Commit Graph

2917 Commits

Author SHA1 Message Date
Brion Vibber
dc09453a77 First steps on converting FeedSub into the pub/sub basis for OStatus communications:
* renamed FeedSub plugin to OStatus
* now setting avatar on subscriptions
* general fixes for subscription
* integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly
* set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though)
* a few bits of code documentation
* HMAC support for verified distributions (safest if sub setup is on HTTPS)

And a couple core changes:
* minimizing HTML output for exceptions in API requests to aid in debugging
* fix for rel=self link in apitimelineuser when id given

This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions.
Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-08 11:15:29 -08:00
Evan Prodromou
5fdcd88176 Moderator can make users admins of a group 2010-02-06 11:36:59 +01:00
Brion Vibber
875e1a70ce Don't spew warnings on usage of MEMCACHE_COMPRESSED constant when memcache PHP extension is not present.
Switched to a locally-defined Cache::COMPRESSED, translating that to MEMCACHE_COMPRESSED in the plugin.
2010-02-05 09:47:56 -08:00
Zach Copley
23802e58d6 Merge branch 'temp' 2010-02-05 03:19:12 +00:00
Zach Copley
857494c9c6 Actually store the timestamp on each nonce 2010-02-05 03:18:45 +00:00
Zach Copley
4041a59282 Always check for an OAuth request. This allows OAuth clients to set an
auth user, similar to how they can set one via http basic auth,
even if one is not required.  I think I finally got this right.
2010-02-05 03:18:44 +00:00
Zach Copley
5417124884 Linkify notice source when posting from registered OAuth apps 2010-02-05 03:18:44 +00:00
Zach Copley
b31c79cee1 Better token revocation 2010-02-05 03:18:43 +00:00
Zach Copley
e495ac356c Allow developers to delete OAuth applications 2010-02-05 03:18:43 +00:00
Zach Copley
8d320d7cc2 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-02-05 02:08:37 +00:00
Zach Copley
10dfcde0b2 Actually store the timestamp on each nonce 2010-02-05 01:38:29 +00:00
Brion Vibber
a020e23086 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-02-04 11:56:07 -08:00
Brion Vibber
5a1cbdc6f1 Add time-based cutoffs for public tag cloud, favorited lists to speed up those queries.
Defaulting to only looking at last 90 days of activity, can be adjusted up or down.

$config['tag']['cutoff'] = 86400 * 90;
$config['popular']['cutoff'] = 86400 * 90;

Per-user and per-group tag clouds do not use the cutoff (and it doesn't help with indexing on them).
2010-02-04 11:06:01 -08:00
Zach Copley
2085b506d4 Always check for an OAuth request. This allows OAuth clients to set an
auth user, similar to how they can set one via http basic auth,
even if one is not required.  I think I finally got this right.
2010-02-02 23:17:28 +00:00
Zach Copley
dae28d98d1 Linkify notice source when posting from registered OAuth apps 2010-02-02 08:51:01 +00:00
Zach Copley
8191273078 Better token revocation 2010-02-02 08:50:33 +00:00
Zach Copley
f0875ceea1 Allow developers to delete OAuth applications 2010-02-02 08:50:18 +00:00
Evan Prodromou
f964357de9 readme and version for beta5 2010-02-01 13:44:06 -05:00
Brion Vibber
fba4153346 Don't enqueue into plugin or SMS queues when disabled (breaks unqueuehandler if SMS queue isn't attached) 2010-02-01 10:16:19 -08:00
Evan Prodromou
81087e45c5 move schema.type.php to typeschema.php like other files 2010-01-31 15:25:59 -05:00
Evan Prodromou
ebf4e497f6 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-31 15:20:57 -05:00
Evan Prodromou
30268cff78 Add Really Simple Discovery (RSD) support
Anil Dash suggested that all implementers of the Twitter API include
support for the remedial RSD format. This commit adds an RSD action
that returns the API root and additional API data to help client
developers discover and use our Twitter-compatible API.

http://dashes.com/anil/2009/12/the-twitter-api-is-finished.html
http://tales.phrasewise.com/rfc/rsd
2010-01-31 15:16:59 -05:00
Evan Prodromou
dc62246443 Add a robots.txt URL to the site root
Adds a robots.txt file to the site root. Defaults defined by
'robotstxt' section of config. New events StartRobotsTxt and
EndRobotsTxt to let plugins add information. Probably not
useful if path is not /, but won't hurt anything, either.
2010-01-31 10:12:26 -05:00
Evan Prodromou
4ae31f3476 on exceptions, stomp logs the error and reenqueues 2010-01-30 13:15:17 -05:00
Brenda Wallace
22a6e46b45 removed describeTable from base class, and fixed it up in pgsql 2010-01-30 21:22:30 +13:00
Brenda Wallace
870c83c17d getTableDef() mostly working in postgres 2010-01-30 21:12:06 +13:00
Brenda Wallace
e765a9657b move the schema DDL sql off into seperate files for each db we support 2010-01-30 18:45:10 +13:00
Evan Prodromou
a7b2a08c42 for single-user mode, retrieve either site owner or defined nickname 2010-01-29 15:15:52 -05:00
Brion Vibber
4d3808a815 Fix more fatal errors in queue edge cases 2010-01-28 23:08:36 -08:00
Brion Vibber
e5eca9bd2c Don't attempt to resend XMPP messages that can't be broadcast due to the profile being deleted. 2010-01-28 22:51:07 -08:00
Brion Vibber
990b0f7995 Merge branch 'master' of git@gitorious.org:statusnet/mainline 2010-01-28 22:29:26 -08:00
Brion Vibber
ccb678ad15 Wrap each bit of distrib queue handler's saving operation in a try/catch; log exceptions but let everything else continue. 2010-01-28 22:26:58 -08:00
Zach Copley
440ee00b1e Move sessions settings to its own panel 2010-01-28 22:04:14 -08:00
Zach Copley
292ac40cae Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-29 01:53:11 +00:00
Zach Copley
48a1a5a2dc Adjust API authentication to also check for OAuth protocol params in the
HTTP Authorization header, as defined in OAuth HTTP Authorization Scheme.
2010-01-29 01:49:38 +00:00
Brion Vibber
155a5d446f Manual failover for stomp queues.
If an array of multiple servers is put in $config['queue']['stomp_server'], enqueues will pick a random server to send to (failing over automatically if any are down).
Queue handling daemons connect all servers so they get events no matter where they were delivered.
In case of disconnection, daemons should now handle it gracefully and attempt to reconnect every 60 seconds or so, automatically resubscribing to all queues once it's back up.

Can put to 'native' failover for reads as well by disabling $config['stomp']['manual_failover'] = false; but this is untested and may explode in addition to requiring that your ActiveMQ cluster actually be set up to handle its own data distribution.

Additionally, can choose which queues to mark as persistent by setting $config['stomp']['persistent'] to an array of queue names.
2010-01-28 16:49:32 -08:00
Brion Vibber
d00ce38549 Merge commit 'origin/master' into testing 2010-01-28 13:35:09 -08:00
Zach Copley
d773ed8193 Remove redundant session token field from form (was already being added by base class). 2010-01-28 18:36:30 +00:00
Brion Vibber
a868a523a5 Can now set $config['queue']['stomp_persistent'] = false; to explicitly disable persistence when we queue items 2010-01-28 09:52:35 -08:00
Sarven Capadisli
dcce323d18 Removed unused variable assignment for avatar URL and added missing fn 2010-01-28 15:05:23 +01:00
Brion Vibber
78fe76b058 dropping the setcookie() call from common_ensure_session() since we're pretty sure it's unnecessary 2010-01-27 23:16:06 -08:00
Brion Vibber
65c4cff01c append '/' on cookie path for now (may still need some refactoring) 2010-01-27 23:14:49 -08:00
Evan Prodromou
5bf4928db8 Merge branch 'master' of git@gitorious.org:statusnet/mainline 2010-01-28 01:25:08 -05:00
Evan Prodromou
1ba8045a9b set session cookie correctly 2010-01-28 01:24:00 -05:00
Brion Vibber
7347381183 Fix for Mapstraction plugin's zoomed map links
Move definition of NICKNAME_FMT above plugin initialization but below loading of Validate package.
A merge error when refactoring setup lead to this not being defined yet when plugins were initialized, causing the router setup in MapstractionPlugin which tried to use this constant to fail.
Result was bogus links and if you hit the URL directly the action would be "unrecognized".
2010-01-27 21:42:13 -08:00
Brion Vibber
427ac3a3a6 debug log line for control channel sub 2010-01-27 20:51:04 -08:00
Evan Prodromou
ee4ea3f3e1 increment software beta version 2010-01-27 21:59:38 -05:00
Brion Vibber
3abfb454a3 Adds an emergency switch so we can run inbox distribution at save time (bypassing 'distrib' queue)
Set $config['queue']['inboxes'] = false to do so
2010-01-27 18:39:17 -08:00
Zach Copley
f296f04abd Remove debugging statement 2010-01-28 01:24:40 +00:00
Zach Copley
324590c46e Some adjustments to the way API auth works after merging testing and 0.9.x 2010-01-28 00:45:06 +00:00
Michele
b0a325f7d0 HTTP auth provided is evaluated even if it's not required 2010-01-27 14:06:27 -08:00
Evan Prodromou
f650b40706 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-27 16:37:43 -05:00
Evan Prodromou
760be76fc0 camelcase the uap param names 2010-01-27 16:34:18 -05:00
Evan Prodromou
ea123800e9 move leaderboard to after the header 2010-01-27 16:34:18 -05:00
Sarven Capadisli
1c875a5395 Moved rectangle ad into aside and leaderboard to the right in header.
Intention for this layout was to reduce whitespace in header area
2010-01-27 16:34:18 -05:00
Evan Prodromou
e9feafc3ca CSS ids and classes fixed in UAPPlugin 2010-01-27 16:34:17 -05:00
Evan Prodromou
7c54591472 make uapplugin an abstract class 2010-01-27 16:34:17 -05:00
Evan Prodromou
1758ed453b move UAP plugin to core 2010-01-27 16:34:17 -05:00
Brion Vibber
c51539804a Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!) 2010-01-27 09:24:59 -08:00
Evan Prodromou
c52951cef5 Optionally set a separate Javascript server and path
We have about 10-12 JavaScript pages per Web page. They usually
are based on the same server as the Web pages, but since they're
static files, it makes sense to offload them to a lite server that
handles static files well.

This commit lets you set a separate Javascript server and path for the
default Javascript code in StatusNet.

Squashed commit of the following:

commit 139d1622fdafe5ad00c820224416d9021efc3234
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:30:24 2010 -0500

    modules that call htmloutputter::script() don't prescribe js/ path

commit c6ca3174af73efed55eaed5ff1e2a3bdc77d2d87
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:28:07 2010 -0500

    configurable server and path for javascript files
2010-01-27 11:37:22 -05:00
Zach Copley
923b7de3c6 - Check for read-only vs. read-write access to protected API resources (OAuth)
- Some cleanup
2010-01-27 08:41:26 +00:00
Siebrand Mazeland
4202ffff91 Make more complete sentence. 2010-01-27 00:57:47 +00:00
Zach Copley
aad42427cc New access admin panel for site registration settings 2010-01-26 15:56:19 -08:00
Brion Vibber
58be61b641 Control channel for queue daemons to request graceful shutdown, restart, or update to listen to a newly added or reconfigured site.
queuectl.php --update -s<site>
  queuectl.php --stop
  queuectl.php --restart

Default control channel is /topic/statusnet-control. For external utilities to send a site update ping direct to the queue server, connect via Stomp and send a message formatted thus:

  update:<nickname>

(Nickname here, *not* server hostname! The rest of the queues will be updated to use nicknames later.)

