revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-02-23 12:09:12 +01:00
Code Issues Releases Wiki Activity

Update Conduit for handleRequest

Browse source 
Summary: Ref T8628. Updates Conduit for handleRequest

Test Plan: Use Conduit, test list, method calls, try a query, post this diff.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T8628

Differential Revision: https://secure.phabricator.com/D14265
This commit is contained in:
Chad Little 2015-10-18 16:07:07 -07:00
parent 4782491470
commit a8e9da4a56
6 changed files with 18 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/applications/conduit/controller/PhabricatorConduitAPIController.php
View file

@ -7,18 +7,9 @@ final class PhabricatorConduitAPIController
return false; return false;
} }
private $method; public function handleRequest(AphrontRequest $request) {
$method = $request->getURIData('method');
public function willProcessRequest(array $data) {
$this->method = $data['method'];
return $this;
}
public function processRequest() {
$time_start = microtime(true); $time_start = microtime(true);
$request = $this->getRequest();
$method = $this->method;
$api_request = null; $api_request = null;
$method_implementation = null; $method_implementation = null;
@ -55,7 +46,7 @@ final class PhabricatorConduitAPIController
$conduit_username = '-'; $conduit_username = '-';
if ($call->shouldRequireAuthentication()) { if ($call->shouldRequireAuthentication()) {
$metadata['scope'] = $call->getRequiredScope(); $metadata['scope'] = $call->getRequiredScope();
$auth_error = $this->authenticateUser($api_request, $metadata); $auth_error = $this->authenticateUser($api_request, $metadata, $method);
// If we've explicitly authenticated the user here and either done // If we've explicitly authenticated the user here and either done
// CSRF validation or are using a non-web authentication mechanism. // CSRF validation or are using a non-web authentication mechanism.
$allow_unguarded_writes = true; $allow_unguarded_writes = true;
@ -169,7 +160,8 @@ final class PhabricatorConduitAPIController
*/ */
private function authenticateUser( private function authenticateUser(
ConduitAPIRequest $api_request, ConduitAPIRequest $api_request,
array $metadata) { array $metadata,
$method) {
$request = $this->getRequest(); $request = $this->getRequest();
@ -207,7 +199,7 @@ final class PhabricatorConduitAPIController
unset($protocol_data['scope']); unset($protocol_data['scope']);
ConduitClient::verifySignature( ConduitClient::verifySignature(
$this->method, $method,
$api_request->getAllParameters(), $api_request->getAllParameters(),
$protocol_data, $protocol_data,
$ssl_public_key); $ssl_public_key);

10
src/applications/conduit/controller/PhabricatorConduitListController.php
View file

@ -3,19 +3,13 @@
final class PhabricatorConduitListController final class PhabricatorConduitListController
extends PhabricatorConduitController { extends PhabricatorConduitController {
private $queryKey;
public function shouldAllowPublic() { public function shouldAllowPublic() {
return true; return true;
} }
public function willProcessRequest(array $data) { public function handleRequest(AphrontRequest $request) {
$this->queryKey = idx($data, 'queryKey');
}
public function processRequest() {
$controller = id(new PhabricatorApplicationSearchController()) $controller = id(new PhabricatorApplicationSearchController())
->setQueryKey($this->queryKey) ->setQueryKey($request->getURIData('queryKey'))
->setSearchEngine(new PhabricatorConduitSearchEngine()) ->setSearchEngine(new PhabricatorConduitSearchEngine())
->setNavigation($this->buildSideNavView()); ->setNavigation($this->buildSideNavView());
return $this->delegateToController($controller); return $this->delegateToController($controller);

5
src/applications/conduit/controller/PhabricatorConduitLogController.php
View file

@ -3,9 +3,8 @@
final class PhabricatorConduitLogController final class PhabricatorConduitLogController
extends PhabricatorConduitController { extends PhabricatorConduitController {
public function processRequest() { public function handleRequest(AphrontRequest $request) {
$request = $this->getRequest(); $viewer = $request->getViewer();
$viewer = $request->getUser();
$conn_table = new PhabricatorConduitConnectionLog(); $conn_table = new PhabricatorConduitConnectionLog();
$call_table = new PhabricatorConduitMethodCallLog(); $call_table = new PhabricatorConduitMethodCallLog();

12
src/applications/conduit/controller/PhabricatorConduitTokenController.php
View file

@ -3,11 +3,11 @@
final class PhabricatorConduitTokenController final class PhabricatorConduitTokenController
extends PhabricatorConduitController { extends PhabricatorConduitController {
public function processRequest() { public function handleRequest(AphrontRequest $request) {
$user = $this->getRequest()->getUser(); $viewer = $request->getViewer();
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession( id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
$user, $viewer,
$this->getRequest(), $this->getRequest(),
'/'); '/');
@ -19,13 +19,13 @@ final class PhabricatorConduitTokenController
$old_token = id(new PhabricatorConduitCertificateToken()) $old_token = id(new PhabricatorConduitCertificateToken())
->loadOneWhere( ->loadOneWhere(
'userPHID = %s', 'userPHID = %s',
$user->getPHID()); $viewer->getPHID());
if ($old_token) { if ($old_token) {
$old_token->delete(); $old_token->delete();
} }
$token = id(new PhabricatorConduitCertificateToken()) $token = id(new PhabricatorConduitCertificateToken())
->setUserPHID($user->getPHID()) ->setUserPHID($viewer->getPHID())
->setToken(Filesystem::readRandomCharacters(40)) ->setToken(Filesystem::readRandomCharacters(40))
->save(); ->save();
@ -42,7 +42,7 @@ final class PhabricatorConduitTokenController
Javelin::initBehavior('select-on-click'); Javelin::initBehavior('select-on-click');
$form = id(new AphrontFormView()) $form = id(new AphrontFormView())
->setUser($user) ->setUser($viewer)
->appendRemarkupInstructions($pre_instructions) ->appendRemarkupInstructions($pre_instructions)
->appendChild( ->appendChild(
id(new AphrontFormTextAreaControl()) id(new AphrontFormTextAreaControl())

2
src/applications/conduit/controller/PhabricatorConduitTokenEditController.php
View file

@ -5,8 +5,8 @@ final class PhabricatorConduitTokenEditController
public function handleRequest(AphrontRequest $request) { public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer(); $viewer = $request->getViewer();
$id = $request->getURIData('id'); $id = $request->getURIData('id');
if ($id) { if ($id) {
$token = id(new PhabricatorConduitTokenQuery()) $token = id(new PhabricatorConduitTokenQuery())
->setViewer($viewer) ->setViewer($viewer)

2
src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php
View file

@ -5,9 +5,9 @@ final class PhabricatorConduitTokenTerminateController
public function handleRequest(AphrontRequest $request) { public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer(); $viewer = $request->getViewer();
$object_phid = $request->getStr('objectPHID'); $object_phid = $request->getStr('objectPHID');
$id = $request->getURIData('id'); $id = $request->getURIData('id');
if ($id) { if ($id) {
$token = id(new PhabricatorConduitTokenQuery()) $token = id(new PhabricatorConduitTokenQuery())
->setViewer($viewer) ->setViewer($viewer)