Committer: vtroitsky
LJSUP-14192: XML-RPC API: enable getevents in syncitem mode without authorizationU trunk/cgi-bin/ljprotocol.pl
Modified: trunk/cgi-bin/ljprotocol.pl =================================================================== --- trunk/cgi-bin/ljprotocol.pl 2012-11-13 09:09:29 UTC (rev 23290) +++ trunk/cgi-bin/ljprotocol.pl 2012-11-13 09:38:48 UTC (rev 23291) @@ -4063,18 +4063,20 @@ my $date = $req->{'lastsync'} || "0000-00-00 00:00:00"; return fail($err, 203, 'xmlrpc.des.bad_value',{'param'=>'syncitems'}) unless ($date =~ /^\d\d\d\d-\d\d-\d\d \d\d:\d\d:\d\d/); - return fail($err, 301, 'xmlrpc.des.syncitems_unavailable') unless($u); + return fail($err, 301, 'xmlrpc.des.syncitems_unavailable') unless($uowner || $u); + my $now = time(); # broken client loop prevention + my $u_req = ($u ? $u : $uowner); if ($req->{'lastsync'}) { my $pname = "rl_syncitems_getevents_loop"; - LJ::load_user_props($u, $pname); + LJ::load_user_props($u_req, $pname); # format is: time/date/time/date/time/date/... so split # it into a hash, then delete pairs that are older than an hour - my %reqs = split(m!/!, $u->{$pname}); + my %reqs = split(m!/!, $u_req->{$pname}); foreach (grep { $_ < $now - 60*60 } keys %reqs) { delete $reqs{$_}; } my $count = grep { $_ eq $date } values %reqs; @@ -4086,7 +4088,7 @@ return fail($err,406); } - $u->set_prop( $pname => join( '/', map { $_ => $reqs{$_} } + $u_req->set_prop( $pname => join( '/', map { $_ => $reqs{$_} } sort { $b <=> $a } keys %reqs ) ); }