Note that all currently-connected queue daemons will get these notifications, including both queuedaemon.php and xmppdaemon.php. (XMPP will ignore site update requests for sites that it's not handling.)

Limitations:
* only implemented for stomp queue manager so far
* --update may not yet handle a changed server name properly
* --restart won't reload PHP code files that were already loaded at startup. Still need to stop and restart the daemons from 'outside' when updating code base.
2010-01-26 11:49:49 -08:00
Evan Prodromou
655573c213 Single-user mode
New configuration options to define a single-user mode. This hides
most of the "community" pages, like the public timeline and groups.
The main user's timeline becomes the main page, and most other URLs
are changed.

Switching back and forth between 1-user and multi-user mode is
probably hazardous.

Squashed commit of the following:

commit d814aa5c92d14a27a12baba7893f3f8bf63f1d08
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:17:27 2010 -0500

    don't show inbox and outbox in single-user mode

commit 47f19b9523a7015d4c6e460b73ea32c839e00aa1
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:15:22 2010 -0500

    show correct URL for logo in single-user mode

commit 552010cffc33eadbc512ec5a67619dbc2015239a
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:15:06 2010 -0500

    make singleuser its own config section

commit 786ab260a3ca172e57b555c75ca10946d8f258a1
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:05:19 2010 -0500

    make single-user mode work

commit 5b21d7309b3a8dd5a4e0f29aea76f7897f1818b1
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 23:45:55 2010 -0500

    add single-user mode
2010-01-26 00:21:05 -05:00
Evan Prodromou
663e4e02a1 Merge branch 'master' into testing
Conflicts:
	lib/queuemanager.php
2010-01-25 18:13:09 -05:00
Evan Prodromou
e26a843caf Offload inbox updates to a queue handler to speed up posting online
Moved much of the writing that happens when posting a notice to a new
queuehandler, distribqueuehandler. This updates tags, groups, replies
and inboxes at queue time (or at Web time, if queues are disabled).

To make this work well, I had to break up the monolithic
Notice::blowCaches() and make cache blowing happen closer to where
data is updated.

Squashed commit of the following:

commit 5257626c62750ac4ac1db0ce2b71410c5711cfa3
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 14:56:41 2010 -0500

    slightly better handling of blowing tag memory cache

commit 8a22a3cdf6ec28685da129a0313e7b2a0837c9ef
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:42:56 2010 -0500

    change 'distribute' to 'distrib' so not too long for dbqueue

commit 7a063315b0f7fad27cb6fbd2bdd74e253af83e4f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:39:15 2010 -0500

    change handle_notice() to handle() in distributqueuehandler

commit 1a39ccd28b9994137d7bfd21bb4f230546938e77
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 16:05:25 2010 -0500

    error with queuemanager

commit e6b3bb93f305cfd2de71a6340b8aa6fb890049b7
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:11:34 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 94d557cdc016187d1d0647ae1794cd94d6fb8ac8
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 00:48:44 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 1c781dd08c88a35dafc5c01230b4872fd6b95182
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:54:18 2010 -0500

    move broadcasting and distributing to new queuehandler

commit da3e46d26b84e4f028f34a13fd2ee373e4c1b954
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:53:12 2010 -0500

