We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 0b41fa3e authored by Evan Prodromou's avatar Evan Prodromou

Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing

parents 2aba2eee 2494d3fa
create table queue_item_new (
id integer auto_increment primary key comment 'unique identifier',
frame blob not null comment 'data: object reference or opaque string',
transport varchar(8) not null comment 'queue for what? "email", "jabber", "sms", "irc", ...',
created datetime not null comment 'date this record was created',
claimed datetime comment 'date this item was claimed',
index queue_item_created_idx (created)
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
insert into queue_item_new (frame,transport,created,claimed)
select notice_id,transport,created,claimed from queue_item;
alter table queue_item rename to queue_item_old;
alter table queue_item_new rename to queue_item;
create table queue_item_new (
id integer auto_increment primary key comment 'unique identifier',
frame blob not null comment 'data: object reference or opaque string',
transport varchar(8) not null comment 'queue for what? "email", "jabber", "sms", "irc", ...',
created datetime not null comment 'date this record was created',
claimed datetime comment 'date this item was claimed',
index queue_item_created_idx (created)
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
insert into queue_item_new (frame,transport,created,claimed)
select notice_id,transport,created,claimed from queue_item;
alter table queue_item rename to queue_item_old;
alter table queue_item_new rename to queue_item;
alter table consumer
add consumer_secret varchar(255) not null comment 'secret value',
add verifier varchar(255) comment 'verifier string for OAuth 1.0a',
add verified_callback varchar(255) comment 'verified callback URL for OAuth 1.0a';
create table oauth_application (
id integer auto_increment primary key comment 'unique identifier',
owner integer not null comment 'owner of the application' references profile (id),
consumer_key varchar(255) not null comment 'application consumer key' references consumer (consumer_key),
name varchar(255) not null comment 'name of the application',
description varchar(255) comment 'description of the application',
icon varchar(255) not null comment 'application icon',
source_url varchar(255) comment 'application homepage - used for source link',
organization varchar(255) comment 'name of the organization running the application',
homepage varchar(255) comment 'homepage for the organization',
callback_url varchar(255) comment 'url to redirect to after authentication',
type tinyint default 0 comment 'type of app, 1 = browser, 2 = desktop',
access_type tinyint default 0 comment 'default access type, bit 1 = read, bit 2 = write',
created datetime not null comment 'date this record was created',
modified timestamp comment 'date this record was modified'
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
create table oauth_application_user (
profile_id integer not null comment 'user of the application' references profile (id),
application_id integer not null comment 'id of the application' references oauth_application (id),
access_type tinyint default 0 comment 'access type, bit 1 = read, bit 2 = write, bit 3 = revoked',
token varchar(255) comment 'request or access token',
created datetime not null comment 'date this record was created',
modified timestamp comment 'date this record was modified',
constraint primary key (profile_id, application_id)
) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin;
......@@ -84,16 +84,22 @@ class ApiAuthAction extends ApiAction
} else {
$this->checkBasicAuthUser();
}
} else {
// Reject API calls with the wrong access level
// Check to see if a basic auth user is there even
// if one's not required
if ($this->isReadOnly($args) == false) {
if ($this->access != self::READ_WRITE) {
$msg = 'API resource requires read-write access, ' .
'but you only have read access.';
$this->clientError($msg, 401, $this->format);
exit();
}
$this->checkBasicAuthUser(false);
}
// Reject API calls with the wrong access level
if ($this->isReadOnly($args) == false) {
if ($this->access != self::READ_WRITE) {
$msg = 'API resource requires read-write access, ' .
'but you only have read access.';
$this->clientError($msg, 401, $this->format);
exit;
}
}
......@@ -206,13 +212,13 @@ class ApiAuthAction extends ApiAction
* @return boolean true or false
*/
function checkBasicAuthUser()
function checkBasicAuthUser($required = true)
{
$this->basicAuthProcessHeader();
$realm = common_config('site', 'name') . ' API';
if (!isset($this->auth_user_nickname)) {
if (!isset($this->auth_user_nickname) && $required) {
header('WWW-Authenticate: Basic realm="' . $realm . '"');
// show error if the user clicks 'cancel'
......@@ -222,11 +228,10 @@ class ApiAuthAction extends ApiAction
} else {
$user = common_check_user($this->auth_user_nickname,
$this->auth_user_password);
if (Event::handle('StartSetApiUser', array(&$user))) {
$this->auth_user = $user;
$this->auth_user = common_check_user($this->auth_user_nickname,
$this->auth_user_password);
Event::handle('EndSetApiUser', array($user));
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment