mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-20 04:20:55 +01:00
Add a session engine extension point
Summary: Ref T7673. This is really just so I can force admin.phacility.com logout when you log out of an instance, but there are a few other things we could move here eventually, like the WILLREGISTERUSER event. Test Plan: Logged out of an instance, got logged out of parent (see next change). Reviewers: chad Reviewed By: chad Maniphest Tasks: T7673 Differential Revision: https://secure.phabricator.com/D15629
This commit is contained in:
parent
e6421b6ab3
commit
46881c4ce5
8 changed files with 127 additions and 44 deletions
|
@ -1848,6 +1848,8 @@ phutil_register_library_map(array(
|
|||
'PhabricatorAuthSSHPublicKey' => 'applications/auth/sshkey/PhabricatorAuthSSHPublicKey.php',
|
||||
'PhabricatorAuthSession' => 'applications/auth/storage/PhabricatorAuthSession.php',
|
||||
'PhabricatorAuthSessionEngine' => 'applications/auth/engine/PhabricatorAuthSessionEngine.php',
|
||||
'PhabricatorAuthSessionEngineExtension' => 'applications/auth/engine/PhabricatorAuthSessionEngineExtension.php',
|
||||
'PhabricatorAuthSessionEngineExtensionModule' => 'applications/auth/engine/PhabricatorAuthSessionEngineExtensionModule.php',
|
||||
'PhabricatorAuthSessionGarbageCollector' => 'applications/auth/garbagecollector/PhabricatorAuthSessionGarbageCollector.php',
|
||||
'PhabricatorAuthSessionQuery' => 'applications/auth/query/PhabricatorAuthSessionQuery.php',
|
||||
'PhabricatorAuthSetupCheck' => 'applications/config/check/PhabricatorAuthSetupCheck.php',
|
||||
|
@ -6206,6 +6208,8 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyInterface',
|
||||
),
|
||||
'PhabricatorAuthSessionEngine' => 'Phobject',
|
||||
'PhabricatorAuthSessionEngineExtension' => 'Phobject',
|
||||
'PhabricatorAuthSessionEngineExtensionModule' => 'PhabricatorConfigModule',
|
||||
'PhabricatorAuthSessionGarbageCollector' => 'PhabricatorGarbageCollector',
|
||||
'PhabricatorAuthSessionQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
|
||||
'PhabricatorAuthSetupCheck' => 'PhabricatorSetupCheck',
|
||||
|
|
|
@ -29,13 +29,6 @@ final class PhabricatorLogoutController
|
|||
$viewer = $this->getViewer();
|
||||
|
||||
if ($request->isFormPost()) {
|
||||
|
||||
$log = PhabricatorUserLog::initializeNewLog(
|
||||
$viewer,
|
||||
$viewer->getPHID(),
|
||||
PhabricatorUserLog::ACTION_LOGOUT);
|
||||
$log->save();
|
||||
|
||||
// Destroy the user's session in the database so logout works even if
|
||||
// their cookies have some issues. We'll detect cookie issues when they
|
||||
// try to login again and tell them to clear any junk.
|
||||
|
@ -45,8 +38,10 @@ final class PhabricatorLogoutController
|
|||
->setViewer($viewer)
|
||||
->withSessionKeys(array($phsid))
|
||||
->executeOne();
|
||||
|
||||
if ($session) {
|
||||
$session->delete();
|
||||
$engine = new PhabricatorAuthSessionEngine();
|
||||
$engine->logoutSession($viewer, $session);
|
||||
}
|
||||
}
|
||||
$request->clearCookie(PhabricatorCookies::COOKIE_SESSION);
|
||||
|
|
|
@ -297,6 +297,24 @@ final class PhabricatorAuthSessionEngine extends Phobject {
|
|||
}
|
||||
}
|
||||
|
||||
public function logoutSession(
|
||||
PhabricatorUser $user,
|
||||
PhabricatorAuthSession $session) {
|
||||
|
||||
$log = PhabricatorUserLog::initializeNewLog(
|
||||
$user,
|
||||
$user->getPHID(),
|
||||
PhabricatorUserLog::ACTION_LOGOUT);
|
||||
$log->save();
|
||||
|
||||
$extensions = PhabricatorAuthSessionEngineExtension::getAllExtensions();
|
||||
foreach ($extensions as $extension) {
|
||||
$extension->didLogout($user, array($session));
|
||||
}
|
||||
|
||||
$session->delete();
|
||||
}
|
||||
|
||||
|
||||
/* -( High Security )------------------------------------------------------ */
|
||||
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
<?php
|
||||
|
||||
abstract class PhabricatorAuthSessionEngineExtension
|
||||
extends Phobject {
|
||||
|
||||
final public function getExtensionKey() {
|
||||
return $this->getPhobjectClassConstant('EXTENSIONKEY');
|
||||
}
|
||||
|
||||
final public static function getAllExtensions() {
|
||||
return id(new PhutilClassMapQuery())
|
||||
->setAncestorClass(__CLASS__)
|
||||
->setUniqueMethod('getExtensionKey')
|
||||
->execute();
|
||||
}
|
||||
|
||||
abstract public function getExtensionName();
|
||||
|
||||
public function didLogout(PhabricatorUser $user, array $sessions) {
|
||||
return;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorAuthSessionEngineExtensionModule
|
||||
extends PhabricatorConfigModule {
|
||||
|
||||
public function getModuleKey() {
|
||||
return 'sessionengine';
|
||||
}
|
||||
|
||||
public function getModuleName() {
|
||||
return pht('Engine: Session');
|
||||
}
|
||||
|
||||
public function renderModuleStatus(AphrontRequest $request) {
|
||||
$viewer = $request->getViewer();
|
||||
|
||||
$extensions = PhabricatorAuthSessionEngineExtension::getAllExtensions();
|
||||
|
||||
$rows = array();
|
||||
foreach ($extensions as $extension) {
|
||||
$rows[] = array(
|
||||
get_class($extension),
|
||||
$extension->getExtensionKey(),
|
||||
$extension->getExtensionName(),
|
||||
);
|
||||
}
|
||||
|
||||
$table = id(new AphrontTableView($rows))
|
||||
->setNoDataString(
|
||||
pht('There are no registered session engine extensions.'))
|
||||
->setHeaders(
|
||||
array(
|
||||
pht('Class'),
|
||||
pht('Key'),
|
||||
pht('Name'),
|
||||
))
|
||||
->setColumnClasses(
|
||||
array(
|
||||
null,
|
||||
null,
|
||||
'wide pri',
|
||||
));
|
||||
|
||||
return id(new PHUIObjectBoxView())
|
||||
->setHeaderText(pht('SessionEngine Extensions'))
|
||||
->setTable($table);
|
||||
}
|
||||
|
||||
}
|
|
@ -201,4 +201,9 @@ final class PhabricatorPhabricatorAuthProvider
|
|||
return true;
|
||||
}
|
||||
|
||||
public function getPhabricatorURI() {
|
||||
$config = $this->getProviderConfig();
|
||||
return $config->getProperty(self::PROPERTY_PHABRICATOR_URI);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -62,19 +62,12 @@ final class PhabricatorExternalAccountQuery
|
|||
return $this;
|
||||
}
|
||||
|
||||
public function newResultObject() {
|
||||
return new PhabricatorExternalAccount();
|
||||
}
|
||||
|
||||
protected function loadPage() {
|
||||
$table = new PhabricatorExternalAccount();
|
||||
$conn_r = $table->establishConnection('r');
|
||||
|
||||
$data = queryfx_all(
|
||||
$conn_r,
|
||||
'SELECT * FROM %T %Q %Q %Q',
|
||||
$table->getTableName(),
|
||||
$this->buildWhereClause($conn_r),
|
||||
$this->buildOrderClause($conn_r),
|
||||
$this->buildLimitClause($conn_r));
|
||||
|
||||
return $table->loadAllFromArray($data);
|
||||
return $this->loadStandardPage($this->newResultObject());
|
||||
}
|
||||
|
||||
protected function willFilterPage(array $accounts) {
|
||||
|
@ -116,61 +109,59 @@ final class PhabricatorExternalAccountQuery
|
|||
return $accounts;
|
||||
}
|
||||
|
||||
protected function buildWhereClause(AphrontDatabaseConnection $conn_r) {
|
||||
$where = array();
|
||||
protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) {
|
||||
$where = parent::buildWhereClauseParts($conn);
|
||||
|
||||
$where[] = $this->buildPagingClause($conn_r);
|
||||
|
||||
if ($this->ids) {
|
||||
if ($this->ids !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'id IN (%Ld)',
|
||||
$this->ids);
|
||||
}
|
||||
|
||||
if ($this->phids) {
|
||||
if ($this->phids !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'phid IN (%Ls)',
|
||||
$this->phids);
|
||||
}
|
||||
|
||||
if ($this->accountTypes) {
|
||||
if ($this->accountTypes !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'accountType IN (%Ls)',
|
||||
$this->accountTypes);
|
||||
}
|
||||
|
||||
if ($this->accountDomains) {
|
||||
if ($this->accountDomains !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'accountDomain IN (%Ls)',
|
||||
$this->accountDomains);
|
||||
}
|
||||
|
||||
if ($this->accountIDs) {
|
||||
if ($this->accountIDs !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'accountID IN (%Ls)',
|
||||
$this->accountIDs);
|
||||
}
|
||||
|
||||
if ($this->userPHIDs) {
|
||||
if ($this->userPHIDs !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'userPHID IN (%Ls)',
|
||||
$this->userPHIDs);
|
||||
}
|
||||
|
||||
if ($this->accountSecrets) {
|
||||
if ($this->accountSecrets !== null) {
|
||||
$where[] = qsprintf(
|
||||
$conn_r,
|
||||
$conn,
|
||||
'accountSecret IN (%Ls)',
|
||||
$this->accountSecrets);
|
||||
}
|
||||
|
||||
return $this->formatWhereClause($where);
|
||||
return $where;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
|
|
|
@ -54,15 +54,13 @@ final class PhabricatorExternalAccount extends PhabricatorUserDAO
|
|||
'accountURI' => 'text255?',
|
||||
),
|
||||
self::CONFIG_KEY_SCHEMA => array(
|
||||
'key_phid' => null,
|
||||
'phid' => array(
|
||||
'columns' => array('phid'),
|
||||
'unique' => true,
|
||||
),
|
||||
'account_details' => array(
|
||||
'columns' => array('accountType', 'accountDomain', 'accountID'),
|
||||
'unique' => true,
|
||||
),
|
||||
'key_user' => array(
|
||||
'columns' => array('userPHID'),
|
||||
),
|
||||
),
|
||||
) + parent::getConfiguration();
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue