Merge branch 'master' of gitorious.org:statusnet/mainline into testing

This commit is contained in:
Brion Vibber 2010-05-27 14:54:43 -07:00
commit 2f2fa10071
26 changed files with 575 additions and 216 deletions

View File

@ -150,7 +150,7 @@ class ApiTimelineFavoritesAction extends ApiBareAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -152,7 +152,7 @@ class ApiTimelineFriendsAction extends ApiBareAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -105,7 +105,7 @@ class ApiTimelineGroupAction extends ApiPrivateAuthAction
function showTimeline() function showTimeline()
{ {
// We'll pull common formatting out of this for other formats // We'll pull common formatting out of this for other formats
$atom = new AtomGroupNoticeFeed($this->group); $atom = new AtomGroupNoticeFeed($this->group, $this->auth_user);
$self = $this->getSelfUri(); $self = $this->getSelfUri();

View File

@ -151,7 +151,7 @@ class ApiTimelineHomeAction extends ApiBareAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -151,7 +151,7 @@ class ApiTimelineMentionsAction extends ApiBareAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -130,7 +130,7 @@ class ApiTimelinePublicAction extends ApiPrivateAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -117,7 +117,7 @@ class ApiTimelineRetweetsOfMeAction extends ApiAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -138,7 +138,7 @@ class ApiTimelineTagAction extends ApiPrivateAuthAction
header('Content-Type: application/atom+xml; charset=utf-8'); header('Content-Type: application/atom+xml; charset=utf-8');
$atom = new AtomNoticeFeed(); $atom = new AtomNoticeFeed($this->auth_user);
$atom->setId($id); $atom->setId($id);
$atom->setTitle($title); $atom->setTitle($title);

View File

@ -115,7 +115,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
// We'll use the shared params from the Atom stub // We'll use the shared params from the Atom stub
// for other feed types. // for other feed types.
$atom = new AtomUserNoticeFeed($this->user); $atom = new AtomUserNoticeFeed($this->user, $this->auth_user);
$link = common_local_url( $link = common_local_url(
'showstream', 'showstream',

View File

@ -116,7 +116,11 @@ class File extends Memcached_DataObject
return false; return false;
} }
function processNew($given_url, $notice_id=null) { /**
* @fixme refactor this mess, it's gotten pretty scary.
* @param bool $followRedirects
*/
function processNew($given_url, $notice_id=null, $followRedirects=true) {
if (empty($given_url)) return -1; // error, no url to process if (empty($given_url)) return -1; // error, no url to process
$given_url = File_redirection::_canonUrl($given_url); $given_url = File_redirection::_canonUrl($given_url);
if (empty($given_url)) return -1; // error, no url to process if (empty($given_url)) return -1; // error, no url to process
@ -124,6 +128,10 @@ class File extends Memcached_DataObject
if (empty($file)) { if (empty($file)) {
$file_redir = File_redirection::staticGet('url', $given_url); $file_redir = File_redirection::staticGet('url', $given_url);
if (empty($file_redir)) { if (empty($file_redir)) {
// @fixme for new URLs this also looks up non-redirect data
// such as target content type, size, etc, which we need
// for File::saveNew(); so we call it even if not following
// new redirects.
$redir_data = File_redirection::where($given_url); $redir_data = File_redirection::where($given_url);
if (is_array($redir_data)) { if (is_array($redir_data)) {
$redir_url = $redir_data['url']; $redir_url = $redir_data['url'];
@ -134,11 +142,19 @@ class File extends Memcached_DataObject
throw new ServerException("Can't process url '$given_url'"); throw new ServerException("Can't process url '$given_url'");
} }
// TODO: max field length // TODO: max field length
if ($redir_url === $given_url || strlen($redir_url) > 255) { if ($redir_url === $given_url || strlen($redir_url) > 255 || !$followRedirects) {
$x = File::saveNew($redir_data, $given_url); $x = File::saveNew($redir_data, $given_url);
$file_id = $x->id; $file_id = $x->id;
} else { } else {
$x = File::processNew($redir_url, $notice_id); // This seems kind of messed up... for now skipping this part
// if we're already under a redirect, so we don't go into
// horrible infinite loops if we've been given an unstable
// redirect (where the final destination of the first request
// doesn't match what we get when we ask for it again).
//
// Seen in the wild with clojure.org, which redirects through
// wikispaces for auth and appends session data in the URL params.
$x = File::processNew($redir_url, $notice_id, /*followRedirects*/false);
$file_id = $x->id; $file_id = $x->id;
File_redirection::saveNew($redir_data, $file_id, $given_url); File_redirection::saveNew($redir_data, $file_id, $given_url);
} }

