Removed the free calls (unneeded since destructors now work), and added an error check w/ logging & an exception for future attempts to forward calls to nonexistent object.
We were checking the list as comma-delimited (per the description of it as comma-delimited), but in fact spaces are also accepted, and who knows what else.
We can make a lot of HTTP requests from the server side. This change
adds some configuration options for using an HTTP proxy, which can
cache hits from multiple sites (good for status.net-like services, for example).
Version 0.9.6 and below of StatusNet assume anything in <author> is a
Person. So, we include an <activity:subject> element, which will be
checked first by those versions of the code, only for group feeds.
At some point we'll take this out, but it's useful for now.
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
Moved most of the heavy-lifting for account restoration out of
restoreuser.php and into its own class, with the hope that we'll do
the work from the Web eventually.
The new DeleteaccountAction lets a user delete their own account
(subject to global rights set by the admin). It presents a form to
delete the account, with an "I am sure." text entry box.
It then schedules the account for deletion and logs the user out.
If a cache entry is dependent on the code that's running, upgrading
(or enabling/disabling plugins) can generate hard-to-track
inconsistencies.
This change adds a close-to-unique fingerprint of the running code to
some cache keys, so that if the fingerprint changes, the old values
are ignored and new values are used.
If the automated uniqueness fails, an administrator can add an extra
config value, $config['site']['build'], that's thrown into the key also.
If a cache entry is dependent on the code that's running, upgrading
(or enabling/disabling plugins) can generate hard-to-track
inconsistencies.
This change adds a close-to-unique fingerprint of the running code to
some cache keys, so that if the fingerprint changes, the old values
are ignored and new values are used.
If the automated uniqueness fails, an administrator can add an extra
config value, $config['site']['build'], that's thrown into the key also.
We had two ways to generate an activity entry from a notice; one through
Notice::asAtomEntry() and one through Notice::asActivity() and
Activity::asString(). The code paths had already diverged somewhat. I
took the conditions that were in Notice::asAtomEntry() and made sure
they were replicated in the other two functions. Then, I rewrote
Notice::asAtomEntry() to use the other two functions instead.
This change passes the ActivityGenerationTests unit tests, but there
may be some other stuff that's not getting covered.
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.
Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.
Note also ticket #2919: there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
commit 39fdd181d95d2c39a3ea1ca330b10a99a92b961f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:37:49 2010 -0500
use cache key prefix for router cache key
commit 4cb9e56941922489b83d6425c059cf770991e68f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:31:21 2010 -0500
use a unique hashkey based on the software version and loaded plugins
commit 44458b48aef719543e11f83b41fded65cbcb8be9
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 17:04:15 2010 -0500
cache the NUM object
commit 809c188307a9b4ada15f3d7fa573a6034341efef
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 15:44:12 2010 -0500
accelerate routing by pivoting paths on actions
commit 39fdd181d95d2c39a3ea1ca330b10a99a92b961f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:37:49 2010 -0500
use cache key prefix for router cache key
commit 4cb9e56941922489b83d6425c059cf770991e68f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:31:21 2010 -0500
use a unique hashkey based on the software version and loaded plugins
commit 44458b48aef719543e11f83b41fded65cbcb8be9
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 17:04:15 2010 -0500
cache the NUM object
commit 809c188307a9b4ada15f3d7fa573a6034341efef
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 15:44:12 2010 -0500
accelerate routing by pivoting paths on actions
This provides initial infrastructure for decoupling display names from internal canonical names, but continues to have us storing and using the canonical forms.
It should be/become possible to provide mixed-case and underscore-containing names in links, @-mention, !-group, etc, but we don't store those alternate forms generally.
max_id is not yet implemented, as it'll need support added to the search backends. (since_id we get 'for free' by just cropping off the list, it'll do for now)
- "To" drop-down list now defaults to showing "Select recipient:" instead of the first person on your list, reducing liklihood of accidentally sending a message to the wrong person.
- When there are no mutual subscribers to send to, instead of an empty list the list now shows 'No mutual subscribers.'
In both cases, attempting to send when the default is selected displays an error message.
I'm not disabling form elements in part because our themes right now don't show disabled button state correctly; we might want to tighten that up a bit more once fixed.
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
- workaround for providers that are skimpy on their data, such as missing width/height or thumbnail_width/thumbnail_height
- workaround for YFrog listing "image" instead of "photo" type
- generally more lax about formatting: if it comes back and looks kinda ok, we'll take it.
- discovery uses system HTML parser, should be more robust if the links include things like ampersands with proper HTML-level escaping
Newly supported:
- TwitPic: added a local function using TwitPic's API, since the oohembed implementation for TwitPic produced invalid output which Services_oEmbed rejects. (bug filed upstream)
Tweaked...
- Flickr: works, now using whitelist to use their endpoint directly instead of going through oohembed
- Youtube: worked around a bug in Services_oEmbed which broke the direct use of API discovery info, so we don't have to use oohembed.
Not currently working...
- YFrog: whitelisting their endpoint directly as the oohembed output is broken, but this doesn't appear to work currently as I think things are confused by YFrog's servers giving a '204 No Content' response on our HEAD checks on the original link.
StatusNet core code now sets the tooltip text on .attachment.more links when they receive their attachment-expansion magic; this will override the hardcoded tooltip text saved from OStatus plugin when displaying timelines in the web UI.
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.
Setting $config['singleuser']['nickname'] should now work again as expected.
* skip 0-byte config files when initializing, go ahead and redirect to installer if no non-0-byte files
* tweak warning on installer.php to let you know if you have a 0-byte config.php that's not writable, as opposed to generally already having a config.php with data in it
Fetching basic column data and unique indexes. Still needs detail work, multi-value indexes, foreign keys, and distinguishing the primary key.
Since we don't get comments and such, for cleaner comparisons we should probably do a filtering on supported features.
This will apply to *ALL* plugins in *ALL* languages, so should probably only be used when doing site customization...
You'd probably do:
$config['site']['locale_path'] = '/srv/awesome/data/locale';
$config['plugins']['locale_path'] = '/srv/awesome/data/locale';
with a structure like:
srv/
awesome/
data/
locale/
en/
LC_MESSAGES/
statusnet.po
OpenID.po
AnonymousFave.po
etc, all alongside each other. You could separate plugins from the core if you like.
Where locale files have not already been generated, you can build one for a plugin like so:
php scripts/update_po_templates.php --plugin=MyPlugin
and pull out the template file:
plugins/MyPlugin/locale/MyPlugin.pot
Edit that (make sure you at least set the CHARSET, probably to UTF-8) and save your customized .po
files into the structure as above, and use msgfmt to generate .mo files for final output.
This will apply to *ALL* plugins in *ALL* languages, so should probably only be used when doing site customization...
You'd probably do:
$config['site']['locale_path'] = '/srv/awesome/data/locale';
$config['plugins']['locale_path'] = '/srv/awesome/data/locale';
with a structure like:
srv/
awesome/
data/
locale/
en/
LC_MESSAGES/
statusnet.po
OpenID.po
AnonymousFave.po
etc, all alongside each other. You could separate plugins from the core if you like.
Where locale files have not already been generated, you can build one for a plugin like so:
php scripts/update_po_templates.php --plugin=MyPlugin
and pull out the template file:
plugins/MyPlugin/locale/MyPlugin.pot
Edit that (make sure you at least set the CHARSET, probably to UTF-8) and save your customized .po
files into the structure as above, and use msgfmt to generate .mo files for final output.
* now ignoring if-modified-since if we failed an etag if-none-match comparison, per spec
* now including a hash of user id/nickname in most etags, so we'll update the view properly after login/logout
For API methods, checking the API-auth'ed user. (Many change results to include things like 'you're subscribed to this user' or 'this is one of your favorites', so user info is again needed)
There'll still be some last-modified stamps that aren't including user info properly, probably.
* skip more files (.xcf image sources, .html docs)
* skip files before rejecting them for funky filenames!
* allow period in filenames (eg foo-1.4.ttf) but blacklist some unsafe extensions-within-extensions
* fix double space to single space
* use consistent punctuation in messages
* complete translation hints for all commands
* add an i18n fixme for missing plural support
* trailing whitespace removed
When bogus SSL sites etc were hit through a shortening redirect, sometimes link resolution kinda blew up and the user would get a "Can't linkify" error, aborting their post.
Now catching this case and just passing through the URL without attempting to resolve it. Could benefit from an overall scrubbing of the freaky link/attachment code though...! :)
http://status.net/open-source/issues/2513
Two prongs here:
* We attempt to enable SNI on the SSL stream context with the appropriate hostname... This requires PHP 5.3.2 and OpenSSL that supports the TLS extensions. Unfortunately this doesn't seem to be working in my testing.
* If set $config['http']['curl'] = true, we'll use the CURL backend if available. In my testing on Ubuntu 10.04, this works. No guarantees on other systems.
I'm not enabling CURL mode by default just yet; want to make sure there's no other surprises.
File extensions can also be added to the upload type whitelist; they'll be normalized to types for the actual comparison, so only known extensions will work.
Warning: the format strings aren't actually being enforced here which is probably why they weren't caught earlier. Not quite sure why, it should be looked at!
Currently only one custom theme may be uploaded per site, saved with the name 'custom' and stored into the local/themes subdirectory.
Administrators can upload a .ZIP archive containing a theme through the design admin panel; its contents are validated to ensure that only legit files are saved, and a 5M size quota is enforced.
Theme upload requires the zip extension for PHP; if not present, theme uploading is disabled by default.
Uploading and the custom CSS can be controlled via $config['theme_upload']['enabled'] and $config['custom_css']['enabled'].
Configurable directory/path/server for 'local' subdirectory (currently only as used for themes; local plugins not yet switched over)
Can set $config['local']['dir'] etc; not currently exposed in the admin panels.
Per-site directories on a separate themes server could be set up such as:
$config['local']['dir'] = '/path/to/themes/local/' . $_nickname;
$config['local']['server'] = 'themes.example.com';
$config['local']['path'] = '/local/' . $_nickname;
$config['local']['ssl'] = 'never';
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
Added a 2-second default timeout for XMLRPC/extended pings, configurable as [ping,timeout].
No longer repeating the entire ping section if we had an HTTP error during a submission.
For now, dropping the bad item and continuing on with others. (Todo: individual retry and cleaner discards of blacklisted broken-for-now sites.)
* Fake_XMPP back to Queued_XMPP, refactor how we use it and don't create objects and load classes until we need them.
* fix fatal error in IM settings while waiting for a Jabber confirmation.
* Caching fix for user_im_prefs
* fix for saving multiple transport settings
* some fixes for AIM & using normalized addresses for lookups
Users and administrators can set how long an URL can be before it's
shortened, and how long a notice can be before all its URLs are
shortened. They can also turn off shortening altogether.
Squashed commit of the following:
commit d136b39011
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:39:00 2010 -0400
use site and user settings to determine when to shorten URLs
commit 1e1c851ff3
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:38:40 2010 -0400
add a method to force shortening URLs
commit 4d29ca0b91
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:37:41 2010 -0400
static method for getting best URL shortening service
commit a9c6a3bace
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:37:11 2010 -0400
allow 0 in numeric entries in othersettings
commit 767ff2f7ec
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:36:46 2010 -0400
allow 0 or blank string in inputs
commit 1e21af42a6
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:01:11 2010 -0400
add more URL-shortening options to othersettings
commit 869a6be0f5
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 14:22:51 2010 -0400
move url shortener superclass to lib from plugin
commit 9c0c9863d5
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 14:20:28 2010 -0400
documentation and whitespace on UrlShortenerPlugin
commit 7a1dd5798f
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 14:05:46 2010 -0400
add defaults for URL shortening
commit d259c37ad2
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 13:40:10 2010 -0400
Add User_urlshortener_prefs
Add a table for URL shortener prefs, a corresponding class, and the
correct mumbo-jumbo in statusnet.ini to make everything work.
Fix extraction of Atom <content type="text"> and <content type="html">; we were failing to escape plaintext source data to HTML, and doing an extraneous double-deescape on HTML source resulting in breakage of notices containing text that looks like HTML. Only <content type="xhtml"> was working correctly previously.
Fixes for RSS2 content processing: we were failing to load <content:encoded> at all due to using wrong element name, and were applying an extraneous de-escape for <description> rather than the escaping that is required to turn plaintext into HTML. (Per spec, <description> must be plaintext.)
I added the statusnet: prefix to the xml output. This prefix should
be declared on the root element of all relevant XML output.
I also added two StatusNet-specific fields:
* statusnet:html - rendered HTML. Clients shouldn't have to guess
at the correct HTML rendering for notices, especially since some
of the links depend on context.
* statusnet:profile_url - profile URL for a user. You can't count
on a user being a local user in a distributed microblogging world.
So, this shows the explicit profile_url.
This reverts commit 98f0d970da.
Per xopher we're not yet ready to push 0.9.2 theme directories live; we also haven't merged down various things from testing that need to be in the release such as installer fixes.
* Moved notification sending from Notice::saveReplies to distrib queue handler, so it'll pull from the reply set we've saved regardless of how we got it.
* Set up gettext infrastructure for command-line scripts; gets localization mail notifications etc working from background queues.
* Adjusted locale switching: common_switch_locale() works at runtime for bg scripts, forces a message catalog update
* added a few XXX (that's StatusNet for FIXME, right?)
** proposing de-duplication of a message appearing ~50 times
** marking bad pagination implementation
* moved the TRANS: comments in action.php down to exactly before the line in which the message appears. Otherwise gettext does not put them in the pot file
* fixed a XXX in action.php removing double spaces
Because N/S/E/W were on the same lines, and the "// TRANS:" comment must be directly above the line in which the message is located to work, I added the messages to a variable first.
Refactored some of the returnto handling code. It looks like we have several different ways of handling this in the software, icky!
Marked the session-based functions with fixmes (they'll stomp on other forms when multiple tabs/windows are used) and combined some commonish bits of code between ProfileFormAction and the group block & makeadmin actions where they're using hidden form parameters. Extended that to allow passing dynamic parameters (eg 'page') as well as static ones (action, target user/group).
May be slow or run out of memory if run on particularly prolific posters -- not yet optimized for that case.
Note that geodata that has already been sent out to other services (via ostatus, omb, twitter, etc) will not be removed from them.
Conflicts:
actions/imsettings.php
lib/jabber.php
Made a quick attempt to merge the new JID validation into the XmppPlugin, have not had a chance to test that version live yet.
Should also move over the test cases.
This reverts commit 260f00d60b.
As mentioned in
260f00d60b (comment_8367)
Reverting this merge until the bugs are fixed and there is a general
agreement on the need for this enhancement.
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.
Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).
* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
I swapped the settings from negative to positive ($config['queue']['stomp_transactions'] = false rather than $config['queue']['stomp_no_transactions'] = true), gave them defaults (both on for best ActiveMQ experience), and added notes to the README about configuring them.
Conflicts:
lib/attachmentlist.php
plugins/OStatus/classes/Ostatus_profile.php
Merge tried to delete things that it seems it shouldn't, very confusing order. Hope rest of the cherry-picking isn't a problem.
Moved the various classes used by the Activity class to their own
files. There were >10 classes in the same file, with around 1500 lines
in the file. Just too big.
This change makes autoloading work for these classes, so also removed
the hard require in lib/common.php.
RSS feeds have the format
<rss><channel><item/><item/><item/></channel></rss>. The element named
$rss was actually the <channel> element, so I renamed the variable so
I wouldn't hurt my head.
First steps to parsing RSS items as activities. RSS feeds don't seem
to have enough data to make good remote profiles, but this may work
with some "hints".
* Subscription::start was sometimes passing users instead of profiles to hooks, which broke OStatus subscription notifications; now normalizing to profiles for processing.
* H-card parsing would trigger a lot of PHP warnings and notices in hKit. Now suppressing warnings and notices for the duration of the call to keep them out of output when display_errors is on.
* H-card parsing would trigger a PHP fatal error if the source page was not well-formed XML and Tidy was not present on the system. Switched normalization to use the PHP DOM module which is always present, as we have no need for Tidy's extra features here.
* Trying to fetch avatars from Google profiles failed and triggered a PHP warning due to the relative URL not being resolved during h-card parsing. Now passing profile page URL into hKit by sneaking a <base> tag in while we normalize the HTML source.
* Profile pages without a "Link" header could trigger PHP notices due to a bad NULL -> array(NULL) conversion in LinkHeader::getLink(). Now checking that there was a return value before converting single return value into array.
We were double-unescaping for <content type="html">, turning <b> escaped chars into literal tags (which then may get removed entirely by the HTML scrubber).
For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null.
Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131
Revert "Don't attempt to retrieve the current user from the DB while processing a DB error"
This reverts commit 68347691b0.
Revert "Use PHP exceptions for PEAR error handling."
This reverts commit d8212977ce.
For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null.
Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131
Revert "Don't attempt to retrieve the current user from the DB while processing a DB error"
This reverts commit 68347691b0.
Revert "Use PHP exceptions for PEAR error handling."
This reverts commit d8212977ce.
While deletion is in progress, the account is locked with the 'deleted' role, which disables all actions with rights control.
Todo:
* Pretty up the notice on the profile page about the pending delete. Show status?
* Possibly more thorough account disabling, such as disallowing all use for login and access.
* Improve error recovery; worst case is that an account gets left locked in 'deleted' state but the queue jobs have gotten dropped out. This would leave the username in use and any undeleted notices in place.
Under MySQL, new tables will be created as InnoDB with UTF-8 (utf8/utf8_bin) same as core tables.
Existing plugin tables will have table engine and default charset/collation updated, and string columns will have charset updated, at checkschema time.
Switched from 'DESCRIBE' to INFORMATION_SCHEMA for pulling column information in order to get charset. A second hit to INFORMATION_SCHEMA is also needed to get table properties.
Indices were only being created at table creation time, which ain't so hot. Now also adding/dropping indices when they change.
Fixed up some schema defs in OStatus plugin that were a bit flaky, causing extra alter tables to be run.
TODO: Generalize this infrastructure a bit more up to base schema & pg schema classes.
I think this is a bug in Youtube's web server (sending chunked encoding of an empty body with a HEAD response, leaving the connection out of sync when it doesn't attempt to read a body) but the HTTP_Request2 library may need to be adjusted to watch out for that.
Keeps stray daemon subprocesses from floating around when we kill the parents via a signal!
Accomplished by opening a bidirectional pipe in the parent process; the children close out the writer end and keep the reader in their open sockets list. When the parent dies, the children see that the socket's been closed out and can perform an orderly shutdown.
The final whitespace should be dropped from the source messages after we've stabilized; trailing space is pretty unreliable to keep through translation tools and should be avoided. Use separator strings outside the messages!
OStatus plugin overrides these to allow using webfinger (user@example.com), profile URL (http://example.com/user) and bare profile URL (example.com/user) as arguments.
Gets Spanish, French, Russian etc UI localization working on Debian Lenny fresh installation set up in Spanish (so es_ES.UTF-8 is available but en_US.UTF-8 isn't).
The upstream class sets $this->basejid with host unconditionally, which wasn't previously an issue as the fulljid would always be filled in by the server at connect time before sending messages. With the new queued messaging, we need to make sure we've filled out $this->fulljid correctly without making a connection.
Now using $server if provided to build $this->basejid and $this->fulljid in the queued XMPP proxy class, so queued messages are sent correctly.
- switch 'en_US' to 'en', fixes the "admin panel switches to Arabic" bug
- tweak setting descriptions to clarify that most of the time we'll be using browser language
- add a backend switch to disable language detection (should this be exposed to ui?)
* 'testing' of gitorious.org:statusnet/mainline:
Using position relative only for the remote subscription in section
Added group subscription button to groups mini list
Added event hooks at the start and end of groups mini list
All 'connect' menu panels used to be optional, so Action tried to
figure out what the first item on the 'connect' menu should be.
This is no longer necessary because we have the non-optional OAuth
client connections panel now, which is not optional and can't be
turned off.
Also stripping id from foreign HTML messages (could interfere with UI) and disabled failing attachment popup for a.attachment links that don't have a proper id, so you can click through instead of getting an error.
Issues:
* any other links aren't marked and saved
* inconsistent behavior between local and remote attachments (local displays in lightbox, remote doesn't)
* if the enclosure'd object isn't referenced in the content, you won't be offered a link to it in our UI
We only need one author for user feeds: the user themselves. So, show
the user as the activity:subject, and don't repeat the same
activity:actor for every notice unnecessarily.
* 'testing' of gitorious.org:statusnet/mainline: (25 commits)
Fix a bunch of notice & warning-level messages that were breaking my inter-instance communications
more output in updateostatus.php
lost important fields when switching queries
show service debug info
pass listener URI into consumer for OMB
remove strict check on OMB exception strings
return correct HTTP status code for OMB errors
send smaller error pages for OMB API endpoints
Remove check for secret in token deletion on Subscription::cancel()
Better logging on bad token in subscription
Return empty array when no subscriptions to remote
drop tokens for OMB on unsubscribe
fix path for updateostatus.php
Script to convert OMB subscriptions to OStatus subscriptions
show service debug info
pass listener URI into consumer for OMB
remove strict check on OMB exception strings
return correct HTTP status code for OMB errors
send smaller error pages for OMB API endpoints
Remove check for secret in token deletion on Subscription::cancel()
...
In a federated system, "@nickname" is insufficient to uniquely
identify a user. However, it's a very convenient idiom. We need to
guess from context who 'nickname' refers to.
Previously, we were using the sender's profile (or what we knew about
them) as the only context. So, we assumed that they'd be mentioning to
someone they followed, or someone who followed them, or someone on
their own server.
Now, we include the notice information for context. We check to see if
the notice is a reply to another notice, and if the author of the
original notice has the nickname 'nickname', then the mention is
probably for them. Alternately, if the original notice mentions someone
with nickname 'nickname', then this notice is probably referring to
_them_.
Doing this kind of context sleuthing means we have to render the
content very late in the notice-saving process.
* 'testing' of gitorious.org:statusnet/mainline:
init_conversation.php script to copy old notice conversations into the conversation table
cache results of webfinger lookups
Parse an hcard for hints, if available
use new hcard method for webfinger
add hkit for hCard parsing
use new dedicated hcard method for Webfinger profile
Add an hcard action
* 'testing' of gitorious.org:statusnet/mainline:
OStatus: if no <link> available and no profileurl hint passed in, use object id if it's an HTTP(S) URL. Fixes profile link for Google accounts.
Tweak common_url_to_nickname to take the last path component; fixes pulling nicks from Google profile pages (path is "/profile/<nickname>")
Fix bug on subscribe/unsubscribe in profile lists. Bogus call to nonexisting profile->getProfile() was masked by DB_DataObject
A dedicated hcard action for users. Our profile page includes
an hcard, but it's so full of other hcards that it's ambiguous which
one is the "real" one. So, this one make sense for meaning, "This is
my hcard."
* 'testing' of gitorious.org:statusnet/mainline:
Not sure how this ended up in wrong-cased dir...
OStatus: fix remote groups to work with new user_groups/local_groups split.
Conflicts:
classes/User_group.php
- fix <activity:subject> generation so we get the profile info (what's available so far)
- use id instead of nickname for group join/leave forms so we can join/leave remote groups
while the rest of the groups UI remains limited to local groups
(plugins are responsible for making sure remote notifications and permission checks are done)
- fix remote notification when joining group through OStatus's remote subscribe form
* 'testing' of gitorious.org:statusnet/mainline:
Merge StatusNet core localization updates from 0.9.x branch
Fix update_po_templates.php to support the plural and context variants of _m() in plugins
Drop HTMLPurifier; we don't need its extra capabilities and we're already using htmLawed which is lighter-weight.
OStatus: handle update-profile Salmon pings
Revert "Updated jQuery Form Plugin from v2.17 to v2.36"
OStatus: disable HTMLPurify cache unless we've configured a writable path for it.
- add event hooks to profile update pings
- send Salmon pings with custom update-profile event to OStatus subscribees and groups (subscribers will see it on your next post)
- fix OStatus queues with overlong transport names, should work on DB queues now
- Ostatus_profile::notifyActivity() and ::notifyDeferred() now can take XML, Notice, or Activity for convenience
the shorthand that I've proposed at
http://microformats.org/wiki/geo-brainstorming#latitude_longitude_shorthand_and_geo_link
If anyone wants to pick up on where the discussion was left off or
get more implementation support by other sites and software, and be
recognized by parsers, I'd be happy to go back to the shorthand.
Because you know, it actually makes a lot of sense.
- added rel="ostatus:attention" links for group delivery
- added events for plugins to override group profile/permalink pages
- pulled Notice::saveGroups up to save-time so we can override;
it's relatively cheap and gives us a clean list of target
groups for distrib time even with customized delivery.
- fixed notice::getGroups to return group objects as expected
- added some doc on new parameters to Notice::saveNew
- 'groups' list of group IDs to push to in place of parsing
- messages that come in via PuSH and contain local group targets
are delivered to local group members
- messages that come in via PuSH and contain remote group targets
are delivered to local members of the remote group
Todo:
- handle group posts that only come through Salmon
- handle conflicts in case something comes in both through Salmon and PuSH
- better source verification
- need a cleaner interface to look up groups by URI
- need a way to handle remote groups with conflicting names
Combined the code that finds mentions of other profiles into one place.
common_find_mentions() finds mentions and calls hooks to allow
supplemental syntax for mentions (like OStatus).
common_linkify_mentions() links mentions.
common_linkify_mention() links a mention.
Notice::saveReplies() now uses common_find_mentions() instead of
trying to parse everything again.
I changed the way that tag: URIs are minted, so we now use the right
base. Ideally most of these would use HTTP URIs instead, but for
now at least they use the right base.
We've been making pretty crummy tag: URIs for a while. We should
continue to favor HTTP URIs, since it's nice to be able to discover
things about an object you've shared the ID of. Where that's not
possible, this makes nicer tag URIs.
The subs_* functions in subs.php have made a lot of assumptions
about users versus profiles. I've refactored the functions to
be methods of the Subscription class instead, and to use Profile
objects throughout.
Some of the checks for blocks or existing subscriptions depended
on users or profiles, so I've moved those methods around a bit.
I've left stubs for the subs_* functions until we get time to replace
them.
All breakout queues that we're going to need to listen to now need to be explicitly listed in $config['queue']['breakout'].
Until XMPP is moved to component model, this setting will let the individual processes work with their own queues:
$config['queue']['breakout'][] = 'xmpp/xmppout/' . $config['site']['nickname'];
- Multiplexing queues into groups and for multiple sites.
- Sharing vs breakout configurable per site and per queue via $config['queue']['breakout']
- Detect how many times a message is redelivered, discard if it's killed too many daemons
- count configurable with $config['queue']['max_retries']
- can dump the items to files in $config['queue']['dead_letter_dir']
Queue daemon memory & resource leak fixes:
- avoid unnecessary reconnections to memcached server (switch persistent connections back in on second initialization, assuming it's child process)
- monkey-patch for leaky .ini loads in DB_DataObject::databaseStructure() - was leaking 200k per active switch
- applied leak fixes to Status_network as well, using intermediate base Safe_DataObject for both it and Memcache_DataObject
Misc queue fixes:
- correct handling of child processes exiting due to signal termination instead of regular exit
- shutdown instead of infinite respawn loop if we're already past the soft memory limit at startup
- Added --all option for xmppdaemon... still opens one xmpp connection per site that has xmpp active
Cache updates:
- add Cache::increment() method with native support for memcached atomic increment
* skip unnecessary unsubscribes on graceful shutdown -- takes a long time for many queues, slows down our restarts when hitting graceful mem limit
* fix control channel (was broken when we switched to support multiple queue servers)
* detection of group feeds is currently a nasty hack based on presence of '/groups/' in URL -- should use some property on the feed?
* listing for the remote group is kinda cruddy; needs to be named more cleanly
* still need to establish per-author profiles (easier once we have the updated Atom code in)
* group delivery probably not right yet
* saving of group messages still triggering some weird behavior
Added support for since_id and max_id on group timeline feeds as a free extra. Enjoy!
* Treat linkless feed posts as status updates; drop the "New post:" prefix and quotes on them.
* Use stable user IDs for atom/rss2 feed links instead of unstable nicknames
* Pull Atom feed preferentially when subscribing -- can now put the remote user's profile page straight into the feed subscription form and get to the right place.
* Clean up naming for push endpoints
* renamed FeedSub plugin to OStatus
* now setting avatar on subscriptions
* general fixes for subscription
* integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly
* set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though)
* a few bits of code documentation
* HMAC support for verified distributions (safest if sub setup is on HTTPS)
And a couple core changes:
* minimizing HTML output for exceptions in API requests to aid in debugging
* fix for rel=self link in apitimelineuser when id given
This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions.
Needs some further cleanup to treat posts as status updates instead of link references.
Defaulting to only looking at last 90 days of activity, can be adjusted up or down.
$config['tag']['cutoff'] = 86400 * 90;
$config['popular']['cutoff'] = 86400 * 90;
Per-user and per-group tag clouds do not use the cutoff (and it doesn't help with indexing on them).
Adds a robots.txt file to the site root. Defaults defined by
'robotstxt' section of config. New events StartRobotsTxt and
EndRobotsTxt to let plugins add information. Probably not
useful if path is not /, but won't hurt anything, either.
If an array of multiple servers is put in $config['queue']['stomp_server'], enqueues will pick a random server to send to (failing over automatically if any are down).
Queue handling daemons connect all servers so they get events no matter where they were delivered.
In case of disconnection, daemons should now handle it gracefully and attempt to reconnect every 60 seconds or so, automatically resubscribing to all queues once it's back up.
Can put to 'native' failover for reads as well by disabling $config['stomp']['manual_failover'] = false; but this is untested and may explode in addition to requiring that your ActiveMQ cluster actually be set up to handle its own data distribution.
Additionally, can choose which queues to mark as persistent by setting $config['stomp']['persistent'] to an array of queue names.
Move definition of NICKNAME_FMT above plugin initialization but below loading of Validate package.
A merge error when refactoring setup lead to this not being defined yet when plugins were initialized, causing the router setup in MapstractionPlugin which tried to use this constant to fail.
Result was bogus links and if you hit the URL directly the action would be "unrecognized".
* testing: (130 commits)
HTTP auth provided is evaluated even if it's not required
Rename rc3to09.sql to rc3torc4.sql to avoid confusion if we add a last-minute change after this!
Add new oauth tables and modifications to 'consumer' table for rc4
Centred leaderboard ad
camelcase the uap param names
move leaderboard to after the header
Moved rectangle ad into aside and leaderboard to the right in header.
Aligning wide skyscraper to the right instead of left
CSS ids and classes fixed in UAPPlugin
wrong height for rectangle in BlankAd
Add the moved BlankAdPlugin
make BlankAd dir and change to use a 1x1 image
move BlankAdPlugin to its own dir
Add BlankAdPlugin to test ad layout in different themes
make uapplugin an abstract class
move UAP plugin to core
Lowercased switch cases in UAP Plugin
Plugin for Universal Ad Package. Outputs four most widely used ad types.
Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!)
quick fix: use common_path() on realtime update JS so it works with the new JS path code (will pull from main server for now)
...
Conflicts:
actions/apioauthaccesstoken.php
actions/apioauthauthorize.php
actions/apioauthrequesttoken.php
actions/editapplication.php
actions/newapplication.php
lib/apiauth.php
lib/queuemanager.php
lib/router.php
We have about 10-12 JavaScript pages per Web page. They usually
are based on the same server as the Web pages, but since they're
static files, it makes sense to offload them to a lite server that
handles static files well.
