2011-01-16 22:51:39 +01:00
|
|
|
<?php
|
|
|
|
|
|
2011-01-23 02:48:55 +01:00
|
|
|
abstract class PhabricatorController extends AphrontController {
|
2011-01-16 22:51:39 +01:00
|
|
|
|
2012-08-15 19:45:06 +02:00
|
|
|
private $handles;
|
|
|
|
|
|
2011-01-26 22:21:12 +01:00
|
|
|
public function shouldRequireLogin() {
|
2012-10-01 04:44:09 +02:00
|
|
|
|
|
|
|
|
// If this install is configured to allow public resources and the
|
|
|
|
|
// controller works in public mode, allow the request through.
|
|
|
|
|
$is_public_allowed = PhabricatorEnv::getEnvConfig('policy.allow-public');
|
|
|
|
|
if ($is_public_allowed && $this->shouldAllowPublic()) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-26 22:21:12 +01:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-12 19:06:54 +02:00
|
|
|
public function shouldRequireAdmin() {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function shouldRequireEnabledUser() {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-01 04:44:09 +02:00
|
|
|
public function shouldAllowPublic() {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
public function shouldRequireEmailVerification() {
|
Allow restriction of permitted email domains
Summary:
Allow allowed email addresses to be restricted to certain domains. This implies email must be verified.
This probably isn't QUITE ready for prime-time without a few other tweaks (better administrative tools, notably) but we're nearly there.
Test Plan:
- With no restrictions:
- Registered with OAuth
- Created an account with accountadmin
- Added an email
- With restrictions:
- Tried to OAuth register with a restricted address, was prompted to provide a valid one.
- Tried to OAuth register with a valid address, worked fine.
- Tried to accountadmin a restricted address, got blocked.
- Tried to accountadmin a valid address, worked fine.
- Tried to add a restricted address, blocked.
- Tried to add a valid address, worked fine.
- Created a user with People with an invalid address, got blocked.
- Created a user with People with a valid address, worked fine.
Reviewers: btrahan, csilvers
Reviewed By: csilvers
CC: aran, joe, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2581
2012-05-26 15:04:35 +02:00
|
|
|
$need_verify = PhabricatorUserEmail::isEmailVerificationRequired();
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
$need_login = $this->shouldRequireLogin();
|
|
|
|
|
|
|
|
|
|
return ($need_login && $need_verify);
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-26 22:21:12 +01:00
|
|
|
final public function willBeginExecution() {
|
|
|
|
|
|
|
|
|
|
$request = $this->getRequest();
|
|
|
|
|
|
|
|
|
|
$user = new PhabricatorUser();
|
|
|
|
|
|
|
|
|
|
$phusr = $request->getCookie('phusr');
|
|
|
|
|
$phsid = $request->getCookie('phsid');
|
|
|
|
|
|
2012-09-14 02:00:53 +02:00
|
|
|
if (strlen($phusr) && $phsid) {
|
2011-01-26 22:21:12 +01:00
|
|
|
$info = queryfx_one(
|
|
|
|
|
$user->establishConnection('r'),
|
|
|
|
|
'SELECT u.* FROM %T u JOIN %T s ON u.phid = s.userPHID
|
Enable multiple web sessions
Summary:
Conduit already has multiple-session code, just move it to the main
establishSession() method and set a web session limit larger than 1.
NOTE: This will log everyone out since we no longer look for the "web" session,
only for "web-1", "web-2", ..., etc. Presumably this doesn't matter.
Test Plan:
Applied patch, was logged out. Logged in in Safari. Verified I was issued
"web-1". Logged in in Firefox. Verified I was issued "web-2".
Kept logging in and out until I got issued "web-5", then did it again and was
issued "web-1" with a new key.
Ran conduit methods and verified they work and correctly cycled session keys.
Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason, aran
Commenters: jungejason
CC: rm, fzamore, ola, aran, epriestley, jungejason, tuomaspelkonen
Differential Revision: 264
2011-05-11 13:52:32 +02:00
|
|
|
AND s.type LIKE %> AND s.sessionKey = %s',
|
2011-01-26 22:21:12 +01:00
|
|
|
$user->getTableName(),
|
|
|
|
|
'phabricator_session',
|
Enable multiple web sessions
Summary:
Conduit already has multiple-session code, just move it to the main
establishSession() method and set a web session limit larger than 1.
NOTE: This will log everyone out since we no longer look for the "web" session,
only for "web-1", "web-2", ..., etc. Presumably this doesn't matter.
Test Plan:
Applied patch, was logged out. Logged in in Safari. Verified I was issued
"web-1". Logged in in Firefox. Verified I was issued "web-2".
Kept logging in and out until I got issued "web-5", then did it again and was
issued "web-1" with a new key.
Ran conduit methods and verified they work and correctly cycled session keys.
Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, jungejason, aran
Commenters: jungejason
CC: rm, fzamore, ola, aran, epriestley, jungejason, tuomaspelkonen
Differential Revision: 264
2011-05-11 13:52:32 +02:00
|
|
|
'web-',
|
2013-05-31 02:30:06 +02:00
|
|
|
PhabricatorHash::digest($phsid));
|
2011-01-26 22:21:12 +01:00
|
|
|
if ($info) {
|
|
|
|
|
$user->loadFromArray($info);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-06-15 03:08:06 +02:00
|
|
|
$translation = $user->getTranslation();
|
|
|
|
|
if ($translation &&
|
2012-06-16 08:21:25 +02:00
|
|
|
$translation != PhabricatorEnv::getEnvConfig('translation.provider')) {
|
2012-06-15 03:08:06 +02:00
|
|
|
$translation = newv($translation, array());
|
|
|
|
|
PhutilTranslator::getInstance()
|
|
|
|
|
->setLanguage($translation->getLanguage())
|
|
|
|
|
->addTranslations($translation->getTranslations());
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-26 22:21:12 +01:00
|
|
|
$request->setUser($user);
|
2011-02-05 21:20:18 +01:00
|
|
|
|
2011-05-12 19:06:54 +02:00
|
|
|
if ($user->getIsDisabled() && $this->shouldRequireEnabledUser()) {
|
2012-05-31 01:38:53 +02:00
|
|
|
$disabled_user_controller = new PhabricatorDisabledUserController(
|
|
|
|
|
$request);
|
2011-05-12 19:06:54 +02:00
|
|
|
return $this->delegateToController($disabled_user_controller);
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-26 02:37:52 +02:00
|
|
|
$event = new PhabricatorEvent(
|
|
|
|
|
PhabricatorEventType::TYPE_CONTROLLER_CHECKREQUEST,
|
|
|
|
|
array(
|
|
|
|
|
'request' => $request,
|
2013-01-23 22:44:22 +01:00
|
|
|
'controller' => $this,
|
2012-09-26 02:37:52 +02:00
|
|
|
));
|
|
|
|
|
$event->setUser($user);
|
|
|
|
|
PhutilEventEngine::dispatchEvent($event);
|
|
|
|
|
$checker_controller = $event->getValue('controller');
|
2013-01-23 22:44:22 +01:00
|
|
|
if ($checker_controller != $this) {
|
2012-09-26 02:37:52 +02:00
|
|
|
return $this->delegateToController($checker_controller);
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-20 02:40:48 +01:00
|
|
|
$preferences = $user->loadPreferences();
|
|
|
|
|
|
2011-02-05 20:45:13 +01:00
|
|
|
if (PhabricatorEnv::getEnvConfig('darkconsole.enabled')) {
|
2013-01-20 02:40:48 +01:00
|
|
|
$dark_console = PhabricatorUserPreferences::PREFERENCE_DARK_CONSOLE;
|
|
|
|
|
if ($preferences->getPreference($dark_console) ||
|
|
|
|
|
PhabricatorEnv::getEnvConfig('darkconsole.always-on')) {
|
2011-02-05 20:45:13 +01:00
|
|
|
$console = new DarkConsoleCore();
|
|
|
|
|
$request->getApplicationConfiguration()->setConsole($console);
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-01-26 22:21:12 +01:00
|
|
|
|
Allow restriction of permitted email domains
Summary:
Allow allowed email addresses to be restricted to certain domains. This implies email must be verified.
This probably isn't QUITE ready for prime-time without a few other tweaks (better administrative tools, notably) but we're nearly there.
Test Plan:
- With no restrictions:
- Registered with OAuth
- Created an account with accountadmin
- Added an email
- With restrictions:
- Tried to OAuth register with a restricted address, was prompted to provide a valid one.
- Tried to OAuth register with a valid address, worked fine.
- Tried to accountadmin a restricted address, got blocked.
- Tried to accountadmin a valid address, worked fine.
- Tried to add a restricted address, blocked.
- Tried to add a valid address, worked fine.
- Created a user with People with an invalid address, got blocked.
- Created a user with People with a valid address, worked fine.
Reviewers: btrahan, csilvers
Reviewed By: csilvers
CC: aran, joe, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2581
2012-05-26 15:04:35 +02:00
|
|
|
if ($this->shouldRequireLogin() && !$user->getPHID()) {
|
2013-06-19 10:33:27 +02:00
|
|
|
$login_controller = new PhabricatorAuthStartController($request);
|
2013-06-20 20:18:48 +02:00
|
|
|
$this->setCurrentApplication(
|
2013-06-19 10:33:27 +02:00
|
|
|
PhabricatorApplication::getByClass('PhabricatorApplicationAuth'));
|
Allow restriction of permitted email domains
Summary:
Allow allowed email addresses to be restricted to certain domains. This implies email must be verified.
This probably isn't QUITE ready for prime-time without a few other tweaks (better administrative tools, notably) but we're nearly there.
Test Plan:
- With no restrictions:
- Registered with OAuth
- Created an account with accountadmin
- Added an email
- With restrictions:
- Tried to OAuth register with a restricted address, was prompted to provide a valid one.
- Tried to OAuth register with a valid address, worked fine.
- Tried to accountadmin a restricted address, got blocked.
- Tried to accountadmin a valid address, worked fine.
- Tried to add a restricted address, blocked.
- Tried to add a valid address, worked fine.
- Created a user with People with an invalid address, got blocked.
- Created a user with People with a valid address, worked fine.
Reviewers: btrahan, csilvers
Reviewed By: csilvers
CC: aran, joe, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2581
2012-05-26 15:04:35 +02:00
|
|
|
return $this->delegateToController($login_controller);
|
|
|
|
|
}
|
|
|
|
|
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
if ($this->shouldRequireEmailVerification()) {
|
|
|
|
|
$email = $user->loadPrimaryEmail();
|
|
|
|
|
if (!$email) {
|
|
|
|
|
throw new Exception(
|
|
|
|
|
"No primary email address associated with this account!");
|
|
|
|
|
}
|
|
|
|
|
if (!$email->getIsVerified()) {
|
2012-05-31 01:38:53 +02:00
|
|
|
$verify_controller = new PhabricatorMustVerifyEmailController($request);
|
Allow installs to require email verification
Summary:
Allow installs to require users to verify email addresses before they can use Phabricator. If a user logs in without a verified email address, they're given instructions to verify their address.
This isn't too useful on its own since we don't actually have arbitrary email registration, but the next step is to allow installs to restrict email to only some domains (e.g., @mycompany.com).
Test Plan:
- Verification
- Set verification requirement to `true`.
- Tried to use Phabricator with an unverified account, was told to verify.
- Tried to use Conduit, was given a verification error.
- Verified account, used Phabricator.
- Unverified account, reset password, verified implicit verification, used Phabricator.
- People Admin Interface
- Viewed as admin. Clicked "Administrate User".
- Viewed as non-admin
- Sanity Checks
- Used Conduit normally from web/CLI with a verified account.
- Logged in/out.
- Sent password reset email.
- Created a new user.
- Logged in with an unverified user but with the configuration set to off.
Reviewers: btrahan, vrana, jungejason
Reviewed By: btrahan
CC: aran, csilvers
Maniphest Tasks: T1184
Differential Revision: https://secure.phabricator.com/D2520
2012-05-21 21:47:38 +02:00
|
|
|
return $this->delegateToController($verify_controller);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-12 19:06:54 +02:00
|
|
|
if ($this->shouldRequireAdmin() && !$user->getIsAdmin()) {
|
2012-01-15 10:07:56 +01:00
|
|
|
return new Aphront403Response();
|
2011-05-12 19:06:54 +02:00
|
|
|
}
|
|
|
|
|
|
If a user can't see an application, prevent them from using its controllers
Summary:
Ref T603. Broadly, this allows you to implement a policy like "Only users in Engineering can use Differential."
This isn't complete, and there will be a long tail of special cases to deal with. Some examples:
- If you can't use Differential, should you still be able to attach/detach revisions from tasks?
- You currently will be able to.
- This actually seems pretty reasonable.
- But in other cases it might not be: the "send user a message" action should probably require access to Conpherence.
- If you can't use Differential, should you still be able to see feed stories about it?
- You currently will be able to, if you can see the revisions.
- This seems not-so-reasonable and we should probably lock it down.
- If you can't use Differential, can users CC you on revisions?
- Currently, they can, and you can't do anything about it.
- Probably they shouldn't be able to? This seems challenging to explain in the UI.
- If you can't use Differential, can you write a Herald rule against it?
- You currently will be able to.
- Seems like you obviously shouldn't be able to.
- I think this is a general issue right now (you can still write Differential herald rules even if you uninstall the application, I believe).
There are probably a few more things I haven't thought of. However, there are a finite number of these things and I suspect there aren't //too/ many more than this -- I can't come up with like 100 of them, and half of the ones above have easy fixes.
Despite the rough edges, I think this accomplishes 95% of what installs expect from it.
Test Plan: Restricted Differential and saw it vanish from the home page.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T603
Differential Revision: https://secure.phabricator.com/D7203
2013-10-03 21:39:41 +02:00
|
|
|
// If the user doesn't have access to the application, don't let them use
|
|
|
|
|
// any of its controllers. We query the application in order to generate
|
|
|
|
|
// a policy exception if the viewer doesn't have permission.
|
|
|
|
|
$application = $this->getCurrentApplication();
|
|
|
|
|
if ($application) {
|
2013-10-03 23:38:08 +02:00
|
|
|
/*
|
|
|
|
|
|
|
|
|
|
TODO: Reenable this, but it's breaking some applications which need public
|
|
|
|
|
access in all cases, like Files and Conduit.
|
|
|
|
|
|
If a user can't see an application, prevent them from using its controllers
Summary:
Ref T603. Broadly, this allows you to implement a policy like "Only users in Engineering can use Differential."
This isn't complete, and there will be a long tail of special cases to deal with. Some examples:
- If you can't use Differential, should you still be able to attach/detach revisions from tasks?
- You currently will be able to.
- This actually seems pretty reasonable.
- But in other cases it might not be: the "send user a message" action should probably require access to Conpherence.
- If you can't use Differential, should you still be able to see feed stories about it?
- You currently will be able to, if you can see the revisions.
- This seems not-so-reasonable and we should probably lock it down.
- If you can't use Differential, can users CC you on revisions?
- Currently, they can, and you can't do anything about it.
- Probably they shouldn't be able to? This seems challenging to explain in the UI.
- If you can't use Differential, can you write a Herald rule against it?
- You currently will be able to.
- Seems like you obviously shouldn't be able to.
- I think this is a general issue right now (you can still write Differential herald rules even if you uninstall the application, I believe).
There are probably a few more things I haven't thought of. However, there are a finite number of these things and I suspect there aren't //too/ many more than this -- I can't come up with like 100 of them, and half of the ones above have easy fixes.
Despite the rough edges, I think this accomplishes 95% of what installs expect from it.
Test Plan: Restricted Differential and saw it vanish from the home page.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T603
Differential Revision: https://secure.phabricator.com/D7203
2013-10-03 21:39:41 +02:00
|
|
|
id(new PhabricatorApplicationQuery())
|
|
|
|
|
->setViewer($user)
|
|
|
|
|
->withPHIDs(array($application->getPHID()))
|
|
|
|
|
->executeOne();
|
2013-10-03 23:38:08 +02:00
|
|
|
*/
|
If a user can't see an application, prevent them from using its controllers
Summary:
Ref T603. Broadly, this allows you to implement a policy like "Only users in Engineering can use Differential."
This isn't complete, and there will be a long tail of special cases to deal with. Some examples:
- If you can't use Differential, should you still be able to attach/detach revisions from tasks?
- You currently will be able to.
- This actually seems pretty reasonable.
- But in other cases it might not be: the "send user a message" action should probably require access to Conpherence.
- If you can't use Differential, should you still be able to see feed stories about it?
- You currently will be able to, if you can see the revisions.
- This seems not-so-reasonable and we should probably lock it down.
- If you can't use Differential, can users CC you on revisions?
- Currently, they can, and you can't do anything about it.
- Probably they shouldn't be able to? This seems challenging to explain in the UI.
- If you can't use Differential, can you write a Herald rule against it?
- You currently will be able to.
- Seems like you obviously shouldn't be able to.
- I think this is a general issue right now (you can still write Differential herald rules even if you uninstall the application, I believe).
There are probably a few more things I haven't thought of. However, there are a finite number of these things and I suspect there aren't //too/ many more than this -- I can't come up with like 100 of them, and half of the ones above have easy fixes.
Despite the rough edges, I think this accomplishes 95% of what installs expect from it.
Test Plan: Restricted Differential and saw it vanish from the home page.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Maniphest Tasks: T603
Differential Revision: https://secure.phabricator.com/D7203
2013-10-03 21:39:41 +02:00
|
|
|
}
|
|
|
|
|
|
2011-01-26 22:21:12 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function buildStandardPageView() {
|
|
|
|
|
$view = new PhabricatorStandardPageView();
|
|
|
|
|
$view->setRequest($this->getRequest());
|
2012-08-05 23:12:43 +02:00
|
|
|
$view->setController($this);
|
2011-01-26 22:21:12 +01:00
|
|
|
return $view;
|
|
|
|
|
}
|
|
|
|
|
|
2011-02-03 07:38:42 +01:00
|
|
|
public function buildStandardPageResponse($view, array $data) {
|
2011-01-26 22:21:12 +01:00
|
|
|
$page = $this->buildStandardPageView();
|
2011-01-23 02:48:55 +01:00
|
|
|
$page->appendChild($view);
|
|
|
|
|
$response = new AphrontWebpageResponse();
|
|
|
|
|
$response->setContent($page->render());
|
|
|
|
|
return $response;
|
2011-01-16 22:51:39 +01:00
|
|
|
}
|
|
|
|
|
|
2012-08-13 04:19:46 +02:00
|
|
|
public function getApplicationURI($path = '') {
|
|
|
|
|
if (!$this->getCurrentApplication()) {
|
|
|
|
|
throw new Exception("No application!");
|
|
|
|
|
}
|
2013-05-31 01:37:51 +02:00
|
|
|
return $this->getCurrentApplication()->getApplicationURI($path);
|
2012-08-13 04:19:46 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function buildApplicationPage($view, array $options) {
|
|
|
|
|
$page = $this->buildStandardPageView();
|
|
|
|
|
|
2013-03-30 20:46:03 +01:00
|
|
|
$title = PhabricatorEnv::getEnvConfig('phabricator.serious-business') ?
|
|
|
|
|
'Phabricator' :
|
|
|
|
|
pht('Bacon Ice Cream for Breakfast');
|
|
|
|
|
|
2012-08-13 04:19:46 +02:00
|
|
|
$application = $this->getCurrentApplication();
|
2013-03-30 20:46:03 +01:00
|
|
|
$page->setTitle(idx($options, 'title', $title));
|
2012-08-13 04:19:46 +02:00
|
|
|
if ($application) {
|
|
|
|
|
$page->setApplicationName($application->getName());
|
|
|
|
|
if ($application->getTitleGlyph()) {
|
|
|
|
|
$page->setGlyph($application->getTitleGlyph());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!($view instanceof AphrontSideNavFilterView)) {
|
|
|
|
|
$nav = new AphrontSideNavFilterView();
|
|
|
|
|
$nav->appendChild($view);
|
|
|
|
|
$view = $nav;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-19 16:51:31 +02:00
|
|
|
$user = $this->getRequest()->getUser();
|
|
|
|
|
$view->setUser($user);
|
2012-08-13 21:37:06 +02:00
|
|
|
|
2012-08-13 04:19:46 +02:00
|
|
|
$page->appendChild($view);
|
|
|
|
|
|
2013-05-19 16:51:31 +02:00
|
|
|
$object_phids = idx($options, 'pageObjects', array());
|
|
|
|
|
if ($object_phids) {
|
|
|
|
|
$page->appendPageObjects($object_phids);
|
|
|
|
|
foreach ($object_phids as $object_phid) {
|
|
|
|
|
PhabricatorFeedStoryNotification::updateObjectNotificationViews(
|
|
|
|
|
$user,
|
|
|
|
|
$object_phid);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-15 19:45:06 +02:00
|
|
|
if (idx($options, 'device')) {
|
|
|
|
|
$page->setDeviceReady(true);
|
|
|
|
|
}
|
|
|
|
|
|
2013-02-25 21:48:55 +01:00
|
|
|
$page->setShowChrome(idx($options, 'chrome', true));
|
|
|
|
|
|
2012-12-07 22:34:44 +01:00
|
|
|
$application_menu = $this->buildApplicationMenu();
|
|
|
|
|
if ($application_menu) {
|
|
|
|
|
$page->setApplicationMenu($application_menu);
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-13 04:19:46 +02:00
|
|
|
$response = new AphrontWebpageResponse();
|
|
|
|
|
return $response->setContent($page->render());
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-05 23:12:43 +02:00
|
|
|
public function didProcessRequest($response) {
|
|
|
|
|
$request = $this->getRequest();
|
|
|
|
|
$response->setRequest($request);
|
2012-12-12 02:27:25 +01:00
|
|
|
|
|
|
|
|
$seen = array();
|
|
|
|
|
while ($response instanceof AphrontProxyResponse) {
|
|
|
|
|
|
|
|
|
|
$hash = spl_object_hash($response);
|
|
|
|
|
if (isset($seen[$hash])) {
|
|
|
|
|
$seen[] = get_class($response);
|
|
|
|
|
throw new Exception(
|
|
|
|
|
"Cycle while reducing proxy responses: ".
|
|
|
|
|
implode(' -> ', $seen));
|
|
|
|
|
}
|
|
|
|
|
$seen[$hash] = get_class($response);
|
|
|
|
|
|
|
|
|
|
$response = $response->reduceProxyResponse();
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-05 23:12:43 +02:00
|
|
|
if ($response instanceof AphrontDialogResponse) {
|
|
|
|
|
if (!$request->isAjax()) {
|
|
|
|
|
$view = new PhabricatorStandardPageView();
|
|
|
|
|
$view->setRequest($request);
|
|
|
|
|
$view->setController($this);
|
2013-02-13 23:50:15 +01:00
|
|
|
$view->appendChild(hsprintf(
|
|
|
|
|
'<div style="padding: 2em 0;">%s</div>',
|
|
|
|
|
$response->buildResponseString()));
|
2012-08-05 23:12:43 +02:00
|
|
|
$response = new AphrontWebpageResponse();
|
|
|
|
|
$response->setContent($view->render());
|
|
|
|
|
return $response;
|
|
|
|
|
} else {
|
2013-06-17 01:31:14 +02:00
|
|
|
$response->getDialog()->setIsStandalone(true);
|
|
|
|
|
|
2012-08-05 23:12:43 +02:00
|
|
|
return id(new AphrontAjaxResponse())
|
|
|
|
|
->setContent(array(
|
|
|
|
|
'dialog' => $response->buildResponseString(),
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
} else if ($response instanceof AphrontRedirectResponse) {
|
|
|
|
|
if ($request->isAjax()) {
|
|
|
|
|
return id(new AphrontAjaxResponse())
|
|
|
|
|
->setContent(
|
|
|
|
|
array(
|
|
|
|
|
'redirect' => $response->getURI(),
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-15 19:45:06 +02:00
|
|
|
protected function getHandle($phid) {
|
|
|
|
|
if (empty($this->handles[$phid])) {
|
|
|
|
|
throw new Exception(
|
|
|
|
|
"Attempting to access handle which wasn't loaded: {$phid}");
|
|
|
|
|
}
|
|
|
|
|
return $this->handles[$phid];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected function loadHandles(array $phids) {
|
|
|
|
|
$phids = array_filter($phids);
|
2012-09-05 04:02:56 +02:00
|
|
|
$this->handles = $this->loadViewerHandles($phids);
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2012-11-07 00:35:26 +01:00
|
|
|
protected function getLoadedHandles() {
|
|
|
|
|
return $this->handles;
|
|
|
|
|
}
|
|
|
|
|
|
2012-09-05 04:02:56 +02:00
|
|
|
protected function loadViewerHandles(array $phids) {
|
2013-09-11 21:27:28 +02:00
|
|
|
return id(new PhabricatorHandleQuery())
|
2012-08-15 19:45:06 +02:00
|
|
|
->setViewer($this->getRequest()->getUser())
|
2013-09-11 21:27:28 +02:00
|
|
|
->withPHIDs($phids)
|
|
|
|
|
->execute();
|
2012-08-15 19:45:06 +02:00
|
|
|
}
|
2012-08-15 22:45:53 +02:00
|
|
|
|
2012-12-12 02:15:59 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Render a list of links to handles, identified by PHIDs. The handles must
|
|
|
|
|
* already be loaded.
|
|
|
|
|
*
|
|
|
|
|
* @param list<phid> List of PHIDs to render links to.
|
|
|
|
|
* @param string Style, one of "\n" (to put each item on its own line)
|
|
|
|
|
* or "," (to list items inline, separated by commas).
|
|
|
|
|
* @return string Rendered list of handle links.
|
|
|
|
|
*/
|
|
|
|
|
protected function renderHandlesForPHIDs(array $phids, $style = "\n") {
|
|
|
|
|
$style_map = array(
|
2013-02-06 00:14:18 +01:00
|
|
|
"\n" => phutil_tag('br'),
|
2012-12-12 02:15:59 +01:00
|
|
|
',' => ', ',
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (empty($style_map[$style])) {
|
|
|
|
|
throw new Exception("Unknown handle list style '{$style}'!");
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-06 02:01:35 +02:00
|
|
|
return implode_selected_handle_links($style_map[$style],
|
|
|
|
|
$this->getLoadedHandles(),
|
|
|
|
|
$phids);
|
2012-08-15 22:45:53 +02:00
|
|
|
}
|
|
|
|
|
|
2012-12-07 22:34:44 +01:00
|
|
|
protected function buildApplicationMenu() {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-07 22:35:17 +01:00
|
|
|
protected function buildApplicationCrumbs() {
|
|
|
|
|
|
|
|
|
|
$crumbs = array();
|
|
|
|
|
|
|
|
|
|
$application = $this->getCurrentApplication();
|
|
|
|
|
if ($application) {
|
Use application icons for "Eye" menu and Crumbs
Summary:
Issues here:
- Need an application-sized "eye", or a "home" icon for "Phabricator Home".
- Some of the "apps_lb_2x" sliced images are the "_dark_" versions, not the light versions.
- If you slice an application-sized "logout" (power off) icon and application-sized "help" (questionmark in circle) icon I can replace the current menu icons and nearly get rid of "autosprite".
- To replace the icons on /applications/, the non-retina size is "4x", so we'd need "8x" for retina. Alternatively I can reduce the icon sizes by 50%.
- The "Help", "Settings" and "Logout" items currently have a "glowing" hover state, which needs a variant (or we can drop it).
- The /applications/ icons have a white hover state (or we can drop it).
- The 1x application (14x14) icons aren't used anywhere right now, should they be? Maybe in the feed in the future, etc?
- The "apps-2x" and "apps-large" sheets are the same image, but getting them to actually use the same file is a bit tricky, so I just left them separate for now.
Test Plan:
{F26698}
{F26699}
Reviewers: chad
Reviewed By: chad
CC: aran
Maniphest Tasks: T1960
Differential Revision: https://secure.phabricator.com/D4108
2012-12-07 22:37:28 +01:00
|
|
|
$sprite = $application->getIconName();
|
2012-12-07 22:35:17 +01:00
|
|
|
if (!$sprite) {
|
Use application icons for "Eye" menu and Crumbs
Summary:
Issues here:
- Need an application-sized "eye", or a "home" icon for "Phabricator Home".
- Some of the "apps_lb_2x" sliced images are the "_dark_" versions, not the light versions.
- If you slice an application-sized "logout" (power off) icon and application-sized "help" (questionmark in circle) icon I can replace the current menu icons and nearly get rid of "autosprite".
- To replace the icons on /applications/, the non-retina size is "4x", so we'd need "8x" for retina. Alternatively I can reduce the icon sizes by 50%.
- The "Help", "Settings" and "Logout" items currently have a "glowing" hover state, which needs a variant (or we can drop it).
- The /applications/ icons have a white hover state (or we can drop it).
- The 1x application (14x14) icons aren't used anywhere right now, should they be? Maybe in the feed in the future, etc?
- The "apps-2x" and "apps-large" sheets are the same image, but getting them to actually use the same file is a bit tricky, so I just left them separate for now.
Test Plan:
{F26698}
{F26699}
Reviewers: chad
Reviewed By: chad
CC: aran
Maniphest Tasks: T1960
Differential Revision: https://secure.phabricator.com/D4108
2012-12-07 22:37:28 +01:00
|
|
|
$sprite = 'application';
|
2012-12-07 22:35:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$crumbs[] = id(new PhabricatorCrumbView())
|
|
|
|
|
->setHref($this->getApplicationURI())
|
Use application icons for "Eye" menu and Crumbs
Summary:
Issues here:
- Need an application-sized "eye", or a "home" icon for "Phabricator Home".
- Some of the "apps_lb_2x" sliced images are the "_dark_" versions, not the light versions.
- If you slice an application-sized "logout" (power off) icon and application-sized "help" (questionmark in circle) icon I can replace the current menu icons and nearly get rid of "autosprite".
- To replace the icons on /applications/, the non-retina size is "4x", so we'd need "8x" for retina. Alternatively I can reduce the icon sizes by 50%.
- The "Help", "Settings" and "Logout" items currently have a "glowing" hover state, which needs a variant (or we can drop it).
- The /applications/ icons have a white hover state (or we can drop it).
- The 1x application (14x14) icons aren't used anywhere right now, should they be? Maybe in the feed in the future, etc?
- The "apps-2x" and "apps-large" sheets are the same image, but getting them to actually use the same file is a bit tricky, so I just left them separate for now.
Test Plan:
{F26698}
{F26699}
Reviewers: chad
Reviewed By: chad
CC: aran
Maniphest Tasks: T1960
Differential Revision: https://secure.phabricator.com/D4108
2012-12-07 22:37:28 +01:00
|
|
|
->setIcon($sprite);
|
2012-12-07 22:35:17 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$view = new PhabricatorCrumbsView();
|
|
|
|
|
foreach ($crumbs as $crumb) {
|
|
|
|
|
$view->addCrumb($crumb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $view;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-16 22:51:39 +01:00
|
|
|
}
|