View File

@ -97,15 +97,20 @@ class Notice extends Memcached_DataObject
// For auditing purposes, save a record that the notice // For auditing purposes, save a record that the notice
// was deleted. // was deleted.
$deleted = new Deleted_notice(); // @fixme we have some cases where things get re-run and so the
// insert fails.
$deleted = Deleted_notice::staticGet('id', $this->id);
if (!$deleted) {
$deleted = new Deleted_notice();
$deleted->id = $this->id; $deleted->id = $this->id;
$deleted->profile_id = $this->profile_id; $deleted->profile_id = $this->profile_id;
$deleted->uri = $this->uri; $deleted->uri = $this->uri;
$deleted->created = $this->created; $deleted->created = $this->created;
$deleted->deleted = common_sql_now(); $deleted->deleted = common_sql_now();
$deleted->insert(); $deleted->insert();
}
// Clear related records // Clear related records
@ -1235,7 +1240,7 @@ class Notice extends Memcached_DataObject
$noticeInfoAttr = array( $noticeInfoAttr = array(
'local_id' => $this->id, // local notice ID (useful to clients for ordering) 'local_id' => $this->id, // local notice ID (useful to clients for ordering)
'source' => $this->source // the client name (source attribution) 'source' => $this->source, // the client name (source attribution)
); );
$ns = $this->getSource(); $ns = $this->getSource();
@ -1246,7 +1251,11 @@ class Notice extends Memcached_DataObject
} }
if (!empty($cur)) { if (!empty($cur)) {
$noticeInfoAttr['favorited'] = ($cur->hasFave($this)) ? 'true' : 'false'; $noticeInfoAttr['favorite'] = ($cur->hasFave($this)) ? "true" : "false";
}
if (!empty($this->repeat_of)) {
$noticeInfoAttr['repeat_of'] = $this->repeat_of;
} }
$xs->element('statusnet:notice_info', $noticeInfoAttr, null); $xs->element('statusnet:notice_info', $noticeInfoAttr, null);

View File

@ -50,12 +50,13 @@ class AtomGroupNoticeFeed extends AtomNoticeFeed
* Constructor * Constructor
* *
* @param Group $group the group for the feed * @param Group $group the group for the feed
* @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off * @param boolean $indent flag to turn indenting on or off
* *
* @return void * @return void
*/ */
function __construct($group, $indent = true) { function __construct($group, $cur = null, $indent = true) {
parent::__construct($indent); parent::__construct($cur, $indent);
$this->group = $group; $this->group = $group;
$title = sprintf(_("%s timeline"), $group->nickname); $title = sprintf(_("%s timeline"), $group->nickname);

View File

@ -44,9 +44,22 @@ if (!defined('STATUSNET'))
*/ */
class AtomNoticeFeed extends Atom10Feed class AtomNoticeFeed extends Atom10Feed
{ {
function __construct($indent = true) { var $cur;
/**
* Constructor - adds a bunch of XML namespaces we need in our
* notice-specific Atom feeds, and allows setting the current
* authenticated user (useful for API methods).
*
* @param User $cur the current authenticated user (optional)
* @param boolean $indent Whether to indent XML output
*
*/
function __construct($cur = null, $indent = true) {
parent::__construct($indent); parent::__construct($indent);
$this->cur = $cur;
// Feeds containing notice info use these namespaces // Feeds containing notice info use these namespaces
$this->addNamespace( $this->addNamespace(
@ -115,7 +128,7 @@ class AtomNoticeFeed extends Atom10Feed
$source = $this->showSource(); $source = $this->showSource();
$author = $this->showAuthor(); $author = $this->showAuthor();
$cur = common_current_user(); $cur = empty($this->cur) ? common_current_user() : $this->cur;
$this->addEntryRaw($notice->asAtomEntry(false, $source, $author, $cur)); $this->addEntryRaw($notice->asAtomEntry(false, $source, $author, $cur));
} }

View File

@ -50,13 +50,14 @@ class AtomUserNoticeFeed extends AtomNoticeFeed
* Constructor * Constructor
* *
* @param User $user the user for the feed * @param User $user the user for the feed
* @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off * @param boolean $indent flag to turn indenting on or off
* *
* @return void * @return void
*/ */
function __construct($user, $indent = true) { function __construct($user, $cur = null, $indent = true) {
parent::__construct($indent); parent::__construct($cur, $indent);
$this->user = $user; $this->user = $user;
if (!empty($user)) { if (!empty($user)) {
$profile = $user->getProfile(); $profile = $user->getProfile();

View File

@ -205,12 +205,20 @@ function _mdomain($backtrace)
if (DIRECTORY_SEPARATOR !== '/') { if (DIRECTORY_SEPARATOR !== '/') {
$path = strtr($path, DIRECTORY_SEPARATOR, '/'); $path = strtr($path, DIRECTORY_SEPARATOR, '/');
} }
$cut = strpos($path, '/plugins/') + 9; $plug = strpos($path, '/plugins/');
$cut2 = strpos($path, '/', $cut); if ($plug === false) {
if ($cut && $cut2) { // We're not in a plugin; return null for the default domain.
$cached[$path] = substr($path, $cut, $cut2 - $cut);
} else {
return null; return null;
} else {
$cut = $plug + 9;
$cut2 = strpos($path, '/', $cut);
if ($cut2) {
$cached[$path] = substr($path, $cut, $cut2 - $cut);
} else {
// We might be running directly from the plugins dir?
// If so, there's no place to store locale info.
return null;
}
} }
} }
return $cached[$path]; return $cached[$path];

View File

@ -122,7 +122,19 @@ class StompQueueManager extends QueueManager
public function enqueue($object, $queue) public function enqueue($object, $queue)
{ {
$this->_connect(); $this->_connect();
return $this->_doEnqueue($object, $queue, $this->defaultIdx); if (common_config('queue', 'stomp_enqueue_on')) {
// We're trying to force all writes to a single server.
// WARNING: this might do odd things if that server connection dies.
$idx = array_search(common_config('queue', 'stomp_enqueue_on'),
$this->servers);
if ($idx === false) {
common_log(LOG_ERR, 'queue stomp_enqueue_on setting does not match our server list.');
$idx = $this->defaultIdx;
}
} else {
$idx = $this->defaultIdx;
}
return $this->_doEnqueue($object, $queue, $idx);
} }
/** /**

View File

@ -38,11 +38,11 @@ editor or write them down.
In Facebook's application editor, specify the following URLs for your app: In Facebook's application editor, specify the following URLs for your app:
- Canvas Callback URL : http://example.net/mublog/facebook/app/ - Canvas Callback URL : http://example.net/mublog/facebook/app/
- Post-Remove Callback URL: http://example.net/mublog/facebook/app/remove - Post-Remove Callback URL : http://example.net/mublog/facebook/app/remove
- Post-Add Redirect URL : http://apps.facebook.com/yourapp/ - Post-Authorize Redirect URL : http://apps.facebook.com/yourapp/
- Canvas Page URL : http://apps.facebook.com/yourapp/ - Canvas Page URL : http://apps.facebook.com/yourapp/
- Connect URL : http://example.net/mublog/ - Connect URL : http://example.net/mublog/
*** ATTENTION *** *** ATTENTION ***
These URLs have changed slightly since StatusNet version 0.8.1, These URLs have changed slightly since StatusNet version 0.8.1,

