up inbox/outbox DM form a bit:
- "To" drop-down list now defaults to showing "Select recipient:" instead of the first person on your list, reducing liklihood of accidentally sending a message to the wrong person.
- When there are no mutual subscribers to send to, instead of an empty list the list now shows 'No mutual subscribers.'

In both cases, attempting to send when the default is selected displays an error message.
I'm not disabling form elements in part because our themes right now don't show disabled button state correctly; we might want to tighten that up a bit more once fixed.
2010-11-19 11:56:03 -08:00
Brion Vibber
9a590e0843 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-19 10:43:20 -08:00
Brion Vibber
f468180743 Fix regression in PopularNoticeSection: tag parameter was broken, causing sidebar on tag pages to show untagged favorites. 2010-11-18 14:30:00 -08:00
Zach Copley
645a4d1754 Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-11-17 22:16:08 +00:00
Zach Copley
2c68703923 Facebook: Gracefully handle disconnection 2010-11-17 21:53:56 +00:00
Brion Vibber
197b56778a Add $config['attachments']['process_links'] to allow disabling processing of mentioned URL links for attachment info (oEmbed lookups) and dereferencing of redirects that we didn't have shortened ourselves.
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
2010-11-17 13:03:59 -08:00
Evan Prodromou
589aee587f include full updated source of JSON2 and use updated minified version 2010-11-17 12:34:04 -05:00
Evan Prodromou
d2ddda16e9 use minified version of jquery.cookie.js 2010-11-17 12:32:11 -05:00
Evan Prodromou
d3d91f0f6e use minified version of jquery.form.js 2010-11-17 12:31:35 -05:00
Evan Prodromou
11805c97d6 Merge branch '0.9.x' into minifyjs 2010-11-17 12:19:19 -05:00
Evan Prodromou
bacc3d2a74 move EndScriptMessages event into if block 2010-11-17 12:19:01 -05:00
Evan Prodromou
da4f8d465f Use minified version of util.js 2010-11-17 12:16:50 -05:00
Brion Vibber
fa6c6077d6 Merge branch 'master' into 0.9.x 2010-11-16 11:17:29 -08:00
Brion Vibber
0265cdc1c9 Ticket 2895: exclude silenced users from popular notice lists 2010-11-16 11:13:52 -08:00
Brion Vibber
9b9db3b28a Prep for ticket #2895: consolidate common code from PopularNoticeList and FavoritedAction for fetching popular notice lists 2010-11-16 11:10:32 -08:00
Zach Copley
64a29bd401 Fix syntax error 2010-11-16 06:10:49 +00:00
Zach Copley
0b573e0d2b Store the current user in the CurrentUserDesignAction 2010-11-15 22:01:28 -08:00
Zach Copley
bd566b6f85 Merge branch '0.9.x' into facebook-upgrade 2010-11-16 02:32:46 +00:00
Brion Vibber
e4eb3b3dfd Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-15 17:36:48 -08:00
Brion Vibber
5fdcba472b RemoteProfileAction cleanup:
- meta robots to prevent spidering
- a little notice if silenced
2010-11-15 16:12:16 -08:00
Brion Vibber
6849b8f9e5 Workaround for display of Twitter remote users in remoteprofile (ModPlus plugin): use 73px avatar if no 96px present 2010-11-15 15:39:42 -08:00
Brion Vibber
0d0e51292d some User -> Profile cleanup to help in adapting the profile page action to show stuff for remote users. Subscriptions, groups, roles, etc are all on profiles now so go ahead and use em. 2010-11-15 15:32:57 -08:00
Brion Vibber
fe7cb35551 restore empty showFallback() for attachment display; still needed for one-offs 2010-11-15 12:56:56 -08:00
Brion Vibber
5c00848b74 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-15 12:38:53 -08:00
Brion Vibber
87114a5c30 Add some basic oEmbed lookup test cases; fixed a bug in discovery fallback. 2010-11-15 11:55:28 -08:00
Brion Vibber
57ec01d0b8 Drop some debug lines 2010-11-15 11:30:35 -08:00
Brion Vibber
c8445299c7 Swap the Services_oEmbed wrapper in oEmbedHelper out for doing it ourselves...
- workaround for providers that are skimpy on their data, such as missing width/height or thumbnail_width/thumbnail_height
- workaround for YFrog listing "image" instead of "photo" type
- generally more lax about formatting: if it comes back and looks kinda ok, we'll take it.
- discovery uses system HTML parser, should be more robust if the links include things like ampersands with proper HTML-level escaping
2010-11-15 11:25:38 -08:00
Evan Prodromou
8a21b13ee9 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-11-15 11:57:31 -05:00
Evan Prodromou
c1cee3b27f Merge branch 'atompub' into 0.9.x
Conflicts:
	actions/apistatusesshow.php
	actions/apitimelineuser.php
2010-11-15 11:57:19 -05:00
Brion Vibber
4f323efdf7 Encapsulate the oEmbed -> oohembed fallback into oEmbedHelper class. Also added a chance to whitelist sites that don't show discovery info but do have oEmbed API endpoints, and to provide alternate APIs for some common services.
Newly supported:
- TwitPic: added a local function using TwitPic's API, since the oohembed implementation for TwitPic produced invalid output which Services_oEmbed rejects. (bug filed upstream)

