Commit Graph

3851 Commits

Author SHA1 Message Date
Mikael Nordfeldth
960baae1d1 More debugging in Magicsig class verify method 2014-05-05 17:48:21 +02:00
Joshua Judson Rosen
7440dc2145 Prevent spurious refusals of legitimate notices posted to users via Salmon.
Make the logic match the intent described in the comments.

The intent is clearly "accept notices whenever (A or B or C)", but
the logic implemented was more like "not ((not A) or (not B) or (not C))",
which is a basical boolean algebra fail (each of those ORs need to
become ANDs for double-negation to work).

The practical implication was that, for example, writing a reply
to someone else's notice and including an @-reference to _another_
user on another site to bring them into the discussion would
fail to deliver the notice to the new user because their server
would basically say `oh no, you can't message this user
from someone else's thread' because an earlier check for
the `A' or `C' parts of `(A or B or C)' prevents `B' from
being checked.

cf.: <http://status.hackerposse.com/notice/55846>, which was
refused by the nhcrossing.com server because it didn't know
about <http://sn.jonkman.ca/notice/93724>, even though it would
have passed the later `notice contains a reference to a local user'
check if not for an exception being prematurely thrown.

The whole idea of reporting `which specific check FAILED'
in an `if ANY SUCCEEDS' analysis is just bogus, so nix all of
the distinct ClientExceptions--a single `ALL FAILED' exception
is the only one that makes sense.
2014-05-05 13:35:38 +02:00
Joshua Judson Rosen
4fd3f43ad2 Autocomplete: don't match non-subscribed group-names.
There's no point, since we can't post/link to them anyway.
2014-05-05 13:32:18 +02:00
Mikael Nordfeldth
27ed6b7db0 getConversationUrl introduced for linking to conversations 2014-05-01 15:25:19 +02:00
Mikael Nordfeldth
caeb6e583c We're not interested in Disqus support. 2014-05-01 02:15:10 +02:00
Mikael Nordfeldth
b77a09fdee Notice URIs are not necessarily URLs.
Let's use getUrl() for URL retrieval. May throw exceptions, but
only if it's a Notice that cannot be linked like that anyway.
2014-04-30 20:44:23 +02:00
Mikael Nordfeldth
1acffa9c7a wtf is Echo? bah, let's get rid of this crap 2014-04-30 20:35:06 +02:00
Mikael Nordfeldth
7d191f8062 s/bestUrl/getUrl/ for notices and microapp objects 2014-04-29 19:46:58 +02:00
Mikael Nordfeldth
c1d2f2516a VideoThumbnails failure detection improved. 2014-04-29 19:45:42 +02:00
Mikael Nordfeldth
c8d613b916 Minifying javascripts is evil. Let's not do it.
The microformats stuff was unused
2014-04-28 18:57:11 +02:00
Mikael Nordfeldth
b0cae37b0f Datetime representation aligned for microformats2
Read more at http://microformats.org/

Also, tooltip text on time representation for humans has been improved.
Unfortunately no standardised representation (like "RFC850") had 4-digit years.
2014-04-28 18:54:55 +02:00
Mikael Nordfeldth
5fd6053220 Code cleanup and enabling User object's etc. getUri() 2014-04-28 14:08:42 +02:00
Mikael Nordfeldth
030639d02d EmailAuthentication enabled by default
The login field said "Username or email address" already, so...
2014-04-28 12:39:57 +02:00
Mikael Nordfeldth
37ce1f4766 Better fallback on UnsupportedMediaException 2014-04-28 12:12:06 +02:00
Mikael Nordfeldth
d59eb5e184 Dynamically generate thumbnails (see full text)
The File object now stores width and height of files that can
supply this kind of information. Formats which we can not read
natively in PHP do not currently benefit from this. However an
event hook will be introduced later.

The CreateFileImageThumbnail event is renamed to:
CreateFileImageThumbnailSource to clarify that the hooks should not
generate their own thumbnails but only the source image. Also it now
accepts File objects, not MediaFile objects.

The thumbnail generation is documented in the source code. For
developers, call 'getThumbnail' on a File object and hope for the best.

Default thumbnail sizes have increased to be more appealing.
2014-04-21 20:46:11 +02:00
Mikael Nordfeldth
86ddf120d7 Better event name (creating thumbnail _source_) 2014-04-21 12:33:41 +02:00
Mikael Nordfeldth
639cf48cc7 OStatus onStartNoticeSourceLink to use exceptions 2014-04-19 22:18:36 +02:00
Mikael Nordfeldth
37e9366e88 We get profiles directly, there's no user object anymore 2014-04-18 22:18:11 +02:00
Mikael Nordfeldth
5ef6ee4bc5 Better plugin description for VideoThumbnails 2014-04-16 22:12:15 +02:00
Mikael Nordfeldth
06d4cecf7f MediaFile thumbnail event hooks + VideoThumbnails plugin
The exception thrown from MediaFile will be caught and simply result in
no thumbnail at all right now. In the future we might use a catch-all
and have a "cannot generate preview"-icon or something.

VideoThumbnails requires php5-ffmpeg and php5-gd.
2014-04-16 21:48:58 +02:00
Mikael Nordfeldth
a2a2105058 HTML5 required attribute for some input forms 2014-04-06 11:27:41 +02:00
Mikael Nordfeldth
220b51d8be Merge commit 'refs/merge-requests/199' of git://gitorious.org/statusnet/mainline into statusnet-merge-requests/199 2014-03-31 13:09:11 +02:00
Mikael Nordfeldth
cb3d863668 Updated and moved XMPP documentation into plugin. 2014-03-11 00:11:25 +01:00
Mikael Nordfeldth
e9e4190b64 IrcManager does not have serverError, so it must throw ServerException 2014-03-10 00:30:41 +01:00
Mikael Nordfeldth
c00491cd7a Cosmetic changes to common_redirect, clientError, serverError
Since these functions exit (or throw exception) after running, there
is no need to have a 'return' statement or similar afterwards.
2014-03-10 00:25:57 +01:00
Mikael Nordfeldth
acbe94936f common_redirect and clientError exits, so refactor
One Event would never be called, and other stuff were redundant clauses.
2014-03-10 00:24:32 +01:00
Mikael Nordfeldth
8d655bc706 Add support for 'nohub' sub_state in FeedSub
(requires upgrade.php run)
2014-03-09 23:03:54 +01:00
Mikael Nordfeldth
779ce40ac3 Add functions to avoid direct variable access 2014-03-09 13:31:05 +01:00
Mikael Nordfeldth
a1b0d5fa7e FeedSub gets a plugin event handler for sub/unsub 2014-03-09 13:27:28 +01:00
Mikael Nordfeldth
940867e39d RegisterThrottle didn't save the created time 2014-03-07 21:23:49 +01:00
Mikael Nordfeldth
326ad9376e Cosmetic changes to RegisterThrottle 2014-03-07 21:03:38 +01:00
Mikael Nordfeldth
4e8697c96e We don't add to inbox anymore. 2014-03-07 00:05:21 +01:00
Mikael Nordfeldth
c4e1cd1289 Added OpportunisticQM README that has good docs 2014-03-06 14:45:18 +01:00
Mikael Nordfeldth
aff6a66178 Add Attention stuff to TwitterBridge 2014-03-06 14:28:27 +01:00
Mikael Nordfeldth
3be0e44490 Stricter typing + user detection in Realtime 2014-03-06 13:23:08 +01:00
Mikael Nordfeldth
2272cc244d Removed Inbox from core (unused since 4b2a66ed29)
Added the following FIXME:
How should a Twitter user get their Inbox filled with foreign tweets?

Every imported Twitter user has a profile in the Profile table, so we
could setup a Subscription entry for each of those, meaning they get
collected in the InboxNoticeStream... But this would mean a lot of
unnecessary entries and listings that generally just point to the
locked down Twitter service.

Let's figure out a good relation so we can connect any profile to any
imported foreign notice, so it shows up in the "all" feed.
2014-03-06 04:46:29 +01:00
Mikael Nordfeldth
4b2a66ed29 New mechanism for "all" feed (InboxNoticeStream)
Also cleaned up and made typing stricter for the stream, so only
profiles can be submitted. This reasonably also means we can create
"inbox" or "all" streams for foreign profiles as well using the same
stream handler (but of course only for messages we already know about).

To avoid looking up posts for a long time in a large notice database,
the lookback period for the inbox is no longer than the profile creation
date. (this matches the behaviour of Inbox)

Inbox class can probably be removed now.
2014-03-06 04:18:54 +01:00
Mikael Nordfeldth
c0f65f6ea7 Merge branch 'master' into FeedPoller 2014-03-06 01:15:19 +01:00
Mikael Nordfeldth
e571e64e9e Make ostatussub conform to coding standards a bit 2014-03-05 13:44:45 +01:00
Mikael Nordfeldth
dc0ae2785d SubMirror now works again against old PuSH
There was a problem with (specifically at least) PuSHpress for
Wordpress. A previous attempt to perform a DB transaction backfired
because the remote side could connect to the callback before our
commit had gone through.

I take full responsibility for introducing the bug in the first place :)
2014-03-03 00:01:13 +01:00
Mikael Nordfeldth
83f50d25c0 Cosmetic changes to SubMirror actions 2014-03-02 23:06:21 +01:00
Mikael Nordfeldth
6f427d7e43 Remove Twitter from SubMirror
Twitter removed Atom feeds in API v1.1, so there is no way to mirror
a feed without screen-scraping or registering a dev account with them.
2014-03-02 22:58:23 +01:00
Mikael Nordfeldth
8ef29b70d1 GNU social naming, not StatusNet 2014-03-02 22:53:48 +01:00
Mikael Nordfeldth
8b04bcb310 Prepare for >1024 RSA keys for Salmon signatures 2014-03-02 11:47:38 +01:00
Mikael Nordfeldth
5c505d8539 Conversation ID now gets set from initial notice.
This will work without much extra effort because there will always be
more notices (higher value) than conversations (so no collisions).

But please run upgrade.php to avoid having an autoincrement id on
conversation table.

Installations using code after 2014-03-01 will have identical
conversation IDs to the initial (conversation root) notice IDs. This
will not affect older installations, which will have very different
values.
2014-03-01 17:12:40 +01:00
Mikael Nordfeldth
fc047bd6e6 Minor code cleanup with group related actions (thanks brw12)
Originated from brw12 who noticed an incorrect variable name used in
an error message in actions/apigroupjoin.php:109
2014-03-01 12:01:17 +01:00
Mikael Nordfeldth
9a03ec98e7 Don't forget to strip 'Plugin'. (_MrB_ rocks, MMN-o sucks.)
Paths are like "plugins/Realtime/...", not "plugins/RealtimePlugin/...".
2014-03-01 11:07:58 +01:00
Mikael Nordfeldth
d6ca90bb21 Partly revert 97830b0701 (thanks _MrB_)
require_once lines were required since _plugins_ don't __autoload

Also, Realtime would load the wrong URL for css/js since $this->name()
returns get_class($this) instead of the calling class' __CLASS__.
2014-02-27 23:30:35 +01:00
Mikael Nordfeldth
1e37f374b3 Making us less dependant on javascript trust
Many of the microapps are pretty javascript dependant, but at least
we should allow users to get to the new notice field without allowing
javascript to run in the browser. :)
2014-02-24 02:05:31 +01:00
Mikael Nordfeldth
97830b0701 Preparing plugins for no-minify-in-core-policy
also making the file structure better with js and css folders for Realtime and LinkPreview
2014-02-24 01:01:34 +01:00