Ref T8989, Phurl "Visit URL" link should route through a separate controller.

Summary: Ref T8989, Phurl "Visit URL" should now route to an access controller that decides if the URL is valid whether to open it, or redirect back to Phurl object. New route is `local.install.com/u/1` to open link. Test Plan: - open Phurl object with invalid URL, "Visit URL" link should redirect back to object - open Phurl object with valid URL, "Visit URL" link should open the link - open `local.install.com/u/1` for `U1` with valid URL should open the link - open `local.install.com/u/1` for `U1` with invalid URL should redirect to `local.install.com/U1` Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley, #blessed_reviewers Subscribers: joshuaspence, Korvin Maniphest Tasks: T8989 Differential Revision: https://secure.phabricator.com/D14381
2024-11-19 13:22:42 +01:00 · 2015-11-02 12:08:47 -08:00 · 2015-11-02 12:08:47 -08:00 · 809453a3e1
commit 809453a3e1
parent c35b564f4d
5 changed files with 40 additions and 15 deletions
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@ -2625,6 +2625,7 @@ phutil_register_library_map(array(
    'PhabricatorPhurlDAO' => 'applications/phurl/storage/PhabricatorPhurlDAO.php',
    'PhabricatorPhurlSchemaSpec' => 'applications/phurl/storage/PhabricatorPhurlSchemaSpec.php',
    'PhabricatorPhurlURL' => 'applications/phurl/storage/PhabricatorPhurlURL.php',
+    'PhabricatorPhurlURLAccessController' => 'applications/phurl/controller/PhabricatorPhurlURLAccessController.php',
    'PhabricatorPhurlURLEditController' => 'applications/phurl/controller/PhabricatorPhurlURLEditController.php',
    'PhabricatorPhurlURLEditor' => 'applications/phurl/editor/PhabricatorPhurlURLEditor.php',
    'PhabricatorPhurlURLListController' => 'applications/phurl/controller/PhabricatorPhurlURLListController.php',
@ -6727,6 +6728,7 @@ phutil_register_library_map(array(
      'PhabricatorFlaggableInterface',
      'PhabricatorSpacesInterface',
    ),
+    'PhabricatorPhurlURLAccessController' => 'PhabricatorPhurlController',
    'PhabricatorPhurlURLEditController' => 'PhabricatorPhurlController',
    'PhabricatorPhurlURLEditor' => 'PhabricatorApplicationTransactionEditor',
    'PhabricatorPhurlURLListController' => 'PhabricatorPhurlController',
--- a/src/applications/phurl/application/PhabricatorPhurlApplication.php
+++ b/src/applications/phurl/application/PhabricatorPhurlApplication.php
@ -29,6 +29,7 @@ final class PhabricatorPhurlApplication extends PhabricatorApplication {
  public function getRoutes() {
    return array(
      '/U(?P<id>[1-9]\d*)' => 'PhabricatorPhurlURLViewController',
+      '/u/(?P<id>[1-9]\d*)' => 'PhabricatorPhurlURLAccessController',
      '/phurl/' => array(
        '(?:query/(?P<queryKey>[^/]+)/)?'
          => 'PhabricatorPhurlURLListController',
--- a/src/applications/phurl/controller/PhabricatorPhurlURLAccessController.php
+++ b/src/applications/phurl/controller/PhabricatorPhurlURLAccessController.php
@ -0,0 +1,28 @@
+<?php
+
+final class PhabricatorPhurlURLAccessController
+  extends PhabricatorPhurlController {
+
+  public function handleRequest(AphrontRequest $request) {
+    $viewer = $this->getViewer();
+    $id = $request->getURIData('id');
+
+    $url = id(new PhabricatorPhurlURLQuery())
+      ->setViewer($viewer)
+      ->withIDs(array($id))
+      ->executeOne();
+
+    if (!$url) {
+      return new Aphront404Response();
+    }
+
+    if ($url->isValid()) {
+      return id(new AphrontRedirectResponse())
+        ->setURI($url->getLongURL())
+        ->setIsExternal(true);
+    } else {
+      return id(new AphrontRedirectResponse())->setURI('/'.$url->getMonogram());
+    }
+  }
+
+}
--- a/src/applications/phurl/controller/PhabricatorPhurlURLViewController.php
+++ b/src/applications/phurl/controller/PhabricatorPhurlURLViewController.php
@ -96,18 +96,6 @@ final class PhabricatorPhurlURLViewController
      $url,
      PhabricatorPolicyCapability::CAN_EDIT);

-    $allowed_protocols = PhabricatorEnv::getEnvConfig('uri.allowed-protocols');
-    $uri = new PhutilURI($url->getLongURL());
-    $url_protocol = $uri->getProtocol();
-
-    $can_access = false;
-    $redirect_uri = $url->getMonogram();
-
-    if (strlen($url_protocol)) {
-      $can_access = in_array($url_protocol, $allowed_protocols);
-      $redirect_uri = $uri;
-    }
-
    $actions
      ->addAction(
        id(new PhabricatorActionView())
@ -120,9 +108,8 @@ final class PhabricatorPhurlURLViewController
        id(new PhabricatorActionView())
          ->setName(pht('Visit URL'))
          ->setIcon('fa-external-link')
-          ->setHref($redirect_uri)
-          ->setDisabled(!$can_edit || !$can_access)
-          ->setWorkflow(!$can_edit));
+          ->setHref("u/{$id}")
+          ->setDisabled(!$url->isValid()));

    return $actions;
  }
--- a/src/applications/phurl/storage/PhabricatorPhurlURL.php
+++ b/src/applications/phurl/storage/PhabricatorPhurlURL.php
@ -72,6 +72,13 @@ final class PhabricatorPhurlURL extends PhabricatorPhurlDAO
    return $uri;
  }

+  public function isValid() {
+    $allowed_protocols = PhabricatorEnv::getEnvConfig('uri.allowed-protocols');
+    $uri = new PhutilURI($this->getLongURL());
+
+    return isset($allowed_protocols[$uri->getProtocol()]);
+  }
+
 /* -(  PhabricatorPolicyInterface  )----------------------------------------- */