Tweaked...
- Flickr: works, now using whitelist to use their endpoint directly instead of going through oohembed
- Youtube: worked around a bug in Services_oEmbed which broke the direct use of API discovery info, so we don't have to use oohembed.

Not currently working...
- YFrog: whitelisting their endpoint directly as the oohembed output is broken, but this doesn't appear to work currently as I think things are confused by YFrog's servers giving a '204 No Content' response on our HEAD checks on the original link.
2010-11-12 17:41:35 -08:00
Brion Vibber
2c33fdd2fb Only use saved thumbnails for notice list attachment thumbs -- don't attempt to search enclosures for photo types. We now save thumbs directly for oEmbed photos that don't list a separate thumb entry (like Flickr), so it's not needed. Keeps things cleaner :D 2010-11-12 14:03:57 -08:00
Brion Vibber
65eeb7cba5 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/newgroup.php
2010-11-12 13:32:48 -08:00
Brion Vibber
5d12ec0532 Merge branch 'oembed-thumbnails' into 0.9.x 2010-11-12 12:28:44 -08:00
Brion Vibber
cb124fe831 Add a quick config setting to disable/enable display of thumbnails in regular notice lists (attachments/show_thumbs) - disabling gives the same display as before this feature was added (but changes to oembed handling are still there, and the lightbox popup is gone) 2010-11-12 12:24:55 -08:00
Brion Vibber
fbd8052d05 Add error logging for a couple send-fail cases in XMPP out 2010-11-10 15:26:18 -08:00
Brion Vibber
46223da594 CSS class tweak for inline attachment thumbnails to avoid things thinking they're content links 2010-11-10 14:31:55 -08:00
Craig Andrews
cc0038d47c Fix isHTTPS to work correctly for Cherokee and IIS 2010-11-10 15:53:20 -05:00
Brion Vibber
592e0bc505 add title attribute on attachment list items 2010-11-09 16:43:37 -08:00
Zach Copley
5b94d9e86b Merge branch '0.9.x' into facebook-upgrade 2010-11-09 23:16:17 +00:00
Brion Vibber
f25accc43e split out InlineAttachmentList from AttachmentList 2010-11-09 10:45:19 -08:00
Brion Vibber
504529e8cd Keep aspect ratio when generating local thumbnails 2010-11-08 17:51:53 -08:00
Brion Vibber
694448e0aa Add attachments 'thumb_width' and 'thumb_height' settings for inline thumbs, defaulting to 100x75.
This is used as the max thumb width/height for oEmbed requests (replacing the old default of 500x400 which was more suitable for the lightbox).
2010-11-08 17:36:02 -08:00
Brion Vibber
c36fecb794 Save a thumbnail image when uploading an image file into the file attachments system. Currently hardcoded to 100x75, needs aspect-sensitivity etc. 2010-11-08 17:20:04 -08:00
Brion Vibber
dc497ed090 Break out ImageFile->resizeTo() from ImageFile->resize(); allows resizing images to non-square sizes and to arbitrary destinations. Will be used for creating thumbnails as well as the originala use of cropping/sizing avatars. 2010-11-08 16:56:08 -08:00
Brion Vibber
a2994e3aa2 Testing... using photo info for temp thumbnails 2010-11-08 15:50:06 -08:00
Brion Vibber
551b196a35 doomy doom doom 2010-11-08 15:32:41 -08:00
Brion Vibber
883f7a6c0b Avoid marking files as attachments that are not locally uploaded, unless they're really oembedable. HTML-y things now excluded properly. 2010-11-08 13:27:54 -08:00
Evan Prodromou
719b480eaa use subclassing to change notice list output for single notice 2010-11-08 13:08:59 -05:00
Siebrand Mazeland
bb31c25c2d * i18n/L10n updates.
* translator documentation added.
* superfluous whitespace removed.
2010-11-04 19:16:19 +01:00
Brion Vibber
2692b5fc84 Fix for ticket #2853: fix for some unknown MIME type error cases by adjusting the PEAR error handling temporarily around MIME_Type_Extension usage. 2010-11-03 17:05:26 -07:00
Brion Vibber
28e009898f Fix for ticket #2852: skip sending favorite notification emails if the favoriter is someone you've blocked. 2010-11-03 15:17:46 -07:00
Brion Vibber
8e04e88800 Use Profile->getBestName() in PersonalGroupNav instead of manually picking nickname vs fullname. Logic should still work the same when no nickname is provided, but it doesn't make any sense -- probably needs cleanup. :) 2010-11-03 13:11:34 -07:00
Brion Vibber
6e03456753 Migrate some more code from manually constructing "fullname (nickname)" to using Profile->getFancyName(). Encapsulates common logic and allows for localization of the parens. 2010-11-03 13:10:42 -07:00
Brion Vibber
dc4fafbbd1 General cleanup & part of ticket #2864: use User_group->getFancyName() instead of replicating the logic in various places. Encapsulates and allows for localization of parens. 2010-11-03 12:59:19 -07:00
Zach Copley
e716c3ebaf Merge branch '0.9.x' into facebook-upgrade 2010-11-02 23:17:07 +00:00
Zach Copley
764a297383 Output filename in log msg if one is supplied 2010-11-02 23:13:20 +00:00
Siebrand Mazeland
