Commit Graph

2945 Commits

Author SHA1 Message Date
Zach Copley
f414544d0d Upgrade Twitter bridge to use OAuth 1.0a. It's more secure, and allows
us to automatically send in a callback url instead of having to manually
configure one for each StatusNet instance.
2010-02-16 06:12:08 +00:00
Sarven Capadisli
350f90eedc Added another single whitespace 2010-02-15 21:21:25 +01:00
Sarven Capadisli
03edbfe24e Added single whitespace to separate inline text words. 2010-02-15 20:41:46 +01:00
Sarven Capadisli
9465a4d5c6 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-02-13 20:28:39 +01:00
Sarven Capadisli
fc19179bc5 Added event hook to remote subscription 2010-02-13 18:40:36 +01:00
Evan Prodromou
269b4711eb Merge branch 'ssleverything' into testing 2010-02-13 12:39:15 -05:00
Zach Copley
f3a82e787c Add OStatus PuSH hub and Salmon links back into user and group feeds 2010-02-12 19:02:27 -08:00
Brion Vibber
38f42d56bc Session fix for PHP 5.3 configurations where cookies are excluded from $_REQUEST via request_order in php.ini (Fedora 12, MacPorts known to be affected) 2010-02-12 15:24:15 -08:00
Zach Copley
506c2d7491 Initial upgraded Atom output for group timelines 2010-02-12 12:24:29 -08:00
Evan Prodromou
31461e120f let files go to SSL dir too 2010-02-11 17:06:57 -05:00
Evan Prodromou
3018683718 let backgrounds be put under SSL 2010-02-11 17:03:31 -05:00
Evan Prodromou
b96af33d97 put Javascript files under SSL 2010-02-11 16:59:39 -05:00
Zach Copley
c465f675d9 Make Atom timelines in the API use Atom10feed 2010-02-11 13:56:05 -08:00
Zach Copley
c8d5c8442f Added some boilerplate class comments, etc. 2010-02-11 13:56:05 -08:00
Zach Copley
e2c0f59414 Some upgrades to Atom output for OStatus 2010-02-11 13:56:05 -08:00
Zach Copley
ce3c3be1bf Utility classes for atom feeds 2010-02-11 13:56:05 -08:00
Evan Prodromou
d6869cde7b let avatars be served over SSL 2010-02-11 16:51:15 -05:00
Evan Prodromou
5175b5062e default theme ssl to null 2010-02-11 16:48:15 -05:00
Evan Prodromou
316ed3f86b null theme ssl setting means 'guess' 2010-02-11 16:47:47 -05:00
Evan Prodromou
a6ab9c4a3e Themes can be served from an SSL server 2010-02-11 16:42:58 -05:00
Brion Vibber
045797331c fix up hub queueing to work w/ stomp queues 2010-02-10 12:27:41 -08:00
Brion Vibber
c4557d4d07 Merge branch 'master' of git@gitorious.org:statusnet/mainline into testing 2010-02-10 11:12:11 -08:00
Brion Vibber
d9c9b2a12f Queue daemon fixes:
* skip unnecessary unsubscribes on graceful shutdown -- takes a long time for many queues, slows down our restarts when hitting graceful mem limit
* fix control channel (was broken when we switched to support multiple queue servers)
2010-02-10 10:59:30 -08:00
Brion Vibber
8449256817 OStatus partial support for group subscriptions:
* detection of group feeds is currently a nasty hack based on presence of '/groups/' in URL -- should use some property on the feed?
* listing for the remote group is kinda cruddy; needs to be named more cleanly
* still need to establish per-author profiles (easier once we have the updated Atom code in)
* group delivery probably not right yet
* saving of group messages still triggering some weird behavior

