phorge-phorge/src/applications/auth/query/PhabricatorAuthSessionQuery.php

<?php

final class PhabricatorAuthSessionQuery
  extends PhabricatorCursorPagedPolicyAwareQuery {

  private $identityPHIDs;
  private $sessionKeys;
  private $sessionTypes;

  public function withIdentityPHIDs(array $identity_phids) {
    $this->identityPHIDs = $identity_phids;
    return $this;
  }

  public function withSessionKeys(array $keys) {
    $this->sessionKeys = $keys;
    return $this;
  }

  public function withSessionTypes(array $types) {
    $this->sessionTypes = $types;
    return $this;
  }

  protected function loadPage() {
    $table = new PhabricatorAuthSession();
    $conn_r = $table->establishConnection('r');

    $data = queryfx_all(
      $conn_r,
      'SELECT * FROM %T %Q %Q %Q',
      $table->getTableName(),
      $this->buildWhereClause($conn_r),
      $this->buildOrderClause($conn_r),
      $this->buildLimitClause($conn_r));

    return $table->loadAllFromArray($data);
  }

  protected function willFilterPage(array $sessions) {
    $identity_phids = mpull($sessions, 'getUserPHID');

    $identity_objects = id(new PhabricatorObjectQuery())
      ->setViewer($this->getViewer())
      ->setParentQuery($this)
      ->withPHIDs($identity_phids)
      ->execute();
    $identity_objects = mpull($identity_objects, null, 'getPHID');

    foreach ($sessions as $key => $session) {
      $identity_object = idx($identity_objects, $session->getUserPHID());
      if (!$identity_object) {
        unset($sessions[$key]);
      } else {
        $session->attachIdentityObject($identity_object);
      }
    }

    return $sessions;
  }

  protected function buildWhereClause(AphrontDatabaseConnection $conn_r) {
    $where = array();

    if ($this->identityPHIDs) {
      $where[] = qsprintf(
        $conn_r,
        'userPHID IN (%Ls)',
        $this->identityPHIDs);
    }

    if ($this->sessionKeys) {
      $hashes = array();
      foreach ($this->sessionKeys as $session_key) {
        $hashes[] = PhabricatorHash::digest($session_key);
      }
      $where[] = qsprintf(
        $conn_r,
        'sessionKey IN (%Ls)',
        $hashes);
    }

    if ($this->sessionTypes) {
      $where[] = qsprintf(
        $conn_r,
        'type IN (%Ls)',
        $this->sessionTypes);
    }

    $where[] = $this->buildPagingClause($conn_r);

    return $this->formatWhereClause($where);
  }

  public function getQueryApplicationClass() {
    return 'PhabricatorApplicationAuth';
  }

}
Add an "active login sessions" table to Settings Summary: Ref T4310. Ref T3720. Partly, this makes it easier for users to understand login sessions. Partly, it makes it easier for me to make changes to login sessions for T4310 / T3720 without messing anything up. Test Plan: {F101512} Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T3720, T4310 Differential Revision: https://secure.phabricator.com/D7954 2014-01-14 20:05:45 +01:00			`<?php`

			`final class PhabricatorAuthSessionQuery`
			`extends PhabricatorCursorPagedPolicyAwareQuery {`

			`private $identityPHIDs;`
Separate session management from PhabricatorUser Summary: Ref T4310. Ref T3720. Session operations are currently part of PhabricatorUser. This is more tightly coupled than needbe, and makes it difficult to establish login sessions for non-users. Move all the session management code to a `SessionEngine`. Test Plan: - Viewed sessions. - Regenerated Conduit certificate. - Verified Conduit sessions were destroyed. - Logged out. - Logged in. - Ran conduit commands. - Viewed sessions again. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4310, T3720 Differential Revision: https://secure.phabricator.com/D7962 2014-01-14 22:22:27 +01:00			`private $sessionKeys;`
			`private $sessionTypes;`
Add an "active login sessions" table to Settings Summary: Ref T4310. Ref T3720. Partly, this makes it easier for users to understand login sessions. Partly, it makes it easier for me to make changes to login sessions for T4310 / T3720 without messing anything up. Test Plan: {F101512} Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T3720, T4310 Differential Revision: https://secure.phabricator.com/D7954 2014-01-14 20:05:45 +01:00
			`public function withIdentityPHIDs(array $identity_phids) {`
			`$this->identityPHIDs = $identity_phids;`
			`return $this;`
			`}`

Separate session management from PhabricatorUser Summary: Ref T4310. Ref T3720. Session operations are currently part of PhabricatorUser. This is more tightly coupled than needbe, and makes it difficult to establish login sessions for non-users. Move all the session management code to a `SessionEngine`. Test Plan: - Viewed sessions. - Regenerated Conduit certificate. - Verified Conduit sessions were destroyed. - Logged out. - Logged in. - Ran conduit commands. - Viewed sessions again. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4310, T3720 Differential Revision: https://secure.phabricator.com/D7962 2014-01-14 22:22:27 +01:00			`public function withSessionKeys(array $keys) {`
			`$this->sessionKeys = $keys;`
			`return $this;`
			`}`

