X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Fapiauth.php;h=1061e6b68c0b6a9d6c034d3b2e4604e1a26c3c6f;hb=0bd26ed3f07e349129e6e72576f081f493779a78;hp=8a1af8c27d3d9048f73aa74a082cb26162263516;hpb=b7d07466943a73e1c009467c8daa6e499810080f;p=quix0rs-gnu-social.git diff --git a/lib/apiauth.php b/lib/apiauth.php index 8a1af8c27d..1061e6b68c 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -199,11 +199,17 @@ class ApiAuthAction extends ApiAction $user = User::staticGet('id', $appUser->profile_id); if (!empty($user)) { if (!$user->hasRight(Right::API)) { + // TRANS: Authorization exception thrown when a user without API access tries to access the API. throw new AuthorizationException(_('Not allowed to use API.')); } } $this->auth_user = $user; - Event::handle('EndSetApiUser', array($user)); + // FIXME: setting the value returned by common_current_user() + // There should probably be a better method for this. common_set_user() + // does lots of session stuff. + global $_cur; + $_cur = $this->auth_user; + Event::handle('EndSetApiUser', array($user)); } $msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " . @@ -225,7 +231,7 @@ class ApiAuthAction extends ApiAction throw new OAuthException(_('Bad access token.')); } } else { - // Also should not happen + // Also should not happen. // TRANS: OAuth exception given when no user was found for a given token (no token was found). throw new OAuthException(_('No user for that token.')); } @@ -281,6 +287,7 @@ class ApiAuthAction extends ApiAction if (!empty($user)) { if (!$user->hasRight(Right::API)) { + // TRANS: Authorization exception thrown when a user without API access tries to access the API. throw new AuthorizationException(_('Not allowed to use API.')); } $this->auth_user = $user;