Added support for since_id and max_id on group timeline feeds as a free extra. Enjoy!
2010-02-09 18:32:52 -08:00
Brion Vibber
e856af34c3 Configurable delay between queuedaemon.php spawns/respawns to help stagger out startups and subscriptions. Defaults to 1 second.
$config['queue']['spawndelay'] = 1;
2010-02-09 14:27:33 -08:00
Brion Vibber
cd0f288fa7 Configurable delay between queuedaemon.php spawns/respawns to help stagger out startups and subscriptions. Defaults to 1 second.
$config['queue']['spawndelay'] = 1;
2010-02-09 12:39:31 -08:00
Brion Vibber
384387c9b0 OStatus cleanup...
* Treat linkless feed posts as status updates; drop the "New post:" prefix and quotes on them.
* Use stable user IDs for atom/rss2 feed links instead of unstable nicknames
* Pull Atom feed preferentially when subscribing -- can now put the remote user's profile page straight into the feed subscription form and get to the right place.
* Clean up naming for push endpoints
2010-02-08 14:58:12 -08:00
Evan Prodromou
9cac8eaae5 readme and version for beta5 2010-02-08 14:07:31 -08:00
Brion Vibber
dc09453a77 First steps on converting FeedSub into the pub/sub basis for OStatus communications:
* renamed FeedSub plugin to OStatus
* now setting avatar on subscriptions
* general fixes for subscription
* integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly
* set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though)
* a few bits of code documentation
* HMAC support for verified distributions (safest if sub setup is on HTTPS)

And a couple core changes:
* minimizing HTML output for exceptions in API requests to aid in debugging
* fix for rel=self link in apitimelineuser when id given

This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions.
Needs some further cleanup to treat posts as status updates instead of link references.
2010-02-08 11:15:29 -08:00
Evan Prodromou
5fdcd88176 Moderator can make users admins of a group 2010-02-06 11:36:59 +01:00
Brion Vibber
875e1a70ce Don't spew warnings on usage of MEMCACHE_COMPRESSED constant when memcache PHP extension is not present.
Switched to a locally-defined Cache::COMPRESSED, translating that to MEMCACHE_COMPRESSED in the plugin.
2010-02-05 09:47:56 -08:00
Zach Copley
23802e58d6 Merge branch 'temp' 2010-02-05 03:19:12 +00:00
Zach Copley
857494c9c6 Actually store the timestamp on each nonce 2010-02-05 03:18:45 +00:00
Zach Copley
4041a59282 Always check for an OAuth request. This allows OAuth clients to set an
auth user, similar to how they can set one via http basic auth,
even if one is not required.  I think I finally got this right.
2010-02-05 03:18:44 +00:00
Zach Copley
5417124884 Linkify notice source when posting from registered OAuth apps 2010-02-05 03:18:44 +00:00
Zach Copley
b31c79cee1 Better token revocation 2010-02-05 03:18:43 +00:00
Zach Copley
e495ac356c Allow developers to delete OAuth applications 2010-02-05 03:18:43 +00:00
Zach Copley
8d320d7cc2 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-02-05 02:08:37 +00:00
Zach Copley
10dfcde0b2 Actually store the timestamp on each nonce 2010-02-05 01:38:29 +00:00
Brion Vibber
a020e23086 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-02-04 11:56:07 -08:00
Brion Vibber
5a1cbdc6f1 Add time-based cutoffs for public tag cloud, favorited lists to speed up those queries.
Defaulting to only looking at last 90 days of activity, can be adjusted up or down.

$config['tag']['cutoff'] = 86400 * 90;
$config['popular']['cutoff'] = 86400 * 90;

Per-user and per-group tag clouds do not use the cutoff (and it doesn't help with indexing on them).
2010-02-04 11:06:01 -08:00
Zach Copley
2085b506d4 Always check for an OAuth request. This allows OAuth clients to set an
auth user, similar to how they can set one via http basic auth,
even if one is not required.  I think I finally got this right.
2010-02-02 23:17:28 +00:00
Zach Copley
dae28d98d1 Linkify notice source when posting from registered OAuth apps 2010-02-02 08:51:01 +00:00
Zach Copley
8191273078 Better token revocation 2010-02-02 08:50:33 +00:00
Zach Copley
f0875ceea1 Allow developers to delete OAuth applications 2010-02-02 08:50:18 +00:00
Evan Prodromou
f964357de9 readme and version for beta5 2010-02-01 13:44:06 -05:00
Brion Vibber
fba4153346 Don't enqueue into plugin or SMS queues when disabled (breaks unqueuehandler if SMS queue isn't attached) 2010-02-01 10:16:19 -08:00
Evan Prodromou
81087e45c5 move schema.type.php to typeschema.php like other files 2010-01-31 15:25:59 -05:00
Evan Prodromou
ebf4e497f6 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-31 15:20:57 -05:00
Evan Prodromou
30268cff78 Add Really Simple Discovery (RSD) support
Anil Dash suggested that all implementers of the Twitter API include
support for the remedial RSD format. This commit adds an RSD action
that returns the API root and additional API data to help client
developers discover and use our Twitter-compatible API.

