Commit Graph

2698 Commits

Author SHA1 Message Date
Zach Copley
05361bb686 OAuth: Fix rare problem in which request tokens were sometimes being
returned as access tokens.
2011-01-20 10:44:31 -08:00
Zach Copley
28d40e5eed Fix syntax error in error msg 2011-01-20 10:44:18 -08:00
Zach Copley
6dc94a5389 Move getConnectedApps() from Profile to User, where it belongs
Conflicts:

	classes/User.php
2011-01-20 10:43:27 -08:00
Brion Vibber
d3d9797496 Prevent group creation by silenced users.
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Brion Vibber
ca55d6c514 Ticket #1987: support since_id on API notice search methods.
max_id is not yet implemented, as it'll need support added to the search backends. (since_id we get 'for free' by just cropping off the list, it'll do for now)
2010-11-19 14:00:22 -08:00
Brion Vibber
9b9db3b28a Prep for ticket #2895: consolidate common code from PopularNoticeList and FavoritedAction for fetching popular notice lists 2010-11-16 11:10:32 -08:00
Brion Vibber
e4913f9722 fix syntax error introduced in i18n tweaks: newgroup action 2010-11-12 13:35:19 -08:00
Brion Vibber
9621904cac Revert "Missing one close-paren in newgroup.php" - incorrect fix for paren bug
This reverts commit 3afb031d92.
2010-11-12 13:34:04 -08:00
Zach Copley
09aaf21e8d Fix missing close of comment block 2010-11-11 10:33:26 -08:00
Evan Prodromou
3afb031d92 Missing one close-paren in newgroup.php 2010-11-09 17:08:11 -05:00
Brion Vibber
8d0c014ced Merge branch 'master' into 0.9.x 2010-10-28 13:01:10 -07:00
Brion Vibber
9ea7cafd27 Fix for regression: fatal error on group page display when not logged in.
Bug was introduced with group deletion feature.
2010-10-28 12:19:19 -07:00
Siebrand Mazeland
796d7b4939 Update translator documentation. 2010-10-28 01:42:09 +02:00
Siebrand Mazeland
04ae500749 * i18n/L10n fixes.
* translator documentation updated.
* superfluous whitespace removed.
2010-10-28 01:21:21 +02:00
Siebrand Mazeland
a12474a99d * i18n/L10n fixes.
* translator documentation updated.
* superfluous whitespace removed.
2010-10-28 01:21:09 +02:00
Zach Copley
b3cd558fe7 Fix OAuth verifier display page title and msgs for i18n 2010-10-26 13:19:23 -07:00
Zach Copley
1a1ca22aca Supress header, footer, sidebar on OAuth verifier pin page when in "desktop" mode 2010-10-25 13:30:38 -07:00
Zach Copley
82c280979d Add special CSS classes to OAuth authorization and pin pages when
in desktop mode
2010-10-25 11:25:35 -07:00
Zach Copley
479096c8d7 Less scary OAuth authorization messages when using anonymous consumer 2010-10-25 10:38:40 -07:00
Siebrand Mazeland
0b6cc7c33d * translator documentation added.
* superfluous whitespace removed.
2010-10-23 19:20:51 +02:00
Zach Copley
3913b6a5d8 Updated styling for OAuth authorization page's desktop mode.
TODO: move these styles into the main CSS file.
2010-10-22 11:21:44 -07:00
Zach Copley
131c339c5a Pass OAuth authorize page's mode paramater to OpenID plugin so it can create a correct
returnto URL
2010-10-22 02:08:38 +00:00
Zach Copley
ac45f661f6 Fix regression (whoops!) 2010-10-21 18:38:54 -07:00
Zach Copley
c5a84ef76f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 18:16:35 -07:00
Zach Copley
0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
aa6ec40c51 Fix syntax errors 2010-10-22 00:48:26 +00:00
Zach Copley
ce0d81c190 OAuth - inform consumer when user refused to authorize a request token
http://status.net/open-source/issues/2848
2010-10-21 17:11:59 -07:00
Zach Copley
94f7bfa50a Don't show 'anonymous' app in OAuth application list. 2010-10-21 16:42:59 -07:00
Zach Copley
4ab110e071 Fix bad reference. 2010-10-21 14:52:41 -07:00
Zach Copley
a548861dbf OAuth - proper callback handling and better styling for authorization
page when in desktop mode
2010-10-21 14:45:42 -07:00
Zach Copley
648f79be10 Change OAuth authorization page's action name to be inline with
other web page action names so the body id outputs correctly. Fix
some other bugs.
2010-10-21 13:00:59 -07:00
Zach Copley
bab012bd67 New "desktop" mode for the OAuth authorization page. If mode=deskstop
is specified in the request the page is probably meant to be displayed
in a small webview of another application, so suppress header, aside
and footer.
2010-10-21 12:23:04 -07:00
Siebrand Mazeland
cb74822e7a i18n/L10n consistency updates. 2010-10-21 13:20:21 +02:00
Siebrand Mazeland
fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Zach Copley
e56385a7bb Use a new table (oauth_token_association) to associate authorized
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
1603b7afc9 i18n/L10n updates, translator comments added/fixed, superfluous whitespace removed. 2010-10-21 01:53:42 +02:00
Brion Vibber
c24f4ddfdb Pretty up the OpenID variant of the OAuth login form a bit; change the 'Allow' button to 'Continue' so we're not confused why we get the form again after authenticating. 2010-10-20 16:14:32 -07:00
Brion Vibber
bcc06d05e8 Initial OpenID+OAuth thingy. 2010-10-20 15:59:27 -07:00
Siebrand Mazeland
ac4afb31e8 Consistent punctuation. 2010-10-20 20:29:59 +02:00
Siebrand Mazeland
59d0be4761 * i18n for many missing messages (???)
* add translator documentation.
2010-10-20 20:28:04 +02:00
Siebrand Mazeland
dc62cf1c0b * i18n/L10n fixes.
* translator documentation updated/added.
* superfluous whitespace removed.
2010-10-20 19:34:27 +02:00
Zach Copley
2760ef07f5 Stick OAuth developer help info in a section 2010-10-19 21:24:19 -07:00
Zach Copley
5ca29ab0de Merge branch 'anon-consumer' into 0.9.x 2010-10-19 21:01:53 -07:00
Zach Copley
e8b6d7c946 Add support for an anonymous OAuth consumer. Note: this requires a
small DB tweak.  Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).

http://status.net/open-source/issues/2761

This should also make it possible to have multiple access tokens
per application.

http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Siebrand Mazeland
0157df7396 Add missing "address" 2010-10-20 00:49:12 +02:00
Siebrand Mazeland
4b4894b121 Many i18n/L10n updates and lots of descriptions for translators added. 2010-10-20 00:35:39 +02:00
Brion Vibber
d358c88f94 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-19 15:10:47 -07:00
Brion Vibber
e13eb797c7 Fix PHP notice when submitting 'design' admin panel on a browser that doesn't support file uploads such as Mobile Safari 2010-10-19 15:09:45 -07:00
Zach Copley
d48f4a81d6 Relax restrictions on URL validation for oauth_callback. We need to
allow custom schemes like mustard:// etc.
2010-10-19 19:29:21 +00:00