/*! @page authentication Authentication
- StatusNet supports HTTP Basic Authentication and OAuth for API calls.
+ GNU social supports HTTP Basic Authentication and OAuth for API calls.
@warning Currently, users who have created accounts without setting a
password via OpenID, Facebook Connect, etc., cannot use the API until
// TRANS: Authorization exception thrown when a user without API access tries to access the API.
throw new AuthorizationException(_('Not allowed to use API.'));
}
+ // Let's run this in the same way as if we've just authenticated the user (basic/oauth auth)
+ Event::handle('EndSetApiUser', array($this->auth_user));
$this->access = self::READ_WRITE;
} else {
$oauthReq = $this->getOAuthRequest();
// Set the auth user
if (Event::handle('StartSetApiUser', array(&$user))) {
$user = User::getKV('id', $appUser->profile_id);
- if (!empty($user)) {
- if (!$user->hasRight(Right::API)) {
- // TRANS: Authorization exception thrown when a user without API access tries to access the API.
- throw new AuthorizationException(_('Not allowed to use API.'));
- }
+ }
+ if ($user instanceof User) {
+ if (!$user->hasRight(Right::API)) {
+ // TRANS: Authorization exception thrown when a user without API access tries to access the API.
+ throw new AuthorizationException(_('Not allowed to use API.'));
}
$this->auth_user = $user;
- // FIXME: setting the value returned by common_current_user()
- // There should probably be a better method for this. common_set_user()
- // does lots of session stuff.
- global $_cur;
- $_cur = $this->auth_user;
- Event::handle('EndSetApiUser', array($user));
+ Event::handle('EndSetApiUser', array($this->auth_user));
+ } else {
+ // If $user is not a real User, let's force it to null.
+ $this->auth_user = null;
}
+ // FIXME: setting the value returned by common_current_user()
+ // There should probably be a better method for this. common_set_user()
+ // does lots of session stuff.
+ global $_cur;
+ $_cur = $this->auth_user;
+
$msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " .
"application '%s' (id: %d) with %s access.";
$user = common_check_user($this->auth_user_nickname,
$this->auth_user_password);
- if (Event::handle('StartSetApiUser', array(&$user))) {
-
- if ($user instanceof User) {
- if (!$user->hasRight(Right::API)) {
- // TRANS: Authorization exception thrown when a user without API access tries to access the API.
- throw new AuthorizationException(_('Not allowed to use API.'));
- }
- $this->auth_user = $user;
+ Event::handle('StartSetApiUser', array(&$user));
+ if ($user instanceof User) {
+ if (!$user->hasRight(Right::API)) {
+ // TRANS: Authorization exception thrown when a user without API access tries to access the API.
+ throw new AuthorizationException(_('Not allowed to use API.'));
}
+ $this->auth_user = $user;
- Event::handle('EndSetApiUser', array($user));
+ Event::handle('EndSetApiUser', array($this->auth_user));
+ } else {
+ $this->auth_user = null;
}
// By default, basic auth users have rw access
projects / quix0rs-gnu-social.git / blobdiff