phorge-phorge/src/applications/diffusion/controller/DiffusionMirrorEditController.php

<?php

final class DiffusionMirrorEditController
  extends DiffusionController {

  protected function processDiffusionRequest(AphrontRequest $request) {
    $viewer = $request->getUser();
    $drequest = $this->diffusionRequest;
    $repository = $drequest->getRepository();

    PhabricatorPolicyFilter::requireCapability(
      $viewer,
      $repository,
      PhabricatorPolicyCapability::CAN_EDIT);

    if ($request->getURIData('id')) {
      $mirror = id(new PhabricatorRepositoryMirrorQuery())
        ->setViewer($viewer)
        ->withIDs(array($request->getURIData('id')))
        ->requireCapabilities(
          array(
            PhabricatorPolicyCapability::CAN_VIEW,
            PhabricatorPolicyCapability::CAN_EDIT,
          ))
        ->executeOne();
      if (!$mirror) {
        return new Aphront404Response();
      }
      $is_new = false;
    } else {
      $mirror = PhabricatorRepositoryMirror::initializeNewMirror($viewer)
        ->setRepositoryPHID($repository->getPHID())
        ->attachRepository($repository);
      $is_new = true;
    }

    $edit_uri = $this->getRepositoryControllerURI($repository, 'edit/#mirrors');

    $v_remote = $mirror->getRemoteURI();
    $e_remote = true;

    $v_credentials = $mirror->getCredentialPHID();
    $e_credentials = null;

    $credentials = id(new PassphraseCredentialQuery())
      ->setViewer($viewer)
      ->withIsDestroyed(false)
      ->execute();

    $errors = array();
    if ($request->isFormPost()) {
      $v_remote = $request->getStr('remoteURI');
      if (strlen($v_remote)) {
        try {
          PhabricatorRepository::assertValidRemoteURI($v_remote);
          $e_remote = null;
        } catch (Exception $ex) {
          $e_remote = pht('Invalid');
          $errors[] = $ex->getMessage();
        }
      } else {
        $e_remote = pht('Required');
        $errors[] = pht('You must provide a remote URI.');
      }

      $v_credentials = $request->getStr('credential');
      if ($v_credentials) {
        $phids = mpull($credentials, null, 'getPHID');
        if (empty($phids[$v_credentials])) {
          $e_credentials = pht('Invalid');
          $errors[] = pht(
            'You do not have permission to use those credentials.');
        }
      }

      if (!$errors) {
        $mirror
          ->setRemoteURI($v_remote)
          ->setCredentialPHID($v_credentials)
          ->save();
        return id(new AphrontReloadResponse())->setURI($edit_uri);
      }
    }

    $form_errors = null;
    if ($errors) {
      $form_errors = id(new PHUIInfoView())
        ->setErrors($errors);
    }

    if ($is_new) {
      $title = pht('Create Mirror');
      $submit = pht('Create Mirror');
    } else {
      $title = pht('Edit Mirror');
      $submit = pht('Save Changes');
    }

    $form = id(new PHUIFormLayoutView())
      ->appendChild(
        id(new AphrontFormTextControl())
          ->setLabel(pht('Remote URI'))
          ->setName('remoteURI')
          ->setValue($v_remote)
          ->setError($e_remote))
      ->appendChild(
        id(new PassphraseCredentialControl())
          ->setLabel(pht('Credentials'))
          ->setName('credential')
          ->setAllowNull(true)
          ->setValue($v_credentials)
          ->setError($e_credentials)
          ->setOptions($credentials));

    $dialog = id(new AphrontDialogView())
      ->setUser($viewer)
      ->setTitle($title)
      ->setWidth(AphrontDialogView::WIDTH_FORM)
      ->appendChild($form_errors)
      ->appendChild($form)
      ->addSubmitButton($submit)
      ->addCancelButton($edit_uri);

    return id(new AphrontDialogResponse())
      ->setDialog($dialog);
  }


}
Add UI for defining repository mirrors Summary: Ref T4038. This adds everything except the actual pushing part for mirrors. This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on. Test Plan: See screenshots. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4038 Differential Revision: https://secure.phabricator.com/D7632 2013-11-23 00:23:50 +01:00			`<?php`

			`final class DiffusionMirrorEditController`
			`extends DiffusionController {`

Diffusion - return 404 errors for bad URIs Summary: Fixes T5646. Makes diffusion a much better user experience. Users now see a 404 exception page when they have a bad URI. Previously, they saw a developer-facing raw exception. Test Plan: played around in diffusion a bunch. most of these changes were fairly mechanical at the end of the day. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T5646 Differential Revision: https://secure.phabricator.com/D11299 2015-01-09 22:29:08 +01:00			`protected function processDiffusionRequest(AphrontRequest $request) {`
Add UI for defining repository mirrors Summary: Ref T4038. This adds everything except the actual pushing part for mirrors. This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on. Test Plan: See screenshots. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4038 Differential Revision: https://secure.phabricator.com/D7632 2013-11-23 00:23:50 +01:00			`$viewer = $request->getUser();`
			`$drequest = $this->diffusionRequest;`
			`$repository = $drequest->getRepository();`

Add some missing capability checks for repository mirror edits Summary: Via HackerOne. These endpoints have insufficient policy checks. Test Plan: Verified endpoints now check policies correctly. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Differential Revision: https://secure.phabricator.com/D10957 2014-12-11 00:23:55 +01:00			`PhabricatorPolicyFilter::requireCapability(`
			`$viewer,`
			`$repository,`
			`PhabricatorPolicyCapability::CAN_EDIT);`

Diffusion - return 404 errors for bad URIs Summary: Fixes T5646. Makes diffusion a much better user experience. Users now see a 404 exception page when they have a bad URI. Previously, they saw a developer-facing raw exception. Test Plan: played around in diffusion a bunch. most of these changes were fairly mechanical at the end of the day. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T5646 Differential Revision: https://secure.phabricator.com/D11299 2015-01-09 22:29:08 +01:00			`if ($request->getURIData('id')) {`
Add UI for defining repository mirrors Summary: Ref T4038. This adds everything except the actual pushing part for mirrors. This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on. Test Plan: See screenshots. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4038 Differential Revision: https://secure.phabricator.com/D7632 2013-11-23 00:23:50 +01:00			`$mirror = id(new PhabricatorRepositoryMirrorQuery())`
			`->setViewer($viewer)`
Diffusion - return 404 errors for bad URIs Summary: Fixes T5646. Makes diffusion a much better user experience. Users now see a 404 exception page when they have a bad URI. Previously, they saw a developer-facing raw exception. Test Plan: played around in diffusion a bunch. most of these changes were fairly mechanical at the end of the day. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T5646 Differential Revision: https://secure.phabricator.com/D11299 2015-01-09 22:29:08 +01:00			`->withIDs(array($request->getURIData('id')))`
Add some missing capability checks for repository mirror edits Summary: Via HackerOne. These endpoints have insufficient policy checks. Test Plan: Verified endpoints now check policies correctly. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Differential Revision: https://secure.phabricator.com/D10957 2014-12-11 00:23:55 +01:00			`->requireCapabilities(`
			`array(`
			`PhabricatorPolicyCapability::CAN_VIEW,`
			`PhabricatorPolicyCapability::CAN_EDIT,`
			`))`
Add UI for defining repository mirrors Summary: Ref T4038. This adds everything except the actual pushing part for mirrors. This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on. Test Plan: See screenshots. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4038 Differential Revision: https://secure.phabricator.com/D7632 2013-11-23 00:23:50 +01:00			`->executeOne();`
			`if (!$mirror) {`
			`return new Aphront404Response();`
			`}`
			`$is_new = false;`
			`} else {`
			`$mirror = PhabricatorRepositoryMirror::initializeNewMirror($viewer)`
			`->setRepositoryPHID($repository->getPHID())`
			`->attachRepository($repository);`
			`$is_new = true;`
			`}`

			`$edit_uri = $this->getRepositoryControllerURI($repository, 'edit/#mirrors');`

			`$v_remote = $mirror->getRemoteURI();`
			`$e_remote = true;`

			`$v_credentials = $mirror->getCredentialPHID();`
			`$e_credentials = null;`

			`$credentials = id(new PassphraseCredentialQuery())`
			`->setViewer($viewer)`
			`->withIsDestroyed(false)`
			`->execute();`

			`$errors = array();`
			`if ($request->isFormPost()) {`
			`$v_remote = $request->getStr('remoteURI');`
			`if (strlen($v_remote)) {`
Prevent the use of `file://` URIs in Diffusion Summary: Via HackerOne. There are two attacks here: - Configuring mirroring to a `file://` URI to place files on disk or overwrite another repository. This is not particularly severe. - Configuring cloning from a `file://` URI to read repositories you should not have access to. This is more severe. Historically, repository creation and editing explicitly supported `file://` URIs to deal with use cases where you had something else managing repositories on the same machine. Since there were no permissions, repository management was admin-only, and you couldn't mirror, this was fine. As we've evolved, this use case is a tiny minority use case and the security implications of `file://` URIs overwhelm the utility it provides. Prevent the use of `file://` URIs. Existing configured repositories won't stop working, you just can't add any new ones. Also prevent `localPath` from being set via Conduit (see T4039). Test Plan: - Tried to create a `file://` repository. - Tried to create a `file://` mirror. - Tried to create a `file://` repository via Conduit. - Created a non-`file://` repository. - Created a non-`file://` mirror. - Created a non-`file://` repository via Conduit. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Differential Revision: https://secure.phabricator.com/D9513 2014-06-13 16:07:00 +02:00			`try {`
			`PhabricatorRepository::assertValidRemoteURI($v_remote);`
			`$e_remote = null;`
			`} catch (Exception $ex) {`
			`$e_remote = pht('Invalid');`
			`$errors[] = $ex->getMessage();`
			`}`
Add UI for defining repository mirrors Summary: Ref T4038. This adds everything except the actual pushing part for mirrors. This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on. Test Plan: See screenshots. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4038 Differential Revision: https://secure.phabricator.com/D7632 2013-11-23 00:23:50 +01:00			`} else {`
			`$e_remote = pht('Required');`
			`$errors[] = pht('You must provide a remote URI.');`
			`}`

			`$v_credentials = $request->getStr('credential');`
			`if ($v_credentials) {`
			`$phids = mpull($credentials, null, 'getPHID');`
			`if (empty($phids[$v_credentials])) {`
			`$e_credentials = pht('Invalid');`
			`$errors[] = pht(`
			`'You do not have permission to use those credentials.');`
			`}`
			`}`

			`if (!$errors) {`
			`$mirror`
			`->setRemoteURI($v_remote)`
			`->setCredentialPHID($v_credentials)`
			`->save();`
			`return id(new AphrontReloadResponse())->setURI($edit_uri);`
			`}`
			`}`

			`$form_errors = null;`
			`if ($errors) {`
Move PHUIErrorView to PHUIInfoView Summary: Since this element isn't strictly about errors, re-label as info view instead. Test Plan: Grepped for all callsites, tested UIExamples and a few other random pages. Reviewers: btrahan, epriestley Reviewed By: epriestley Subscribers: hach-que, Korvin, epriestley Differential Revision: https://secure.phabricator.com/D11867 2015-03-01 23:45:56 +01:00			`$form_errors = id(new PHUIInfoView())`
Add UI for defining repository mirrors Summary: Ref T4038. This adds everything except the actual pushing part for mirrors. This isn't the most beautiful or sophisticated UI, but I want get the authoritative repositories self-hosted and get users beta-ing hosting as soon as possible. We can do transactions, etc., later on. Test Plan: See screenshots. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4038 Differential Revision: https://secure.phabricator.com/D7632 2013-11-23 00:23:50 +01:00			`->setErrors($errors);`
			`}`

			`if ($is_new) {`
			`$title = pht('Create Mirror');`
			`$submit = pht('Create Mirror');`
			`} else {`
			`$title = pht('Edit Mirror');`
			`$submit = pht('Save Changes');`
			`}`

			`$form = id(new PHUIFormLayoutView())`
			`->appendChild(`
			`id(new AphrontFormTextControl())`
			`->setLabel(pht('Remote URI'))`
			`->setName('remoteURI')`
			`->setValue($v_remote)`
			`->setError($e_remote))`
			`->appendChild(`
			`id(new PassphraseCredentialControl())`
			`->setLabel(pht('Credentials'))`
			`->setName('credential')`
			`->setAllowNull(true)`
			`->setValue($v_credentials)`
			`->setError($e_credentials)`
			`->setOptions($credentials));`

			`$dialog = id(new AphrontDialogView())`
			`->setUser($viewer)`
			`->setTitle($title)`
			`->setWidth(AphrontDialogView::WIDTH_FORM)`
			`->appendChild($form_errors)`
			`->appendChild($form)`
			`->addSubmitButton($submit)`
			`->addCancelButton($edit_uri);`

			`return id(new AphrontDialogResponse())`
			`->setDialog($dialog);`
			`}`


			`}`