revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-19 05:12:41 +01:00
Code Issues Releases Wiki Activity

Lockdown tool directory editing to administrators

Browse source 
Summary:
Someone has "defaced" secure.phabricator.com with a helpful suggestion that I
actually do this; fair enough. :P

Test Plan:
Logged in as myself, unable to edit directory information. Logged out, logged in
as admin, was able to edit directory information.

I need to fix some more CSS stuff since some of these tabs render out hideous in
the admin background, but I can followup with that.

Reviewed By: tuomaspelkonen
Reviewers: aran, jungejason, tuomaspelkonen
Commenters: aran
CC: aran, tuomaspelkonen, epriestley
Differential Revision: 296
This commit is contained in:
epriestley 2011-05-17 10:59:26 -07:00
parent 84731e8f00
commit f72c1acc63
7 changed files with 134 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
src/applications/directory/controller/base/PhabricatorDirectoryController.php
View file

@ -18,18 +18,27 @@
abstract class PhabricatorDirectoryController extends PhabricatorController { abstract class PhabricatorDirectoryController extends PhabricatorController {
public function shouldRequireAdmin() {
// Most controllers here are admin-only, so default to locking them down.
return true;
}
public function buildStandardPageResponse($view, array $data) { public function buildStandardPageResponse($view, array $data) {
$page = $this->buildStandardPageView(); $page = $this->buildStandardPageView();
$page->setApplicationName('Directory'); $page->setApplicationName('Directory');
$page->setBaseURI('/'); $page->setBaseURI('/');
$page->setTitle(idx($data, 'title')); $page->setTitle(idx($data, 'title'));
$page->setTabs(
array( $tabs = array(
'directory' => array( 'directory' => array(
'href' => '/', 'href' => '/',
'name' => 'Directory', 'name' => 'Directory',
), ),
);
if ($this->getRequest()->getUser()->getIsAdmin()) {
$tabs += array(
'categories' => array( 'categories' => array(
'href' => '/directory/category/', 'href' => '/directory/category/',
'name' => 'Categories', 'name' => 'Categories',
@ -38,7 +47,11 @@ abstract class PhabricatorDirectoryController extends PhabricatorController {
'href' => '/directory/item/', 'href' => '/directory/item/',
'name' => 'Items', 'name' => 'Items',
), ),
), );
}
$page->setTabs(
$tabs,
idx($data, 'tab')); idx($data, 'tab'));
$page->setGlyph("\xE2\x9A\x92"); $page->setGlyph("\xE2\x9A\x92");
$page->appendChild($view); $page->appendChild($view);

6
src/applications/directory/controller/main/PhabricatorDirectoryMainController.php
View file

@ -19,6 +19,12 @@
class PhabricatorDirectoryMainController class PhabricatorDirectoryMainController
extends PhabricatorDirectoryController { extends PhabricatorDirectoryController {
public function shouldRequireAdmin() {
// These controllers are admin-only by default, but this one is public,
// so allow non-admin users to view it.
return false;
}
public function processRequest() { public function processRequest() {

54
src/applications/people/controller/list/PhabricatorPeopleListController.php
View file

@ -42,18 +42,7 @@ class PhabricatorPeopleListController extends PhabricatorPeopleController {
$rows = array(); $rows = array();
foreach ($users as $user) { foreach ($users as $user) {
$cols = array();
$cols[] = date('M jS, Y', $user->getDateCreated());
$cols[] = date('g:i:s A', $user->getDateCreated());
$cols[] = phutil_render_tag(
'a',
array(
'href' => '/p/'.$user->getUsername().'/',
),
phutil_escape_html($user->getUserName()));
$cols[] = phutil_escape_html($user->getRealName());
if ($is_admin) {
$status = ''; $status = '';
if ($user->getIsDisabled()) { if ($user->getIsDisabled()) {
$status = 'Disabled'; $status = 'Disabled';
@ -62,21 +51,29 @@ class PhabricatorPeopleListController extends PhabricatorPeopleController {
} else { } else {
$status = '-'; $status = '-';
} }
$cols[] = $status;
$cols[] = phutil_render_tag( $rows[] = array(
date('M jS, Y', $user->getDateCreated()),
date('g:i:s A', $user->getDateCreated()),
phutil_render_tag(
'a',
array(
'href' => '/p/'.$user->getUsername().'/',
),
phutil_escape_html($user->getUserName())),
phutil_escape_html($user->getRealName()),
$status,
phutil_render_tag(
'a', 'a',
array( array(
'class' => 'button grey small', 'class' => 'button grey small',
'href' => '/people/edit/'.$user->getID().'/', 'href' => '/people/edit/'.$user->getID().'/',
), ),
'Administrate User'); 'Administrate User'),
} );
$rows[] = $cols;
} }
$table = new AphrontTableView($rows); $table = new AphrontTableView($rows);
if ($is_admin) {
$table->setHeaders( $table->setHeaders(
array( array(
'Join Date', 'Join Date',
@ -95,22 +92,15 @@ class PhabricatorPeopleListController extends PhabricatorPeopleController {
null, null,
'action', 'action',
)); ));
} else { $table->setColumnVisibility(
$table->setHeaders(
array( array(
'Join Date', true,
'Time', true,
'Username', true,
'Real Name', true,
$is_admin,
$is_admin,
)); ));
$table->setColumnClasses(
array(
null,
'right',
'pri',
'wide',
));
}
$panel = new AphrontPanelView(); $panel = new AphrontPanelView();
$panel->setHeader('People ('.number_format($count).')'); $panel->setHeader('People ('.number_format($count).')');

