Commit Graph

2359 Commits

Author SHA1 Message Date
Zach Copley
f1094185e4 Better token revocation 2010-02-02 07:35:54 +00:00
Zach Copley
38bebb4c0d Allow developers to delete OAuth applications 2010-02-02 06:26:03 +00:00
Sarven Capadisli
803c6d954c Revert "Removed hAtom pattern from registration page."
This reverts commit d6fe865133.

Screws up list rendering when registration is complete.
2010-02-01 23:10:44 +00:00
Zach Copley
59d16cf16a OAuth app names should be unique. 2010-02-01 20:58:30 +00:00
Sarven Capadisli
95e70f5e53 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-02-01 20:32:48 +01:00
Sarven Capadisli
0e49b3525d Sentence case for app statistics 2010-02-01 20:31:56 +01:00
Brion Vibber
c14ac57b19 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-02-01 10:30:45 -08:00
Brion Vibber
1625a13b93 Merge remote branch 'statusnet/master' into testing 2010-02-01 09:04:13 -08:00
Brion Vibber
6159edcebb Improve name validation checks on local File references 2010-02-01 08:49:59 -08:00
Evan Prodromou
0787daff2c Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-02-01 11:49:50 -05:00
Brion Vibber
d9e7d4c4ad Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-02-01 08:49:19 -08:00
Brion Vibber
84ab0156b4 Improve name validation checks on local File references 2010-02-01 08:48:31 -08:00
Evan Prodromou
7390b1d1ac Merge branch 'master' into testing 2010-02-01 11:21:50 -05:00
Evan Prodromou
57d8f22a3a fix local file include vulnerability in doc.php
Conflicts:

	actions/doc.php
2010-02-01 11:20:22 -05:00
Evan Prodromou
d264db6119 fix local file include vulnerability in doc.php
Conflicts:

	actions/doc.php
2010-02-01 11:10:36 -05:00
Sarven Capadisli
d6fe865133 Removed hAtom pattern from registration page. 2010-02-01 13:14:35 +01:00
Evan Prodromou
779204b194 Merge branch 'testing' into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
2010-01-31 15:27:58 -05:00
Evan Prodromou
30268cff78 Add Really Simple Discovery (RSD) support
Anil Dash suggested that all implementers of the Twitter API include
support for the remedial RSD format. This commit adds an RSD action
that returns the API root and additional API data to help client
developers discover and use our Twitter-compatible API.

http://dashes.com/anil/2009/12/the-twitter-api-is-finished.html
http://tales.phrasewise.com/rfc/rsd
2010-01-31 15:16:59 -05:00
Evan Prodromou
dc62246443 Add a robots.txt URL to the site root
Adds a robots.txt file to the site root. Defaults defined by
'robotstxt' section of config. New events StartRobotsTxt and
EndRobotsTxt to let plugins add information. Probably not
useful if path is not /, but won't hurt anything, either.
2010-01-31 10:12:26 -05:00
Evan Prodromou
def5d56ce1 add lat, lon, location and remove closing tag from geocode.php 2010-01-30 12:47:21 -05:00
Evan Prodromou
1b7cc3393a Use passed-in lat long in geocode.php
Don't rewrite the lat-long for a location in geocode.php.
2010-01-30 12:43:00 -05:00
Zach Copley
5868511716 Move sessions settings to its own panel 2010-01-28 22:06:01 -08:00
Zach Copley
440ee00b1e Move sessions settings to its own panel 2010-01-28 22:04:14 -08:00
Sarven Capadisli
17f2096d70 Removed avatar from repeat of username (matches noticelist) 2010-01-28 15:08:33 +01:00
Sarven Capadisli
5b1245a32a Removed avatar from repeat of username (matches noticelist) 2010-01-28 15:06:03 +01:00
Zach Copley
5182cc686d Numbered format specifiers 2010-01-28 01:39:18 +00:00
Zach Copley
420ae06faf These API methods should return true for ->isReadOnly($args)! 2010-01-28 00:44:55 +00:00
Zach Copley
9589985e29 Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-01-28 00:43:24 +00:00
Zach Copley
77aed28f17 These API methods should return true for ->isReadOnly($args)! 2010-01-28 00:40:44 +00:00
Siebrand Mazeland
fcc48155ed L10n updates:
* app -> application
* number parameters when using more than one in a message
2010-01-28 01:32:48 +01:00
Zach Copley
78079f34e2 Merge branch 'testing' into -1.9.x
* testing: (130 commits)
  HTTP auth provided is evaluated even if it's not required
  Rename rc3to09.sql to rc3torc4.sql to avoid confusion if we add a last-minute change after this!
  Add new oauth tables and modifications to 'consumer' table for rc4
  Centred leaderboard ad
  camelcase the uap param names
  move leaderboard to after the header
  Moved rectangle ad into aside and leaderboard to the right in header.
  Aligning wide skyscraper to the right instead of left
  CSS ids and classes fixed in UAPPlugin
  wrong height for rectangle in BlankAd
  Add the moved BlankAdPlugin
  make BlankAd dir and change to use a 1x1 image
  move BlankAdPlugin to its own dir
  Add BlankAdPlugin to test ad layout in different themes
  make uapplugin an abstract class
  move UAP plugin to core
  Lowercased switch cases in UAP Plugin
  Plugin for Universal Ad Package. Outputs four most widely used ad types.
  Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!)
  quick fix: use common_path() on realtime update JS so it works with the new JS path code (will pull from main server for now)
  ...

Conflicts:
	actions/apioauthaccesstoken.php
	actions/apioauthauthorize.php
	actions/apioauthrequesttoken.php
	actions/editapplication.php
	actions/newapplication.php
	lib/apiauth.php
	lib/queuemanager.php
	lib/router.php
2010-01-27 14:27:22 -08:00
Evan Prodromou
c52951cef5 Optionally set a separate Javascript server and path
We have about 10-12 JavaScript pages per Web page. They usually
are based on the same server as the Web pages, but since they're
static files, it makes sense to offload them to a lite server that
handles static files well.

This commit lets you set a separate Javascript server and path for the
default Javascript code in StatusNet.

Squashed commit of the following:

commit 139d1622fdafe5ad00c820224416d9021efc3234
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:30:24 2010 -0500

    modules that call htmloutputter::script() don't prescribe js/ path

commit c6ca3174af73efed55eaed5ff1e2a3bdc77d2d87
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:28:07 2010 -0500

    configurable server and path for javascript files
2010-01-27 11:37:22 -05:00
Zach Copley
756da7bc51 s/LOG_WARN/LOG_WARNING/ 2010-01-27 08:45:56 +00:00
Zach Copley
923b7de3c6 - Check for read-only vs. read-write access to protected API resources (OAuth)
- Some cleanup
2010-01-27 08:41:26 +00:00
Siebrand Mazeland
97e1acdc32 Fix casing for HMAC-SHA1. 2010-01-27 00:56:45 +00:00
Siebrand Mazeland
492950b784 Fix inconsistent title case in page title 2010-01-27 00:56:31 +00:00
Zach Copley
aad42427cc New access admin panel for site registration settings 2010-01-26 15:56:19 -08:00
Zach Copley
03685bba1e - Remove redudant/unused 'server' setting from site admin panel
- Move 'fancy urls' checkbox from site admin panel to paths admin panel
2010-01-26 15:11:09 -08:00
Evan Prodromou
663e4e02a1 Merge branch 'master' into testing
Conflicts:
	lib/queuemanager.php
2010-01-25 18:13:09 -05:00
Evan Prodromou
b6aa1511eb Merge branch 'master' into 0.9.x 2010-01-25 18:10:59 -05:00
Evan Prodromou
e26a843caf Offload inbox updates to a queue handler to speed up posting online
Moved much of the writing that happens when posting a notice to a new
queuehandler, distribqueuehandler. This updates tags, groups, replies
and inboxes at queue time (or at Web time, if queues are disabled).

To make this work well, I had to break up the monolithic
Notice::blowCaches() and make cache blowing happen closer to where
data is updated.

Squashed commit of the following:

commit 5257626c62750ac4ac1db0ce2b71410c5711cfa3
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 14:56:41 2010 -0500

    slightly better handling of blowing tag memory cache

commit 8a22a3cdf6ec28685da129a0313e7b2a0837c9ef
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:42:56 2010 -0500

    change 'distribute' to 'distrib' so not too long for dbqueue

commit 7a063315b0f7fad27cb6fbd2bdd74e253af83e4f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:39:15 2010 -0500

    change handle_notice() to handle() in distributqueuehandler

commit 1a39ccd28b9994137d7bfd21bb4f230546938e77
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 16:05:25 2010 -0500

    error with queuemanager

commit e6b3bb93f305cfd2de71a6340b8aa6fb890049b7
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:11:34 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 94d557cdc016187d1d0647ae1794cd94d6fb8ac8
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 00:48:44 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 1c781dd08c88a35dafc5c01230b4872fd6b95182
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:54:18 2010 -0500

    move broadcasting and distributing to new queuehandler

commit da3e46d26b84e4f028f34a13fd2ee373e4c1b954
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:53:12 2010 -0500

    Move distribution of notices to new distribute queue handler
2010-01-25 18:08:21 -05:00
Evan Prodromou
089305ac7a fix interpolation of positional arguments to sprintf in tag action 2010-01-24 22:59:22 -05:00
Evan Prodromou
a9da43a416 fix interpolation of positional arguments to sprintf in show group 2010-01-24 22:57:33 -05:00
Evan Prodromou
019dad95e1 fix interpolation of positional arguments to sprintf in show favorites 2010-01-24 22:56:41 -05:00
Evan Prodromou
73fdec6c12 fix interpolation of positional arguments to sprintf in usergroups 2010-01-24 22:55:29 -05:00
Evan Prodromou
9077db00a5 fix interpolation of positional arguments to sprintf in inbox 2010-01-24 22:54:25 -05:00
Evan Prodromou
02526f1100 fix interpolation of positional arguments to sprintf in outbox 2010-01-24 22:53:29 -05:00
Evan Prodromou
fc7afed924 fix interpolation for positional arguments in replies 2010-01-24 22:52:03 -05:00
Evan Prodromou
e400437d57 fix interpolation for positional arguments in showstream 2010-01-24 22:50:07 -05:00
Zach Copley
4daf76212a - Had to remove checking read vs. read-write in OAuth authenticated methods
- Will now pick up source attr from OAuth app
2010-01-25 00:51:56 +00:00
Zach Copley
9e7f47652d Revoke access token UI 2010-01-24 16:36:05 -08:00
Sarven Capadisli
dbcbc2fe7f Changed legend text from Login to Account because it is not really
logging iny
2010-01-24 16:36:05 -08:00
Sarven Capadisli
6d58ef4abb Updated apioauthauthorize markup and styles 2010-01-24 16:36:05 -08:00
Zach Copley
7b3c099f95 Ensure only the application's owner can edit it 2010-01-24 16:36:05 -08:00
Zach Copley
ba68e042a8 Fix user count 2010-01-24 16:36:05 -08:00
Zach Copley
c0eee277d1 Make sure applications are really looked up by consumer key 2010-01-24 16:36:05 -08:00
Zach Copley
e101a6df6b Rework application registration workflow to be more private 2010-01-24 16:36:04 -08:00
Zach Copley
693b16174a Fix icon upload on new apps 2010-01-24 16:36:04 -08:00
Zach Copley
8da5e98cba OAuth 1.0 working now 2010-01-24 16:36:04 -08:00
Zach Copley
adfca01808 Can now edit/change application icon 2010-01-24 16:36:04 -08:00
Sarven Capadisli
ba0c82b391 Added anchors to application source and homepage 2010-01-24 16:36:03 -08:00
Sarven Capadisli
c2ffd66128 Updated markup for application details page. Similar to user/group
profile page.
2010-01-24 16:36:03 -08:00
Sarven Capadisli
c8a4d0d6c2 Updated markup for application details 2010-01-24 16:36:03 -08:00
Sarven Capadisli
61f71a4a59 Updated markup for application registration and view links 2010-01-24 16:36:03 -08:00
Zach Copley
c78937537e Better detial in connected OAuth applications list 2010-01-24 16:36:03 -08:00
Zach Copley
11bd98025c Issue a warning when someone tries to exchange an unauthorized or
otherwise bad req token for an access token.
2010-01-24 16:36:02 -08:00
Zach Copley
a0b8438773 Exchanging authorized request tokens for access tokens working 2010-01-24 16:36:02 -08:00
Zach Copley
c473a39a7d Associate request tokens with OAuth apps and app users 2010-01-24 16:36:02 -08:00
Zach Copley
e9e448bcee Workflow for request tokens and authorizing request tokens 2010-01-24 16:36:02 -08:00
Zach Copley
fa81a580bb Action for issuing a request token 2010-01-24 16:36:02 -08:00
Zach Copley
6472331be5 Stubs for API OAuth token exchange stuff 2010-01-24 16:36:02 -08:00
Zach Copley
48e5f2b3c5 Add icons/icon upload to Oauth apps 2010-01-24 16:36:02 -08:00
Zach Copley
1e5b2a497e Added session token checking. 2010-01-24 16:36:02 -08:00
Zach Copley
3c2b05d222 Workflow for registering new OAuth apps pretty much done. 2010-01-24 16:36:02 -08:00
Zach Copley
9d958fd539 Reorganized the OAuth app URLs and more work on the register app workflow 2010-01-24 16:36:01 -08:00
Zach Copley
ae46bc5fff Started work on interface for displaying connected OAuth apps 2010-01-24 16:36:01 -08:00
Brenda Wallace
5864905506 Merge commit 'refs/merge-requests/120' of git://gitorious.org/statusnet/mainline into 0.9.x 2010-01-24 15:12:18 +13:00
Sarven Capadisli
c3ee1af7be Missing null className for incoming email form legend 2010-01-24 00:22:35 +01:00
Sarven Capadisli
0f3658d3da Updated path to farbtastic stylesheet 2010-01-24 00:21:14 +01:00
Brion Vibber
c7507e7e9d XMPP queued output & initial retooling of DB queue manager to support non-Notice objects.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.

