phorge-phorge/src/applications/legalpad/controller/LegalpadDocumentSignatureVerificationController.php

<?php

final class LegalpadDocumentSignatureVerificationController
extends LegalpadController {

  private $code;

  public function willProcessRequest(array $data) {
    $this->code = $data['code'];
  }

  public function shouldRequireEmailVerification() {
    return false;
  }

  public function shouldRequireLogin() {
    return false;
  }

  public function processRequest() {
    $request = $this->getRequest();
    $user = $request->getUser();

    // this page can be accessed by not logged in users to valid their
    // signatures. use the omnipotent user for these cases.
    if (!$user->isLoggedIn()) {
      $viewer = PhabricatorUser::getOmnipotentUser();
    } else {
      $viewer = $user;
    }

    $signature = id(new LegalpadDocumentSignatureQuery())
      ->setViewer($viewer)
      ->withSecretKeys(array($this->code))
      ->executeOne();

    if (!$signature) {
      $title = pht('Unable to Verify Signature');
      $content = pht(
        'The verification code you provided is incorrect or the signature '.
        'has been removed. '.
        'Make sure you followed the link in the email correctly.');
      $uri = $this->getApplicationURI();
      $continue = pht('Rats!');
    } else {
      $document = id(new LegalpadDocumentQuery())
        ->setViewer($user)
        ->withPHIDs(array($signature->getDocumentPHID()))
        ->executeOne();
      // the document could be deleted or have its permissions changed
      // 4oh4 time
      if (!$document) {
        return new Aphront404Response();
      }
      $uri = '/'.$document->getMonogram();
      if ($signature->isVerified()) {
        $title = pht('Signature Already Verified');
        $content = pht(
          'This signature has already been verified.');
        $continue = pht('Continue to Legalpad Document');
      } else {
        $guard = AphrontWriteGuard::beginScopedUnguardedWrites();
          $signature
            ->setVerified(LegalpadDocumentSignature::VERIFIED)
            ->save();
        unset($guard);
        $title = pht('Signature Verified');
        $content = pht('The signature is now verified.');
        $continue = pht('Continue to Legalpad Document');
      }
    }

    $dialog = id(new AphrontDialogView())
      ->setUser($user)
      ->setTitle($title)
      ->setMethod('GET')
      ->addCancelButton($uri, $continue)
      ->appendChild($content);

    $crumbs = $this->buildApplicationCrumbs();
    $crumbs->addTextCrumb(pht('Verify Signature'));

    return $this->buildApplicationPage(
      array(
        $crumbs,
        $dialog,
      ),
      array(
        'title' => pht('Verify Signature'),
      ));
  }

}
Legalpad - make it work for not logged in users Summary: Adds "verified" and "secretKey" to Legalpad document signatures. For logged in users using an email address they own, things are verified right away. Otherwise, the email is sent a verification letter. When the user clicks the link the signature is marked verified. Test Plan: signed the document with a bogus email address not logged in. verified the email that would be sent looked good from command line. followed link and successfully verified bogus email address Reviewers: epriestley Reviewed By: epriestley CC: Korvin, epriestley, aran, asherkin Maniphest Tasks: T4283 Differential Revision: https://secure.phabricator.com/D7930 2014-01-15 02:17:18 +01:00			`<?php`

			`final class LegalpadDocumentSignatureVerificationController`
			`extends LegalpadController {`

			`private $code;`

			`public function willProcessRequest(array $data) {`
			`$this->code = $data['code'];`
			`}`

			`public function shouldRequireEmailVerification() {`
			`return false;`
			`}`

			`public function shouldRequireLogin() {`
			`return false;`
			`}`

			`public function processRequest() {`
			`$request = $this->getRequest();`
			`$user = $request->getUser();`

Legalpad - add a view signatures page Summary: ...needs to add a LegalpadDocumentSignatureQuery class to get this done, which is also re-deployed everywhere we were issuing raw queries. Ref T3116. Test Plan: viewed some signatures. Verified color and footer icons showed up how I wanted them to. Reviewers: epriestley Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T3116 Differential Revision: https://secure.phabricator.com/D7986 2014-01-17 20:40:26 +01:00			`// this page can be accessed by not logged in users to valid their`
			`// signatures. use the omnipotent user for these cases.`
			`if (!$user->isLoggedIn()) {`
			`$viewer = PhabricatorUser::getOmnipotentUser();`
			`} else {`
			`$viewer = $user;`
			`}`

			`$signature = id(new LegalpadDocumentSignatureQuery())`
			`->setViewer($viewer)`
			`->withSecretKeys(array($this->code))`
			`->executeOne();`
Legalpad - make it work for not logged in users Summary: Adds "verified" and "secretKey" to Legalpad document signatures. For logged in users using an email address they own, things are verified right away. Otherwise, the email is sent a verification letter. When the user clicks the link the signature is marked verified. Test Plan: signed the document with a bogus email address not logged in. verified the email that would be sent looked good from command line. followed link and successfully verified bogus email address Reviewers: epriestley Reviewed By: epriestley CC: Korvin, epriestley, aran, asherkin Maniphest Tasks: T4283 Differential Revision: https://secure.phabricator.com/D7930 2014-01-15 02:17:18 +01:00
			`if (!$signature) {`
			`$title = pht('Unable to Verify Signature');`
			`$content = pht(`
			`'The verification code you provided is incorrect or the signature '.`
			`'has been removed. '.`
			`'Make sure you followed the link in the email correctly.');`
			`$uri = $this->getApplicationURI();`
			`$continue = pht('Rats!');`
			`} else {`
			`$document = id(new LegalpadDocumentQuery())`
			`->setViewer($user)`
			`->withPHIDs(array($signature->getDocumentPHID()))`
			`->executeOne();`
			`// the document could be deleted or have its permissions changed`
			`// 4oh4 time`
			`if (!$document) {`
			`return new Aphront404Response();`
			`}`
			`$uri = '/'.$document->getMonogram();`
			`if ($signature->isVerified()) {`
			`$title = pht('Signature Already Verified');`
			`$content = pht(`
			`'This signature has already been verified.');`
			`$continue = pht('Continue to Legalpad Document');`
			`} else {`
			`$guard = AphrontWriteGuard::beginScopedUnguardedWrites();`
			`$signature`
			`->setVerified(LegalpadDocumentSignature::VERIFIED)`
			`->save();`
			`unset($guard);`
			`$title = pht('Signature Verified');`
			`$content = pht('The signature is now verified.');`
			`$continue = pht('Continue to Legalpad Document');`
			`}`
			`}`

			`$dialog = id(new AphrontDialogView())`
			`->setUser($user)`
			`->setTitle($title)`
			`->setMethod('GET')`
			`->addCancelButton($uri, $continue)`
			`->appendChild($content);`

			`$crumbs = $this->buildApplicationCrumbs();`
			`$crumbs->addTextCrumb(pht('Verify Signature'));`

			`return $this->buildApplicationPage(`
			`array(`
			`$crumbs,`
			`$dialog,`
			`),`
			`array(`
			`'title' => pht('Verify Signature'),`
			`));`
			`}`

			`}`