phorge-phorge/src/applications/diffusion/controller/DiffusionRepositoryEditDangerousController.php

<?php

final class DiffusionRepositoryEditDangerousController
  extends DiffusionRepositoryEditController {

  public function handleRequest(AphrontRequest $request) {
    $response = $this->loadDiffusionContextForEdit();
    if ($response) {
      return $response;
    }

    $viewer = $this->getViewer();
    $drequest = $this->getDiffusionRequest();
    $repository = $drequest->getRepository();

    if (!$repository->canAllowDangerousChanges()) {
      return new Aphront400Response();
    }

    $edit_uri = $this->getRepositoryControllerURI($repository, 'edit/');

    if ($request->isFormPost()) {
      $xaction = id(new PhabricatorRepositoryTransaction())
        ->setTransactionType(PhabricatorRepositoryTransaction::TYPE_DANGEROUS)
        ->setNewValue(!$repository->shouldAllowDangerousChanges());

      $editor = id(new PhabricatorRepositoryEditor())
        ->setContinueOnNoEffect(true)
        ->setContentSourceFromRequest($request)
        ->setActor($viewer)
        ->applyTransactions($repository, array($xaction));

      return id(new AphrontReloadResponse())->setURI($edit_uri);
    }

    $force = phutil_tag('tt', array(), '--force');

    if ($repository->shouldAllowDangerousChanges()) {
      return $this->newDialog()
        ->setTitle(pht('Prevent Dangerous changes?'))
        ->appendChild(
          pht(
            'It will no longer be possible to delete branches from this '.
            'repository, or %s push to this repository.',
            $force))
        ->addSubmitButton(pht('Prevent Dangerous Changes'))
        ->addCancelButton($edit_uri);
    } else {
      return $this->newDialog()
        ->setTitle(pht('Allow Dangerous Changes?'))
        ->appendChild(
          pht(
            'If you allow dangerous changes, it will be possible to delete '.
            'branches and %s push this repository. These operations can '.
            'alter a repository in a way that is difficult to recover from.',
            $force))
        ->addSubmitButton(pht('Allow Dangerous Changes'))
        ->addCancelButton($edit_uri);
    }
  }

}
Reject dangerous changes in Git repositories by default Summary: Ref T4189. This adds a per-repository "dangerous changes" flag, which defaults to off. This flag must be enabled to do non-appending branch mutation (delete branches / rewrite history). Test Plan: With flag on and off, performed various safe and dangerous pushes. >>> orbital ~/repos/POEMS $ git push origin :blarp remote: +---------------------------------------------------------------+ remote: \| * * * PUSH REJECTED BY EVIL DRAGON BUREAUCRATS * * * \| remote: +---------------------------------------------------------------+ remote: \ remote: \ ^ /^ remote: \ / \ // \ remote: \ \|\___/\| / \// .\ remote: \ /V V \__ / // \| \ \ ---- remote: / / \/_/ // \| \ \ \ \| remote: @___@` \/_ // \| \ \ \/\ \ remote: 0/0/\| \/_ // \| \ \ \ \ remote: 0/0/0/0/\| \/// \| \ \ \| \| remote: 0/0/0/0/0/_\|_ / ( // \| \ _\ \| / remote: 0/0/0/0/0/0/`/,_ _ _/ ) ; -. \| _ _\.-~ / / remote: ,-} _ -.\|.-~-. .~ ~ remote: \ \__/ `/\ / ~-. _ .-~ / remote: \____(Oo) . } { / remote: ( (--) .----~-.\ \-` .~ remote: //__\\ \ DENIED! ///.----..< \ _ -~ remote: // \\ ///-._ _ _ _ _ _ _{^ - - - - ~ remote: remote: remote: DANGEROUS CHANGE: The change you're attempting to push deletes the branch 'blarp'. remote: Dangerous change protection is enabled for this repository. remote: Edit the repository configuration before making dangerous changes. remote: To ssh://dweller@localhost/diffusion/POEMS/ ! [remote rejected] blarp (pre-receive hook declined) error: failed to push some refs to 'ssh://dweller@localhost/diffusion/POEMS/' Reviewers: btrahan Reviewed By: btrahan CC: aran, chad, richardvanvelzen Maniphest Tasks: T4189 Differential Revision: https://secure.phabricator.com/D7689 2013-12-03 19:28:39 +01:00			`<?php`

			`final class DiffusionRepositoryEditDangerousController`
			`extends DiffusionRepositoryEditController {`

Slightly modernize all Diffusion edit endpoints Summary: Ref T4245. Prepares edit endpoints for more flexible repository identifiers. Test Plan: - Added, edited, deleted mirror. - Created repository. - Edited basic repository information. - Edited policies for a repository. - Activated/deactivated repository. - Updated a repository. - Hit "Delete" dialog for a repository. - Edited hosting. - Toggled dangerous changes. - Edited branches. - Edited automation. - Tested automation. - Edited storage. - Edited staging. - Edited encoding. - Edited symbols. - Edited branches. - Edited actions. - Tried to do edits as an unprivileged user. Reviewers: chad Reviewed By: chad Maniphest Tasks: T4245 Differential Revision: https://secure.phabricator.com/D14945 2016-01-05 17:49:10 +01:00			`public function handleRequest(AphrontRequest $request) {`
			`$response = $this->loadDiffusionContextForEdit();`
			`if ($response) {`
			`return $response;`
Reject dangerous changes in Git repositories by default Summary: Ref T4189. This adds a per-repository "dangerous changes" flag, which defaults to off. This flag must be enabled to do non-appending branch mutation (delete branches / rewrite history). Test Plan: With flag on and off, performed various safe and dangerous pushes. >>> orbital ~/repos/POEMS $ git push origin :blarp remote: +---------------------------------------------------------------+ remote: \| * * * PUSH REJECTED BY EVIL DRAGON BUREAUCRATS * * * \| remote: +---------------------------------------------------------------+ remote: \ remote: \ ^ /^ remote: \ / \ // \ remote: \ \|\___/\| / \// .\ remote: \ /V V \__ / // \| \ \ ---- remote: / / \/_/ // \| \ \ \ \| remote: @___@` \/_ // \| \ \ \/\ \ remote: 0/0/\| \/_ // \| \ \ \ \ remote: 0/0/0/0/\| \/// \| \ \ \| \| remote: 0/0/0/0/0/_\|_ / ( // \| \ _\ \| / remote: 0/0/0/0/0/0/`/,_ _ _/ ) ; -. \| _ _\.-~ / / remote: ,-} _ -.\|.-~-. .~ ~ remote: \ \__/ `/\ / ~-. _ .-~ / remote: \____(Oo) . } { / remote: ( (--) .----~-.\ \-` .~ remote: //__\\ \ DENIED! ///.----..< \ _ -~ remote: // \\ ///-._ _ _ _ _ _ _{^ - - - - ~ remote: remote: remote: DANGEROUS CHANGE: The change you're attempting to push deletes the branch 'blarp'. remote: Dangerous change protection is enabled for this repository. remote: Edit the repository configuration before making dangerous changes. remote: To ssh://dweller@localhost/diffusion/POEMS/ ! [remote rejected] blarp (pre-receive hook declined) error: failed to push some refs to 'ssh://dweller@localhost/diffusion/POEMS/' Reviewers: btrahan Reviewed By: btrahan CC: aran, chad, richardvanvelzen Maniphest Tasks: T4189 Differential Revision: https://secure.phabricator.com/D7689 2013-12-03 19:28:39 +01:00			`}`

Slightly modernize all Diffusion edit endpoints Summary: Ref T4245. Prepares edit endpoints for more flexible repository identifiers. Test Plan: - Added, edited, deleted mirror. - Created repository. - Edited basic repository information. - Edited policies for a repository. - Activated/deactivated repository. - Updated a repository. - Hit "Delete" dialog for a repository. - Edited hosting. - Toggled dangerous changes. - Edited branches. - Edited automation. - Tested automation. - Edited storage. - Edited staging. - Edited encoding. - Edited symbols. - Edited branches. - Edited actions. - Tried to do edits as an unprivileged user. Reviewers: chad Reviewed By: chad Maniphest Tasks: T4245 Differential Revision: https://secure.phabricator.com/D14945 2016-01-05 17:49:10 +01:00			`$viewer = $this->getViewer();`
			`$drequest = $this->getDiffusionRequest();`
			`$repository = $drequest->getRepository();`

Reject dangerous changes in Git repositories by default Summary: Ref T4189. This adds a per-repository "dangerous changes" flag, which defaults to off. This flag must be enabled to do non-appending branch mutation (delete branches / rewrite history). Test Plan: With flag on and off, performed various safe and dangerous pushes. >>> orbital ~/repos/POEMS $ git push origin :blarp remote: +---------------------------------------------------------------+ remote: \| * * * PUSH REJECTED BY EVIL DRAGON BUREAUCRATS * * * \| remote: +---------------------------------------------------------------+ remote: \ remote: \ ^ /^ remote: \ / \ // \ remote: \ \|\___/\| / \// .\ remote: \ /V V \__ / // \| \ \ ---- remote: / / \/_/ // \| \ \ \ \| remote: @___@` \/_ // \| \ \ \/\ \ remote: 0/0/\| \/_ // \| \ \ \ \ remote: 0/0/0/0/\| \/// \| \ \ \| \| remote: 0/0/0/0/0/_\|_ / ( // \| \ _\ \| / remote: 0/0/0/0/0/0/`/,_ _ _/ ) ; -. \| _ _\.-~ / / remote: ,-} _ -.\|.-~-. .~ ~ remote: \ \__/ `/\ / ~-. _ .-~ / remote: \____(Oo) . } { / remote: ( (--) .----~-.\ \-` .~ remote: //__\\ \ DENIED! ///.----..< \ _ -~ remote: // \\ ///-._ _ _ _ _ _ _{^ - - - - ~ remote: remote: remote: DANGEROUS CHANGE: The change you're attempting to push deletes the branch 'blarp'. remote: Dangerous change protection is enabled for this repository. remote: Edit the repository configuration before making dangerous changes. remote: To ssh://dweller@localhost/diffusion/POEMS/ ! [remote rejected] blarp (pre-receive hook declined) error: failed to push some refs to 'ssh://dweller@localhost/diffusion/POEMS/' Reviewers: btrahan Reviewed By: btrahan CC: aran, chad, richardvanvelzen Maniphest Tasks: T4189 Differential Revision: https://secure.phabricator.com/D7689 2013-12-03 19:28:39 +01:00			`if (!$repository->canAllowDangerousChanges()) {`
			`return new Aphront400Response();`
			`}`

			`$edit_uri = $this->getRepositoryControllerURI($repository, 'edit/');`

			`if ($request->isFormPost()) {`
			`$xaction = id(new PhabricatorRepositoryTransaction())`
			`->setTransactionType(PhabricatorRepositoryTransaction::TYPE_DANGEROUS)`
			`->setNewValue(!$repository->shouldAllowDangerousChanges());`

			`$editor = id(new PhabricatorRepositoryEditor())`
			`->setContinueOnNoEffect(true)`
			`->setContentSourceFromRequest($request)`
			`->setActor($viewer)`
			`->applyTransactions($repository, array($xaction));`

			`return id(new AphrontReloadResponse())->setURI($edit_uri);`
			`}`

			`$force = phutil_tag('tt', array(), '--force');`

			`if ($repository->shouldAllowDangerousChanges()) {`
Slightly modernize all Diffusion edit endpoints Summary: Ref T4245. Prepares edit endpoints for more flexible repository identifiers. Test Plan: - Added, edited, deleted mirror. - Created repository. - Edited basic repository information. - Edited policies for a repository. - Activated/deactivated repository. - Updated a repository. - Hit "Delete" dialog for a repository. - Edited hosting. - Toggled dangerous changes. - Edited branches. - Edited automation. - Tested automation. - Edited storage. - Edited staging. - Edited encoding. - Edited symbols. - Edited branches. - Edited actions. - Tried to do edits as an unprivileged user. Reviewers: chad Reviewed By: chad Maniphest Tasks: T4245 Differential Revision: https://secure.phabricator.com/D14945 2016-01-05 17:49:10 +01:00			`return $this->newDialog()`
Reject dangerous changes in Git repositories by default Summary: Ref T4189. This adds a per-repository "dangerous changes" flag, which defaults to off. This flag must be enabled to do non-appending branch mutation (delete branches / rewrite history). Test Plan: With flag on and off, performed various safe and dangerous pushes. >>> orbital ~/repos/POEMS $ git push origin :blarp remote: +---------------------------------------------------------------+ remote: \| * * * PUSH REJECTED BY EVIL DRAGON BUREAUCRATS * * * \| remote: +---------------------------------------------------------------+ remote: \ remote: \ ^ /^ remote: \ / \ // \ remote: \ \|\___/\| / \// .\ remote: \ /V V \__ / // \| \ \ ---- remote: / / \/_/ // \| \ \ \ \| remote: @___@` \/_ // \| \ \ \/\ \ remote: 0/0/\| \/_ // \| \ \ \ \ remote: 0/0/0/0/\| \/// \| \ \ \| \| remote: 0/0/0/0/0/_\|_ / ( // \| \ _\ \| / remote: 0/0/0/0/0/0/`/,_ _ _/ ) ; -. \| _ _\.-~ / / remote: ,-} _ -.\|.-~-. .~ ~ remote: \ \__/ `/\ / ~-. _ .-~ / remote: \____(Oo) . } { / remote: ( (--) .----~-.\ \-` .~ remote: //__\\ \ DENIED! ///.----..< \ _ -~ remote: // \\ ///-._ _ _ _ _ _ _{^ - - - - ~ remote: remote: remote: DANGEROUS CHANGE: The change you're attempting to push deletes the branch 'blarp'. remote: Dangerous change protection is enabled for this repository. remote: Edit the repository configuration before making dangerous changes. remote: To ssh://dweller@localhost/diffusion/POEMS/ ! [remote rejected] blarp (pre-receive hook declined) error: failed to push some refs to 'ssh://dweller@localhost/diffusion/POEMS/' Reviewers: btrahan Reviewed By: btrahan CC: aran, chad, richardvanvelzen Maniphest Tasks: T4189 Differential Revision: https://secure.phabricator.com/D7689 2013-12-03 19:28:39 +01:00			`->setTitle(pht('Prevent Dangerous changes?'))`
			`->appendChild(`
			`pht(`
			`'It will no longer be possible to delete branches from this '.`
			`'repository, or %s push to this repository.',`
			`$force))`
			`->addSubmitButton(pht('Prevent Dangerous Changes'))`
			`->addCancelButton($edit_uri);`
			`} else {`
Slightly modernize all Diffusion edit endpoints Summary: Ref T4245. Prepares edit endpoints for more flexible repository identifiers. Test Plan: - Added, edited, deleted mirror. - Created repository. - Edited basic repository information. - Edited policies for a repository. - Activated/deactivated repository. - Updated a repository. - Hit "Delete" dialog for a repository. - Edited hosting. - Toggled dangerous changes. - Edited branches. - Edited automation. - Tested automation. - Edited storage. - Edited staging. - Edited encoding. - Edited symbols. - Edited branches. - Edited actions. - Tried to do edits as an unprivileged user. Reviewers: chad Reviewed By: chad Maniphest Tasks: T4245 Differential Revision: https://secure.phabricator.com/D14945 2016-01-05 17:49:10 +01:00			`return $this->newDialog()`
Reject dangerous changes in Git repositories by default Summary: Ref T4189. This adds a per-repository "dangerous changes" flag, which defaults to off. This flag must be enabled to do non-appending branch mutation (delete branches / rewrite history). Test Plan: With flag on and off, performed various safe and dangerous pushes. >>> orbital ~/repos/POEMS $ git push origin :blarp remote: +---------------------------------------------------------------+ remote: \| * * * PUSH REJECTED BY EVIL DRAGON BUREAUCRATS * * * \| remote: +---------------------------------------------------------------+ remote: \ remote: \ ^ /^ remote: \ / \ // \ remote: \ \|\___/\| / \// .\ remote: \ /V V \__ / // \| \ \ ---- remote: / / \/_/ // \| \ \ \ \| remote: @___@` \/_ // \| \ \ \/\ \ remote: 0/0/\| \/_ // \| \ \ \ \ remote: 0/0/0/0/\| \/// \| \ \ \| \| remote: 0/0/0/0/0/_\|_ / ( // \| \ _\ \| / remote: 0/0/0/0/0/0/`/,_ _ _/ ) ; -. \| _ _\.-~ / / remote: ,-} _ -.\|.-~-. .~ ~ remote: \ \__/ `/\ / ~-. _ .-~ / remote: \____(Oo) . } { / remote: ( (--) .----~-.\ \-` .~ remote: //__\\ \ DENIED! ///.----..< \ _ -~ remote: // \\ ///-._ _ _ _ _ _ _{^ - - - - ~ remote: remote: remote: DANGEROUS CHANGE: The change you're attempting to push deletes the branch 'blarp'. remote: Dangerous change protection is enabled for this repository. remote: Edit the repository configuration before making dangerous changes. remote: To ssh://dweller@localhost/diffusion/POEMS/ ! [remote rejected] blarp (pre-receive hook declined) error: failed to push some refs to 'ssh://dweller@localhost/diffusion/POEMS/' Reviewers: btrahan Reviewed By: btrahan CC: aran, chad, richardvanvelzen Maniphest Tasks: T4189 Differential Revision: https://secure.phabricator.com/D7689 2013-12-03 19:28:39 +01:00			`->setTitle(pht('Allow Dangerous Changes?'))`
			`->appendChild(`
			`pht(`
			`'If you allow dangerous changes, it will be possible to delete '.`
			`'branches and %s push this repository. These operations can '.`
			`'alter a repository in a way that is difficult to recover from.',`
			`$force))`
			`->addSubmitButton(pht('Allow Dangerous Changes'))`
			`->addCancelButton($edit_uri);`
			`}`
			`}`

			`}`