apibareauthaction.php 3.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Base class for API actions that require "bare auth". Bare auth means
  6. * authentication is required only if the action is called without an argument
  7. * or query param specifying user id.
  8. *
  9. * PHP version 5
  10. *
  11. * LICENCE: This program is free software: you can redistribute it and/or modify
  12. * it under the terms of the GNU Affero General Public License as published by
  13. * the Free Software Foundation, either version 3 of the License, or
  14. * (at your option) any later version.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  23. *
  24. * @category API
  25. * @package StatusNet
  26. * @author Adrian Lang <mail@adrianlang.de>
  27. * @author Brenda Wallace <shiny@cpan.org>
  28. * @author Craig Andrews <candrews@integralblue.com>
  29. * @author Dan Moore <dan@moore.cx>
  30. * @author Evan Prodromou <evan@status.net>
  31. * @author mEDI <medi@milaro.net>
  32. * @author Sarven Capadisli <csarven@status.net>
  33. * @author Zach Copley <zach@status.net>
  34. * @copyright 2009 StatusNet, Inc.
  35. * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
  36. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  37. * @link http://status.net/
  38. */
  39. if (!defined('STATUSNET')) {
  40. exit(1);
  41. }
  42. /**
  43. * Actions extending this class will require auth unless a target
  44. * user ID has been specified
  45. *
  46. * @category API
  47. * @package StatusNet
  48. * @author Adrian Lang <mail@adrianlang.de>
  49. * @author Brenda Wallace <shiny@cpan.org>
  50. * @author Craig Andrews <candrews@integralblue.com>
  51. * @author Dan Moore <dan@moore.cx>
  52. * @author Evan Prodromou <evan@status.net>
  53. * @author mEDI <medi@milaro.net>
  54. * @author Sarven Capadisli <csarven@status.net>
  55. * @author Zach Copley <zach@status.net>
  56. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  57. * @link http://status.net/
  58. */
  59. class ApiBareAuthAction extends ApiAuthAction
  60. {
  61. /**
  62. * Does this API resource require authentication?
  63. *
  64. * @return boolean true or false
  65. */
  66. function requiresAuth()
  67. {
  68. // If the site is "private", all API methods except statusnet/config
  69. // need authentication
  70. if (common_config('site', 'private')) {
  71. return true;
  72. }
  73. // check whether a user has been specified somehow
  74. $id = $this->arg('id');
  75. $user_id = $this->arg('user_id');
  76. $screen_name = $this->arg('screen_name');
  77. if (empty($id) && empty($user_id) && empty($screen_name)) {
  78. return true;
  79. }
  80. return false;
  81. }
  82. }