Brion Vibber
d3d9797496
Prevent group creation by silenced users.
...
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Brion Vibber
3f9b8b293d
Workaround for locally-handled sessions breaking on PHP 5.3 with APC enabled.
...
Big thanks to the folks at http://pecl.php.net/bugs/bug.php?id=16745 for the secret juju!
Classes were being torn down before session save handlers got called at the end of the request, which exploded with complaints about being unable to find various classes.
Registering a shutdown function lets us explicitly close out the session before everything gets torn down.
2010-12-10 14:12:02 -08:00
Brion Vibber
76f3dc32e0
Added User::singleUserNickname() as (temporary?) fallback for single-user lookup as a workaround for site setup of 1user sites. We found that an external tool attempting to spin up StatusNet and then register the user would fail because StatusNet's router setup dies on being unable to find its single-user account, since the nickname is needed in setting up routing entries. This tweak will let it survive, using the configured setting as a fallback if it can't actually find the user account.
2010-12-06 12:39:09 -08:00
Brion Vibber
4b01dd8b2e
Ticket #2441 : fix deletion of avatars when a profile is deleted.
...
Code was doing a batch call to $avatar->delete() which fails to properly engage the file deletion code. Calling the existing profile->delete_avatars() function deletes them individually, which makes it all work nice again.
2010-11-19 12:40:18 -08:00
Brion Vibber
0d0e51292d
some User -> Profile cleanup to help in adapting the profile page action to show stuff for remote users. Subscriptions, groups, roles, etc are all on profiles now so go ahead and use em.
2010-11-15 15:32:57 -08:00
Evan Prodromou
b5206fe6ca
fall back to siteowner on bad nickname (Bug#2861)
2010-10-28 10:46:57 -04:00
Evan Prodromou
aef88c7cee
max_id is inclusive
2010-10-25 11:18:49 -04:00
Evan Prodromou
968f9b0513
change max_id from < to <=
2010-10-25 11:08:53 -04:00
Siebrand Mazeland
0b6cc7c33d
* translator documentation added.
...
* superfluous whitespace removed.
2010-10-23 19:20:51 +02:00
Evan Prodromou
1d85bfece1
New events when granting and revoking roles
...
Four new events for when roles are granted or revoked.
2010-10-22 10:31:50 -04:00
James Walker
8ac8f3d2dc
Memcache::set() 3rd param should be flags (4th is expire). This throws a "2 lowest bytes reserved" error in Memcache > 3.0.3
2010-10-21 12:20:14 -04:00
Siebrand Mazeland
fb12094f61
i18n/L10n updates, translator docs updated, superfluous whitespace removed.
2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
actions/apioauthauthorize.php
lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Zach Copley
e56385a7bb
Use a new table (oauth_token_association) to associate authorized
...
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
28ec9d6463
* translator documentation added.
...
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
2010-10-21 01:12:56 +02:00
Brion Vibber
8004e2809d
Fix for ticket #2845 : singleuser nickname configuration was being overridden by site owner in router setup.
...
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.
Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Zach Copley
3d6a0f730d
Revert DB change for OAuth. Change compound key for oauth_application_user
...
back to (profile_id, application_id). I think we can get away without
a DB change by only issuing one anonymous access token per user.
2010-10-20 11:41:04 -07:00
Zach Copley
e8b6d7c946
Add support for an anonymous OAuth consumer. Note: this requires a
...
small DB tweak. Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).
http://status.net/open-source/issues/2761
This should also make it possible to have multiple access tokens
per application.
http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Evan Prodromou
b31c49c5d4
Make HTTPS urls in File::url() if necessary
2010-10-14 14:22:17 -04:00
Evan Prodromou
97a7fb246c
correctly use sslserver if it is set
2010-10-14 01:35:11 -04:00
Evan Prodromou
aafd95dc0c
Design::url() will use HTTPS if page is HTTPS
2010-10-14 01:18:19 -04:00
Evan Prodromou
76038fe20c
better deletion of related objects in User_group::delete()
2010-10-13 22:44:06 -04:00
Brion Vibber
112b6c4079
Improve cache-friendliness of user_group->delete().
...
Doesn't clear all possible cached entries, but this should get the ones that matter most: lookups by id, nickname, and alias. This should ensure that if a group name gets reused as a new group or alias, it should work properly.
There are some user-visible areas that aren't clear such as the 'top groups' lists on the GroupsAction sidebar; if a deleted group appears in those lists it'll go away within an hour when the cached query expires.
2010-10-12 16:29:13 -07:00
Brion Vibber
3579ccac8e
Cascading deletion for user_group; doesn't yet work properly with caching.
2010-10-12 16:13:07 -07:00
Brion Vibber
f4f16af8ac
Add a basic group deletion for moderator users.
2010-10-12 15:49:20 -07:00
Brion Vibber
1cd60579f5
Ticket #2811 use more consistent max limit for OAuth application registration descriptions; now using the field max of 255 rather than $config['site']['textlimit'] as fallback if $config['application']['desclimit'] is unset or out of bounds.
2010-10-11 12:52:32 -07:00
Brion Vibber
d6b3d7fb1a
Fix unescaped dollar signs in double-quoted strings due to localization updates (%1$s etc)
2010-10-04 14:24:04 -07:00
Brion Vibber
6e58a926e3
ForceGroup plugin: optionally force new users to join a particular group or set of groups on registration; and/or to force posts by members of particular groups to be posted into those groups even if not explicitly mentioned. The posting feature requires a couple quick hook additions in core.
2010-09-30 18:05:44 -07:00
Zach Copley
3960c9ad39
Move blowFavesCache() to Profile
2010-09-29 16:35:12 -07:00
Zach Copley
c19e592fa8
Move hasFave() to Profile
2010-09-29 16:35:12 -07:00
Siebrand Mazeland
9587f9f55b
* i18n/L10n and translator documentation updates.
...
* whitespace and indentation updates
2010-09-28 23:42:18 +02:00
Siebrand Mazeland
b03ece26eb
* i18n/L10n and translator documentation updates.
...
* whitespace and indentation updates
2010-09-28 23:21:09 +02:00
Evan Prodromou
4d01f8fbb6
save a URI with the user
2010-09-22 12:08:17 -04:00
Evan Prodromou
b5cfcba471
Merge branch '0.9.x' into activityexport
...
Conflicts:
plugins/OStatus/OStatusPlugin.php
2010-09-22 10:45:34 -04:00
Brion Vibber
42dd460d3b
Merge branch 'master' into 0.9.x
2010-09-21 12:48:16 -07:00
Evan Prodromou
556a2a8fd8
use Profile::getUri() to get a profile's URI
2010-09-21 06:21:47 -04:00
Brion Vibber
28b06864fb
Fix for #2227 : 'view profile designs' and other default-on options are initially mis-set to off due to caching at account creation
2010-09-20 17:37:21 -07:00
Brion Vibber
521daf5562
Ticket #2327 : fixing block to remove the blocking user's subscription to the blockee if present; also cleaning up inbox delivery to apply the block checks more consistently, instead of just to group posts.
2010-09-20 16:00:25 -07:00
James Walker
444959a789
Status_network::encache() doesn't exist
2010-09-17 16:33:02 -04:00
Evan Prodromou
fac1942dad
better output for group membership as activity
2010-09-15 07:11:24 -04:00
Evan Prodromou
43ad609600
Add Group_member::asActivity() to record group joins
2010-09-14 11:01:29 -04:00
Evan Prodromou
9f4891568f
bugs in function calls in Notice::asActivity
2010-09-13 16:27:02 -04:00
Evan Prodromou
9771a7193f
bug in time and object handling in Subscription::asActivity
2010-09-13 16:22:42 -04:00
Evan Prodromou
4338bc1ee7
bug in time and object handling in Fave::asActivity
2010-09-13 16:22:27 -04:00
Evan Prodromou
d634f9cf17
Notice::asActivity
2010-09-13 11:44:20 -04:00
Evan Prodromou
d9b959fc64
move code for making activities from OStatus plugin to Subscription and Fave classes
2010-09-13 11:44:20 -04:00
Brion Vibber
7407754c27
Merge branch 'master' into testing
2010-09-08 11:47:44 -07:00
Brion Vibber
0ef422593b
Don't explode if we fail to load a listed attachment id in Notice::attachments()
2010-09-02 15:39:22 -07:00
Evan Prodromou
82b1d6daef
Merge branch 'swat0' into 0.9.x
2010-09-02 16:58:55 -04:00
Evan Prodromou
974ac48771
bug in Profile::fromURI() wasn't returning profile
2010-09-01 16:55:16 -04:00