http://dashes.com/anil/2009/12/the-twitter-api-is-finished.html
http://tales.phrasewise.com/rfc/rsd
2010-01-31 15:16:59 -05:00
Evan Prodromou
dc62246443 Add a robots.txt URL to the site root
Adds a robots.txt file to the site root. Defaults defined by
'robotstxt' section of config. New events StartRobotsTxt and
EndRobotsTxt to let plugins add information. Probably not
useful if path is not /, but won't hurt anything, either.
2010-01-31 10:12:26 -05:00
Evan Prodromou
4ae31f3476 on exceptions, stomp logs the error and reenqueues 2010-01-30 13:15:17 -05:00
Brenda Wallace
22a6e46b45 removed describeTable from base class, and fixed it up in pgsql 2010-01-30 21:22:30 +13:00
Brenda Wallace
870c83c17d getTableDef() mostly working in postgres 2010-01-30 21:12:06 +13:00
Brenda Wallace
e765a9657b move the schema DDL sql off into seperate files for each db we support 2010-01-30 18:45:10 +13:00
Evan Prodromou
a7b2a08c42 for single-user mode, retrieve either site owner or defined nickname 2010-01-29 15:15:52 -05:00
Brion Vibber
4d3808a815 Fix more fatal errors in queue edge cases 2010-01-28 23:08:36 -08:00
Brion Vibber
e5eca9bd2c Don't attempt to resend XMPP messages that can't be broadcast due to the profile being deleted. 2010-01-28 22:51:07 -08:00
Brion Vibber
990b0f7995 Merge branch 'master' of git@gitorious.org:statusnet/mainline 2010-01-28 22:29:26 -08:00
Brion Vibber
ccb678ad15 Wrap each bit of distrib queue handler's saving operation in a try/catch; log exceptions but let everything else continue. 2010-01-28 22:26:58 -08:00
Zach Copley
440ee00b1e Move sessions settings to its own panel 2010-01-28 22:04:14 -08:00
Zach Copley
292ac40cae Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-29 01:53:11 +00:00
Zach Copley
48a1a5a2dc Adjust API authentication to also check for OAuth protocol params in the
HTTP Authorization header, as defined in OAuth HTTP Authorization Scheme.
2010-01-29 01:49:38 +00:00
Brion Vibber
155a5d446f Manual failover for stomp queues.
If an array of multiple servers is put in $config['queue']['stomp_server'], enqueues will pick a random server to send to (failing over automatically if any are down).
Queue handling daemons connect all servers so they get events no matter where they were delivered.
In case of disconnection, daemons should now handle it gracefully and attempt to reconnect every 60 seconds or so, automatically resubscribing to all queues once it's back up.

Can put to 'native' failover for reads as well by disabling $config['stomp']['manual_failover'] = false; but this is untested and may explode in addition to requiring that your ActiveMQ cluster actually be set up to handle its own data distribution.

