Remove CSRF protection from username/password login and from OpenID login.

[quix0rs-gnu-social.git] / actions / apistatusnetconfig.php

diff --git a/actions/apistatusnetconfig.php b/actions/apistatusnetconfig.php
index ed1d151bfcfc5856a1f99832d91b3d79eaad6cef..76d37ea97f83a919de56d639cd937d05ad3c6483 100644 (file)
--- a/actions/apistatusnetconfig.php
+++ b/actions/apistatusnetconfig.php
@@ -32,8 +32,6 @@ if (!defined('STATUSNET')) {
     exit(1);
 }
 
-require_once INSTALLDIR . '/lib/api.php';
-
 /**
  * Gives a full dump of configuration variables for this instance
  * of StatusNet, minus variables that may be security-sensitive (like
@@ -52,13 +50,17 @@ require_once INSTALLDIR . '/lib/api.php';
 class ApiStatusnetConfigAction extends ApiAction
 {
     var $keys = array(
-        'site' => array('name', 'server', 'theme', 'path', 'fancy', 'language',
-                        'email', 'broughtby', 'broughtbyurl', 'closed',
-                        'inviteonly', 'private'),
-        'license' => array('url', 'title', 'image'),
+        'site' => array('name', 'server', 'theme', 'path', 'logo', 'fancy', 'language',
+                        'email', 'broughtby', 'broughtbyurl', 'timezone', 'closed',
+                        'inviteonly', 'private', 'textlimit', 'ssl', 'sslserver', 'shorturllength'),
+        'license' => array('type', 'owner', 'url', 'title', 'image'),
         'nickname' => array('featured'),
+        'profile' => array('biolimit'),
+        'group' => array('desclimit'),
+        'notice' => array('contentlimit'),
         'throttle' => array('enabled', 'count', 'timespan'),
-        'xmpp' => array('enabled', 'server', 'user')
+        'xmpp' => array('enabled', 'server', 'port', 'user'),
+        'integration' => array('source')
     );
 
     /**
@@ -95,19 +97,25 @@ class ApiStatusnetConfigAction extends ApiAction
 
             // XXX: check that all sections and settings are legal XML elements
 
-            common_debug(var_export($this->keys, true));
-
             foreach ($this->keys as $section => $settings) {
                 $this->elementStart($section);
                 foreach ($settings as $setting) {
                     $value = common_config($section, $setting);
                     if (is_array($value)) {
                         $value = implode(',', $value);
-                    } else if ($value === false) {
+                    } else if ($value === false || $value == '0') {
                         $value = 'false';
-                    } else if ($value === true) {
+                    } else if ($value === true || $value == '1') {
                         $value = 'true';
                     }
+
+                    // return theme logo if there's no site specific one
+                    if (empty($value)) {
+                        if ($section == 'site' && $setting == 'logo') {
+                            $value = Theme::path('logo.png');
+                        }
+                    }
+
                     $this->element($setting, null, $value);
                 }
                 $this->elementEnd($section);
@@ -130,7 +138,7 @@ class ApiStatusnetConfigAction extends ApiAction
             break;
         default:
             $this->clientError(
-                _('API method not found!'),
+                _('API method not found.'),
                 404,
                 $this->format
             );
@@ -138,5 +146,20 @@ class ApiStatusnetConfigAction extends ApiAction
         }
     }
 
+    /**
+     * Return true if read only.
+     *
+     * MAY override
+     *
+     * @param array $args other arguments
+     *
+     * @return boolean is read only action?
+     */
+
+    function isReadOnly($args)
+    {
+        return true;
+    }
+
 }