2013-04-26 09:07:38 -07:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
final class ReleephRequestQuery
|
|
|
|
|
extends PhabricatorCursorPagedPolicyAwareQuery {
|
|
|
|
|
|
|
|
|
|
private $requestedCommitPHIDs;
|
|
|
|
|
private $commitToRevMap;
|
2013-05-17 03:47:46 -07:00
|
|
|
private $ids;
|
2013-07-21 08:41:38 -07:00
|
|
|
private $phids;
|
2013-08-14 15:38:52 -07:00
|
|
|
private $severities;
|
|
|
|
|
private $requestorPHIDs;
|
|
|
|
|
private $branchIDs;
|
2013-10-14 16:07:17 -07:00
|
|
|
private $revisionPHIDs;
|
2013-08-14 15:38:52 -07:00
|
|
|
|
|
|
|
|
const STATUS_ALL = 'status-all';
|
|
|
|
|
const STATUS_OPEN = 'status-open';
|
|
|
|
|
const STATUS_REQUESTED = 'status-requested';
|
|
|
|
|
const STATUS_NEEDS_PULL = 'status-needs-pull';
|
|
|
|
|
const STATUS_REJECTED = 'status-rejected';
|
|
|
|
|
const STATUS_ABANDONED = 'status-abandoned';
|
|
|
|
|
const STATUS_PULLED = 'status-pulled';
|
|
|
|
|
const STATUS_NEEDS_REVERT = 'status-needs-revert';
|
|
|
|
|
const STATUS_REVERTED = 'status-reverted';
|
|
|
|
|
|
|
|
|
|
private $status = self::STATUS_ALL;
|
2013-05-17 03:47:46 -07:00
|
|
|
|
|
|
|
|
public function withIDs(array $ids) {
|
|
|
|
|
$this->ids = $ids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
2013-04-26 09:07:38 -07:00
|
|
|
|
2013-07-21 08:41:38 -07:00
|
|
|
public function withPHIDs(array $phids) {
|
|
|
|
|
$this->phids = $phids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
public function withBranchIDs(array $branch_ids) {
|
|
|
|
|
$this->branchIDs = $branch_ids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
public function getRevisionPHID($commit_phid) {
|
|
|
|
|
if ($this->commitToRevMap) {
|
|
|
|
|
return idx($this->commitToRevMap, $commit_phid, null);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
public function withStatus($status) {
|
|
|
|
|
$this->status = $status;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
public function withRequestedCommitPHIDs(array $requested_commit_phids) {
|
|
|
|
|
$this->requestedCommitPHIDs = $requested_commit_phids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
public function withRequestorPHIDs(array $phids) {
|
|
|
|
|
$this->requestorPHIDs = $phids;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function withSeverities(array $severities) {
|
|
|
|
|
$this->severities = $severities;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
public function withRevisionPHIDs(array $revision_phids) {
|
2013-10-14 16:07:17 -07:00
|
|
|
$this->revisionPHIDs = $revision_phids;
|
|
|
|
|
return $this;
|
2013-04-26 09:07:38 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function loadPage() {
|
|
|
|
|
$table = new ReleephRequest();
|
|
|
|
|
$conn_r = $table->establishConnection('r');
|
|
|
|
|
|
|
|
|
|
$data = queryfx_all(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'SELECT * FROM %T %Q %Q %Q',
|
|
|
|
|
$table->getTableName(),
|
|
|
|
|
$this->buildWhereClause($conn_r),
|
|
|
|
|
$this->buildOrderClause($conn_r),
|
|
|
|
|
$this->buildLimitClause($conn_r));
|
|
|
|
|
|
|
|
|
|
return $table->loadAllFromArray($data);
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
public function willFilterPage(array $requests) {
|
|
|
|
|
|
|
|
|
|
if ($this->severities) {
|
|
|
|
|
$severities = array_fuse($this->severities);
|
|
|
|
|
foreach ($requests as $key => $request) {
|
2013-08-28 13:06:29 -07:00
|
|
|
|
|
|
|
|
// NOTE: Facebook uses a custom field here.
|
|
|
|
|
if (ReleephDefaultFieldSelector::isFacebook()) {
|
|
|
|
|
$severity = $request->getDetail('severity');
|
|
|
|
|
} else {
|
|
|
|
|
$severity = $request->getDetail('releeph:severity');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (empty($severities[$severity])) {
|
2013-08-14 15:38:52 -07:00
|
|
|
unset($requests[$key]);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-04-14 12:06:56 -07:00
|
|
|
$branch_ids = array_unique(mpull($requests, 'getBranchID'));
|
|
|
|
|
$branches = id(new ReleephBranchQuery())
|
|
|
|
|
->withIDs($branch_ids)
|
|
|
|
|
->setViewer($this->getViewer())
|
|
|
|
|
->execute();
|
|
|
|
|
$branches = mpull($branches, null, 'getID');
|
|
|
|
|
foreach ($requests as $key => $request) {
|
|
|
|
|
$branch = idx($branches, $request->getBranchID());
|
|
|
|
|
if (!$branch) {
|
|
|
|
|
unset($requests[$key]);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
$request->attachBranch($branch);
|
|
|
|
|
}
|
|
|
|
|
|
2014-04-20 11:54:58 -07:00
|
|
|
// TODO: These should be serviced by the query, but are not currently
|
|
|
|
|
// denormalized anywhere. For now, filter them here instead. Note that
|
|
|
|
|
// we must perform this filtering *after* querying and attaching branches,
|
|
|
|
|
// because request status depends on the product.
|
|
|
|
|
|
|
|
|
|
$keep_status = array_fuse($this->getKeepStatusConstants());
|
|
|
|
|
if ($keep_status) {
|
|
|
|
|
foreach ($requests as $key => $request) {
|
|
|
|
|
if (empty($keep_status[$request->getStatus()])) {
|
|
|
|
|
unset($requests[$key]);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
return $requests;
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
private function buildWhereClause(AphrontDatabaseConnection $conn_r) {
|
|
|
|
|
$where = array();
|
|
|
|
|
|
2013-05-17 03:47:46 -07:00
|
|
|
if ($this->ids) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'id IN (%Ld)',
|
|
|
|
|
$this->ids);
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-21 08:41:38 -07:00
|
|
|
if ($this->phids) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'phid IN (%Ls)',
|
|
|
|
|
$this->phids);
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
if ($this->branchIDs) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'branchID IN (%Ld)',
|
|
|
|
|
$this->branchIDs);
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
if ($this->requestedCommitPHIDs) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'requestCommitPHID IN (%Ls)',
|
|
|
|
|
$this->requestedCommitPHIDs);
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
if ($this->requestorPHIDs) {
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'requestUserPHID IN (%Ls)',
|
|
|
|
|
$this->requestorPHIDs);
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-14 16:07:17 -07:00
|
|
|
if ($this->revisionPHIDs) {
|
|
|
|
|
$type = PhabricatorEdgeConfig::TYPE_DREV_HAS_COMMIT;
|
|
|
|
|
|
|
|
|
|
$edges = id(new PhabricatorEdgeQuery())
|
|
|
|
|
->withSourcePHIDs($this->revisionPHIDs)
|
|
|
|
|
->withEdgeTypes(array($type))
|
|
|
|
|
->execute();
|
|
|
|
|
|
|
|
|
|
$this->commitToRevMap = array();
|
|
|
|
|
foreach ($edges as $revision_phid => $edge) {
|
|
|
|
|
foreach ($edge[$type] as $commitPHID => $item) {
|
|
|
|
|
$this->commitToRevMap[$commitPHID] = $revision_phid;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!$this->commitToRevMap) {
|
|
|
|
|
throw new PhabricatorEmptyQueryException("Malformed Revision Phids");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$where[] = qsprintf(
|
|
|
|
|
$conn_r,
|
|
|
|
|
'requestCommitPHID IN (%Ls)',
|
|
|
|
|
array_keys($this->commitToRevMap));
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
$where[] = $this->buildPagingClause($conn_r);
|
|
|
|
|
|
|
|
|
|
return $this->formatWhereClause($where);
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-14 15:38:52 -07:00
|
|
|
private function getKeepStatusConstants() {
|
|
|
|
|
switch ($this->status) {
|
|
|
|
|
case self::STATUS_ALL:
|
|
|
|
|
return array();
|
|
|
|
|
case self::STATUS_OPEN:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::STATUS_REQUESTED,
|
|
|
|
|
ReleephRequestStatus::STATUS_NEEDS_PICK,
|
|
|
|
|
ReleephRequestStatus::STATUS_NEEDS_REVERT,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_REQUESTED:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::STATUS_REQUESTED,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_NEEDS_PULL:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::STATUS_NEEDS_PICK,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_REJECTED:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::STATUS_REJECTED,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_ABANDONED:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::STATUS_ABANDONED,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_PULLED:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::STATUS_PICKED,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_NEEDS_REVERT:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::NEEDS_REVERT,
|
|
|
|
|
);
|
|
|
|
|
case self::STATUS_REVERTED:
|
|
|
|
|
return array(
|
|
|
|
|
ReleephRequestStatus::REVERTED,
|
|
|
|
|
);
|
|
|
|
|
default:
|
|
|
|
|
throw new Exception("Unknown status '{$this->status}'!");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Lock policy queries to their applications
Summary:
While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential.
This has several parts:
- For PolicyAware queries, provide an application class name method.
- If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally.
- For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles.
Test Plan:
- Added a unit test to verify I got all the class names right.
- Browsed around, logged in/out as a normal user with public policies on and off.
- Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted.
Reviewers: btrahan
Reviewed By: btrahan
CC: aran
Differential Revision: https://secure.phabricator.com/D7367
2013-10-21 17:20:27 -07:00
|
|
|
|
|
|
|
|
public function getQueryApplicationClass() {
|
|
|
|
|
return 'PhabricatorApplicationReleeph';
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-26 09:07:38 -07:00
|
|
|
}
|