Additionally, can choose which queues to mark as persistent by setting $config['stomp']['persistent'] to an array of queue names.
2010-01-28 16:49:32 -08:00
Brion Vibber
d00ce38549 Merge commit 'origin/master' into testing 2010-01-28 13:35:09 -08:00
Zach Copley
d773ed8193 Remove redundant session token field from form (was already being added by base class). 2010-01-28 18:36:30 +00:00
Brion Vibber
a868a523a5 Can now set $config['queue']['stomp_persistent'] = false; to explicitly disable persistence when we queue items 2010-01-28 09:52:35 -08:00
Sarven Capadisli
dcce323d18 Removed unused variable assignment for avatar URL and added missing fn 2010-01-28 15:05:23 +01:00
Brion Vibber
78fe76b058 dropping the setcookie() call from common_ensure_session() since we're pretty sure it's unnecessary 2010-01-27 23:16:06 -08:00
Brion Vibber
65c4cff01c append '/' on cookie path for now (may still need some refactoring) 2010-01-27 23:14:49 -08:00
Evan Prodromou
5bf4928db8 Merge branch 'master' of git@gitorious.org:statusnet/mainline 2010-01-28 01:25:08 -05:00
Evan Prodromou
1ba8045a9b set session cookie correctly 2010-01-28 01:24:00 -05:00
Brion Vibber
7347381183 Fix for Mapstraction plugin's zoomed map links
Move definition of NICKNAME_FMT above plugin initialization but below loading of Validate package.
A merge error when refactoring setup lead to this not being defined yet when plugins were initialized, causing the router setup in MapstractionPlugin which tried to use this constant to fail.
Result was bogus links and if you hit the URL directly the action would be "unrecognized".
2010-01-27 21:42:13 -08:00
Brion Vibber
427ac3a3a6 debug log line for control channel sub 2010-01-27 20:51:04 -08:00
Evan Prodromou
ee4ea3f3e1 increment software beta version 2010-01-27 21:59:38 -05:00
Brion Vibber
3abfb454a3 Adds an emergency switch so we can run inbox distribution at save time (bypassing 'distrib' queue)
Set $config['queue']['inboxes'] = false to do so
2010-01-27 18:39:17 -08:00
Zach Copley
f296f04abd Remove debugging statement 2010-01-28 01:24:40 +00:00
Zach Copley
324590c46e Some adjustments to the way API auth works after merging testing and 0.9.x 2010-01-28 00:45:06 +00:00
Michele
b0a325f7d0 HTTP auth provided is evaluated even if it's not required 2010-01-27 14:06:27 -08:00
Evan Prodromou
f650b40706 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-27 16:37:43 -05:00
Evan Prodromou
760be76fc0 camelcase the uap param names 2010-01-27 16:34:18 -05:00
Evan Prodromou
ea123800e9 move leaderboard to after the header 2010-01-27 16:34:18 -05:00
Sarven Capadisli
1c875a5395 Moved rectangle ad into aside and leaderboard to the right in header.
Intention for this layout was to reduce whitespace in header area
2010-01-27 16:34:18 -05:00
Evan Prodromou
e9feafc3ca CSS ids and classes fixed in UAPPlugin 2010-01-27 16:34:17 -05:00
Evan Prodromou
7c54591472 make uapplugin an abstract class 2010-01-27 16:34:17 -05:00
Evan Prodromou
1758ed453b move UAP plugin to core 2010-01-27 16:34:17 -05:00
Brion Vibber
c51539804a Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!) 2010-01-27 09:24:59 -08:00
Evan Prodromou
c52951cef5 Optionally set a separate Javascript server and path
We have about 10-12 JavaScript pages per Web page. They usually
are based on the same server as the Web pages, but since they're
static files, it makes sense to offload them to a lite server that
handles static files well.

This commit lets you set a separate Javascript server and path for the
default Javascript code in StatusNet.

Squashed commit of the following:

commit 139d1622fdafe5ad00c820224416d9021efc3234
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:30:24 2010 -0500

    modules that call htmloutputter::script() don't prescribe js/ path

commit c6ca3174af73efed55eaed5ff1e2a3bdc77d2d87
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:28:07 2010 -0500

    configurable server and path for javascript files
2010-01-27 11:37:22 -05:00
Zach Copley
923b7de3c6 - Check for read-only vs. read-write access to protected API resources (OAuth)
- Some cleanup
2010-01-27 08:41:26 +00:00
Siebrand Mazeland
4202ffff91 Make more complete sentence. 2010-01-27 00:57:47 +00:00
Zach Copley
aad42427cc New access admin panel for site registration settings 2010-01-26 15:56:19 -08:00
Brion Vibber
58be61b641 Control channel for queue daemons to request graceful shutdown, restart, or update to listen to a newly added or reconfigured site.
queuectl.php --update -s<site>
  queuectl.php --stop
  queuectl.php --restart

Default control channel is /topic/statusnet-control. For external utilities to send a site update ping direct to the queue server, connect via Stomp and send a message formatted thus:

  update:<nickname>

(Nickname here, *not* server hostname! The rest of the queues will be updated to use nicknames later.)

