Add a generic PHID-based object redirection controller

Summary: Ref T13151. See PHI647. This allows us to link to any object by PHID, without disclosing information in the monogram (like `#fire-steve`). This capability is relevant when building "secure mail", to provide a link to the object regardless of whether the monogram discloses information or not. Test Plan: Visited `/object/D123/` (redirect), `/object/xyz/` (404), `/object/PHID-DREV-.../` (redirect). Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13151 Differential Revision: https://secure.phabricator.com/D19487
2025-01-11 07:11:04 +01:00 · 2018-06-12 07:46:50 -07:00 · 2018-06-12 07:46:50 -07:00 · 94752278f4
commit 94752278f4
parent cbff913432
3 changed files with 42 additions and 0 deletions
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@ -4451,6 +4451,7 @@ phutil_register_library_map(array(
    'PhabricatorSystemDAO' => 'applications/system/storage/PhabricatorSystemDAO.php',
    'PhabricatorSystemDestructionGarbageCollector' => 'applications/system/garbagecollector/PhabricatorSystemDestructionGarbageCollector.php',
    'PhabricatorSystemDestructionLog' => 'applications/system/storage/PhabricatorSystemDestructionLog.php',
+    'PhabricatorSystemObjectController' => 'applications/system/controller/PhabricatorSystemObjectController.php',
    'PhabricatorSystemReadOnlyController' => 'applications/system/controller/PhabricatorSystemReadOnlyController.php',
    'PhabricatorSystemRemoveDestroyWorkflow' => 'applications/system/management/PhabricatorSystemRemoveDestroyWorkflow.php',
    'PhabricatorSystemRemoveLogWorkflow' => 'applications/system/management/PhabricatorSystemRemoveLogWorkflow.php',
@ -10406,6 +10407,7 @@ phutil_register_library_map(array(
    'PhabricatorSystemDAO' => 'PhabricatorLiskDAO',
    'PhabricatorSystemDestructionGarbageCollector' => 'PhabricatorGarbageCollector',
    'PhabricatorSystemDestructionLog' => 'PhabricatorSystemDAO',
+    'PhabricatorSystemObjectController' => 'PhabricatorController',
    'PhabricatorSystemReadOnlyController' => 'PhabricatorController',
    'PhabricatorSystemRemoveDestroyWorkflow' => 'PhabricatorSystemRemoveWorkflow',
    'PhabricatorSystemRemoveLogWorkflow' => 'PhabricatorSystemRemoveWorkflow',
--- a/src/applications/system/application/PhabricatorSystemApplication.php
+++ b/src/applications/system/application/PhabricatorSystemApplication.php
@ -26,6 +26,7 @@ final class PhabricatorSystemApplication extends PhabricatorApplication {
      '/readonly/' => array(
        '(?P<reason>[^/]+)/' => 'PhabricatorSystemReadOnlyController',
      ),
+      '/object/(?P<name>[^/]+)/' => 'PhabricatorSystemObjectController',
    );
  }

--- a/src/applications/system/controller/PhabricatorSystemObjectController.php
+++ b/src/applications/system/controller/PhabricatorSystemObjectController.php
@ -0,0 +1,39 @@
+<?php
+
+final class PhabricatorSystemObjectController
+  extends PhabricatorController {
+
+  public function shouldAllowPublic() {
+    return true;
+  }
+
+  public function handleRequest(AphrontRequest $request) {
+    $viewer = $this->getViewer();
+    $name = $request->getURIData('name');
+
+    $object = id(new PhabricatorObjectQuery())
+      ->setViewer($viewer)
+      ->withNames(array($name))
+      ->executeOne();
+    if (!$object) {
+      return new Aphront404Response();
+    }
+
+    $phid = $object->getPHID();
+    $handles = $viewer->loadHandles(array($phid));
+    $handle = $handles[$phid];
+
+    $object_uri = $handle->getURI();
+    if (!strlen($object_uri)) {
+      return $this->newDialog()
+        ->setTitle(pht('No Object URI'))
+        ->appendParagraph(
+          pht(
+            'Object "%s" exists, but does not have a URI to redirect to.',
+            $name))
+        ->addCancelButton('/', pht('Done'));
+    }
+
+    return id(new AphrontRedirectResponse())->setURI($object_uri);
+  }
+}