This commit lets you set a separate Javascript server and path for the
default Javascript code in StatusNet.
Squashed commit of the following:
commit 139d1622fdafe5ad00c820224416d9021efc3234
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 27 11:30:24 2010 -0500
modules that call htmloutputter::script() don't prescribe js/ path
commit c6ca3174af73efed55eaed5ff1e2a3bdc77d2d87
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 27 11:28:07 2010 -0500
configurable server and path for javascript files
queuectl.php --update -s<site>
queuectl.php --stop
queuectl.php --restart
Default control channel is /topic/statusnet-control. For external utilities to send a site update ping direct to the queue server, connect via Stomp and send a message formatted thus:
update:<nickname>
(Nickname here, *not* server hostname! The rest of the queues will be updated to use nicknames later.)
Note that all currently-connected queue daemons will get these notifications, including both queuedaemon.php and xmppdaemon.php. (XMPP will ignore site update requests for sites that it's not handling.)
Limitations:
* only implemented for stomp queue manager so far
* --update may not yet handle a changed server name properly
* --restart won't reload PHP code files that were already loaded at startup. Still need to stop and restart the daemons from 'outside' when updating code base.
New configuration options to define a single-user mode. This hides
most of the "community" pages, like the public timeline and groups.
The main user's timeline becomes the main page, and most other URLs
are changed.
Switching back and forth between 1-user and multi-user mode is
probably hazardous.
Squashed commit of the following:
commit d814aa5c92d14a27a12baba7893f3f8bf63f1d08
Author: Evan Prodromou <evan@status.net>
Date: Tue Jan 26 00:17:27 2010 -0500
don't show inbox and outbox in single-user mode
commit 47f19b9523a7015d4c6e460b73ea32c839e00aa1
Author: Evan Prodromou <evan@status.net>
Date: Tue Jan 26 00:15:22 2010 -0500
show correct URL for logo in single-user mode
commit 552010cffc33eadbc512ec5a67619dbc2015239a
Author: Evan Prodromou <evan@status.net>
Date: Tue Jan 26 00:15:06 2010 -0500
make singleuser its own config section
commit 786ab260a3ca172e57b555c75ca10946d8f258a1
Author: Evan Prodromou <evan@status.net>
Date: Tue Jan 26 00:05:19 2010 -0500
make single-user mode work
commit 5b21d7309b3a8dd5a4e0f29aea76f7897f1818b1
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 23:45:55 2010 -0500
add single-user mode
Moved much of the writing that happens when posting a notice to a new
queuehandler, distribqueuehandler. This updates tags, groups, replies
and inboxes at queue time (or at Web time, if queues are disabled).
To make this work well, I had to break up the monolithic
Notice::blowCaches() and make cache blowing happen closer to where
data is updated.
Squashed commit of the following:
commit 5257626c62750ac4ac1db0ce2b71410c5711cfa3
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 14:56:41 2010 -0500
slightly better handling of blowing tag memory cache
commit 8a22a3cdf6ec28685da129a0313e7b2a0837c9ef
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 01:42:56 2010 -0500
change 'distribute' to 'distrib' so not too long for dbqueue
commit 7a063315b0f7fad27cb6fbd2bdd74e253af83e4f
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 01:39:15 2010 -0500
change handle_notice() to handle() in distributqueuehandler
commit 1a39ccd28b9994137d7bfd21bb4f230546938e77
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 16:05:25 2010 -0500
error with queuemanager
commit e6b3bb93f305cfd2de71a6340b8aa6fb890049b7
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 01:11:34 2010 -0500
Blow memcache at different point rather than one big function for Notice class
commit 94d557cdc016187d1d0647ae1794cd94d6fb8ac8
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 00:48:44 2010 -0500
Blow memcache at different point rather than one big function for Notice class
commit 1c781dd08c88a35dafc5c01230b4872fd6b95182
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 20 08:54:18 2010 -0500
move broadcasting and distributing to new queuehandler
commit da3e46d26b84e4f028f34a13fd2ee373e4c1b954
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 20 08:53:12 2010 -0500
Move distribution of notices to new distribute queue handler
Previously, messages once delivered would just get stuck in the queue seemingly forever if they never got ACKed.
Note this could lead to partial duplication, for instance if the OMB or Twitter queue handlers die after 1/2 of the outgoing sends.
Recommendations:
* catch exceptions more aggressively within queue handlers (so only PHP fatal errors are likely to kill in the middle)
* for processing that involves sending to multiple clients, consider a second queue similar to the XMPP output, eg for OMB:
- first queue gets delivery list and builds message data, enqueueing it for each target address
- second queue can handle each individual outgoing message (and attempt redelivery etc separately)
This would also protect better against a recurring error preventing delivery in the second part, and could spread out any slow sends over multiple threads.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.
This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues
Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
This is based on Craig Andrews' work branch to generalize queues to take any
object, but conservatively leaving out the serialization for now.
Table updater (preserves any existing queued items) in db/rc3to09.sql
Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
each run through the event loop to watch for memory leaks
To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
to queues.
* Find a way to improve interactive performance of the database-backed queue
handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
grouping used to split out the XMPP output queue is a bit awkward.
Conflicts:
scripts/xmppdaemon.php
Previously, messages once delivered would just get stuck in the queue seemingly forever if they never got ACKed.
Note this could lead to partial duplication, for instance if the OMB or Twitter queue handlers die after 1/2 of the outgoing sends.
Recommendations:
* catch exceptions more aggressively within queue handlers (so only PHP fatal errors are likely to kill in the middle)
* for processing that involves sending to multiple clients, consider a second queue similar to the XMPP output, eg for OMB:
- first queue gets delivery list and builds message data, enqueueing it for each target address
- second queue can handle each individual outgoing message (and attempt redelivery etc separately)
This would also protect better against a recurring error preventing delivery in the second part, and could spread out any slow sends over multiple threads.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.
This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues
Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
This is based on Craig Andrews' work branch to generalize queues to take any
object, but conservatively leaving out the serialization for now.
Table updater (preserves any existing queued items) in db/rc3to09.sql
Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
each run through the event loop to watch for memory leaks
To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
to queues.
* Find a way to improve interactive performance of the database-backed queue
handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
grouping used to split out the XMPP output queue is a bit awkward.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.
This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues
Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
This is based on Craig Andrews' work branch to generalize queues to take any
object, but conservatively leaving out the serialization for now.
Table updater (preserves any existing queued items) in db/rc3to09.sql
Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
each run through the event loop to watch for memory leaks
To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
to queues.
* Find a way to improve interactive performance of the database-backed queue
handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
grouping used to split out the XMPP output queue is a bit awkward.
- NOTICE_INBOX_SOURCE_* constants moved to common.php since Notice_inbox.php not always loaded
- fixed typo in User::staticGet() call which caused user #1 to receive messages once for each subscriber instead of for him/herself
- 'continue' -> 'continue 2' inside switch() statement to fix loop escape (PHP considers switch() a looping construct for break & continue)
Key changes:
* Initialization code moved from common.php to StatusNet class;
can now switch configurations during runtime.
* As a consequence, configuration files must now be idempotent...
Be careful with constant, function or class definitions.
* Control structure for daemons/QueueManager/QueueHandler has been refactored;
the run loop is now managed by IoMaster run via scripts/queuedaemon.php
IoManager subclasses are woken to handle socket input or polling, and may
cover multiple sites.
* Plugins can implement notice queue handlers more easily by registering a
QueueHandler class; no more need to add a daemon.
The new QueueDaemon runs from scripts/queuedaemon.php:
* This replaces most of the old *handler.php scripts; they've been refactored
to the bare handler classes.
* Spawns multiple child processes to spread load; defaults to CPU count on
Linux and Mac OS X systems, or override with --threads=N
* When multithreaded, child processes are automatically respawned on failure.
* Threads gracefully shut down and restart when passing a soft memory limit
(defaults to 90% of memory_limit), limiting damage from memory leaks.
* Support for UDP-based monitoring: http://www.gitorious.org/snqmon
Rough control flow diagram:
QueueDaemon -> IoMaster -> IoManager
QueueManager [listen or poll] -> QueueHandler
XmppManager [ping & keepalive]
XmppConfirmManager [poll updates]
Todo:
* Respawning features not currently available running single-threaded.
* When running single-site, configuration changes aren't picked up.
* New sites or config changes affecting queue subscriptions are not yet
handled without a daemon restart.
* SNMP monitoring output to integrate with general tools (nagios, ganglia)
* Convert XMPP confirmation message sends to use stomp queue instead of polling
* Convert xmppdaemon.php to IoManager?
* Convert Twitter status, friends import polling daemons to IoManager
* Clean up some error reporting and failure modes
* May need to adjust queue priorities for best perf in backlog/flood cases
Detailed code history available in my daemon-work branch:
http://www.gitorious.org/~brion/statusnet/brion-fixes/commits/daemon-work
* Mostly punctuation updates so that the same message is used consistently in all of StatusNet.
* Some cases of "Title Case" removed, because that does not appear to be used consistently.
This reverts commit 5d9a2eb17e.
These are commands that are/were implemented by Twitter, and we don't
(yet) implemented. People will be looking for that information.
* We now cache negative lookups; clear them in Memcached_DataObject->insert()
* Mark file.url as a unique key in statusnet.ini so its negative lookups are cleared properly (first save of a notice with a new URL was failing due to double-insert)
* Now using serialization for default in-process cache instead of just saving objects; avoids potential corruption if you save an object to cache, change the original object, then fetch the same key from cache again
Consolidated several separate implementations of the same weighting algorithm into common_sql_weight() and fixed some bugs...
For MySQL, now using timestampdiff() instead of subtraction for the comparison, so we get sane results when the year doesn't match, and utc_timestamp() rather than now() so we don't get negative ages for recent items with local server timezone.
Unknown whether the same problems affect PostgreSQL, but note that it lacks the timestampdiff() SQL function.
Consolidated several separate implementations of the same weighting algorithm into common_sql_weight() and fixed some bugs...
For MySQL, now using timestampdiff() instead of subtraction for the comparison, so we get sane results when the year doesn't match, and utc_timestamp() rather than now() so we don't get negative ages for recent items with local server timezone.
Unknown whether the same problems affect PostgreSQL, but note that it lacks the timestampdiff() SQL function.
Allows storage of larger objects (over 1mb in size uncompressed), such as huge LDAP schemas.
Should also improve cache efficiency (allows more stuff to be stored in same memory) and reduce network latency (less data transfer)
self-subscription) via the API. Additionally, make it impossible
to block yourself or unsubscribe from yourself, period.
I also made User use the subs.php helper function for unsubscribing
during a block.
Hopefully, these changes will get rid of the problem of people
accidentally deleting their self-subscriptions once and for all
(knock on wood).
* 0.9.x: (141 commits)
Reload the admin design panel page to show the new CSS when the
Only pick up new default site colors if the theme has NOT changed.
Delete design when user chooses to restore default design, instead
Localisation updates for !StatusNet from !translatewiki.net !sntrans
Do not rebuild/add .mo files by default
If an XHR notice is sent form a page that has no timeline, show a
Revert "If the page doesn't have .notices, silently skip the notice XHR response"
Revert "Clear/reset the XHR notice form on pages where there is no timeline"
Clear/reset the XHR notice form on pages where there is no timeline
If the page doesn't have .notices, silently skip the notice XHR response
Remove useless debugging statement
Moved form control styles (i.e., border and radius) out of base
add pluginhandler to list of daemons to shut down
Using box-shadow only on the current navigation item
Updated theme readme
Fix regression in password settings: users have been unable to change their passwords since introduction of ChangePassword event (later StartChangePassword) November 5 in commit d6ddb84132
Ticket 2048: make OMB posting HTTP timeout configurable as $config['omb']['timeout']; defaults to 5 seconds instead of 20-second default in Yadis library
ticket 1100: add Drupal source link
Fix makefile wildcards for locale compilation (now works on Ubuntu 8.04)
typo fix: '$this' now spelled correctly. Looks like this'll fix acceptance of 'source' param for direct messages posted to API
...
Conflicts:
js/util.js
locale/ar/LC_MESSAGES/statusnet.po
locale/bg/LC_MESSAGES/statusnet.po
locale/ca/LC_MESSAGES/statusnet.po
locale/cs/LC_MESSAGES/statusnet.po
locale/de/LC_MESSAGES/statusnet.po
locale/el/LC_MESSAGES/statusnet.po
locale/en_GB/LC_MESSAGES/statusnet.po
locale/es/LC_MESSAGES/statusnet.po
locale/fi/LC_MESSAGES/statusnet.po
locale/fr/LC_MESSAGES/statusnet.po
locale/ga/LC_MESSAGES/statusnet.po
locale/he/LC_MESSAGES/statusnet.po
locale/is/LC_MESSAGES/statusnet.po
locale/it/LC_MESSAGES/statusnet.po
locale/ja/LC_MESSAGES/statusnet.po
locale/ko/LC_MESSAGES/statusnet.po
locale/mk/LC_MESSAGES/statusnet.po
locale/nb/LC_MESSAGES/statusnet.po
locale/nl/LC_MESSAGES/statusnet.po
locale/nn/LC_MESSAGES/statusnet.po
locale/pl/LC_MESSAGES/statusnet.po
locale/pt/LC_MESSAGES/statusnet.po
locale/pt_BR/LC_MESSAGES/statusnet.po
locale/ru/LC_MESSAGES/statusnet.po
locale/statusnet.po
locale/sv/LC_MESSAGES/statusnet.po
locale/te/LC_MESSAGES/statusnet.po
locale/tr/LC_MESSAGES/statusnet.po
locale/uk/LC_MESSAGES/statusnet.po
locale/vi/LC_MESSAGES/statusnet.po
locale/zh_CN/LC_MESSAGES/statusnet.po
locale/zh_TW/LC_MESSAGES/statusnet.po
plugins/Realtime/realtimeupdate.js
* master: (67 commits)
Ticket 2038: fix bad bug tracker link
Fix regression in group posting: bug introduced in commit 1319002e15. Need to use actual profile object rather than an id on a variable that doesn't exist when checking blocks :D
Log database errors when saving notice_inbox entries
Drop the username from the log id for now; seems to trigger an error loop in some circumstances
request id on logs... pid + random id per web request + username + method + url
Add OpenID ini info back into statusnet.ini as a stopgap until we can
Some changes to the OpenID DataObjects to make them emit the exact same
OpenID plugin should set 'user_openid.display' as unique key
Remove relationship: user_openid.user_id -> user.id. I don't think this
Have OpenID plugin DataObjects emit their own .ini info
Revert "Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them"
Catch and report exceptions from notice_to_omb_notice() instead of letting the OMB queue handler die.
Fix regression in remote subscription; added hasRole() shadow method on Remote_profile.
Fix fatal error on OMB subscription for first-timers
Remove annoying log msg
Drop error message on setlocale() failure; this is harmless, since we actually have a working locale set up.
Catch uncaught exception
Fixed bug where reply-sync bit wasn't getting saved
Forgot to render the nav menu when on FB Connect login tab
Facebook plugin no longer takes over Login and Connect settings nav menus
...
Conflicts:
db/08to09_pg.sql
db/statusnet_pg.sql
locale/pt_BR/LC_MESSAGES/statusnet.mo
plugins/Mapstraction/MapstractionPlugin.php
DB_DataObject hides errors by silently returning null for any non-existent method call, making it harder to tell what the heck's going on... the rights check for blocked remote users returned null for the check for subscribe rights, thus eval'ing to false. We now log a note in this circumstance, which would have cut about 3 hours off of the debug time.