Note that all currently-connected queue daemons will get these notifications, including both queuedaemon.php and xmppdaemon.php. (XMPP will ignore site update requests for sites that it's not handling.)

Limitations:
* only implemented for stomp queue manager so far
* --update may not yet handle a changed server name properly
* --restart won't reload PHP code files that were already loaded at startup. Still need to stop and restart the daemons from 'outside' when updating code base.
2010-01-26 11:49:49 -08:00
Evan Prodromou
655573c213 Single-user mode
New configuration options to define a single-user mode. This hides
most of the "community" pages, like the public timeline and groups.
The main user's timeline becomes the main page, and most other URLs
are changed.

Switching back and forth between 1-user and multi-user mode is
probably hazardous.

Squashed commit of the following:

commit d814aa5c92d14a27a12baba7893f3f8bf63f1d08
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:17:27 2010 -0500

    don't show inbox and outbox in single-user mode

commit 47f19b9523a7015d4c6e460b73ea32c839e00aa1
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:15:22 2010 -0500

    show correct URL for logo in single-user mode

commit 552010cffc33eadbc512ec5a67619dbc2015239a
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:15:06 2010 -0500

    make singleuser its own config section

commit 786ab260a3ca172e57b555c75ca10946d8f258a1
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:05:19 2010 -0500

    make single-user mode work

commit 5b21d7309b3a8dd5a4e0f29aea76f7897f1818b1
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 23:45:55 2010 -0500

    add single-user mode
2010-01-26 00:21:05 -05:00
Evan Prodromou
663e4e02a1 Merge branch 'master' into testing
Conflicts:
	lib/queuemanager.php
2010-01-25 18:13:09 -05:00
Evan Prodromou
e26a843caf Offload inbox updates to a queue handler to speed up posting online
Moved much of the writing that happens when posting a notice to a new
queuehandler, distribqueuehandler. This updates tags, groups, replies
and inboxes at queue time (or at Web time, if queues are disabled).

To make this work well, I had to break up the monolithic
Notice::blowCaches() and make cache blowing happen closer to where
data is updated.

Squashed commit of the following:

commit 5257626c62750ac4ac1db0ce2b71410c5711cfa3
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 14:56:41 2010 -0500

    slightly better handling of blowing tag memory cache

commit 8a22a3cdf6ec28685da129a0313e7b2a0837c9ef
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:42:56 2010 -0500

    change 'distribute' to 'distrib' so not too long for dbqueue

commit 7a063315b0f7fad27cb6fbd2bdd74e253af83e4f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:39:15 2010 -0500

    change handle_notice() to handle() in distributqueuehandler

commit 1a39ccd28b9994137d7bfd21bb4f230546938e77
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 16:05:25 2010 -0500

    error with queuemanager

commit e6b3bb93f305cfd2de71a6340b8aa6fb890049b7
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:11:34 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 94d557cdc016187d1d0647ae1794cd94d6fb8ac8
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 00:48:44 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 1c781dd08c88a35dafc5c01230b4872fd6b95182
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:54:18 2010 -0500

    move broadcasting and distributing to new queuehandler

commit da3e46d26b84e4f028f34a13fd2ee373e4c1b954
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:53:12 2010 -0500

    Move distribution of notices to new distribute queue handler
2010-01-25 18:08:21 -05:00
Brion Vibber
f3beed6889 Fix presence notification on XMPP thread (now foreground, not background) 2010-01-25 13:49:02 -08:00
Brion Vibber
1ab2483296 Fix presence notification on XMPP thread (now foreground, not background) 2010-01-25 13:48:24 -08:00
Zach Copley
4daf76212a - Had to remove checking read vs. read-write in OAuth authenticated methods
- Will now pick up source attr from OAuth app
2010-01-25 00:51:56 +00:00
Zach Copley
8b24b5ac7b Add Start/EndSetApiUser events when setting API user via OAuth 2010-01-24 16:46:37 -08:00
Zach Copley
1f8ddf716d Check for read vs. read-write access on OAuth authenticated API mehtods. 2010-01-24 16:36:06 -08:00