    Move distribution of notices to new distribute queue handler
2010-01-25 18:08:21 -05:00
Brion Vibber
f3beed6889 Fix presence notification on XMPP thread (now foreground, not background) 2010-01-25 13:49:02 -08:00
Brion Vibber
1ab2483296 Fix presence notification on XMPP thread (now foreground, not background) 2010-01-25 13:48:24 -08:00
Zach Copley
4daf76212a - Had to remove checking read vs. read-write in OAuth authenticated methods
- Will now pick up source attr from OAuth app
2010-01-25 00:51:56 +00:00
Zach Copley
8b24b5ac7b Add Start/EndSetApiUser events when setting API user via OAuth 2010-01-24 16:46:37 -08:00
Zach Copley
1f8ddf716d Check for read vs. read-write access on OAuth authenticated API mehtods. 2010-01-24 16:36:06 -08:00
Zach Copley
9e7f47652d Revoke access token UI 2010-01-24 16:36:05 -08:00
Zach Copley
cff2cfd7a7 Fix approval date and label on apps list 2010-01-24 16:36:05 -08:00
Zach Copley
c0eee277d1 Make sure applications are really looked up by consumer key 2010-01-24 16:36:05 -08:00
Zach Copley
e101a6df6b Rework application registration workflow to be more private 2010-01-24 16:36:04 -08:00
Zach Copley
8da5e98cba OAuth 1.0 working now 2010-01-24 16:36:04 -08:00
Sarven Capadisli
8d02a897dc Updated markup for application edit form; image, radios 2010-01-24 16:36:04 -08:00
Sarven Capadisli
a009052036 A little minimization 2010-01-24 16:36:04 -08:00
Sarven Capadisli
276c4a2a23 Added vcard and photo classes 2010-01-24 16:36:04 -08:00
Sarven Capadisli
34cc03c617 Moved application image inside the anchor 2010-01-24 16:36:03 -08:00
Sarven Capadisli
40c6d09c9f Added missing end tag 2010-01-24 16:36:03 -08:00
Zach Copley
8e91e05392 Make API auth handle OAuth requests w/access tokens 2010-01-24 16:36:03 -08:00
Sarven Capadisli
d998c4b1b8 Fixed tabbing 2010-01-24 16:36:03 -08:00
Sarven Capadisli
0b90f7645e Updated class for application list 2010-01-24 16:36:03 -08:00
Sarven Capadisli
4fb9b43aa2 Updated markup for application edit form submits 2010-01-24 16:36:03 -08:00
Zach Copley
c78937537e Better detial in connected OAuth applications list 2010-01-24 16:36:03 -08:00
Zach Copley
a0b8438773 Exchanging authorized request tokens for access tokens working 2010-01-24 16:36:02 -08:00
Zach Copley
e9e448bcee Workflow for request tokens and authorizing request tokens 2010-01-24 16:36:02 -08:00
Zach Copley
fa81a580bb Action for issuing a request token 2010-01-24 16:36:02 -08:00
Zach Copley
6472331be5 Stubs for API OAuth token exchange stuff 2010-01-24 16:36:02 -08:00
Zach Copley
48e5f2b3c5 Add icons/icon upload to Oauth apps 2010-01-24 16:36:02 -08:00
Zach Copley
3c2b05d222 Workflow for registering new OAuth apps pretty much done. 2010-01-24 16:36:02 -08:00
Zach Copley
9d958fd539 Reorganized the OAuth app URLs and more work on the register app workflow 2010-01-24 16:36:01 -08:00
Zach Copley
ae46bc5fff Started work on interface for displaying connected OAuth apps 2010-01-24 16:36:01 -08:00
Brion Vibber
cb07fd29a3 Use new StatusNetwork->serverName() to get full domain for wildcard config until we rebuild queues to be based on nicknames.
Fixes live bug with new *.status.net sites breaking queuedaemon.php
2010-01-24 16:01:19 -08:00
Evan Prodromou
49d500e3e1 defaults for nickname and wildcard 2010-01-24 16:01:08 -08:00
Brion Vibber
60ce2ff3d0 Use new StatusNetwork->serverName() to get full domain for wildcard config until we rebuild queues to be based on nicknames.
Fixes live bug with new *.status.net sites breaking queuedaemon.php
2010-01-24 15:44:09 -08:00
Evan Prodromou
7cd666ae92 defaults for nickname and wildcard 2010-01-24 18:19:13 -05:00
Sarven Capadisli
fed111f08a Removed mobile stylesheet from core output. If Mobile support is
seeked, MobileProfile plugin should be used.
2010-01-24 00:25:31 +01:00