View File

@ -45,7 +45,9 @@ class Facebook {
public $user; public $user;
public $profile_user; public $profile_user;
public $canvas_user; public $canvas_user;
public $ext_perms = array();
protected $base_domain; protected $base_domain;
/* /*
* Create a Facebook client like this: * Create a Facebook client like this:
* *
@ -104,17 +106,17 @@ class Facebook {
* *
* For nitty-gritty details of when each of these is used, check out * For nitty-gritty details of when each of these is used, check out
* http://wiki.developers.facebook.com/index.php/Verifying_The_Signature * http://wiki.developers.facebook.com/index.php/Verifying_The_Signature
*
* @param bool resolve_auth_token convert an auth token into a session
*/ */
public function validate_fb_params($resolve_auth_token=true) { public function validate_fb_params() {
$this->fb_params = $this->get_valid_fb_params($_POST, 48 * 3600, 'fb_sig'); $this->fb_params = $this->get_valid_fb_params($_POST, 48 * 3600, 'fb_sig');
// note that with preload FQL, it's possible to receive POST params in // note that with preload FQL, it's possible to receive POST params in
// addition to GET, so use a different prefix to differentiate them // addition to GET, so use a different prefix to differentiate them
if (!$this->fb_params) { if (!$this->fb_params) {
$fb_params = $this->get_valid_fb_params($_GET, 48 * 3600, 'fb_sig'); $fb_params = $this->get_valid_fb_params($_GET, 48 * 3600, 'fb_sig');
$fb_post_params = $this->get_valid_fb_params($_POST, 48 * 3600, 'fb_post_sig'); $fb_post_params = $this->get_valid_fb_params($_POST,
48 * 3600, // 48 hours
'fb_post_sig');
$this->fb_params = array_merge($fb_params, $fb_post_params); $this->fb_params = array_merge($fb_params, $fb_post_params);
} }
@ -128,6 +130,9 @@ class Facebook {
$this->fb_params['canvas_user'] : null; $this->fb_params['canvas_user'] : null;
$this->base_domain = isset($this->fb_params['base_domain']) ? $this->base_domain = isset($this->fb_params['base_domain']) ?
$this->fb_params['base_domain'] : null; $this->fb_params['base_domain'] : null;
$this->ext_perms = isset($this->fb_params['ext_perms']) ?
explode(',', $this->fb_params['ext_perms'])
: array();
if (isset($this->fb_params['session_key'])) { if (isset($this->fb_params['session_key'])) {
$session_key = $this->fb_params['session_key']; $session_key = $this->fb_params['session_key'];
@ -141,13 +146,11 @@ class Facebook {
$this->set_user($user, $this->set_user($user,
$session_key, $session_key,
$expires); $expires);
} } else if ($cookies =
// if no Facebook parameters were found in the GET or POST variables, $this->get_valid_fb_params($_COOKIE, null, $this->api_key)) {
// then fall back to cookies, which may have cached user information // if no Facebook parameters were found in the GET or POST variables,
// Cookies are also used to receive session data via the Javascript API // then fall back to cookies, which may have cached user information
else if ($cookies = // Cookies are also used to receive session data via the Javascript API
$this->get_valid_fb_params($_COOKIE, null, $this->api_key)) {
$base_domain_cookie = 'base_domain_' . $this->api_key; $base_domain_cookie = 'base_domain_' . $this->api_key;
if (isset($_COOKIE[$base_domain_cookie])) { if (isset($_COOKIE[$base_domain_cookie])) {
$this->base_domain = $_COOKIE[$base_domain_cookie]; $this->base_domain = $_COOKIE[$base_domain_cookie];
@ -160,25 +163,6 @@ class Facebook {
$cookies['session_key'], $cookies['session_key'],
$expires); $expires);
} }
// finally, if we received no parameters, but the 'auth_token' GET var
// is present, then we are in the middle of auth handshake,
// so go ahead and create the session
else if ($resolve_auth_token && isset($_GET['auth_token']) &&
$session = $this->do_get_session($_GET['auth_token'])) {
if ($this->generate_session_secret &&
!empty($session['secret'])) {
$session_secret = $session['secret'];
}
if (isset($session['base_domain'])) {
$this->base_domain = $session['base_domain'];
}
$this->set_user($session['uid'],
$session['session_key'],
$session['expires'],
isset($session_secret) ? $session_secret : null);
}
return !empty($this->fb_params); return !empty($this->fb_params);
} }
@ -309,11 +293,28 @@ class Facebook {
// require_add and require_install have been removed. // require_add and require_install have been removed.
// see http://developer.facebook.com/news.php?blog=1&story=116 for more details // see http://developer.facebook.com/news.php?blog=1&story=116 for more details
public function require_login() { public function require_login($required_permissions = '') {
if ($user = $this->get_loggedin_user()) { $user = $this->get_loggedin_user();
$has_permissions = true;
if ($required_permissions) {
$this->require_frame();
$permissions = array_map('trim', explode(',', $required_permissions));
foreach ($permissions as $permission) {
if (!in_array($permission, $this->ext_perms)) {
$has_permissions = false;
break;
}
}
}
if ($user && $has_permissions) {
return $user; return $user;
} }
$this->redirect($this->get_login_url(self::current_url(), $this->in_frame()));
$this->redirect(
$this->get_login_url(self::current_url(), $this->in_frame(),
$required_permissions));
} }
public function require_frame() { public function require_frame() {
@ -342,10 +343,11 @@ class Facebook {
return $page . '?' . http_build_query($params); return $page . '?' . http_build_query($params);
} }
public function get_login_url($next, $canvas) { public function get_login_url($next, $canvas, $req_perms = '') {
$page = self::get_facebook_url().'/login.php'; $page = self::get_facebook_url().'/login.php';
$params = array('api_key' => $this->api_key, $params = array('api_key' => $this->api_key,
'v' => '1.0'); 'v' => '1.0',
'req_perms' => $req_perms);
if ($next) { if ($next) {
$params['next'] = $next; $params['next'] = $next;

View File

@ -569,7 +569,7 @@ function toggleDisplay(id, type) {
return $this->call_method('facebook.events.invite', return $this->call_method('facebook.events.invite',
array('eid' => $eid, array('eid' => $eid,
'uids' => $uids, 'uids' => $uids,
'personal_message', $personal_message)); 'personal_message' => $personal_message));
} }
/** /**
@ -1350,53 +1350,6 @@ function toggleDisplay(id, type) {
); );
} }
/**
* Dashboard API
*/
/**
* Set the news for the specified user.
*
* @param int $uid The user for whom you are setting news for
* @param string $news Text of news to display
*
* @return bool Success
*/
public function dashboard_setNews($uid, $news) {
return $this->call_method('facebook.dashboard.setNews',
array('uid' => $uid,
'news' => $news)
);
}
/**
* Get the current news of the specified user.
*
* @param int $uid The user to get the news of
*
* @return string The text of the current news for the user
*/
public function dashboard_getNews($uid) {
return json_decode(
$this->call_method('facebook.dashboard.getNews',
array('uid' => $uid)
), true);
}
/**
* Set the news for the specified user.
*
* @param int $uid The user you are clearing the news of
*
* @return bool Success
*/
public function dashboard_clearNews($uid) {
return $this->call_method('facebook.dashboard.clearNews',
array('uid' => $uid)
);
}
/** /**
* Creates a note with the specified title and content. * Creates a note with the specified title and content.
@ -2005,7 +1958,7 @@ function toggleDisplay(id, type) {
* @return array A list of strings describing any compile errors for the * @return array A list of strings describing any compile errors for the
* submitted FBML * submitted FBML
*/ */
function profile_setFBML($markup, public function profile_setFBML($markup,
$uid=null, $uid=null,
$profile='', $profile='',
$profile_action='', $profile_action='',
@ -3267,9 +3220,8 @@ function toggleDisplay(id, type) {
} else { } else {
$get['v'] = '1.0'; $get['v'] = '1.0';
} }
if (isset($this->use_ssl_resources) && if (isset($this->use_ssl_resources)) {
$this->use_ssl_resources) { $post['return_ssl_resources'] = (bool) $this->use_ssl_resources;
$post['return_ssl_resources'] = true;
} }
return array($get, $post); return array($get, $post);
} }

View File

@ -54,22 +54,11 @@ class FacebooksettingsAction extends FacebookAction
$noticesync = $this->boolean('noticesync'); $noticesync = $this->boolean('noticesync');
$replysync = $this->boolean('replysync'); $replysync = $this->boolean('replysync');
$prefix = $this->trimmed('prefix');
$original = clone($this->flink); $original = clone($this->flink);
$this->flink->set_flags($noticesync, false, $replysync, false); $this->flink->set_flags($noticesync, false, $replysync, false);
$result = $this->flink->update($original); $result = $this->flink->update($original);
if ($prefix == '' || $prefix == '0') {
// Facebook bug: saving empty strings to prefs now fails
// http://bugs.developers.facebook.com/show_bug.cgi?id=7110
$trimmed = $prefix . ' ';
} else {
$trimmed = substr($prefix, 0, 128);
}
$this->facebook->api_client->data_setUserPreference(FACEBOOK_NOTICE_PREFIX,
$trimmed);
if ($result === false) { if ($result === false) {
$this->showForm(_m('There was a problem saving your sync preferences!')); $this->showForm(_m('There was a problem saving your sync preferences!'));
} else { } else {
@ -110,16 +99,6 @@ class FacebooksettingsAction extends FacebookAction
$this->elementStart('li'); $this->elementStart('li');
$prefix = trim($this->facebook->api_client->data_getUserPreference(FACEBOOK_NOTICE_PREFIX));
$this->input('prefix', _m('Prefix'),
($prefix) ? $prefix : null,
_m('A string to prefix notices with.'));
$this->elementEnd('li');
$this->elementStart('li');
$this->submit('save', _m('Save')); $this->submit('save', _m('Save'));
$this->elementEnd('li'); $this->elementEnd('li');

View File

@ -81,101 +81,251 @@ function isFacebookBound($notice, $flink) {
function facebookBroadcastNotice($notice) function facebookBroadcastNotice($notice)
{ {
$facebook = getFacebook(); $facebook = getFacebook();
$flink = Foreign_link::getByUserID($notice->profile_id, FACEBOOK_SERVICE); $flink = Foreign_link::getByUserID(
$notice->profile_id,
FACEBOOK_SERVICE
);
if (isFacebookBound($notice, $flink)) { if (isFacebookBound($notice, $flink)) {
// Okay, we're good to go, update the FB status // Okay, we're good to go, update the FB status
$status = null;
$fbuid = $flink->foreign_id; $fbuid = $flink->foreign_id;
$user = $flink->getUser(); $user = $flink->getUser();
$attachments = $notice->attachments();
try { try {
// Get the status 'verb' (prefix) the user has set // Check permissions
// XXX: Does this call count against our per user FB request limit? common_debug(
// If so we should consider storing verb elsewhere or not storing 'FacebookPlugin - checking for publish_stream permission for user '
. "$user->nickname ($user->id), Facebook UID: $fbuid"
);
$prefix = trim($facebook->api_client->data_getUserPreference(FACEBOOK_NOTICE_PREFIX, // NOTE: $facebook->api_client->users_hasAppPermission('publish_stream', $fbuid)
$fbuid)); // has been returning bogus results, so we're using FQL to check for
// publish_stream permission now
$status = "$prefix $notice->content"; $fql = "SELECT publish_stream FROM permissions WHERE uid = $fbuid";
$result = $facebook->api_client->fql_query($fql);
common_debug("FacebookPlugin - checking for publish_stream permission for user $user->id"); $canPublish = 0;
$can_publish = $facebook->api_client->users_hasAppPermission('publish_stream', if (!empty($result)) {
$fbuid); $canPublish = $result[0]['publish_stream'];
}
common_debug("FacebookPlugin - checking for status_update permission for user $user->id"); if ($canPublish == 1) {
common_debug(
"FacebookPlugin - $user->nickname ($user->id), Facebook UID: $fbuid "
. 'has publish_stream permission.'
);
} else {
common_debug(
"FacebookPlugin - $user->nickname ($user->id), Facebook UID: $fbuid "
. 'does NOT have publish_stream permission. Facebook '
. 'returned: ' . var_export($result, true)
);
}
$can_update = $facebook->api_client->users_hasAppPermission('status_update', common_debug(
$fbuid); 'FacebookPlugin - checking for status_update permission for user '
if (!empty($attachments) && $can_publish == 1) { . "$user->nickname ($user->id), Facebook UID: $fbuid. "
$fbattachment = format_attachments($attachments); );
$facebook->api_client->stream_publish($status, $fbattachment,
null, null, $fbuid); $canUpdate = $facebook->api_client->users_hasAppPermission(
common_log(LOG_INFO, 'status_update',
"FacebookPlugin - Posted notice $notice->id w/attachment " . $fbuid
"to Facebook user's stream (fbuid = $fbuid)."); );
} elseif ($can_update == 1 || $can_publish == 1) {
$facebook->api_client->users_setStatus($status, $fbuid, false, true); if ($canUpdate == 1) {
common_log(LOG_INFO, common_debug(
"FacebookPlugin - Posted notice $notice->id to Facebook " . "FacebookPlugin - $user->nickname ($user->id), Facebook UID: $fbuid "
"as a status update (fbuid = $fbuid)."); . 'has status_update permission.'
);
} else {
common_debug(
"FacebookPlugin - $user->nickname ($user->id), Facebook UID: $fbuid "
.'does NOT have status_update permission. Facebook '
. 'returned: ' . var_export($canPublish, true)
);
}
// Post to Facebook
if ($notice->hasAttachments() && $canPublish == 1) {
publishStream($notice, $user, $fbuid);
} elseif ($canUpdate == 1 || $canPublish == 1) {
statusUpdate($notice, $user, $fbuid);
} else { } else {
$msg = "FacebookPlugin - Not sending notice $notice->id to Facebook " . $msg = "FacebookPlugin - Not sending notice $notice->id to Facebook " .
"because user $user->nickname hasn't given the " . "because user $user->nickname has not given the " .
'Facebook app \'status_update\' or \'publish_stream\' permission.'; 'Facebook app \'status_update\' or \'publish_stream\' permission.';
common_log(LOG_WARNING, $msg); common_log(LOG_WARNING, $msg);
} }
// Finally, attempt to update the user's profile box // Finally, attempt to update the user's profile box
if ($can_publish == 1 || $can_update == 1) { if ($canPublish == 1 || $canUpdate == 1) {
updateProfileBox($facebook, $flink, $notice); updateProfileBox($facebook, $flink, $notice, $user);
} }
} catch (FacebookRestClientException $e) { } catch (FacebookRestClientException $e) {
return handleFacebookError($e, $notice, $flink);
$code = $e->getCode();
$msg = "FacebookPlugin - Facebook returned error code $code: " .
$e->getMessage() . ' - ' .
"Unable to update Facebook status (notice $notice->id) " .
"for $user->nickname (user id: $user->id)!";
common_log(LOG_WARNING, $msg);
if ($code == 100 || $code == 200 || $code == 250) {
// 100 The account is 'inactive' (probably - this is not well documented)
// 200 The application does not have permission to operate on the passed in uid parameter.
// 250 Updating status requires the extended permission status_update or publish_stream.
// see: http://wiki.developers.facebook.com/index.php/Users.setStatus#Example_Return_XML
remove_facebook_app($flink);
} else {
// Try sending again later.
return false;
}
} }
} }
return true; return true;
} }
function updateProfileBox($facebook, $flink, $notice) { function handleFacebookError($e, $notice, $flink)
$fbaction = new FacebookAction($output = 'php://output', {
$indent = null, $facebook, $flink); $fbuid = $flink->foreign_id;
$user = $flink->getUser();
$code = $e->getCode();
$errmsg = $e->getMessage();
// XXX: Check for any others?
switch($code) {
case 100: // Invalid parameter
$msg = "FacebookPlugin - Facebook claims notice %d was posted with an invalid parameter (error code 100):"
. "\"%s\" (Notice details: nickname=%s, user ID=%d, Facebook ID=%d, notice content=\"%s\"). "
. "Removing notice from the Facebook queue for safety.";
common_log(
LOG_ERR, sprintf(
$msg,
$notice->id,
$errmsg,
$user->nickname,
$user->id,
$fbuid,
$notice->content
)
);
return true;
break;
case 200: // Permissions error
case 250: // Updating status requires the extended permission status_update
remove_facebook_app($flink);
return true; // dequeue
break;
case 341: // Feed action request limit reached
$msg = "FacebookPlugin - User %s (User ID=%d, Facebook ID=%d) has exceeded "
. "his/her limit for posting notices to Facebook today. Dequeuing "
. "notice %d.";
common_log(
LOG_INFO, sprintf(
$msg,
$user->nickname,
$user->id,
$fbuid,
$notice->id
)
);
// @fixme: We want to rety at a later time when the throttling has expired
// instead of just giving up.
return true;
break;
default:
$msg = "FacebookPlugin - Facebook returned an error we don't know how to deal with while trying to "
. "post notice %d. Error code: %d, error message: \"%s\". (Notice details: "
. "nickname=%s, user ID=%d, Facebook ID=%d, notice content=\"%s\"). Removing notice "
. "from the Facebook queue for safety.";
common_log(
LOG_ERR, sprintf(
$msg,
$notice->id,
$code,
$errmsg,
$user->nickname,
$user->id,
$fbuid,
$notice->content
)
);
return true; // dequeue
break;
}
}
function statusUpdate($notice, $user, $fbuid)
{
common_debug(
"FacebookPlugin - Attempting to post notice $notice->id "
. "as a status update for $user->nickname ($user->id), "
. "Facebook UID: $fbuid"
);
$facebook = getFacebook();
$result = $facebook->api_client->users_setStatus(
$notice->content,
$fbuid,
false,
true
);
common_debug('Facebook returned: ' . var_export($result, true));
common_log(
LOG_INFO,
"FacebookPlugin - Posted notice $notice->id as a status "
. "update for $user->nickname ($user->id), "
. "Facebook UID: $fbuid"
);
}
function publishStream($notice, $user, $fbuid)
{
common_debug(
"FacebookPlugin - Attempting to post notice $notice->id "
. "as stream item with attachment for $user->nickname ($user->id), "
. "Facebook UID: $fbuid"
);
$fbattachment = format_attachments($notice->attachments());
$facebook = getFacebook();
$facebook->api_client->stream_publish(
$notice->content,
$fbattachment,
null,
null,
$fbuid
);
common_log(
LOG_INFO,
"FacebookPlugin - Posted notice $notice->id as a stream "
. "item with attachment for $user->nickname ($user->id), "
. "Facebook UID: $fbuid"
);
}
function updateProfileBox($facebook, $flink, $notice, $user) {
$facebook = getFacebook();
$fbaction = new FacebookAction(
$output = 'php://output',
$indent = null,
$facebook,
$flink
);
$fbuid = $flink->foreign_id;
common_debug(
'FacebookPlugin - Attempting to update profile box with '
. "content from notice $notice->id for $user->nickname ($user->id), "
. "Facebook UID: $fbuid"
);
$fbaction->updateProfileBox($notice); $fbaction->updateProfileBox($notice);
common_debug(
'FacebookPlugin - finished updating profile box for '
. "$user->nickname ($user->id) Facebook UID: $fbuid"
);
} }
function format_attachments($attachments) function format_attachments($attachments)

