Don't show client IP in push logs unless viewer can edit the repository

Summary: This locks push logs down a little bit and makes them slightly more administrative. Primarily, don't show IPs to googlebot, etc. Test Plan: Viewed push logs as edit and non-edit users. Reviewers: btrahan Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D7722
2024-09-20 09:18:48 +02:00 · 2013-12-05 17:01:07 -08:00 · 2013-12-05 17:01:07 -08:00 · a1f3233481
commit a1f3233481
parent faaaff0b6f
1 changed files with 39 additions and 5 deletions
--- a/src/applications/diffusion/controller/DiffusionPushLogListController.php
+++ b/src/applications/diffusion/controller/DiffusionPushLogListController.php
@ -30,8 +30,34 @@ final class DiffusionPushLogListController extends DiffusionController

    $this->loadHandles(mpull($logs, 'getPusherPHID'));

+    // Figure out which repositories are editable. We only let you see remote
+    // IPs if you have edit capability on a repository.
+    $editable_repos = array();
+    if ($logs) {
+      $editable_repos = id(new PhabricatorRepositoryQuery())
+        ->setViewer($viewer)
+        ->requireCapabilities(
+          array(
+            PhabricatorPolicyCapability::CAN_VIEW,
+            PhabricatorPolicyCapability::CAN_EDIT,
+          ))
+        ->withPHIDs(mpull($logs, 'getRepositoryPHID'))
+        ->execute();
+      $editable_repos = mpull($editable_repos, null, 'getPHID');
+    }
+
    $rows = array();
    foreach ($logs as $log) {
+
+      // Reveal this if it's valid and the user can edit the repository.
+      $remote_addr = '-';
+      if (isset($editable_repos[$log->getRepositoryPHID()])) {
+        $remote_long = $log->getRemoteAddress();
+        if ($remote_long) {
+          $remote_addr = long2ip($remote_long);
+        }
+      }
+
      $callsign = $log->getRepository()->getCallsign();
      $rows[] = array(
        phutil_tag(
@ -41,14 +67,22 @@ final class DiffusionPushLogListController extends DiffusionController
          ),
          $callsign),
        $this->getHandle($log->getPusherPHID())->renderLink(),
-        $log->getRemoteAddress()
-          ? long2ip($log->getRemoteAddress())
-          : null,
+        $remote_addr,
        $log->getRemoteProtocol(),
        $log->getRefType(),
        $log->getRefName(),
-        $log->getRefOldShort(),
-        $log->getRefNewShort(),
+        phutil_tag(
+          'a',
+          array(
+            'href' => '/r'.$callsign.$log->getRefOld(),
+          ),
+          $log->getRefOldShort()),
+        phutil_tag(
+          'a',
+          array(
+            'href' => '/r'.$callsign.$log->getRefNew(),
+          ),
+          $log->getRefNewShort()),
        phabricator_datetime($log->getEpoch(), $viewer),
      );
    }