mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-19 20:10:55 +01:00
Convert one-time file access tokens to modular token types
Summary: Fixes T10603. This is the last of the ad-hoc temporary tokens. Test Plan: - Used a file token. - Viewed type in {nav Config > Temporary Tokens}. Reviewers: chad Reviewed By: chad Maniphest Tasks: T10603 Differential Revision: https://secure.phabricator.com/D15481
This commit is contained in:
parent
6ef4747e9d
commit
772c658aac
3 changed files with 24 additions and 3 deletions
|
@ -2352,6 +2352,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorFeedStoryPublisher' => 'applications/feed/PhabricatorFeedStoryPublisher.php',
|
||||
'PhabricatorFeedStoryReference' => 'applications/feed/storage/PhabricatorFeedStoryReference.php',
|
||||
'PhabricatorFile' => 'applications/files/storage/PhabricatorFile.php',
|
||||
'PhabricatorFileAccessTemporaryTokenType' => 'applications/files/temporarytoken/PhabricatorFileAccessTemporaryTokenType.php',
|
||||
'PhabricatorFileBundleLoader' => 'applications/files/query/PhabricatorFileBundleLoader.php',
|
||||
'PhabricatorFileChunk' => 'applications/files/storage/PhabricatorFileChunk.php',
|
||||
'PhabricatorFileChunkIterator' => 'applications/files/engine/PhabricatorFileChunkIterator.php',
|
||||
|
@ -6770,6 +6771,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyInterface',
|
||||
'PhabricatorDestructibleInterface',
|
||||
),
|
||||
'PhabricatorFileAccessTemporaryTokenType' => 'PhabricatorAuthTemporaryTokenType',
|
||||
'PhabricatorFileBundleLoader' => 'Phobject',
|
||||
'PhabricatorFileChunk' => array(
|
||||
'PhabricatorFileDAO',
|
||||
|
|
|
@ -26,7 +26,6 @@ final class PhabricatorFile extends PhabricatorFileDAO
|
|||
PhabricatorPolicyInterface,
|
||||
PhabricatorDestructibleInterface {
|
||||
|
||||
const ONETIME_TEMPORARY_TOKEN_TYPE = 'file:onetime';
|
||||
const STORAGE_FORMAT_RAW = 'raw';
|
||||
|
||||
const METADATA_IMAGE_WIDTH = 'width';
|
||||
|
@ -1119,12 +1118,13 @@ final class PhabricatorFile extends PhabricatorFileDAO
|
|||
|
||||
protected function generateOneTimeToken() {
|
||||
$key = Filesystem::readRandomCharacters(16);
|
||||
$token_type = PhabricatorFileAccessTemporaryTokenType::TOKENTYPE;
|
||||
|
||||
// Save the new secret.
|
||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
|
||||
$token = id(new PhabricatorAuthTemporaryToken())
|
||||
->setTokenResource($this->getPHID())
|
||||
->setTokenType(self::ONETIME_TEMPORARY_TOKEN_TYPE)
|
||||
->setTokenType($token_type)
|
||||
->setTokenExpires(time() + phutil_units('1 hour in seconds'))
|
||||
->setTokenCode(PhabricatorHash::digest($key))
|
||||
->save();
|
||||
|
@ -1134,10 +1134,12 @@ final class PhabricatorFile extends PhabricatorFileDAO
|
|||
}
|
||||
|
||||
public function validateOneTimeToken($token_code) {
|
||||
$token_type = PhabricatorFileAccessTemporaryTokenType::TOKENTYPE;
|
||||
|
||||
$token = id(new PhabricatorAuthTemporaryTokenQuery())
|
||||
->setViewer(PhabricatorUser::getOmnipotentUser())
|
||||
->withTokenResources(array($this->getPHID()))
|
||||
->withTokenTypes(array(self::ONETIME_TEMPORARY_TOKEN_TYPE))
|
||||
->withTokenTypes(array($token_type))
|
||||
->withExpired(false)
|
||||
->withTokenCodes(array(PhabricatorHash::digest($token_code)))
|
||||
->executeOne();
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorFileAccessTemporaryTokenType
|
||||
extends PhabricatorAuthTemporaryTokenType {
|
||||
|
||||
const TOKENTYPE = 'file:onetime';
|
||||
|
||||
public function getTokenTypeDisplayName() {
|
||||
return pht('File Access');
|
||||
}
|
||||
|
||||
public function getTokenReadableTypeName(
|
||||
PhabricatorAuthTemporaryToken $token) {
|
||||
return pht('File Access Token');
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in a new issue