mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-01 19:22:42 +01:00
Break AphrontWriteGuard dependency on AphrontRequest
Summary: I want to move queryfx() and family to libphutil, for @chad and others (see T1283). We need to break a few dependencies to do this. Since AphrontWriteGuard is independently useful, I broke the dependency between it and AphrontRequest rather than between Connection and WriteGuard. I'll move its implementation to libphutil in a future diff. Test Plan: Loaded site, submitted CSRF form successfully, monkeyed with CSRF token, submitted CSRF form, got error. Reviewers: btrahan, vrana Reviewed By: vrana CC: aran Maniphest Tasks: T1283 Differential Revision: https://secure.phabricator.com/D3042
This commit is contained in:
parent
8213a70f3d
commit
d07934474e
2 changed files with 14 additions and 8 deletions
|
@ -51,7 +51,7 @@ final class AphrontWriteGuard {
|
||||||
private static $instance;
|
private static $instance;
|
||||||
private static $allowUnguardedWrites = false;
|
private static $allowUnguardedWrites = false;
|
||||||
|
|
||||||
private $request;
|
private $callback;
|
||||||
private $allowDepth = 0;
|
private $allowDepth = 0;
|
||||||
|
|
||||||
|
|
||||||
|
@ -63,18 +63,23 @@ final class AphrontWriteGuard {
|
||||||
* active at a time. You must explicitly call @{method:dispose} when you are
|
* active at a time. You must explicitly call @{method:dispose} when you are
|
||||||
* done with a write guard:
|
* done with a write guard:
|
||||||
*
|
*
|
||||||
* $guard = new AphrontWriteGuard();
|
* $guard = new AphrontWriteGuard($callback);
|
||||||
* // ...
|
* // ...
|
||||||
* $guard->dispose();
|
* $guard->dispose();
|
||||||
*
|
*
|
||||||
* Normally, you do not need to manage guards yourself -- the Aphront stack
|
* Normally, you do not need to manage guards yourself -- the Aphront stack
|
||||||
* handles it for you.
|
* handles it for you.
|
||||||
*
|
*
|
||||||
* @param AphrontRequest Request to read CSRF token information from.
|
* This class accepts a callback, which will be invoked when a write is
|
||||||
|
* attempted. The callback should validate the presence of a CSRF token in
|
||||||
|
* the request, or abort the request (e.g., by throwing an exception) if a
|
||||||
|
* valid token isn't present.
|
||||||
|
*
|
||||||
|
* @param callable CSRF callback.
|
||||||
* @return this
|
* @return this
|
||||||
* @task manage
|
* @task manage
|
||||||
*/
|
*/
|
||||||
public function __construct(AphrontRequest $request) {
|
public function __construct($callback) {
|
||||||
if (self::$instance) {
|
if (self::$instance) {
|
||||||
throw new Exception(
|
throw new Exception(
|
||||||
"An AphrontWriteGuard already exists. Dispose of the previous guard ".
|
"An AphrontWriteGuard already exists. Dispose of the previous guard ".
|
||||||
|
@ -86,7 +91,7 @@ final class AphrontWriteGuard {
|
||||||
"unguarded writes unconditionally. This is not allowed and indicates ".
|
"unguarded writes unconditionally. This is not allowed and indicates ".
|
||||||
"a serious error.");
|
"a serious error.");
|
||||||
}
|
}
|
||||||
$this->request = $request;
|
$this->callback = $callback;
|
||||||
self::$instance = $this;
|
self::$instance = $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -154,9 +159,8 @@ final class AphrontWriteGuard {
|
||||||
}
|
}
|
||||||
|
|
||||||
$instance = self::$instance;
|
$instance = self::$instance;
|
||||||
|
|
||||||
if ($instance->allowDepth == 0) {
|
if ($instance->allowDepth == 0) {
|
||||||
$instance->request->validateCSRF();
|
call_user_func($instance->callback);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -256,6 +260,8 @@ final class AphrontWriteGuard {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* When the object is destroyed, make sure @{method:dispose} was called.
|
* When the object is destroyed, make sure @{method:dispose} was called.
|
||||||
|
*
|
||||||
|
* @task internal
|
||||||
*/
|
*/
|
||||||
public function __destruct() {
|
public function __destruct() {
|
||||||
if (isset(self::$instance)) {
|
if (isset(self::$instance)) {
|
||||||
|
|
|
@ -145,7 +145,7 @@ $application->setPath($path);
|
||||||
$application->willBuildRequest();
|
$application->willBuildRequest();
|
||||||
$request = $application->buildRequest();
|
$request = $application->buildRequest();
|
||||||
|
|
||||||
$write_guard = new AphrontWriteGuard($request);
|
$write_guard = new AphrontWriteGuard(array($request, 'validateCSRF'));
|
||||||
PhabricatorEventEngine::initialize();
|
PhabricatorEventEngine::initialize();
|
||||||
|
|
||||||
$application->setRequest($request);
|
$application->setRequest($request);
|
||||||
|
|
Loading…
Reference in a new issue