This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues

Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
  This is based on Craig Andrews' work branch to generalize queues to take any
  object, but conservatively leaving out the serialization for now.
  Table updater (preserves any existing queued items) in db/rc3to09.sql

Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
  thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
  directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
  each run through the event loop to watch for memory leaks

To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
  notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
  to queues.
* Find a way to improve interactive performance of the database-backed queue
  handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
  grouping used to split out the XMPP output queue is a bit awkward.

Conflicts:

	scripts/xmppdaemon.php
2010-01-22 12:52:36 -08:00
Evan Prodromou
d25bd9b292 Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-01-22 14:19:08 -05:00
Evan Prodromou
c8bc598cfd Merge branch 'testing' into 0.9.x 2010-01-22 14:18:43 -05:00
Evan Prodromou
e666433eb4 Merge branch 'master' into 0.9.x 2010-01-22 14:18:40 -05:00
Evan Prodromou
29d83c8ca9 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-22 14:18:21 -05:00
Evan Prodromou
104d300799 do actual language negotiation for help docs 2010-01-22 14:13:28 -05:00
Evan Prodromou
9f815c968f restructure doc.php for new use 2010-01-22 13:53:53 -05:00
Evan Prodromou
df9b780706 action/doc.php is PHPCS clean 2010-01-22 13:53:53 -05:00
Brion Vibber
0e852def6a XMPP queued output & initial retooling of DB queue manager to support non-Notice objects.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.

This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues

Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
  This is based on Craig Andrews' work branch to generalize queues to take any
  object, but conservatively leaving out the serialization for now.
  Table updater (preserves any existing queued items) in db/rc3to09.sql

Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
  thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
  directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
  each run through the event loop to watch for memory leaks

To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
  notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
  to queues.
* Find a way to improve interactive performance of the database-backed queue
  handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
  grouping used to split out the XMPP output queue is a bit awkward.
2010-01-21 22:40:35 -08:00
Brion Vibber
26fdf0c9d2 XMPP queued output & initial retooling of DB queue manager to support non-Notice objects.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.

This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues

Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
  This is based on Craig Andrews' work branch to generalize queues to take any
  object, but conservatively leaving out the serialization for now.
  Table updater (preserves any existing queued items) in db/rc3to09.sql

Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
  thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
  directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
  each run through the event loop to watch for memory leaks

To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
  notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
  to queues.
* Find a way to improve interactive performance of the database-backed queue
  handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
  grouping used to split out the XMPP output queue is a bit awkward.
2010-01-21 16:42:50 -08:00
Brion Vibber
c9c7bb3234 Merge commit 'origin/testing' into 0.9.x 2010-01-21 16:33:11 -08:00
Zach Copley
308442407e - Moved checking for group aliases and redirection to prepare()
- phpcs cleanup
- add @macno to the list of authors
2010-01-21 11:37:20 -08:00
Michele
383703d170 if the id is an alias we redirect using group_id 2010-01-21 10:39:07 -08:00
Evan Prodromou
1d64ba6602 Unimplement retweeted_by_me API action until we have a more efficient query 2010-01-21 11:38:08 -05:00
Evan Prodromou
e5eb95ab59 retweet API methods are readonly 2010-01-21 11:32:01 -05:00
Rajat Upadhyaya
6e405facca Fix to update user's fullname & homepage only if requested. 2010-01-21 09:27:00 +05:30
Evan Prodromou
9e3013c6b6 mark retweet api actions read-only where applicable 2010-01-20 17:00:42 -05:00
Sarven Capadisli
d501acf438 Missing null className for incoming email form legend 2010-01-18 17:17:02 +00:00
Sarven Capadisli
187a70873a Updated path to farbtastic stylesheet 2010-01-18 11:29:05 +00:00
Eric Helgeson
5fd8e331f3 Missed change when refactoring groups. Thanks macno 2010-01-16 11:56:07 -05:00
Brion Vibber
ef016dca45 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-01-15 09:52:50 -08:00