Commit Graph

212 Commits

Author SHA1 Message Date
Mikael Nordfeldth
55894f02c7 TagProfileAction and OStatusPlugin now use less redundant code 2015-03-08 20:14:46 +01:00
Mikael Nordfeldth
c1e3cfe7a7 ensureFeedURL will return Ostatus_profile early if already stored 2015-02-20 14:47:12 +01:00
Mikael Nordfeldth
0590f2975e Merge branch 'utf8mb4' into nightly
Conflicts because of urlhash fixes:
	classes/File.php
	classes/File_redirection.php
	classes/File_thumbnail.php
2015-02-19 20:50:40 +01:00
Mikael Nordfeldth
45dc76de26 File and File_redirection adhoc storage methods updated for urlhash 2015-02-19 19:05:24 +01:00
Mikael Nordfeldth
0deaf6c50c use common_purify to purify HTML, one function to rule them all 2015-02-18 00:14:28 +01:00
Mikael Nordfeldth
2f86cd8602 utf8mb4 conversion on database with index adjusts 2015-02-12 18:18:55 +01:00
Mikael Nordfeldth
acec8b8cf2 Default value false for $force on Ostatus updateAvatar 2015-01-27 14:14:24 +01:00
Mikael Nordfeldth
cc996f58db Test in Ostatus_profile if avatar is an image before writing to filesystem
This clears one FIXME...

We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
2015-01-27 14:00:39 +01:00
Mikael Nordfeldth
cdd3c52633 Handle groups better in Ostatus_profile->updateAvatar 2015-01-27 13:38:11 +01:00
Mikael Nordfeldth
cf46de6ca7 Ostatus_profile smarter test if avatar exists
If you accidentally deleted a remote user's avatar from filesystem,
it'd take until its URL was updated that you got it back. Now it
happens if the local avatar file doesn't exist.
2015-01-26 17:43:09 +01:00
Mikael Nordfeldth
697a00d8e1 Force updateAvatar if desired 2015-01-26 17:26:51 +01:00
Mikael Nordfeldth
d492b74e42 holy crap, file_put_contents got args in wrong order 2015-01-18 02:57:08 +01:00
Mikael Nordfeldth
5d9e9aaaf5 Keep the old error message on updateAvatar 2015-01-18 02:48:39 +01:00
Mikael Nordfeldth
010824c4b5 Use HTTPClient to download avatar
also make updateAvatar public so we can call it from update_ostatus_profile.php
2015-01-18 02:44:55 +01:00
Mikael Nordfeldth
ba9abb3c57 Add nohub config setting to allowed non-PuSH feeds 2015-01-16 01:10:55 +01:00
Mikael Nordfeldth
db7154c63b Abort on failure instead of return early success 2015-01-13 13:18:57 +01:00
Mikael Nordfeldth
d8f4de450c Support for updated aliases
will verify unknown aliases against old ones if the new identifies as a
previously recognized URI.

Steps:
1. Check the newly received URI. Who does it say it is?
2. Compare these alleged identities to our local database.
3. If we found any locally stored identities, ask it about its aliases.
4. Do any of the aliases from our known identity match the recently introduced one?

Currently we do _not_ update the ostatus_profile table with the new URI.
2015-01-10 02:07:39 +01:00
Mikael Nordfeldth
812d1eead9 Stronger typing in Ostatus_profile 2014-12-08 19:52:00 +01:00
Mikael Nordfeldth
72d1c3c73e fetch conversation URI in processPost, not processShare 2014-11-27 16:51:21 +01:00
Mikael Nordfeldth
bdb4a41696 Use remote conversation URI info to stitch convos together
If we know the URI sent from the remote party, and we don't know the
notice it is replying to, we might still be able to put it in the same
conversation thread!
2014-11-27 14:06:10 +01:00
Mikael Nordfeldth
3bf1478f97 Bad parameter count for checkAuthorship
At the same time we change this to call ActivityUtils::checkAuthorship
instead to let the retrieval/verification go through event handling.

rozzin (Joshua Judson Rosen) found this error. Thanks.
2014-11-24 12:49:20 +01:00
Joshua Judson Rosen
4b875e0fd0 Fix OStatus groups by making Ostatus_profile::localProfile() work for groups
We need to look up a feed profile for HandleFeedEntryWithProfile events,
regardless of whether they're an OStatus user, group, or something else;
this is the least hairy way of doing that--the alternative being
to keep spreading the same logic all over the calling code.

Theoretically, this change might allow OStatusGroups to be recorded
as the authors of activities if they pass through any authorless
activities; but that's why we have checkAuthorship().
2014-11-24 12:30:37 +01:00
Joshua Judson Rosen
d2e1a8c706 Ostatus_profile::checkAuthorship(): throw ServerException when bogus non-authorship is detected
Similarly to what ActivityUtils::checkAuthorship does; try to ensure
that activities from ambiguous OStatus feeds (groups and peopletags)
that require explicit authorship don't get in without explicit authors.
2014-11-24 12:29:41 +01:00
Mikael Nordfeldth
496acdc7d9 normalizing acct: URI just to be sure 2014-11-16 18:29:05 +01:00
Mikael Nordfeldth
2d0c7c2c99 ensureWebfinger was never complete in StatusNet. Worked a bit on it. 2014-07-27 23:08:02 +02:00
Mikael Nordfeldth
ae62b91940 Unifying HTML stripping functions to common_strip_html 2014-07-14 13:52:23 +02:00
Mikael Nordfeldth
b63f6e949c Converted all ActivityObject::fromProfile to $profile->asActivityObject 2014-07-03 10:51:36 +02:00
Mikael Nordfeldth
9f4bcbad8a checkAuthorship events, Ostatus_profile rewrite to handle it
Lost dependency of OStatus plugin for lib/microappplugin.php, whoo!

also noting which plugins should be upgraded to new saveActivity support.

Favorite plugin won't work with the new system just yet, it doesn't have
the necessary functions to extract activity objects, but that's coming
in the next (few) commits.
2014-07-02 11:38:45 +02:00
Mikael Nordfeldth
acb07ef52f Added saveActivity method to Notice class
saveActivity will accept an Activity which gets parsed and saved through
plugins. So when an ActivityHandlerPlugin (such as Favorite will be soon)
gets a feed to save, this will be the function called instead of saveNew.
2014-07-02 11:38:37 +02:00
Mikael Nordfeldth
d0da552722 SalmonAction and extensions simplified 2014-06-28 20:33:09 +02:00
Mikael Nordfeldth
537dff7987 Salmon posts can only be made for local users. More typing!
Since we of course don't have the remote party's private keys anyway.

I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
Mikael Nordfeldth
2cd25039af Quick-return is more comprehensible than long if statements 2014-06-02 19:37:06 +02:00
Mikael Nordfeldth
3ef8322b03 There could be unresolvable FeedSub entries 2014-06-01 16:07:08 +02:00
Mikael Nordfeldth
228dc1f851 Ostatus_profile throws NoProfileException from localProfile()
Some implementations of the exception handling is included here,
the actions come in a later commit.
2014-05-19 17:59:36 +02:00
Mikael Nordfeldth
c279a33feb More Exceptions for FeedSub doSubscribe and related functions
Now also garbageCollect will now throw exceptions of failures of all kinds
and only reply true/false on entirely successful runs of sub/unsub.
2014-05-06 15:40:57 +02:00
Mikael Nordfeldth
bbada781b7 Stronger typing and function access control in OStatus 2014-05-05 19:06:22 +02:00
Mikael Nordfeldth
5fd6053220 Code cleanup and enabling User object's etc. getUri() 2014-04-28 14:08:42 +02:00
Mikael Nordfeldth
b6f5f58f1a Attention structure has changed recently 2013-11-19 13:38:38 +01:00
Mikael Nordfeldth
7ddd561837 Salmon only has one "rel" value now, so start deprecating 2013-11-01 17:00:12 +01:00
Mikael Nordfeldth
ca66860a4f Better typing and minor fixes to OStatus related stuff 2013-11-01 13:20:45 +01:00
Mikael Nordfeldth
f75ddaa8aa Getting a profile from URI would throw exceptions on remote URL lookup failures 2013-10-30 14:43:40 +01:00
Mikael Nordfeldth
603d2d3891 Minor Ostatus_profile class reference fixes 2013-10-30 14:14:02 +01:00
Mikael Nordfeldth
23a6b4595f Reworked the ActivityContext->attention structure
Removing Evan's obscure attentionType solution and directly using the attention array
2013-10-28 22:21:14 +01:00
Mikael Nordfeldth
38da5ec7f7 Ostatus_profile->processShare now backwards compatible against federating StatusNet nodes
StatusNet was improperly defining the id (URI) of the shared object as a
TagURI, while it should've really been the object's URI of course.
2013-10-21 23:25:47 +02:00
Mikael Nordfeldth
ba46c3d360 SHARE activities would not be imported from federated instances for local notices
"[...] posts _local_ users (like you) make won't get data about "repeated by"
from federated users"

This was because the ActivityObject would processShare where the shared object
has a _local_ 'actor' URI. Ostatus_profile would complain this meant that a
"Local user cannot be referenced as remote.".

So we see if the shared activity object's id (URI) is in our Notice table, so
we don't have to processActivity - and can skip ensureActivityObjectProfile.
2013-10-21 23:25:43 +02:00
Mikael Nordfeldth
a8804010c4 Profile creation always failed because we didn't COMMIT 2013-10-20 17:22:44 +02:00
Mikael Nordfeldth
8912cdc7a4 Validate::uri replaced with filter_var for HTTP[S] URL checks
Also, a bug in checking the OAuth callback URL for validity was fixed,
where it referenced the wrong variable when going through form data.
2013-10-07 14:46:09 +02:00
Mikael Nordfeldth
4cfd0d24c1 Group logos would not be fetched
update_ostatus_profiles.php did this correctly, but not Ostatus_profile.php
2013-10-06 01:33:27 +02:00
Mikael Nordfeldth
a0e107f17f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Mikael Nordfeldth
2a4dc77a63 The overloaded DB_DataObject function staticGet is now called getKV
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV

   sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq)

If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV!

This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class)

Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
2013-08-18 13:13:56 +02:00