1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-03 11:21:01 +01:00

Policy - lock down DiffusionSymbolQuery repo-loading code

Summary: Ref T7094.

Test Plan: couldn't really test this - how does one get symbols going nowadays given they are acanist project based?

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7094

Differential Revision: https://secure.phabricator.com/D11584
This commit is contained in:
Bob Trahan 2015-01-31 18:36:36 -08:00
parent 352c36f0ab
commit e1dcbc4386
4 changed files with 25 additions and 7 deletions

View file

@ -37,7 +37,8 @@ final class DiffusionFindSymbolsConduitAPIMethod
$language = $request->getValue('language'); $language = $request->getValue('language');
$type = $request->getValue('type'); $type = $request->getValue('type');
$query = new DiffusionSymbolQuery(); $query = id(new DiffusionSymbolQuery())
->setViewer($request->getUser());
if ($name !== null) { if ($name !== null) {
$query->setName($name); $query->setName($name);
} }

View file

@ -8,8 +8,9 @@ final class DiffusionSymbolController extends DiffusionController {
$user = $request->getUser(); $user = $request->getUser();
$this->name = $request->getURIData('name'); $this->name = $request->getURIData('name');
$query = new DiffusionSymbolQuery(); $query = id(new DiffusionSymbolQuery())
$query->setName($this->name); ->setViewer($user)
->setName($this->name);
if ($request->getStr('context') !== null) { if ($request->getStr('context') !== null) {
$query->setContext($request->getStr('context')); $query->setContext($request->getStr('context'));

View file

@ -11,6 +11,7 @@
*/ */
final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery { final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery {
private $viewer;
private $context; private $context;
private $namePrefix; private $namePrefix;
private $name; private $name;
@ -26,6 +27,20 @@ final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery {
/* -( Configuring the Query )---------------------------------------------- */ /* -( Configuring the Query )---------------------------------------------- */
/**
* @task config
*/
public function setViewer(PhabricatorUser $viewer) {
$this->viewer = $viewer;
return $this;
}
/**
* @task config
*/
public function getViewer() {
return $this->viewer;
}
/** /**
* @task config * @task config
@ -263,10 +278,10 @@ final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery {
$repo_ids = array_filter($repo_ids); $repo_ids = array_filter($repo_ids);
if ($repo_ids) { if ($repo_ids) {
// TODO: (T603) Provide a viewer here. $repos = id(new PhabricatorRepositoryQuery())
$repos = id(new PhabricatorRepository())->loadAllWhere( ->setViewer($this->getViewer())
'id IN (%Ld)', ->withIDs($repo_ids)
$repo_ids); ->execute();
} else { } else {
$repos = array(); $repos = array();
} }

View file

@ -19,6 +19,7 @@ final class DiffusionSymbolDatasource
if (strlen($raw_query)) { if (strlen($raw_query)) {
$symbols = id(new DiffusionSymbolQuery()) $symbols = id(new DiffusionSymbolQuery())
->setViewer($viewer)
->setNamePrefix($raw_query) ->setNamePrefix($raw_query)
->setLimit(15) ->setLimit(15)
->needArcanistProjects(true) ->needArcanistProjects(true)