We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 33df3922 authored by Zach Copley's avatar Zach Copley

- Had to remove checking read vs. read-write in OAuth authenticated methods

- Will now pick up source attr from OAuth app
parent c28c5114
......@@ -82,4 +82,18 @@ class ApiAccountVerifyCredentialsAction extends ApiAuthAction
}
/**
* Is this action read only?
*
* @param array $args other arguments
*
* @return boolean true
*
**/
function isReadOnly($args)
{
return true;
}
}
......@@ -85,6 +85,11 @@ class ApiStatusesUpdateAction extends ApiAuthAction
$this->lat = $this->trimmed('lat');
$this->lon = $this->trimmed('long');
// try to set the source attr from OAuth app
if (empty($this->source)) {
$this->source = $this->oauth_source;
}
if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
$this->source = 'api';
}
......
......@@ -55,6 +55,7 @@ class ApiAuthAction extends ApiAction
{
var $access_token;
var $oauth_access_type;
var $oauth_source;
/**
* Take arguments for running, and output basic auth header if needed
......@@ -90,13 +91,6 @@ class ApiAuthAction extends ApiAction
function handle($args)
{
parent::handle($args);
if ($this->isReadOnly($args) == false) {
if ($this->access == self::READ_ONLY) {
$this->clientError(_('API method requires write access.'), 401);
exit();
}
}
}
function checkOAuthRequest()
......@@ -116,8 +110,6 @@ class ApiAuthAction extends ApiAction
$req = OAuthRequest::from_request();
$server->verify_request($req);
common_debug("Good OAuth request!");
$app = Oauth_application::getByConsumerKey($this->consumer_key);
if (empty($app)) {
......@@ -129,6 +121,10 @@ class ApiAuthAction extends ApiAction
throw new OAuthException('No application for that consumer key.');
}
// set the source attr
$this->oauth_source = $app->name;
$appUser = Oauth_application_user::staticGet('token',
$this->access_token);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment