1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 22:10:55 +01:00

Add the ability to create a macro from a url

Test Plan: Enter in a url and create a macro. :)

Reviewers: epriestley

Reviewed By: epriestley

CC: epriestley, aran, dctrwatson, Korvin

Differential Revision: https://secure.phabricator.com/D5039
This commit is contained in:
Matt Robenolt 2013-02-21 12:43:39 -08:00 committed by epriestley
parent 3c989590bf
commit e6281c3db0
5 changed files with 70 additions and 9 deletions

View file

@ -58,6 +58,9 @@ return array(
// configuration file to directly set $_SERVER['HTTPS'] to the correct value.
'security.require-https' => false,
// Is Phabricator permitted to make outbound HTTP requests?
'security.allow-outbound-http' => true,
// -- Internationalization -------------------------------------------------- //

View file

@ -154,6 +154,18 @@ final class PhabricatorSecurityConfigOptions
"inline. This has mild security implications (you'll leak ".
"referrers to YouTube) and is pretty silly (but sort of ".
"awesome).")),
$this->newOption('security.allow-outbound-http', 'bool', true)
->setBoolOptions(
array(
pht("Allow"),
pht("Disallow"),
))
->setSummary(
pht("Allow outbound HTTP requests"))
->setDescription(
pht(
"If you enable this, you are allowing Phabricator to potentially ".
"make requests to external servers.")),
);
}

View file

@ -333,7 +333,12 @@ final class PhabricatorFile extends PhabricatorFileDAO
}
public static function newFromFileDownload($uri, array $params) {
public static function newFromFileDownload($uri, array $params = array()) {
// Make sure we're allowed to make a request first
if (!PhabricatorEnv::getEnvConfig('security.allow-outbound-http')) {
throw new Exception("Outbound HTTP requests are disabled!");
}
$uri = new PhutilURI($uri);
$protocol = $uri->getProtocol();
@ -352,6 +357,10 @@ final class PhabricatorFile extends PhabricatorFileDAO
->setTimeout($timeout)
->resolvex();
$params = $params + array(
'name' => basename($uri),
);
return self::newFromFileData($file_data, $params);
}

View file

@ -24,6 +24,7 @@ final class PhabricatorMacroEditController
$e_name = true;
$e_file = true;
$file = null;
$can_fetch = PhabricatorEnv::getEnvConfig('security.allow-outbound-http');
$request = $this->getRequest();
$user = $request->getUser();
@ -57,6 +58,17 @@ final class PhabricatorMacroEditController
'name' => $request->getStr('name'),
'authorPHID' => $user->getPHID(),
));
} else if ($request->getStr('url')) {
try {
$file = PhabricatorFile::newFromFileDownload(
$request->getStr('url'),
array(
'name' => $request->getStr('name'),
'authorPHID' => $user->getPHID(),
));
} catch (Exception $ex) {
$errors[] = pht('Could not fetch URL: %s', $ex->getMessage());
}
} else if ($request->getStr('phid')) {
$file = id(new PhabricatorFile())->loadOneWhere(
'phid = %s',
@ -167,6 +179,15 @@ final class PhabricatorMacroEditController
$other_label = pht('File');
}
if ($can_fetch) {
$form->appendChild(
id(new AphrontFormTextControl())
->setLabel(pht('URL'))
->setName('url')
->setValue($request->getStr('url'))
->setError($e_file));
}
$form->appendChild(
id(new AphrontFormFileControl())
->setLabel($other_label)
@ -221,7 +242,18 @@ final class PhabricatorMacroEditController
$upload_form = id(new AphrontFormView())
->setFlexible(true)
->setEncType('multipart/form-data')
->setUser($request->getUser())
->setUser($request->getUser());
if ($can_fetch) {
$upload_form
->appendChild(
id(new AphrontFormTextControl())
->setLabel(pht('URL'))
->setName('url')
->setValue($request->getStr('url')));
}
$upload_form
->appendChild(
id(new AphrontFormFileControl())
->setLabel(pht('File'))

View file

@ -205,17 +205,22 @@ final class PhabricatorSettingsPanelProfile
->setLabel('Change Image')
->setName('image')
->setError($e_image)
->setCaption('Supported formats: '.implode(', ', $supported_formats)))
->appendChild(
->setCaption(
'Supported formats: '.implode(', ', $supported_formats)));
if (PhabricatorEnv::getEnvConfig('security.allow-outbound-http')) {
$form->appendChild(
id(new AphrontFormTextControl())
->setLabel('Import Gravatar')
->setName('gravatar')
->setError($e_image)
->setCaption('Enter gravatar email address'))
->appendChild(
id(new AphrontFormSubmitControl())
->setValue('Save')
->addCancelButton('/p/'.$user->getUsername().'/'));
->setCaption('Enter gravatar email address'));
}
$form->appendChild(
id(new AphrontFormSubmitControl())
->setValue('Save')
->addCancelButton('/p/'.$user->getUsername().'/'));
$panel = new AphrontPanelView();
$panel->setHeader('Edit Profile Details');