1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 06:20:56 +01:00

Update Auth for handleRequest

Summary: Updates Auth app for handleRequest

Test Plan: Tested what I could, Log in, Log out, Change Password, New account, Verify account... but extra eyes very helpful here.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: epriestley, Korvin

Maniphest Tasks: T8628

Differential Revision: https://secure.phabricator.com/D13748
This commit is contained in:
Chad Little 2015-08-01 16:49:27 -07:00
parent 1d2c47f110
commit 36103dfa18
21 changed files with 95 additions and 159 deletions

View file

@ -3,17 +3,11 @@
final class PhabricatorAuthConfirmLinkController
extends PhabricatorAuthController {
private $accountKey;
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$accountkey = $request->getURIData('akey');
public function willProcessRequest(array $data) {
$this->accountKey = idx($data, 'akey');
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
$result = $this->loadAccountForRegistrationOrLinking($this->accountKey);
$result = $this->loadAccountForRegistrationOrLinking($accountkey);
list($account, $provider, $response) = $result;
if ($response) {

View file

@ -3,9 +3,8 @@
final class PhabricatorAuthDowngradeSessionController
extends PhabricatorAuthController {
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$panel_uri = '/settings/panel/sessions/';

View file

@ -15,9 +15,8 @@ final class PhabricatorAuthFinishController
return true;
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
// If the user already has a full session, just kick them out of here.
$has_partial_session = $viewer->hasSession() &&

View file

@ -3,25 +3,18 @@
final class PhabricatorAuthLinkController
extends PhabricatorAuthController {
private $action;
private $providerKey;
public function willProcessRequest(array $data) {
$this->providerKey = $data['pkey'];
$this->action = $data['action'];
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$action = $request->getURIData('action');
$provider_key = $request->getURIData('pkey');
$provider = PhabricatorAuthProvider::getEnabledProviderByKey(
$this->providerKey);
$provider_key);
if (!$provider) {
return new Aphront404Response();
}
switch ($this->action) {
switch ($action) {
case 'link':
if (!$provider->shouldAllowAccountLink()) {
return $this->renderErrorPage(
@ -50,7 +43,7 @@ final class PhabricatorAuthLinkController
$provider->getProviderDomain(),
$viewer->getPHID());
switch ($this->action) {
switch ($action) {
case 'link':
if ($account) {
return $this->renderErrorPage(
@ -81,7 +74,7 @@ final class PhabricatorAuthLinkController
PhabricatorCookies::setClientIDCookie($request);
switch ($this->action) {
switch ($action) {
case 'link':
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
$viewer,
@ -107,7 +100,7 @@ final class PhabricatorAuthLinkController
$form);
}
switch ($this->action) {
switch ($action) {
case 'link':
$name = pht('Link Account');
$title = pht('Link %s Account', $provider->getProviderName());

View file

@ -20,18 +20,14 @@ final class PhabricatorAuthLoginController
return parent::shouldAllowRestrictedParameter($parameter_name);
}
public function willProcessRequest(array $data) {
$this->providerKey = $data['pkey'];
$this->extraURIData = idx($data, 'extra');
}
public function getExtraURIData() {
return $this->extraURIData;
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$this->providerKey = $request->getURIData('pkey');
$this->extraURIData = $request->getURIData('extra');
$response = $this->loadProvider();
if ($response) {

View file

@ -15,16 +15,15 @@ final class PhabricatorAuthNeedsApprovalController
return false;
}
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$wait_for_approval = pht(
"Your account has been created, but needs to be approved by an ".
"administrator. You'll receive an email once your account is approved.");
$dialog = id(new AphrontDialogView())
->setUser($user)
->setUser($viewer)
->setTitle(pht('Wait for Approval'))
->appendChild($wait_for_approval)
->addCancelButton('/', pht('Wait Patiently'));

View file

@ -9,9 +9,8 @@ final class PhabricatorAuthNeedsMultiFactorController
return false;
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$panel = id(new PhabricatorMultiFactorSettingsPanel())
->setUser($viewer)

View file

@ -3,8 +3,6 @@
final class PhabricatorAuthOldOAuthRedirectController
extends PhabricatorAuthController {
private $provider;
public function shouldRequireLogin() {
return false;
}
@ -16,11 +14,9 @@ final class PhabricatorAuthOldOAuthRedirectController
return parent::shouldAllowRestrictedParameter($parameter_name);
}
public function willProcessRequest(array $data) {
$this->provider = $data['provider'];
}
public function processRequest() {
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$provider = $request->getURIData('provider');
// TODO: Most OAuth providers are OK with changing the redirect URI, but
// Google and GitHub are strict. We need to respect the old OAuth URI until
// we can get installs to migrate. This just keeps the old OAuth URI working
@ -31,11 +27,11 @@ final class PhabricatorAuthOldOAuthRedirectController
'github' => 'github:github.com',
);
if (!isset($provider_map[$this->provider])) {
if (!isset($provider_map[$provider])) {
return new Aphront404Response();
}
$provider_key = $provider_map[$this->provider];
$provider_key = $provider_map[$provider];
$uri = $this->getRequest()->getRequestURI();
$uri->setPath($this->getApplicationURI('login/'.$provider_key.'/'));

View file

@ -3,24 +3,16 @@
final class PhabricatorAuthOneTimeLoginController
extends PhabricatorAuthController {
private $id;
private $key;
private $emailID;
private $linkType;
public function shouldRequireLogin() {
return false;
}
public function willProcessRequest(array $data) {
$this->linkType = $data['type'];
$this->id = $data['id'];
$this->key = $data['key'];
$this->emailID = idx($data, 'emailID');
}
public function processRequest() {
$request = $this->getRequest();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
$link_type = $request->getURIData('key');
$key = $request->getURIData('type');
$email_id = $request->getURIData('emailID');
if ($request->getUser()->isLoggedIn()) {
return $this->renderError(
@ -29,7 +21,7 @@ final class PhabricatorAuthOneTimeLoginController
$target_user = id(new PhabricatorPeopleQuery())
->setViewer(PhabricatorUser::getOmnipotentUser())
->withIDs(array($this->id))
->withIDs(array($id))
->executeOne();
if (!$target_user) {
return new Aphront404Response();
@ -58,11 +50,11 @@ final class PhabricatorAuthOneTimeLoginController
// - get a "verified" address you don't control.
$target_email = null;
if ($this->emailID) {
if ($email_id) {
$target_email = id(new PhabricatorUserEmail())->loadOneWhere(
'userPHID = %s AND id = %d',
$target_user->getPHID(),
$this->emailID);
$email_id);
if (!$target_email) {
return new Aphront404Response();
}
@ -72,7 +64,7 @@ final class PhabricatorAuthOneTimeLoginController
$token = $engine->loadOneTimeLoginKey(
$target_user,
$target_email,
$this->key);
$key);
if (!$token) {
return $this->newDialog()
@ -154,7 +146,7 @@ final class PhabricatorAuthOneTimeLoginController
// then log a user in to an account they control via sneaky invisible
// form submissions.
switch ($this->linkType) {
switch ($link_type) {
case PhabricatorAuthSessionEngine::ONETIME_WELCOME:
$title = pht('Welcome to Phabricator');
break;

View file

@ -3,26 +3,21 @@
final class PhabricatorAuthRegisterController
extends PhabricatorAuthController {
private $accountKey;
public function shouldRequireLogin() {
return false;
}
public function willProcessRequest(array $data) {
$this->accountKey = idx($data, 'akey');
}
public function processRequest() {
$request = $this->getRequest();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$account_key = $request->getURIData('akey');
if ($request->getUser()->isLoggedIn()) {
return $this->renderError(pht('You are already logged in.'));
}
$is_setup = false;
if (strlen($this->accountKey)) {
$result = $this->loadAccountForRegistrationOrLinking($this->accountKey);
if (strlen($account_key)) {
$result = $this->loadAccountForRegistrationOrLinking($account_key);
list($account, $provider, $response) = $result;
$is_default = false;
} else if ($this->isFirstTimeSetup()) {

View file

@ -3,23 +3,17 @@
final class PhabricatorAuthRevokeTokenController
extends PhabricatorAuthController {
private $id;
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
public function willProcessRequest(array $data) {
$this->id = $data['id'];
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
$is_all = ($this->id === 'all');
$is_all = ($id === 'all');
$query = id(new PhabricatorAuthTemporaryTokenQuery())
->setViewer($viewer)
->withObjectPHIDs(array($viewer->getPHID()));
if (!$is_all) {
$query->withIDs(array($this->id));
$query->withIDs(array($id));
}
$tokens = $query->execute();

View file

@ -5,8 +5,8 @@ final class PhabricatorAuthSSHKeyEditController
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
if ($id) {
$key = id(new PhabricatorAuthSSHKeyQuery())
->setViewer($viewer)

View file

@ -3,23 +3,17 @@
final class PhabricatorAuthTerminateSessionController
extends PhabricatorAuthController {
private $id;
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
public function willProcessRequest(array $data) {
$this->id = $data['id'];
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
$is_all = ($this->id === 'all');
$is_all = ($id === 'all');
$query = id(new PhabricatorAuthSessionQuery())
->setViewer($viewer)
->withIdentityPHIDs(array($viewer->getPHID()));
if (!$is_all) {
$query->withIDs(array($this->id));
$query->withIDs(array($id));
}
$current_key = PhabricatorHash::digest(

View file

@ -5,13 +5,9 @@ final class PhabricatorAuthUnlinkController
private $providerKey;
public function willProcessRequest(array $data) {
$this->providerKey = $data['pkey'];
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$this->providerKey = $request->getURIData('pkey');
list($type, $domain) = explode(':', $this->providerKey, 2);

View file

@ -15,9 +15,8 @@ final class PhabricatorAuthValidateController
return true;
}
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$failures = array();

View file

@ -7,15 +7,16 @@ final class PhabricatorDisabledUserController
return false;
}
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
if (!$user->getIsDisabled()) {
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
if (!$viewer->getIsDisabled()) {
return new Aphront404Response();
}
return id(new AphrontDialogView())
->setUser($user)
->setUser($viewer)
->setTitle(pht('Account Disabled'))
->addCancelButton('/logout/', pht('Okay'))
->appendParagraph(pht('Your account has been disabled.'));

View file

@ -7,8 +7,7 @@ final class PhabricatorEmailLoginController
return false;
}
public function processRequest() {
$request = $this->getRequest();
public function handleRequest(AphrontRequest $request) {
if (!PhabricatorPasswordAuthProvider::getPasswordProvider()) {
return new Aphront400Response();

View file

@ -3,12 +3,6 @@
final class PhabricatorEmailVerificationController
extends PhabricatorAuthController {
private $code;
public function willProcessRequest(array $data) {
$this->code = $data['code'];
}
public function shouldRequireEmailVerification() {
// Since users need to be able to hit this endpoint in order to verify
// email, we can't ever require email verification here.
@ -21,11 +15,11 @@ final class PhabricatorEmailVerificationController
return false;
}
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$code = $request->getURIData('code');
if ($user->getIsDisabled()) {
if ($viewer->getIsDisabled()) {
// We allowed unapproved and disabled users to hit this controller, but
// want to kick out disabled users now.
return new Aphront400Response();
@ -33,8 +27,8 @@ final class PhabricatorEmailVerificationController
$email = id(new PhabricatorUserEmail())->loadOneWhere(
'userPHID = %s AND verificationCode = %s',
$user->getPHID(),
$this->code);
$viewer->getPHID(),
$code);
$submit = null;
@ -46,7 +40,7 @@ final class PhabricatorEmailVerificationController
'user. Make sure you followed the link in the email correctly and are '.
'logged in with the user account associated with the email address.');
$continue = pht('Rats!');
} else if ($email->getIsVerified() && $user->getIsEmailVerified()) {
} else if ($email->getIsVerified() && $viewer->getIsEmailVerified()) {
$title = pht('Address Already Verified');
$content = pht(
'This email address has already been verified.');
@ -54,8 +48,8 @@ final class PhabricatorEmailVerificationController
} else if ($request->isFormPost()) {
id(new PhabricatorUserEditor())
->setActor($user)
->verifyEmail($user, $email);
->setActor($viewer)
->verifyEmail($viewer, $email);
$title = pht('Address Verified');
$content = pht(
@ -72,7 +66,7 @@ final class PhabricatorEmailVerificationController
}
$dialog = id(new AphrontDialogView())
->setUser($user)
->setUser($viewer)
->setTitle($title)
->addCancelButton('/', $continue)
->appendChild($content);

View file

@ -26,14 +26,13 @@ final class PhabricatorLogoutController
}
public function handleRequest(AphrontRequest $request) {
$request = $this->getRequest();
$user = $request->getUser();
$viewer = $this->getViewer();
if ($request->isFormPost()) {
$log = PhabricatorUserLog::initializeNewLog(
$user,
$user->getPHID(),
$viewer,
$viewer->getPHID(),
PhabricatorUserLog::ACTION_LOGOUT);
$log->save();
@ -43,7 +42,7 @@ final class PhabricatorLogoutController
$phsid = $request->getCookie(PhabricatorCookies::COOKIE_SESSION);
if (strlen($phsid)) {
$session = id(new PhabricatorAuthSessionQuery())
->setViewer($user)
->setViewer($viewer)
->withSessionKeys(array($phsid))
->executeOne();
if ($session) {
@ -56,9 +55,9 @@ final class PhabricatorLogoutController
->setURI('/auth/loggedout/');
}
if ($user->getPHID()) {
if ($viewer->getPHID()) {
$dialog = id(new AphrontDialogView())
->setUser($user)
->setUser($viewer)
->setTitle(pht('Log out of Phabricator?'))
->appendChild(pht('Are you sure you want to log out?'))
->addSubmitButton(pht('Logout'))

View file

@ -13,13 +13,12 @@ final class PhabricatorMustVerifyEmailController
return false;
}
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$email = $user->loadPrimaryEmail();
$email = $viewer->loadPrimaryEmail();
if ($user->getIsEmailVerified()) {
if ($viewer->getIsEmailVerified()) {
return id(new AphrontRedirectResponse())->setURI('/');
}
@ -27,7 +26,7 @@ final class PhabricatorMustVerifyEmailController
$sent = null;
if ($request->isFormPost()) {
$email->sendVerificationEmail($user);
$email->sendVerificationEmail($viewer);
$sent = new PHUIInfoView();
$sent->setSeverity(PHUIInfoView::SEVERITY_NOTICE);
$sent->setTitle(pht('Email Sent'));
@ -48,7 +47,7 @@ final class PhabricatorMustVerifyEmailController
'to try sending another one.');
$dialog = id(new AphrontDialogView())
->setUser($user)
->setUser($viewer)
->setTitle(pht('Check Your Email'))
->appendParagraph($must_verify)
->appendParagraph($send_again)

View file

@ -2,14 +2,13 @@
final class PhabricatorRefreshCSRFController extends PhabricatorAuthController {
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
return id(new AphrontAjaxResponse())
->setContent(
array(
'token' => $user->getCSRFToken(),
'token' => $viewer->getCSRFToken(),
));
}