			`public function withSessionTypes(array $types) {`
			`$this->sessionTypes = $types;`
			`return $this;`
			`}`

Add an "active login sessions" table to Settings Summary: Ref T4310. Ref T3720. Partly, this makes it easier for users to understand login sessions. Partly, it makes it easier for me to make changes to login sessions for T4310 / T3720 without messing anything up. Test Plan: {F101512} Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T3720, T4310 Differential Revision: https://secure.phabricator.com/D7954 2014-01-14 20:05:45 +01:00			`protected function loadPage() {`
			`$table = new PhabricatorAuthSession();`
			`$conn_r = $table->establishConnection('r');`

			`$data = queryfx_all(`
			`$conn_r,`
			`'SELECT * FROM %T %Q %Q %Q',`
			`$table->getTableName(),`
			`$this->buildWhereClause($conn_r),`
			`$this->buildOrderClause($conn_r),`
			`$this->buildLimitClause($conn_r));`

			`return $table->loadAllFromArray($data);`
			`}`

			`protected function willFilterPage(array $sessions) {`
			`$identity_phids = mpull($sessions, 'getUserPHID');`

			`$identity_objects = id(new PhabricatorObjectQuery())`
			`->setViewer($this->getViewer())`
			`->setParentQuery($this)`
			`->withPHIDs($identity_phids)`
			`->execute();`
			`$identity_objects = mpull($identity_objects, null, 'getPHID');`

			`foreach ($sessions as $key => $session) {`
			`$identity_object = idx($identity_objects, $session->getUserPHID());`
			`if (!$identity_object) {`
			`unset($sessions[$key]);`
			`} else {`
			`$session->attachIdentityObject($identity_object);`
			`}`
			`}`

			`return $sessions;`
			`}`

			`protected function buildWhereClause(AphrontDatabaseConnection $conn_r) {`
			`$where = array();`

			`if ($this->identityPHIDs) {`
			`$where[] = qsprintf(`
			`$conn_r,`
			`'userPHID IN (%Ls)',`
			`$this->identityPHIDs);`
			`}`

Separate session management from PhabricatorUser Summary: Ref T4310. Ref T3720. Session operations are currently part of PhabricatorUser. This is more tightly coupled than needbe, and makes it difficult to establish login sessions for non-users. Move all the session management code to a `SessionEngine`. Test Plan: - Viewed sessions. - Regenerated Conduit certificate. - Verified Conduit sessions were destroyed. - Logged out. - Logged in. - Ran conduit commands. - Viewed sessions again. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4310, T3720 Differential Revision: https://secure.phabricator.com/D7962 2014-01-14 22:22:27 +01:00			`if ($this->sessionKeys) {`
			`$hashes = array();`
			`foreach ($this->sessionKeys as $session_key) {`
			`$hashes[] = PhabricatorHash::digest($session_key);`
			`}`
			`$where[] = qsprintf(`
			`$conn_r,`
			`'sessionKey IN (%Ls)',`
			`$hashes);`
			`}`

			`if ($this->sessionTypes) {`
Remove session limits and sequencing Summary: Ref T4310. Fixes T3720. This change: - Removes concurrent session limits. Instead, unused sessions are GC'd after a while. - Collapses all existing "web-1", "web-2", etc., sessions into "web" sessions. - Dramatically simplifies the code for establishing a session (like omg). Test Plan: Ran migration, checked Sessions panel and database for sanity. Used existing session. Logged out, logged in. Ran Conduit commands. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4310, T3720 Differential Revision: https://secure.phabricator.com/D7978 2014-01-16 02:27:59 +01:00			`$where[] = qsprintf(`
			`$conn_r,`
			`'type IN (%Ls)',`
			`$this->sessionTypes);`
Separate session management from PhabricatorUser Summary: Ref T4310. Ref T3720. Session operations are currently part of PhabricatorUser. This is more tightly coupled than needbe, and makes it difficult to establish login sessions for non-users. Move all the session management code to a `SessionEngine`. Test Plan: - Viewed sessions. - Regenerated Conduit certificate. - Verified Conduit sessions were destroyed. - Logged out. - Logged in. - Ran conduit commands. - Viewed sessions again. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4310, T3720 Differential Revision: https://secure.phabricator.com/D7962 2014-01-14 22:22:27 +01:00			`}`

Add an "active login sessions" table to Settings Summary: Ref T4310. Ref T3720. Partly, this makes it easier for users to understand login sessions. Partly, it makes it easier for me to make changes to login sessions for T4310 / T3720 without messing anything up. Test Plan: {F101512} Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T3720, T4310 Differential Revision: https://secure.phabricator.com/D7954 2014-01-14 20:05:45 +01:00			`$where[] = $this->buildPagingClause($conn_r);`

			`return $this->formatWhereClause($where);`
			`}`

			`public function getQueryApplicationClass() {`
			`return 'PhabricatorApplicationAuth';`
			`}`

			`}`