1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-20 04:20:55 +01:00

Add a session engine extension point

Summary: Ref T7673. This is really just so I can force admin.phacility.com logout when you log out of an instance, but there are a few other things we could move here eventually, like the WILLREGISTERUSER event.

Test Plan: Logged out of an instance, got logged out of parent (see next change).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7673

Differential Revision: https://secure.phabricator.com/D15629
This commit is contained in:
epriestley 2016-04-03 10:04:10 -07:00
parent e6421b6ab3
commit 46881c4ce5
8 changed files with 127 additions and 44 deletions

View file

@ -1848,6 +1848,8 @@ phutil_register_library_map(array(
'PhabricatorAuthSSHPublicKey' => 'applications/auth/sshkey/PhabricatorAuthSSHPublicKey.php',
'PhabricatorAuthSession' => 'applications/auth/storage/PhabricatorAuthSession.php',
'PhabricatorAuthSessionEngine' => 'applications/auth/engine/PhabricatorAuthSessionEngine.php',
'PhabricatorAuthSessionEngineExtension' => 'applications/auth/engine/PhabricatorAuthSessionEngineExtension.php',
'PhabricatorAuthSessionEngineExtensionModule' => 'applications/auth/engine/PhabricatorAuthSessionEngineExtensionModule.php',
'PhabricatorAuthSessionGarbageCollector' => 'applications/auth/garbagecollector/PhabricatorAuthSessionGarbageCollector.php',
'PhabricatorAuthSessionQuery' => 'applications/auth/query/PhabricatorAuthSessionQuery.php',
'PhabricatorAuthSetupCheck' => 'applications/config/check/PhabricatorAuthSetupCheck.php',
@ -6206,6 +6208,8 @@ phutil_register_library_map(array(
'PhabricatorPolicyInterface',
),
'PhabricatorAuthSessionEngine' => 'Phobject',
'PhabricatorAuthSessionEngineExtension' => 'Phobject',
'PhabricatorAuthSessionEngineExtensionModule' => 'PhabricatorConfigModule',
'PhabricatorAuthSessionGarbageCollector' => 'PhabricatorGarbageCollector',
'PhabricatorAuthSessionQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'PhabricatorAuthSetupCheck' => 'PhabricatorSetupCheck',

View file

@ -29,13 +29,6 @@ final class PhabricatorLogoutController
$viewer = $this->getViewer();
if ($request->isFormPost()) {
$log = PhabricatorUserLog::initializeNewLog(
$viewer,
$viewer->getPHID(),
PhabricatorUserLog::ACTION_LOGOUT);
$log->save();
// Destroy the user's session in the database so logout works even if
// their cookies have some issues. We'll detect cookie issues when they
// try to login again and tell them to clear any junk.
@ -45,8 +38,10 @@ final class PhabricatorLogoutController
->setViewer($viewer)
->withSessionKeys(array($phsid))
->executeOne();
if ($session) {
$session->delete();
$engine = new PhabricatorAuthSessionEngine();
$engine->logoutSession($viewer, $session);
}
}
$request->clearCookie(PhabricatorCookies::COOKIE_SESSION);

View file

@ -297,6 +297,24 @@ final class PhabricatorAuthSessionEngine extends Phobject {
}
}
public function logoutSession(
PhabricatorUser $user,
PhabricatorAuthSession $session) {
$log = PhabricatorUserLog::initializeNewLog(
$user,
$user->getPHID(),
PhabricatorUserLog::ACTION_LOGOUT);
$log->save();
$extensions = PhabricatorAuthSessionEngineExtension::getAllExtensions();
foreach ($extensions as $extension) {
$extension->didLogout($user, array($session));
}
$session->delete();
}
/* -( High Security )------------------------------------------------------ */

View file

@ -0,0 +1,23 @@
<?php
abstract class PhabricatorAuthSessionEngineExtension
extends Phobject {
final public function getExtensionKey() {
return $this->getPhobjectClassConstant('EXTENSIONKEY');
}
final public static function getAllExtensions() {
return id(new PhutilClassMapQuery())
->setAncestorClass(__CLASS__)
->setUniqueMethod('getExtensionKey')
->execute();
}
abstract public function getExtensionName();
public function didLogout(PhabricatorUser $user, array $sessions) {
return;
}
}

View file

@ -0,0 +1,49 @@
<?php
final class PhabricatorAuthSessionEngineExtensionModule
extends PhabricatorConfigModule {
public function getModuleKey() {
return 'sessionengine';
}
public function getModuleName() {
return pht('Engine: Session');
}
public function renderModuleStatus(AphrontRequest $request) {
$viewer = $request->getViewer();
$extensions = PhabricatorAuthSessionEngineExtension::getAllExtensions();
$rows = array();
foreach ($extensions as $extension) {
$rows[] = array(
get_class($extension),
$extension->getExtensionKey(),
$extension->getExtensionName(),
);
}
$table = id(new AphrontTableView($rows))
->setNoDataString(
pht('There are no registered session engine extensions.'))
->setHeaders(
array(
pht('Class'),
pht('Key'),
pht('Name'),
))
->setColumnClasses(
array(
null,
null,
'wide pri',
));
return id(new PHUIObjectBoxView())
->setHeaderText(pht('SessionEngine Extensions'))
->setTable($table);
}
}

View file

@ -201,4 +201,9 @@ final class PhabricatorPhabricatorAuthProvider
return true;
}
public function getPhabricatorURI() {
$config = $this->getProviderConfig();
return $config->getProperty(self::PROPERTY_PHABRICATOR_URI);
}
}

View file

@ -62,19 +62,12 @@ final class PhabricatorExternalAccountQuery
return $this;
}
public function newResultObject() {
return new PhabricatorExternalAccount();
}
protected function loadPage() {
$table = new PhabricatorExternalAccount();
$conn_r = $table->establishConnection('r');
$data = queryfx_all(
$conn_r,
'SELECT * FROM %T %Q %Q %Q',
$table->getTableName(),
$this->buildWhereClause($conn_r),
$this->buildOrderClause($conn_r),
$this->buildLimitClause($conn_r));
return $table->loadAllFromArray($data);
return $this->loadStandardPage($this->newResultObject());
}
protected function willFilterPage(array $accounts) {
@ -116,61 +109,59 @@ final class PhabricatorExternalAccountQuery
return $accounts;
}
protected function buildWhereClause(AphrontDatabaseConnection $conn_r) {
$where = array();
protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) {
$where = parent::buildWhereClauseParts($conn);
$where[] = $this->buildPagingClause($conn_r);
if ($this->ids) {
if ($this->ids !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'id IN (%Ld)',
$this->ids);
}
if ($this->phids) {
if ($this->phids !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'phid IN (%Ls)',
$this->phids);
}
if ($this->accountTypes) {
if ($this->accountTypes !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'accountType IN (%Ls)',
$this->accountTypes);
}
if ($this->accountDomains) {
if ($this->accountDomains !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'accountDomain IN (%Ls)',
$this->accountDomains);
}
if ($this->accountIDs) {
if ($this->accountIDs !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'accountID IN (%Ls)',
$this->accountIDs);
}
if ($this->userPHIDs) {
if ($this->userPHIDs !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'userPHID IN (%Ls)',
$this->userPHIDs);
}
if ($this->accountSecrets) {
if ($this->accountSecrets !== null) {
$where[] = qsprintf(
$conn_r,
$conn,
'accountSecret IN (%Ls)',
$this->accountSecrets);
}
return $this->formatWhereClause($where);
return $where;
}
public function getQueryApplicationClass() {

View file

@ -54,15 +54,13 @@ final class PhabricatorExternalAccount extends PhabricatorUserDAO
'accountURI' => 'text255?',
),
self::CONFIG_KEY_SCHEMA => array(
'key_phid' => null,
'phid' => array(
'columns' => array('phid'),
'unique' => true,
),
'account_details' => array(
'columns' => array('accountType', 'accountDomain', 'accountID'),
'unique' => true,
),
'key_user' => array(
'columns' => array('userPHID'),
),
),
) + parent::getConfiguration();
}