View File

@ -132,12 +132,15 @@ class FinishaddopenidAction extends Action
$this->message(_m('Error connecting user.')); $this->message(_m('Error connecting user.'));
return; return;
} }
if ($sreg) { if (Event::handle('StartOpenIDUpdateUser', array($cur, $canonical, &$sreg))) {
if (!oid_update_user($cur, $sreg)) { if ($sreg) {
$this->message(_m('Error updating profile')); if (!oid_update_user($cur, $sreg)) {
return; $this->message(_m('Error updating profile'));
return;
}
} }
} }
Event::handle('EndOpenIDUpdateUser', array($cur, $canonical, $sreg));
// success! // success!

View File

@ -286,6 +286,8 @@ class FinishopenidloginAction extends Action
return; return;
} }
Event::handle('StartOpenIDCreateNewUser', array($canonical, &$sreg));
$location = ''; $location = '';
if (!empty($sreg['country'])) { if (!empty($sreg['country'])) {
if ($sreg['postcode']) { if ($sreg['postcode']) {
@ -325,6 +327,8 @@ class FinishopenidloginAction extends Action
$result = oid_link_user($user->id, $canonical, $display); $result = oid_link_user($user->id, $canonical, $display);
Event::handle('EndOpenIDCreateNewUser', array($user, $canonical, $sreg));
oid_set_last($display); oid_set_last($display);
common_set_user($user); common_set_user($user);
common_real_login(true); common_real_login(true);
@ -364,7 +368,11 @@ class FinishopenidloginAction extends Action
return; return;
} }
oid_update_user($user, $sreg); if (Event::handle('StartOpenIDUpdateUser', array($user, $canonical, &$sreg))) {
oid_update_user($user, $sreg);
}
Event::handle('EndOpenIDUpdateUser', array($user, $canonical, $sreg));
oid_set_last($display); oid_set_last($display);
common_set_user($user); common_set_user($user);
common_real_login(true); common_real_login(true);

View File

@ -221,11 +221,14 @@ function _oid_print_instructions()
'OpenID provider.')); 'OpenID provider.'));
} }
# update a user from sreg parameters /**
* Update a user from sreg parameters
function oid_update_user(&$user, &$sreg) * @param User $user
* @param array $sreg fields from OpenID sreg response
* @access private
*/
function oid_update_user($user, $sreg)
{ {
$profile = $user->getProfile(); $profile = $user->getProfile();
$orig_profile = clone($profile); $orig_profile = clone($profile);

View File

@ -0,0 +1,6 @@
This is an additional plugin which piggybacks on OpenID authentication to pull
profile information from WikiHow user pages when creating or updating accounts.
WikiHow runs a customized MediaWiki setup, with locally-built extensions to add
profile features such as an avatar. As this additional info isn't yet exposed
through OpenID, we need to pull it separately.

View File

@ -0,0 +1,196 @@
<?php
/**
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2010, StatusNet, Inc.
*
* Plugin to pull WikiHow-style user avatars at OpenID setup time.
* These are not currently exposed via OpenID.
*
* PHP version 5
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Plugins
* @package StatusNet
* @author Brion Vibber <brion@status.net>
* @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
* @link http://status.net/
*/
if (!defined('STATUSNET')) {
// This check helps protect against security problems;
// your code file can't be executed directly from the web.
exit(1);
}
/**
* Sample plugin main class
*
* Each plugin requires a main class to interact with the StatusNet system.
*
* @category Plugins
* @package WikiHowProfilePlugin
* @author Brion Vibber <brion@status.net>
* @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
* @link http://status.net/
*/
class WikiHowProfilePlugin extends Plugin
{
function onPluginVersion(&$versions)
{
$versions[] = array('name' => 'WikiHow avatar fetcher',
'version' => STATUSNET_VERSION,
'author' => 'Brion Vibber',
'homepage' => 'http://status.net/wiki/Plugin:Sample',
'rawdescription' =>
_m('Fetches avatar and other profile info for WikiHow users when setting up an account via OpenID.'));
return true;
}
/**
* Hook for OpenID user creation; we'll pull the avatar.
*
* @param User $user
* @param string $canonical OpenID provider URL
* @param array $sreg query data from provider
*/
function onEndOpenIDCreateNewUser($user, $canonical, $sreg)
{
$this->updateProfile($user, $canonical);
return true;
}
/**
* Hook for OpenID profile updating; we'll pull the avatar.
*
* @param User $user
* @param string $canonical OpenID provider URL (wiki profile page)
* @param array $sreg query data from provider
*/
function onEndOpenIDUpdateUser($user, $canonical, $sreg)
{
$this->updateProfile($user, $canonical);
return true;
}
/**
* @param User $user
* @param string $canonical OpenID provider URL (wiki profile page)
*/
private function updateProfile($user, $canonical)
{
$prefix = 'http://www.wikihow.com/User:';
if (substr($canonical, 0, strlen($prefix)) == $prefix) {
// Yes, it's a WikiHow user!
$profile = $this->fetchProfile($canonical);
if (!empty($profile['avatar'])) {
$this->saveAvatar($user, $profile['avatar']);
}
}
}
/**
* Given a user's WikiHow profile URL, find their avatar.
*
* @param string $profileUrl user page on the wiki
*
* @return array of data; possible members:
* 'avatar' => full URL to avatar image
*
* @throws Exception on various low-level failures
*
* @todo pull location, web site, and about sections -- they aren't currently marked up cleanly.
*/
private function fetchProfile($profileUrl)
{
$client = HTTPClient::start();
$response = $client->get($profileUrl);
if (!$response->isOk()) {
throw new Exception("WikiHow profile page fetch failed.");
// HTTP error response already logged.
return false;
}
// Suppress warnings during HTML parsing; non-well-formed bits will
// spew horrible warning everywhere even though it works fine.
$old = error_reporting();
error_reporting($old & ~E_WARNING);
$dom = new DOMDocument();
$ok = $dom->loadHTML($response->getBody());
error_reporting($old);
if (!$ok) {
throw new Exception("HTML parse failure during check for WikiHow avatar.");
return false;
}
$data = array();
$avatar = $dom->getElementById('avatarULimg');
if ($avatar) {
$src = $avatar->getAttribute('src');
$base = new Net_URL2($profileUrl);
$absolute = $base->resolve($src);
$avatarUrl = strval($absolute);
common_log(LOG_DEBUG, "WikiHow avatar found for $profileUrl - $avatarUrl");
$data['avatar'] = $avatarUrl;
}
return $data;
}
/**
* Actually save the avatar we found locally.
*
* @param User $user
* @param string $url to avatar URL
* @todo merge wrapper funcs for this into common place for 1.0 core
*/
private function saveAvatar($user, $url)
{
if (!common_valid_http_url($url)) {
throw new ServerException(sprintf(_m("Invalid avatar URL %s"), $url));
}
// @fixme this should be better encapsulated
// ripped from OStatus via oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
if (!copy($url, $temp_filename)) {
throw new ServerException(sprintf(_m("Unable to fetch avatar from %s"), $url));
}
$profile = $user->getProfile();
$id = $profile->id;
// @fixme should we be using different ids?
$imagefile = new ImageFile($id, $temp_filename);
$filename = Avatar::filename($id,
image_type_to_extension($imagefile->type),
null,
common_timestamp());
rename($temp_filename, Avatar::path($filename));
$profile->setOriginal($filename);
}
}