mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-27 01:02:42 +01:00
Use RepositoryQuery along common pathways
Summary: Ref T603. Make common repository queries (in Conduit and DiffusionRequest) policy-aware. These tend to get caugh by something else anyway, but tighten them up. Test Plan: The conduit change already provided `user` everywhere. I verified that and browsed some pages. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7060
This commit is contained in:
parent
e7a7e43104
commit
a09616858b
2 changed files with 20 additions and 9 deletions
|
@ -43,9 +43,10 @@ abstract class ConduitAPI_diffusion_abstractquery_Method
|
||||||
$this->repository = $this->getDiffusionRequest()->getRepository();
|
$this->repository = $this->getDiffusionRequest()->getRepository();
|
||||||
} else {
|
} else {
|
||||||
$callsign = $request->getValue('callsign');
|
$callsign = $request->getValue('callsign');
|
||||||
$repository = id(new PhabricatorRepository())->loadOneWhere(
|
$repository = id(new PhabricatorRepositoryQuery())
|
||||||
'callsign = %s',
|
->setViewer($request->getUser())
|
||||||
$callsign);
|
->withCallsigns(array($callsign))
|
||||||
|
->executeOne();
|
||||||
if (!$repository) {
|
if (!$repository) {
|
||||||
throw new ConduitException('ERR-UNKNOWN-REPOSITORY');
|
throw new ConduitException('ERR-UNKNOWN-REPOSITORY');
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,6 +46,7 @@ abstract class DiffusionRequest {
|
||||||
* Parameters are:
|
* Parameters are:
|
||||||
*
|
*
|
||||||
* - `callsign` Repository callsign. Provide this or `repository`.
|
* - `callsign` Repository callsign. Provide this or `repository`.
|
||||||
|
* - `user` Viewing user. Required if `callsign` is provided.
|
||||||
* - `repository` Repository object. Provide this or `callsign`.
|
* - `repository` Repository object. Provide this or `callsign`.
|
||||||
* - `branch` Optional, branch name.
|
* - `branch` Optional, branch name.
|
||||||
* - `path` Optional, file path.
|
* - `path` Optional, file path.
|
||||||
|
@ -63,14 +64,19 @@ abstract class DiffusionRequest {
|
||||||
} else if (!isset($data['repository']) && !isset($data['callsign'])) {
|
} else if (!isset($data['repository']) && !isset($data['callsign'])) {
|
||||||
throw new Exception(
|
throw new Exception(
|
||||||
"One of 'repository' and 'callsign' is required.");
|
"One of 'repository' and 'callsign' is required.");
|
||||||
|
} else if (isset($data['callsign']) && empty($data['user'])) {
|
||||||
|
throw new Exception(
|
||||||
|
"Parameter 'user' is required if 'callsign' is provided.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($data['repository'])) {
|
if (isset($data['repository'])) {
|
||||||
$object = self::newFromRepository($data['repository']);
|
$object = self::newFromRepository($data['repository']);
|
||||||
} else {
|
} else {
|
||||||
$object = self::newFromCallsign($data['callsign']);
|
$object = self::newFromCallsign($data['callsign'], $data['user']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$object->initializeFromDictionary($data);
|
$object->initializeFromDictionary($data);
|
||||||
|
|
||||||
return $object;
|
return $object;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -89,7 +95,7 @@ abstract class DiffusionRequest {
|
||||||
AphrontRequest $request) {
|
AphrontRequest $request) {
|
||||||
|
|
||||||
$callsign = phutil_unescape_uri_path_component(idx($data, 'callsign'));
|
$callsign = phutil_unescape_uri_path_component(idx($data, 'callsign'));
|
||||||
$object = self::newFromCallsign($callsign);
|
$object = self::newFromCallsign($callsign, $request->getUser());
|
||||||
|
|
||||||
$use_branches = $object->getSupportsBranches();
|
$use_branches = $object->getSupportsBranches();
|
||||||
$parsed = self::parseRequestBlob(idx($data, 'dblob'), $use_branches);
|
$parsed = self::parseRequestBlob(idx($data, 'dblob'), $use_branches);
|
||||||
|
@ -115,14 +121,18 @@ abstract class DiffusionRequest {
|
||||||
* Internal. Use @{method:newFromDictionary}, not this method.
|
* Internal. Use @{method:newFromDictionary}, not this method.
|
||||||
*
|
*
|
||||||
* @param string Repository callsign.
|
* @param string Repository callsign.
|
||||||
|
* @param PhabricatorUser Viewing user.
|
||||||
* @return DiffusionRequest New request object.
|
* @return DiffusionRequest New request object.
|
||||||
* @task new
|
* @task new
|
||||||
*/
|
*/
|
||||||
final private static function newFromCallsign($callsign) {
|
final private static function newFromCallsign(
|
||||||
$repository = id(new PhabricatorRepository())->loadOneWhere(
|
$callsign,
|
||||||
'callsign = %s',
|
PhabricatorUser $viewer) {
|
||||||
$callsign);
|
|
||||||
|
|
||||||
|
$repository = id(new PhabricatorRepositoryQuery())
|
||||||
|
->setViewer($viewer)
|
||||||
|
->withCallsigns(array($callsign))
|
||||||
|
->executeOne();
|
||||||
if (!$repository) {
|
if (!$repository) {
|
||||||
throw new Exception("No such repository '{$callsign}'.");
|
throw new Exception("No such repository '{$callsign}'.");
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue