revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-10 23:01:04 +01:00
Code Issues Releases Wiki Activity

Make "public" pastes meaningfully visible to logged-out users

Browse source 
Summary:
  - Introduce `shouldAllowPublic()`, indicating that logged-out users are OK in a controller if the install is configured to permit public policies.
  - Make Paste views and lists allow public users.
  - Make UI do sensible things with respect to disabling links, etc.
  - Improve behavior of "you need to login" with respect to policy exceptions and Ajax requests.

Test Plan: Looked at "public" paste, saw all unavailable UI disabled, clicked it, got appropraite prompts.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D3502
This commit is contained in:
epriestley 2012-09-30 19:44:09 -07:00
parent 9e1b643896
commit 6b1c27eb0e
7 changed files with 69 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/aphront/AphrontController.php
View file

@ -50,7 +50,6 @@ abstract class AphrontController {
return $controller->processRequest();
}
final public function setCurrentApplication(
PhabricatorApplication $current_application) {

12
src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
View file

@ -336,6 +336,18 @@ class AphrontDefaultApplicationConfiguration
}
if ($ex instanceof PhabricatorPolicyException) {
if (!$user->isLoggedIn()) {
// If the user isn't logged in, just give them a login form. This is
// probably a generally more useful response than a policy dialog that
// they have to click through to get a login form.
//
// Possibly we should add a header here like "you need to login to see
// the thing you are trying to look at".
$login_controller = new PhabricatorLoginController($request);
return $login_controller->processRequest();
}
$content =
'<div class="aphront-policy-exception">'.
phutil_escape_html($ex->getMessage()).

23
src/applications/auth/controller/PhabricatorLoginController.php
View file

@ -25,12 +25,33 @@ final class PhabricatorLoginController
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
if ($request->getUser()->getPHID()) {
if ($user->isLoggedIn()) {
// Kick the user out if they're already logged in.
return id(new AphrontRedirectResponse())->setURI('/');
}
if ($request->isAjax()) {
// We end up here if the user clicks a workflow link that they need to
// login to use. We give them a dialog saying "You need to login..".
if ($request->isDialogFormPost()) {
return id(new AphrontRedirectResponse())->setURI(
$request->getRequestURI());
}
$dialog = new AphrontDialogView();
$dialog->setUser($user);
$dialog->setTitle('Login Required');
$dialog->appendChild('<p>You must login to continue.</p>');
$dialog->addSubmitButton('Login');
$dialog->addCancelButton('/', 'Cancel');
return id(new AphrontDialogResponse())->setDialog($dialog);
}
if ($request->isConduit()) {
// A common source of errors in Conduit client configuration is getting

12
src/applications/base/controller/PhabricatorController.php
View file

@ -21,6 +21,14 @@ abstract class PhabricatorController extends AphrontController {
private $handles;
public function shouldRequireLogin() {
// If this install is configured to allow public resources and the
// controller works in public mode, allow the request through.
$is_public_allowed = PhabricatorEnv::getEnvConfig('policy.allow-public');
if ($is_public_allowed && $this->shouldAllowPublic()) {
return false;
}
return true;
}
@ -32,6 +40,10 @@ abstract class PhabricatorController extends AphrontController {
return true;
}
public function shouldAllowPublic() {
return false;
}
public function shouldRequireEmailVerification() {
$need_verify = PhabricatorUserEmail::isEmailVerificationRequired();
$need_login = $this->shouldRequireLogin();

13
src/applications/paste/controller/PhabricatorPasteController.php
View file

@ -19,6 +19,8 @@
abstract class PhabricatorPasteController extends PhabricatorController {
public function buildSideNavView(PhabricatorPaste $paste = null) {
$user = $this->getRequest()->getUser();
$nav = new AphrontSideNavFilterView();
$nav->setBaseURI(new PhutilURI($this->getApplicationURI('filter/')));
@ -28,11 +30,18 @@ abstract class PhabricatorPasteController extends PhabricatorController {
}
$nav->addLabel('Create');
$nav->addFilter('edit', 'New Paste', $this->getApplicationURI());
$nav->addFilter(
'edit',
'New Paste',
$this->getApplicationURI(),
$relative = false,
$class = ($user->isLoggedIn() ? null : 'disabled'));
$nav->addSpacer();
$nav->addLabel('Pastes');
$nav->addFilter('my', 'My Pastes');
if ($user->isLoggedIn()) {
$nav->addFilter('my', 'My Pastes');
}
$nav->addFilter('all', 'All Pastes');
return $nav;

4
src/applications/paste/controller/PhabricatorPasteListController.php
View file

@ -18,6 +18,10 @@
final class PhabricatorPasteListController extends PhabricatorPasteController {
public function shouldRequireLogin() {
return false;
}
private $filter;
public function willProcessRequest(array $data) {

8
src/applications/paste/controller/PhabricatorPasteViewController.php
View file

@ -18,6 +18,10 @@
final class PhabricatorPasteViewController extends PhabricatorPasteController {
public function shouldAllowPublic() {
return true;
}
private $id;
private $handles;
@ -98,6 +102,8 @@ final class PhabricatorPasteViewController extends PhabricatorPasteController {
$paste,
PhabricatorPolicyCapability::CAN_EDIT);
$can_fork = $user->isLoggedIn();
return id(new PhabricatorActionListView())
->setUser($user)
->setObject($paste)
@ -105,6 +111,8 @@ final class PhabricatorPasteViewController extends PhabricatorPasteController {
id(new PhabricatorActionView())
->setName(pht('Fork This Paste'))
->setIcon('fork')
->setDisabled(!$can_fork)
->setWorkflow(!$can_fork)
->setHref($this->getApplicationURI('?parent='.$paste->getID())))
->addAction(
id(new PhabricatorActionView())