forked from GNUsocial/gnu-social
fine-tuning the privacy flag
darcs-hash:20081203183432-5ed1f-7626661b797f64594f990ee06d9e13b73b265b49.gz
This commit is contained in:
parent
06b234c397
commit
8c10b0ac4d
3
README
3
README
@ -775,6 +775,9 @@ closed: If set to 'true', will disallow registration on your site.
|
||||
the service, *then* set this variable to 'true'.
|
||||
inviteonly: If set to 'true', will only allow registration if the user
|
||||
was invited by an existing user.
|
||||
private: If set to 'true', anonymous users will be redirected to the
|
||||
'login' page. Also, API methods that normally require no
|
||||
authentication will require it.
|
||||
|
||||
db
|
||||
--
|
||||
|
@ -120,6 +120,12 @@ class ApiAction extends Action {
|
||||
'statuses/followers',
|
||||
'favorites/favorites');
|
||||
|
||||
# If the site is "private", all API methods need authentication
|
||||
|
||||
if (common_config('site', 'private')) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$fullname = "$this->api_action/$this->api_method";
|
||||
|
||||
if (in_array($fullname, $bareauth)) {
|
||||
|
@ -36,7 +36,12 @@ if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) {
|
||||
common_redirect(common_local_url('public'));
|
||||
}
|
||||
|
||||
if (!$user && common_config('site', 'private') && !in_array($action, array('login', 'api', 'doc')) {
|
||||
// If the site is private, and they're not on one of the "public"
|
||||
// parts of the site, redirect to login
|
||||
|
||||
if (!$user && common_config('site', 'private') &&
|
||||
!in_array($action, array('login', 'openidlogin', 'api', 'doc')))
|
||||
{
|
||||
common_redirect(common_local_url('login'));
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user