revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-09-20 01:08:50 +02:00
Code Issues Releases Wiki Activity

Don't dead-end users with out-of-date links to files

Browse source 
Summary: Ref T10262. Instead of dumping an unhelpful 403 "ACCESS DENIED" page on users, explain the most likely cause of the issue and give them a link to return to the file detail page to learn more or get an up-to-date link.

Test Plan: Hit both errors, had a lovely experience with the helpful dialog text.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10262

Differential Revision: https://secure.phabricator.com/D15650
This commit is contained in:
epriestley 2016-04-06 16:19:03 -07:00
parent 39dfcf4c89
commit 5938d768d6
1 changed files with 31 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
src/applications/files/controller/PhabricatorFileDataController.php
View file

@ -119,22 +119,46 @@ final class PhabricatorFileDataController extends PhabricatorFileController {
return new Aphront404Response(); return new Aphront404Response();
} }
if (!$file->validateSecretKey($this->key)) {
return new Aphront403Response();
}
if ($file->getIsPartial()) {
// We may be on the CDN domain, so we need to use a fully-qualified URI // We may be on the CDN domain, so we need to use a fully-qualified URI
// here to make sure we end up back on the main domain. // here to make sure we end up back on the main domain.
$info_uri = PhabricatorEnv::getURI($file->getInfoURI()); $info_uri = PhabricatorEnv::getURI($file->getInfoURI());
return $this->newDialog()
if (!$file->validateSecretKey($this->key)) {
$dialog = $this->newDialog()
->setTitle(pht('Invalid Authorization'))
->appendParagraph(
pht(
'The link you followed to access this file is no longer '.
'valid. The visibility of the file may have changed after '.
'the link was generated.'))
->appendParagraph(
pht(
'You can continue to the file detail page to get more '.
'information and attempt to access the file.'))
->addCancelButton($info_uri, pht('Continue'));
return id(new AphrontDialogResponse())
->setDialog($dialog)
->setHTTPResponseCode(404);
}
if ($file->getIsPartial()) {
$dialog = $this->newDialog()
->setTitle(pht('Partial Upload')) ->setTitle(pht('Partial Upload'))
->appendParagraph( ->appendParagraph(
pht( pht(
'This file has only been partially uploaded. It must be '. 'This file has only been partially uploaded. It must be '.
'uploaded completely before you can download it.')) 'uploaded completely before you can download it.'))
->addCancelButton($info_uri); ->appendParagraph(
pht(
'You can continue to the file detail page to monitor the '.
'upload progress of the file.'))
->addCancelButton($info_uri, pht('Continue'));
return id(new AphrontDialogResponse())
->setDialog($dialog)
->setHTTPResponseCode(404);
} }
$this->file = $file; $this->file = $file;