973a48bded i18n/L10n fixes and translator documentation addded/updated. 2010-11-02 23:48:36 +01:00
Siebrand Mazeland
a65362f7fa Add context for different uses of "%1$s (%2$s)" 2010-11-02 23:08:59 +01:00
Brion Vibber
86201761ea Use SN.msg() and onEndScriptMessages() to export localized UI messages from Realtime plugin and its descendents. 2010-11-02 13:12:58 -07:00
Brion Vibber
5a9bb0adc4 Tossing in a basic i18n message export to script code. Plugins can hook StartScriptMessage/EndScriptMessage, or directly add needed mappings in Action::getScriptMessages(). Exported entries are accessible as SN.msg(key) at runtime.
StatusNet core code now sets the tooltip text on .attachment.more links when they receive their attachment-expansion magic; this will override the hardcoded tooltip text saved from OStatus plugin when displaying timelines in the web UI.
2010-11-02 13:05:16 -07:00
Zach Copley
2306f7a7f4 Merge branch '0.9.x' into facebook-upgrade 2010-11-01 19:13:31 +00:00
Siebrand Mazeland
6ab34fd8e8 * i18n/L10n updates.
* translator documentation added.
* superfluous whitespace removed.
2010-11-01 16:49:35 +01:00
Siebrand Mazeland
9b7ac27c69 * add translator documentation.
* i18n FIXME tagging.
2010-11-01 16:49:34 +01:00
Siebrand Mazeland
b89dfa3a5b Fix i18n issues that are solved by using plural. 2010-11-01 16:49:33 +01:00
Siebrand Mazeland
08edd1fedf * i18n/L10n updates.
* translator documentation added/updated.
* superfluous whitespace removed.
2010-10-31 00:58:35 +02:00
Siebrand Mazeland
83233a8a43 Fix i18n for B/kB/MB and add translator documentation. 2010-10-31 00:34:28 +02:00
Siebrand Mazeland
234b03d945 * translator documentation updates.
* added FIXMEs in actions/showgroup.php.
* superfluous whitespace removed.
2010-10-30 14:36:54 +02:00
Siebrand Mazeland
8391058ea4 Tabs to spaces, superfluous whitespace removed. 2010-10-30 13:47:19 +02:00
Zach Copley
2c420cc5eb New Start/EndHtmlElement events. Allows adding namespaces. 2010-10-29 23:38:00 +00:00
Evan Prodromou
36baff3d41 Merge remote branch 'gitorious/master' 2010-10-29 11:14:00 -04:00
Evan Prodromou
c8dab140f4 add a hack to show ads on single-notice pages 2010-10-29 11:13:33 -04:00
Brion Vibber
fb0c3f4f99 Kill a ping queue item if we get an error on loading up the notice's poster's profile, rather than letting the item be retried over and over as if it were a transitory error.
This shouldn't generally happen as it's an indicator of database inconsistency, but it's a condition we know happens.
2010-10-28 12:58:30 -07:00
Craig Andrews
22a0cf6251 Set cookies with "secure" flag on SSL sites. Improves security. 2010-10-26 17:55:09 -04:00
Zach Copley
78396db28a Forgot to add the OAuth verifier pin page to sensitive array 2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71 We don't need to have editapplication (only showapplication) in the
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
available
2010-10-25 11:52:17 -07:00
Evan Prodromou
59a7d78acb Atom Service Document 2010-10-24 23:43:26 -04:00
Evan Prodromou
43a67b150a show a single notice in atom entry format 2010-10-24 15:58:53 -04:00
Evan Prodromou
69a1ecec9b check for a post 2010-10-24 15:04:12 -04:00
Brion Vibber
eb30c6651a Additional fixes found while looking at ticket #2532: when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames. 2010-10-22 13:53:10 -07:00
Brion Vibber
2d124e4aab Fix for ticket #2532: fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
2010-10-22 13:51:28 -07:00
Zach Copley
3969870cf3 Normalize HTML body ids to lowercase when the user is logged out as well. 2010-10-22 18:32:08 +00:00
Brion Vibber
d6f4588b9e Workaround for http_build_query() oddities in low-level router parent code when PHP config is set with non-default separator. 2010-10-21 19:10:43 -07:00
Zach Copley
0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
fb86e7c285 Normalize all action HTML body ids to lowercase 2010-10-21 13:03:56 -07:00
Zach Copley
648f79be10 Change OAuth authorization page's action name to be inline with
other web page action names so the body id outputs correctly. Fix
some other bugs.
2010-10-21 13:00:59 -07:00
Zach Copley
500157998a Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 01:18:53 +00:00
Zach Copley
f283a283b7 Fix syntax error 2010-10-21 01:17:59 +00:00
Siebrand Mazeland
fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Zach Copley
e56385a7bb Use a new table (oauth_token_association) to associate authorized
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
28ec9d6463 * translator documentation added.
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
2010-10-21 01:12:56 +02:00
Brion Vibber
8004e2809d Fix for ticket #2845: singleuser nickname configuration was being overridden by site owner in router setup.
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.

Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Siebrand Mazeland
e980da3d20 Add FIXME 2010-10-20 20:01:12 +02:00
Siebrand Mazeland
dc62cf1c0b * i18n/L10n fixes.
* translator documentation updated/added.
* superfluous whitespace removed.
2010-10-20 19:34:27 +02:00
Siebrand Mazeland
17f5cc4f29 Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2010-10-20 18:26:51 +02:00
Siebrand Mazeland
1459110124 Fix nasty bug in parameter for e-mail notification for favourite. 2010-10-20 11:16:21 +02:00
Zach Copley
5ca29ab0de Merge branch 'anon-consumer' into 0.9.x 2010-10-19 21:01:53 -07:00
Zach Copley
e8b6d7c946 Add support for an anonymous OAuth consumer. Note: this requires a
small DB tweak.  Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).

http://status.net/open-source/issues/2761

This should also make it possible to have multiple access tokens
per application.

http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Siebrand Mazeland
25b9552ec3 More complete sentence and translator documentation added. 2010-10-20 00:53:42 +02:00
Siebrand Mazeland
4b4894b121 Many i18n/L10n updates and lots of descriptions for translators added. 2010-10-20 00:35:39 +02:00
Zach Copley
5ac694c74f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-19 12:08:48 -07:00
Zach Copley
5866493cae OAuth - better log messages 2010-10-19 12:07:59 -07:00
Brion Vibber
e8da3618c2 Bump version/string: 0.9.6 "Man on the Moon" 2010-10-18 14:49:02 -07:00
Brion Vibber
edf8990aa9 fix notice on non-https views 2010-10-18 11:12:26 -07:00
Evan Prodromou
47ac8458ca default for nofollow external is sometimes 2010-10-18 11:41:18 -04:00