]> git.mxchange.org Git - quix0rs-gnu-social.git/commit
projects / quix0rs-gnu-social.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6a1b0e2) | patch
Extend authorization framework to cover login and API use
authorEvan Prodromou <evan@status.net>
Mon, 21 Feb 2011 15:20:42 +0000 (10:20 -0500)
committerEvan Prodromou <evan@status.net>
Mon, 21 Feb 2011 15:20:42 +0000 (10:20 -0500)
commit1525acdca197b598e20c6c4a5636a5cc24b89b32
tree19b7dae1b059ab0c9bad38b775efdc6c6917ec01tree | snapshot
parent6a1b0e2375a1a267507e655c4b56c9a512e80481commit | diff
Extend authorization framework to cover login and API use

I've extended the rights framework (centering on the Right class and Profile::hasRight()) to cover
Web login and API use. This will make it possible to prevent login and API use by users.

I added two new Right constants to the Right class: WEBLOGIN and API. I check these rights using
Profile::hasRight() when initializing users. If the rights check fails, I throw an exception.

I created a new AuthorizationException class for this particular
exception, in order to allow a different UI for these kinds of exceptions (or whatever).
classes/Profile.php diff | blob | history
lib/apiauth.php diff | blob | history
lib/authorizationexception.php [new file with mode: 0644] blob
lib/right.php diff | blob | history
lib/util.php diff | blob | history
This is my personal clone from the wonderful software GNUSocial. I may fix or break things here, so use it on your own risk. :-)