Use RepositoryQuery along common pathways

Summary: Ref T603. Make common repository queries (in Conduit and DiffusionRequest) policy-aware. These tend to get caugh by something else anyway, but tighten them up. Test Plan: The conduit change already provided `user` everywhere. I verified that and browsed some pages. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7060
2024-11-10 00:42:41 +01:00 · 2013-09-21 16:24:08 -07:00 · 2013-09-21 16:24:08 -07:00 · a09616858b
commit a09616858b
parent e7a7e43104
2 changed files with 20 additions and 9 deletions
--- a/src/applications/diffusion/conduit/ConduitAPI_diffusion_abstractquery_Method.php
+++ b/src/applications/diffusion/conduit/ConduitAPI_diffusion_abstractquery_Method.php
@ -43,9 +43,10 @@ abstract class ConduitAPI_diffusion_abstractquery_Method
        $this->repository = $this->getDiffusionRequest()->getRepository();
      } else {
        $callsign = $request->getValue('callsign');
-        $repository = id(new PhabricatorRepository())->loadOneWhere(
-          'callsign = %s',
-          $callsign);
+        $repository = id(new PhabricatorRepositoryQuery())
+          ->setViewer($request->getUser())
+          ->withCallsigns(array($callsign))
+          ->executeOne();
        if (!$repository) {
          throw new ConduitException('ERR-UNKNOWN-REPOSITORY');
        }
--- a/src/applications/diffusion/request/DiffusionRequest.php
+++ b/src/applications/diffusion/request/DiffusionRequest.php
@ -46,6 +46,7 @@ abstract class DiffusionRequest {
   * Parameters are:
   *
   *   - `callsign` Repository callsign. Provide this or `repository`.
+   *   - `user` Viewing user. Required if `callsign` is provided.
   *   - `repository` Repository object. Provide this or `callsign`.
   *   - `branch` Optional, branch name.
   *   - `path` Optional, file path.
@ -63,14 +64,19 @@ abstract class DiffusionRequest {
    } else if (!isset($data['repository']) && !isset($data['callsign'])) {
      throw new Exception(
        "One of 'repository' and 'callsign' is required.");
+    } else if (isset($data['callsign']) && empty($data['user'])) {
+      throw new Exception(
+        "Parameter 'user' is required if 'callsign' is provided.");
    }

    if (isset($data['repository'])) {
      $object = self::newFromRepository($data['repository']);
    } else {
-      $object = self::newFromCallsign($data['callsign']);
+      $object = self::newFromCallsign($data['callsign'], $data['user']);
    }
+
    $object->initializeFromDictionary($data);
+
    return $object;
  }

@ -89,7 +95,7 @@ abstract class DiffusionRequest {
    AphrontRequest $request) {

    $callsign = phutil_unescape_uri_path_component(idx($data, 'callsign'));
-    $object = self::newFromCallsign($callsign);
+    $object = self::newFromCallsign($callsign, $request->getUser());

    $use_branches = $object->getSupportsBranches();
    $parsed = self::parseRequestBlob(idx($data, 'dblob'), $use_branches);
@ -115,14 +121,18 @@ abstract class DiffusionRequest {
   * Internal. Use @{method:newFromDictionary}, not this method.
   *
   * @param   string              Repository callsign.
+   * @param   PhabricatorUser     Viewing user.
   * @return  DiffusionRequest    New request object.
   * @task new
   */
-  final private static function newFromCallsign($callsign) {
-    $repository = id(new PhabricatorRepository())->loadOneWhere(
-      'callsign = %s',
-      $callsign);
+  final private static function newFromCallsign(
+    $callsign,
+    PhabricatorUser $viewer) {

+    $repository = id(new PhabricatorRepositoryQuery())
+      ->setViewer($viewer)
+      ->withCallsigns(array($callsign))
+      ->executeOne();
    if (!$repository) {
      throw new Exception("No such repository '{$callsign}'.");
    }