<?php
/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, 2009, Control Yourself, Inc.
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-if (!defined('LACONICA')) {
+if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
}
$toupdate = implode(', ', $parts);
- $table = $this->tableName();
- if(common_config('db','quote_identifiers')) {
- $table = '"' . $table . '"';
- }
+ $table = common_database_tablename($this->tableName());
$qry = 'UPDATE ' . $table . ' SET ' . $toupdate .
' WHERE id = ' . $this->id;
$orig->decache();
function allowed_nickname($nickname)
{
// XXX: should already be validated for size, content, etc.
- static $blacklist = array('rss', 'xrds', 'doc', 'main',
- 'settings', 'notice', 'user',
- 'search', 'avatar', 'tag', 'tags',
- 'api', 'message', 'group', 'groups',
- 'local');
+
+ $blacklist = array();
+
+ //all directory and file names should be blacklisted
+ $d = dir(INSTALLDIR);
+ while (false !== ($entry = $d->read())) {
+ $blacklist[]=$entry;
+ }
+ $d->close();
$merged = array_merge($blacklist, common_config('nickname', 'blacklist'));
return !in_array($nickname, $merged);
}
'SELECT notice.* ' .
'FROM notice JOIN subscription ON notice.profile_id = subscription.subscribed ' .
'WHERE subscription.subscriber = %d ' .
- 'AND notice.is_local != ' . NOTICE_GATEWAY;
+ 'AND notice.is_local != ' . Notice::GATEWAY;
return Notice::getStream(sprintf($qry, $this->id),
'user:notices_with_friends:' . $this->id,
$offset, $limit, $since_id, $before_id,
// ;last cache, too
$cache->delete(common_cache_key('fave:ids_by_user:'.$this->id));
$cache->delete(common_cache_key('fave:ids_by_user:'.$this->id.';last'));
+ $cache->delete(common_cache_key('fave:ids_by_user_own:'.$this->id));
+ $cache->delete(common_cache_key('fave:ids_by_user_own:'.$this->id.';last'));
}
+ $profile = $this->getProfile();
+ $profile->blowFaveCount();
}
function getSelfTags()
function getSubscriptions($offset=0, $limit=null)
{
- $qry =
- 'SELECT profile.* ' .
- 'FROM profile JOIN subscription ' .
- 'ON profile.id = subscription.subscribed ' .
- 'WHERE subscription.subscriber = %d ' .
- 'AND subscription.subscribed != subscription.subscriber ' .
- 'ORDER BY subscription.created DESC ';
-
- if (common_config('db','type') == 'pgsql') {
- $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
- } else {
- $qry .= ' LIMIT ' . $offset . ', ' . $limit;
- }
-
- $profile = new Profile();
-
- $profile->query(sprintf($qry, $this->id));
-
- return $profile;
+ $profile = $this->getProfile();
+ assert(!empty($profile));
+ return $profile->getSubscriptions($offset, $limit);
}
function getSubscribers($offset=0, $limit=null)
{
- $qry =
- 'SELECT profile.* ' .
- 'FROM profile JOIN subscription ' .
- 'ON profile.id = subscription.subscriber ' .
- 'WHERE subscription.subscribed = %d ' .
- 'AND subscription.subscribed != subscription.subscriber ' .
- 'ORDER BY subscription.created DESC ';
-
- if ($offset) {
- if (common_config('db','type') == 'pgsql') {
- $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
- } else {
- $qry .= ' LIMIT ' . $offset . ', ' . $limit;
- }
- }
-
- $profile = new Profile();
-
- $cnt = $profile->query(sprintf($qry, $this->id));
-
- return $profile;
+ $profile = $this->getProfile();
+ assert(!empty($profile));
+ return $profile->getSubscribers($offset, $limit);
}
function getTaggedSubscribers($tag, $offset=0, $limit=null)
'ORDER BY subscription.created DESC ';
if ($offset) {
- if (common_config('db','type') == 'pgsql') {
- $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
- } else {
- $qry .= ' LIMIT ' . $offset . ', ' . $limit;
- }
+ $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
}
$profile = new Profile();
'AND subscription.subscribed != subscription.subscriber ' .
'ORDER BY subscription.created DESC ';
- if (common_config('db','type') == 'pgsql') {
- $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
- } else {
- $qry .= ' LIMIT ' . $offset . ', ' . $limit;
- }
+ $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
$profile = new Profile();
return $profile;
}
- function hasOpenID()
+ function getDesign()
+ {
+ return Design::staticGet('id', $this->design_id);
+ }
+
+ function hasRole($name)
{
- $oid = new User_openid();
+ $role = User_role::pkeyGet(array('user_id' => $this->id,
+ 'role' => $name));
+ return (!empty($role));
+ }
+
+ function grantRole($name)
+ {
+ $role = new User_role();
- $oid->user_id = $this->id;
+ $role->user_id = $this->id;
+ $role->role = $name;
+ $role->created = common_sql_now();
- $cnt = $oid->find();
+ $result = $role->insert();
- return ($cnt > 0);
+ if (!$result) {
+ common_log_db_error($role, 'INSERT', __FILE__);
+ return false;
+ }
+
+ return true;
}
- function getDesign()
+ function revokeRole($name)
{
- return Design::staticGet('id', $this->design_id);
+ $role = User_role::pkeyGet(array('user_id' => $this->id,
+ 'role' => $name));
+
+ if (empty($role)) {
+ throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; does not exist.');
+ }
+
+ $result = $role->delete();
+
+ if (!$result) {
+ common_log_db_error($role, 'DELETE', __FILE__);
+ throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; database error.');
+ }
+
+ return true;
+ }
+
+ /**
+ * Does this user have the right to do X?
+ *
+ * With our role-based authorization, this is merely a lookup for whether the user
+ * has a particular role. The implementation currently uses a switch statement
+ * to determine if the user has the pre-defined role to exercise the right. Future
+ * implementations may allow per-site roles, and different mappings of roles to rights.
+ *
+ * @param $right string Name of the right, usually a constant in class Right
+ * @return boolean whether the user has the right in question
+ */
+
+ function hasRight($right)
+ {
+ $result = false;
+ if (Event::handle('UserRightsCheck', array($this, $right, &$result))) {
+ switch ($right)
+ {
+ case Right::deleteOthersNotice:
+ $result = $this->hasRole('moderator');
+ break;
+ default:
+ $result = false;
+ break;
+ }
+ }
+ return $result;
}
}