DB_DataObject hides errors by silently returning null for any non-existent method call, making it harder to tell what the heck's going on... the rights check for blocked remote users returned null for the check for subscribe rights, thus eval'ing to false. We now log a note in this circumstance, which would have cut about 3 hours off of the debug time.
Success return code from omb_broadcast_message was dropped in commit ec88d2650e (Aug 10 2009) which switched us to libomb backend. With queues enabled, this would lead to the notice being readded to the outgoing OMB queue for redelivery as the queue system thought the send failed. The resends caused extra load and confusion for third-party sites, and more worryingly just plugged up our own queue so legit messages were badly delayed.
This commit should restore the previous state, where we fire-and-forget; that is, we're not actually checking to see if all remote subscribers received the message successfully and there will be no resends.
Success return code from omb_broadcast_message was dropped in commit ec88d2650e (Aug 10 2009) which switched us to libomb backend. With queues enabled, this would lead to the notice being readded to the outgoing OMB queue for redelivery as the queue system thought the send failed. The resends caused extra load and confusion for third-party sites, and more worryingly just plugged up our own queue so legit messages were badly delayed.
This commit should restore the previous state, where we fire-and-forget; that is, we're not actually checking to see if all remote subscribers received the message successfully and there will be no resends.
With $config['db']['schemacheck'] set to 'script' in live deployment, Schema class wasn't being preloaded for us; the uses of TableDef by plugins for DataObject configuration would then fail because the class wasn't loaded. Broken to separate files, the autoloader can find all classes in either case.
PHP Fatal error: Class 'TableDef' not found in /var/www/statusnet/plugins/OpenID/User_openid.php on line 43, referer: http://identi.ca/brionv/all
With $config['db']['schemacheck'] set to 'script' in live deployment, Schema class wasn't being preloaded for us; the uses of TableDef by plugins for DataObject configuration would then fail because the class wasn't loaded. Broken to separate files, the autoloader can find all classes in either case.
PHP Fatal error: Class 'TableDef' not found in /var/www/statusnet/plugins/OpenID/User_openid.php on line 43, referer: http://identi.ca/brionv/all
XHTML mode breaks a lot of JS and has been causing trouble for Safari and Chrome, especially with the fancier new UI-side plugins like realtime and maps.
XHTML mode breaks a lot of JS and has been causing trouble for Safari and Chrome, especially with the fancier new UI-side plugins like realtime and maps.
Added a right for new notices, realized that the hasRight() method
should be on the profile, and moved it.
Makes this a less atomic commit but that's the way it goes sometimes.
Added EmailAuthenticationPlugin
Added ReverseUsernameAuthenticationPlugin
Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname
User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static
The call was moved to this spot in commit 3ea1119e50 (previously init'd later in another func) but doesn't seem to be needed anyway. None of our code uses the variables that this function defines, just the constants -- which are already predefined without the call.
The function is deprecated in PHP 5.3 and gone in 6, so we may as well toss it now.
common_logged_in() returned bogus results because it checks against null specifically, but common_current_user() was sticking 'false' into $_cur because that's what User::staticGet() returned from a failed lookup. Now we skip over a failed lookup here, so we keep null and all is well.
* 0.9.x:
Added a events for the settings menu items
Bringing Sphinx search support up to code: broken out to a plugin, now supports multiple sites on a single server.
Changed to Evan's event style and added an AuthPlugin superclass
add geo output to statuses in json, xml, atom, rss in API
Localisation updates from translatewiki.net (2009-11-10)
Localisation updates from translatewiki.net
Update pot
add lat and long parameters to api/statuses/update
change credential check to work more like other events
fixup output of object attributes in db error code
Performance fix for subscription/subscriber lists based on feedback from ops.
Adjusting indexes to make favorites query more efficient, based on feedback from ops.
Revert untested code; spews PHP notice warnings on every page view: "just sent a http 200 for the check-fancy from install.php"
Added hook for the Group navigation items
Updated block @title text (shouldn't say from group)
Updated group block markup
Revert "Remove more contractions"
Upgrade notes:
* Index names have changed from hardcoded 'Identica_people' and 'Identica_notices' to use the database name and actual table names. Must reindex.
New events:
* GetSearchEngine to override default search engine class selection from plugins
New scripts:
* gen_config.php generates a sphinx.conf from database configuration (with theoretical support for status_network table, but it doesn't seem to be cleanly queriable right now without knowing the db setup info for that. Needs generalized support.)
* Replaced old sphinx-indexer.sh and sphinx-cron.sh with index_update.php
Other fixes:
* sphinx.conf.sample better matches our live config, skipping unused stopword list and using a more realistic indexer memory limit
Further notes:
* Probably doesn't work right with PostgreSQL yet; Sphinx can pull from PG but the extraction queries currently look like they use some MySQL-specific functions.
* 0.9.x: (26 commits)
just sent a http 200 for the check-fancy from install.php
Add a new event: CanUserChangeField
shorten flag notification and include a class
Added flag icon for UserFlag plugin
Fixed notice option alignment in IE
add a method to Theme class to list available themes
Updated Realtime plugin to use the util's NoticeReply object
Localisation updates from translatewiki.net (2009-11-08)
Update pot again
Rebuild pot file *without* --join-existing to get rid of the cruft. Not sure why "--join-existing" must be in. Only thing I can think of is manual additions, which I could not find.
Revert "More precise field label"
Remove more contractions
Revert "* [Cc]an't -> [Cc]annot"
Revert "More specifics on 'address'"
* [Cc]an't -> [Cc]annot
Revert "* check usage of 'people' in UI and change it to 'users' or something else in most places"
add utilities for calculating local and installation theme root dirs
Harmonise UI message "No such user."
Restructure theme.php to define a class Theme
entity_action responses look more inactive now
...
This reverts commit 81b4a381d9.
IMO "user" is a bit impersonal and we shouldn't go changing the tone of the UI willy-nilly when we're updating localisations.
For various reasons, it's nicer to have a class for theme-file paths
and such. So, I've rewritten the code for determining the locations of
theme files to be more OOPy.
I changed all the uses of the two functions in the module (theme_file
and theme_path) to use Theme::file and Theme::path respectively.
I've also removed the code in common.php that require's the module;
using a class means we can autoload it instead.
Caching support will be added in future work after unit tests have been added.
* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries
* adapted GeonamesPlugin for new HTTPResponse interface
Note some plugins haven't been fully tested yet.
Caching support will be added in future work after unit tests have been added.
* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries
Note some plugins haven't been tested yet.
Added 4 new events involved in XRDS: StartUserXRDS, EndUserXRDS, StartPublicXRDS, EndPublicXRDS
Added OpenID provider functionality (no delegation support [yet])
* api-media-upload:
Rearanged a couple things & removed debugging statements
Rework MailDaemon to use the MediaFile class for uploads
Implement media upload in the API
Extract media upload stuff into its own library class.
* OMB remote updates were trying to load nonexistent Laconica_OMB_Service_Consumer class -- fixed to StatusNet_OMB_Service_Consumer. Regression caused during libomb merge.
* Twitter processing was still being queued from core when no twitter plugin was present, which triggered an exception from UnqueueHandler; leftover code from before the plugin extraction.
* UnqueueHandler's exception caused a fatal error instead because it was missing the "new" keyword. Wouldn't have been seen when testing with the plugin enabled.
of empty notice prefix text in facebook settings.
Filed bug upstream at http://bugs.developers.facebook.com/show_bug.cgi?id=7110
Per documentation, saving a pref value of "" or "0" will delete the pref key:
http://wiki.developers.facebook.com/index.php/Data.setUserPreference
which used to do what we want... Now Facebook throws back an error
"Parameter value is required" when we do this. Workaround appends a
space to empty string or "0" at save time, then trims the string when
we load it.
The input string was already trimmed at pref save time, so this won't
alter any user-visible behavior.
Thanks to ^demon in #mediawiki for pointing out the behavior regression
after testing the identi.ca Facebook app!
of empty notice prefix text in facebook settings.
Filed bug upstream at http://bugs.developers.facebook.com/show_bug.cgi?id=7110
Per documentation, saving a pref value of "" or "0" will delete the pref key:
http://wiki.developers.facebook.com/index.php/Data.setUserPreference
which used to do what we want... Now Facebook throws back an error
"Parameter value is required" when we do this. Workaround appends a
space to empty string or "0" at save time, then trims the string when
we load it.
The input string was already trimmed at pref save time, so this won't
alter any user-visible behavior.
Thanks to ^demon in #mediawiki for pointing out the behavior regression
after testing the identi.ca Facebook app!
Set "en_US" locale first, then the locale we want for our user.
This seems to initialize gettext properly somehow, which I could see when the languages would come up briefly on settings save when changing from a supported language.
Definitely works for ga_ES on my Ubuntu system (8.10 intrepid), hopefully reasonably consistent.
* 0.9.x: (247 commits)
Added in credits.
Use site's name for basic auth realm
Make apigroupcreate.php pass phpcs
Took out some unnecessary intializations
Implemented create group api
CamelCase all function names in the API code
These same params are used in most API actions; moved to base API class
Missed some of the references to the old TwitterApiAction - removed
Remove more redundant $formats
Remove dead code
Move all basic auth output and processing to base classes
$format is used by every API action. Set it in the base class.
Delete action/api.php and rename lib/twitterapi.php to lib/api.php
New actions for blocks via API
fix FBConnect so it doesn't muffle EndPrimaryNav
don't write session if it's unchanged
Fixed facebook connect primary nav to hide search option when site is private and user is not logged in
Fixed facebook connect primary nav to obey sms/twitter/openid settings
Fixed facebook connect login nav to obey openid settings
Fixed facebook connect nav to obey sms/twitter disabled
...
Merge branch '0.9.x' into refactor-api
* 0.9.x:
Implemented create group api
fix FBConnect so it doesn't muffle EndPrimaryNav
don't write session if it's unchanged
Fixed facebook connect primary nav to hide search option when site is private and user is not logged in
Fixed facebook connect primary nav to obey sms/twitter/openid settings
Fixed facebook connect login nav to obey openid settings
Fixed facebook connect nav to obey sms/twitter disabled
Fixed twitter defaulting to disabled
Revert "Open tags should have closing tags"
Don't show search suggestions for private sites
Fixed E_NOTICE when returnto isn't set
Fixed E_NOTICE when the "lite" parameter isn't included in the request
Fixed E_NOTICE - GroupList expects an owner object in the constructor, not an array of search terms
Returning false seems to fix IE from reclaiming window focus. I think
Aligning notice attach label from right instead of left
Fixed IE background image alignment for attach, favour and disfavour
Fixed nudge and direct message background image alignment
Using 'CSS sprites' for common icons for the identica theme. Default
Open tags should have closing tags
Conflicts:
actions/twitapigroups.php
actions/twitapistatuses.php
* 0.9.x: (23 commits)
Added hook to wrap the notice form data block
Unnecessary selector bit
Removed obsolete iphone theme (pre v0.7)
remove spurious readme from Orbited
need to show scripts at end of body in RealtimePlugin
Some changes required from Orbited debugging
Update OrbitedPlugin to work with RealtimePlugin framework
updated OrbitedPlugin to use RealtimePlugin
remove unused files for OrbitedPlugin
rename plugin
copy Comet plugin to Orbited
move scripts to just before </body>, add event for scripts that need to be in <head>
reformat Notice.php
added all them doxygens
Using CDATA for autofocus script
more doxygen
added doxygen
indent fix
better handling of y response in deleteuser.php
script to permanently delete a user
...
* 0.9.x:
change DB so OpenIDPlugin manages OpenID tables
Some bug fixes
check the schema
add some more methods to Schema
Added hook for Aside container
Revert "Outputting UTF-8 charset in document header irrespective of mimetype."
FOAF for Groups.
use schema tool to create a table
statusize schema-related modules
test script for schema code
make table def method of schema code work
start a module for schema management
* 0.9.x: (39 commits)
Timeout a little incase the notice item from XHR response is
Relocated the button for pop up window for notice stream
Script no longer needed for Realtime plugin
Better check to see if the XML prolog should be outputted for XML
Outputting UTF-8 charset in document header irrespective of mimetype.
Switched Doctype to XHTML 1.0 Strict (which best reflects the current
Twitter API returns server errors in preferred format
move HTTP error code strings to class variables
remove string-checks from code using Notice::saveNew()
change string return from Notice::saveNew to exceptions
stop overwriting created timestamp on group edit
Forgot to add home_timeline to the list of methods that only require
Forgot to add home_timeline to the list of methods that only require
moderator can delete another user's notice
show delete button when user has deleteOthersNotice right
let hooks override standard user rights
user rights
Merge DeleteAction class into DeletenoticeAction
Fix some bugs in the URL linkification, and fixed the unit test.
Fix URL linkification test cases for addition of 'title' attribution with long URL in f3c8fccc
...
The DeleteAction class checked for notice information, and only had
one subclass: DeletenoticeAction. I couldn't figure out any other
class that would subclass it, so I combined the two into a single class.
* 0.9.x: (88 commits)
Left a couple debugging statements in (removed)
Output If-Modified-Since header for all RSS 1.0 feeds (again)
Revert "move scripts to just before </body>, add event for scripts that need to be in <head>"
Implemented join and leave groups api methods
implemented etag and last modified
Fixed broken Piwik plugin - was not using the supplied site code
move scripts to just before </body>, add event for scripts that need to be in <head>
some UI fixes
Using timeline string instead of title for WindowName because IE doesn't
Added JavaScript to initialize the poped Window
Some layout and rendering adjustment for Realtime plugin
Created addPop() for Realtime plugin and added param to include iconurl
move some stuff around for realtime
hack around address hack in util.js
Add some more realtime feeds
Do realtime popup with PHP instead of Javascript
JavaScript fixes for IE
Revert "Added realtime streams for all and showstream timelines"
Revert "Fixed indenting"
Revert "Made it slighly more compact with less jQuery selection"
...
This reverts commit 20997619b3.
The commit doesn't take into account having different servers (theme
server, avatar server) and being able to set HTTPS for some but not all.
* If no shortener plugin is enabled, fall back to using the long URL instead of trying to load nonexistent ur1.ca plugin and throwing 'Class does not exist'
* Fix bad call to call_user_func_array() in callback_helper() which broke all shortening
* 0.9.x: (57 commits)
Updated csarven emails to csarven@status.net and removed dupes
statusize new HTTP classes
dedupe evans
change all evans to evan@status.net
add post to curlclient
fix user-agent for curlclient
add get to curl client
add cURL client with HEAD method
add user agent and correct version check to httpclient
statusize OpenID plugin
add http client config value
update httpclient class
move httputil to httpclient
Start a common library for HTTP client stuff
check correct define (not backwards compatible)
Fixed broken list items in installer output
Got rid of a bunch of ugly warnings
Add Jiminy to notice sources
Make it impossible to delete self-subscriptions via the API
Fix bad merge d7ae0ed4fd
...
* extlib/Stomp.php
-spaces for tabs (we're on PEAR, right?)
- send: initialize the $properties parameter as array() instead of null
this prevents unsetting $headers if $properties was not set
(besides that, it's the proper way to initialize an array)
- subscribe: insert FIXME's on ActiveMQ specifics
- ack: make sure the content-length header is set *and* is zero.
I have seen the header set to '3' there but could not find where it
came from, this is at least safe.
- disconnect: typo in $headers variable
- readFrame: use fgets() instead of gets() so that RabbitQ, which is more protocol strict can also play
* extlib/Stomp/Frame.php
- spaces for tabs
- add note on possibly protocol violating linefeed
* extlib/Stomp/Message.php
- space for tabs
- add content-length header for message
* lib/stompqueuemanager.php
- use the notice for logging, not the frame
This reverts commit e2848eb862.
Downstream consumers of our notices (such as Friendfeed, Facebook, etc) don't have sophisticated URL detection, so a notice that reads: "check out ur1.ca/1" won't be linked. So the http:// prefix is
mandatory.