1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-19 13:22:42 +01:00

Ref T8989, Phurl "Visit URL" link should route through a separate controller.

Summary: Ref T8989, Phurl "Visit URL" should now route to an access controller that decides if the URL is valid whether to open it, or redirect back to Phurl object. New route is `local.install.com/u/1` to open link.

Test Plan:
- open Phurl object with invalid URL, "Visit URL" link should redirect back to object
- open Phurl object with valid URL, "Visit URL" link should open the link
- open `local.install.com/u/1` for `U1` with valid URL should open the link
- open `local.install.com/u/1` for `U1` with invalid URL should redirect to `local.install.com/U1`

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: joshuaspence, Korvin

Maniphest Tasks: T8989

Differential Revision: https://secure.phabricator.com/D14381
This commit is contained in:
lkassianik 2015-11-02 12:08:47 -08:00
parent c35b564f4d
commit 809453a3e1
5 changed files with 40 additions and 15 deletions

View file

@ -2625,6 +2625,7 @@ phutil_register_library_map(array(
'PhabricatorPhurlDAO' => 'applications/phurl/storage/PhabricatorPhurlDAO.php',
'PhabricatorPhurlSchemaSpec' => 'applications/phurl/storage/PhabricatorPhurlSchemaSpec.php',
'PhabricatorPhurlURL' => 'applications/phurl/storage/PhabricatorPhurlURL.php',
'PhabricatorPhurlURLAccessController' => 'applications/phurl/controller/PhabricatorPhurlURLAccessController.php',
'PhabricatorPhurlURLEditController' => 'applications/phurl/controller/PhabricatorPhurlURLEditController.php',
'PhabricatorPhurlURLEditor' => 'applications/phurl/editor/PhabricatorPhurlURLEditor.php',
'PhabricatorPhurlURLListController' => 'applications/phurl/controller/PhabricatorPhurlURLListController.php',
@ -6727,6 +6728,7 @@ phutil_register_library_map(array(
'PhabricatorFlaggableInterface',
'PhabricatorSpacesInterface',
),
'PhabricatorPhurlURLAccessController' => 'PhabricatorPhurlController',
'PhabricatorPhurlURLEditController' => 'PhabricatorPhurlController',
'PhabricatorPhurlURLEditor' => 'PhabricatorApplicationTransactionEditor',
'PhabricatorPhurlURLListController' => 'PhabricatorPhurlController',

View file

@ -29,6 +29,7 @@ final class PhabricatorPhurlApplication extends PhabricatorApplication {
public function getRoutes() {
return array(
'/U(?P<id>[1-9]\d*)' => 'PhabricatorPhurlURLViewController',
'/u/(?P<id>[1-9]\d*)' => 'PhabricatorPhurlURLAccessController',
'/phurl/' => array(
'(?:query/(?P<queryKey>[^/]+)/)?'
=> 'PhabricatorPhurlURLListController',

View file

@ -0,0 +1,28 @@
<?php
final class PhabricatorPhurlURLAccessController
extends PhabricatorPhurlController {
public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
$url = id(new PhabricatorPhurlURLQuery())
->setViewer($viewer)
->withIDs(array($id))
->executeOne();
if (!$url) {
return new Aphront404Response();
}
if ($url->isValid()) {
return id(new AphrontRedirectResponse())
->setURI($url->getLongURL())
->setIsExternal(true);
} else {
return id(new AphrontRedirectResponse())->setURI('/'.$url->getMonogram());
}
}
}

View file

@ -96,18 +96,6 @@ final class PhabricatorPhurlURLViewController
$url,
PhabricatorPolicyCapability::CAN_EDIT);
$allowed_protocols = PhabricatorEnv::getEnvConfig('uri.allowed-protocols');
$uri = new PhutilURI($url->getLongURL());
$url_protocol = $uri->getProtocol();
$can_access = false;
$redirect_uri = $url->getMonogram();
if (strlen($url_protocol)) {
$can_access = in_array($url_protocol, $allowed_protocols);
$redirect_uri = $uri;
}
$actions
->addAction(
id(new PhabricatorActionView())
@ -120,9 +108,8 @@ final class PhabricatorPhurlURLViewController
id(new PhabricatorActionView())
->setName(pht('Visit URL'))
->setIcon('fa-external-link')
->setHref($redirect_uri)
->setDisabled(!$can_edit || !$can_access)
->setWorkflow(!$can_edit));
->setHref("u/{$id}")
->setDisabled(!$url->isValid()));
return $actions;
}

View file

@ -72,6 +72,13 @@ final class PhabricatorPhurlURL extends PhabricatorPhurlDAO
return $uri;
}
public function isValid() {
$allowed_protocols = PhabricatorEnv::getEnvConfig('uri.allowed-protocols');
$uri = new PhutilURI($this->getLongURL());
return isset($allowed_protocols[$uri->getProtocol()]);
}
/* -( PhabricatorPolicyInterface )----------------------------------------- */