mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-23 07:12:41 +01:00
Use RepositoryQuery along common pathways
Summary: Ref T603. Make common repository queries (in Conduit and DiffusionRequest) policy-aware. These tend to get caugh by something else anyway, but tighten them up. Test Plan: The conduit change already provided `user` everywhere. I verified that and browsed some pages. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7060
This commit is contained in:
parent
e7a7e43104
commit
a09616858b
2 changed files with 20 additions and 9 deletions
|
@ -43,9 +43,10 @@ abstract class ConduitAPI_diffusion_abstractquery_Method
|
|||
$this->repository = $this->getDiffusionRequest()->getRepository();
|
||||
} else {
|
||||
$callsign = $request->getValue('callsign');
|
||||
$repository = id(new PhabricatorRepository())->loadOneWhere(
|
||||
'callsign = %s',
|
||||
$callsign);
|
||||
$repository = id(new PhabricatorRepositoryQuery())
|
||||
->setViewer($request->getUser())
|
||||
->withCallsigns(array($callsign))
|
||||
->executeOne();
|
||||
if (!$repository) {
|
||||
throw new ConduitException('ERR-UNKNOWN-REPOSITORY');
|
||||
}
|
||||
|
|
|
@ -46,6 +46,7 @@ abstract class DiffusionRequest {
|
|||
* Parameters are:
|
||||
*
|
||||
* - `callsign` Repository callsign. Provide this or `repository`.
|
||||
* - `user` Viewing user. Required if `callsign` is provided.
|
||||
* - `repository` Repository object. Provide this or `callsign`.
|
||||
* - `branch` Optional, branch name.
|
||||
* - `path` Optional, file path.
|
||||
|
@ -63,14 +64,19 @@ abstract class DiffusionRequest {
|
|||
} else if (!isset($data['repository']) && !isset($data['callsign'])) {
|
||||
throw new Exception(
|
||||
"One of 'repository' and 'callsign' is required.");
|
||||
} else if (isset($data['callsign']) && empty($data['user'])) {
|
||||
throw new Exception(
|
||||
"Parameter 'user' is required if 'callsign' is provided.");
|
||||
}
|
||||
|
||||
if (isset($data['repository'])) {
|
||||
$object = self::newFromRepository($data['repository']);
|
||||
} else {
|
||||
$object = self::newFromCallsign($data['callsign']);
|
||||
$object = self::newFromCallsign($data['callsign'], $data['user']);
|
||||
}
|
||||
|
||||
$object->initializeFromDictionary($data);
|
||||
|
||||
return $object;
|
||||
}
|
||||
|
||||
|
@ -89,7 +95,7 @@ abstract class DiffusionRequest {
|
|||
AphrontRequest $request) {
|
||||
|
||||
$callsign = phutil_unescape_uri_path_component(idx($data, 'callsign'));
|
||||
$object = self::newFromCallsign($callsign);
|
||||
$object = self::newFromCallsign($callsign, $request->getUser());
|
||||
|
||||
$use_branches = $object->getSupportsBranches();
|
||||
$parsed = self::parseRequestBlob(idx($data, 'dblob'), $use_branches);
|
||||
|
@ -115,14 +121,18 @@ abstract class DiffusionRequest {
|
|||
* Internal. Use @{method:newFromDictionary}, not this method.
|
||||
*
|
||||
* @param string Repository callsign.
|
||||
* @param PhabricatorUser Viewing user.
|
||||
* @return DiffusionRequest New request object.
|
||||
* @task new
|
||||
*/
|
||||
final private static function newFromCallsign($callsign) {
|
||||
$repository = id(new PhabricatorRepository())->loadOneWhere(
|
||||
'callsign = %s',
|
||||
$callsign);
|
||||
final private static function newFromCallsign(
|
||||
$callsign,
|
||||
PhabricatorUser $viewer) {
|
||||
|
||||
$repository = id(new PhabricatorRepositoryQuery())
|
||||
->setViewer($viewer)
|
||||
->withCallsigns(array($callsign))
|
||||
->executeOne();
|
||||
if (!$repository) {
|
||||
throw new Exception("No such repository '{$callsign}'.");
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue