GitLab

I've extended the rights framework (centering on the Right class and Profile::hasRight()) to cover
Web login and API use. This will make it possible to prevent login and API use by users.

I added two new Right constants to the Right class: WEBLOGIN and API. I check these rights using
Profile::hasRight() when initializing users. If the rights check fails, I throw an exception.

I created a new AuthorizationException class for this particular
exception, in order to allow a different UI for these kinds of exceptions (or whatever).

* remove superfluous whitespace.
* tab to spaces.
* add FIXME for undocumented class.

* remove superfluous whitespace.
* L10n updates.
* small refactoring in publicrss.php.
* remove PHP4-isms

* improve L10n consistency for English. For example proper punctuation for all button and label titles.
* fix some i18n bugs (in-message variables).
* update/add translator documentation.
* remove superfluous whitespace.

Fix for failure/exception on subscription/subscriber lists when deleted profiles are stuck in cached list.

Workaround for deleted profiles still appearing in cached subscriptions/subscribers lists: if we couldn't fetch them, don't include them in the ArrayWrapper.
ArrayWrapper doesn't deal well with null entries, which aren't meant to happen in how it works. This code has recently changed from dying directly with a PHP fatal error in that case to throwing an exception, which allows tracking down the caller.

It looks like there might be some cases where profiles and their matching subscriptions get deleted, but the subscription entries don't get properly cleared from cache... that still bears further investigation. The regular code path looks ok; calls Subscription::cancel() from code called in Profile::delete(); but if they're batch-deleted instead of one row at a time, that could fail to trigger.

Fix for ticket #3039: TwitterBridge was incorrectly sending repeats of Twitter-bound messages if the repeater has sending of things to Twitter disabled.

A repeat/retweet is roughly equivalent to an active direct post, so should follow the posting rules, rather than always sending over as we do for fave notifications.

* 'master' of gitorious.org:statusnet/mainline:
  Show aside primary on settings pages for all themes.
  correct error in README on default for deletion

Output from 0.9.6 PuSH feeds seems to have a rump <author> but no
<activity:actor>. It was overwriting valid and useful data set up at
subscribe time.

This fix tries to avoid overwriting data. However, it may prevent
updates that delete data.

Bug: 3028