5
src/applications/repository/controller/base/PhabricatorRepositoryController.php
View file

@ -18,6 +18,11 @@
abstract class PhabricatorRepositoryController extends PhabricatorController { abstract class PhabricatorRepositoryController extends PhabricatorController {
public function shouldRequireAdmin() {
// Most of these controllers are admin-only.
return true;
}
public function buildStandardPageResponse($view, array $data) { public function buildStandardPageResponse($view, array $data) {
$page = $this->buildStandardPageView(); $page = $this->buildStandardPageView();

4
src/applications/repository/controller/github-post-receive/PhabricatorRepositoryGitHubPostReceiveController.php
View file

@ -20,6 +20,10 @@
class PhabricatorRepositoryGitHubPostReceiveController class PhabricatorRepositoryGitHubPostReceiveController
extends PhabricatorRepositoryController { extends PhabricatorRepositoryController {
public function shouldRequireAdmin() {
return false;
}
public function shouldRequireLogin() { public function shouldRequireLogin() {
return false; return false;
} }

26
src/applications/repository/controller/list/PhabricatorRepositoryListController.php
View file

@ -19,9 +19,16 @@
class PhabricatorRepositoryListController class PhabricatorRepositoryListController
extends PhabricatorRepositoryController { extends PhabricatorRepositoryController {
public function shouldRequireAdmin() {
return false;
}
public function processRequest() { public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
$is_admin = $user->getIsAdmin();
$repos = id(new PhabricatorRepository())->loadAll(); $repos = id(new PhabricatorRepository())->loadAll();
$rows = array(); $rows = array();
@ -82,9 +89,21 @@ class PhabricatorRepositoryListController
'action', 'action',
)); ));
$table->setColumnVisibility(
array(
true,
true,
true,
true,
$is_admin,
$is_admin,
));
$panel = new AphrontPanelView(); $panel = new AphrontPanelView();
$panel->setHeader('Repositories'); $panel->setHeader('Repositories');
if ($is_admin) {
$panel->setCreateButton('Create New Repository', '/repository/create/'); $panel->setCreateButton('Create New Repository', '/repository/create/');
}
$panel->appendChild($table); $panel->appendChild($table);
$projects = id(new PhabricatorRepositoryArcanistProject())->loadAll(); $projects = id(new PhabricatorRepositoryArcanistProject())->loadAll();
@ -125,6 +144,13 @@ class PhabricatorRepositoryListController
'action', 'action',
)); ));
$project_table->setColumnVisibility(
array(
true,
true,
$is_admin,
));
$project_panel = new AphrontPanelView(); $project_panel = new AphrontPanelView();
$project_panel->setHeader('Arcanist Projects'); $project_panel->setHeader('Arcanist Projects');
$project_panel->appendChild($project_table); $project_panel->appendChild($project_table);

22
src/view/control/table/AphrontTableView.php
View file

@ -25,6 +25,7 @@ class AphrontTableView extends AphrontView {
protected $zebraStripes = true; protected $zebraStripes = true;
protected $noDataString; protected $noDataString;
protected $className; protected $className;
protected $columnVisibility = array();
public function __construct(array $data) { public function __construct(array $data) {
$this->data = $data; $this->data = $data;
@ -60,6 +61,11 @@ class AphrontTableView extends AphrontView {
return $this; return $this;
} }
public function setColumnVisibility(array $visibility) {
$this->columnVisibility = $visibility;
return $this;
}
public function render() { public function render() {
require_celerity_resource('aphront-table-view-css'); require_celerity_resource('aphront-table-view-css');
@ -80,10 +86,17 @@ class AphrontTableView extends AphrontView {
} }
} }
$visibility = array_values($this->columnVisibility);
$headers = $this->headers; $headers = $this->headers;
if ($headers) { if ($headers) {
while (count($headers) > count($visibility)) {
$visibility[] = true;
}
$table[] = '<tr>'; $table[] = '<tr>';
foreach ($headers as $col_num => $header) { foreach ($headers as $col_num => $header) {
if (!$visibility[$col_num]) {
continue;
}
$class = idx($col_classes, $col_num); $class = idx($col_classes, $col_num);
$table[] = '<th'.$class.'>'.$header.'</th>'; $table[] = '<th'.$class.'>'.$header.'</th>';
} }
@ -97,6 +110,9 @@ class AphrontTableView extends AphrontView {
while (count($row) > count($col_classes)) { while (count($row) > count($col_classes)) {
$col_classes[] = null; $col_classes[] = null;
} }
while (count($row) > count($visibility)) {
$visibility[] = true;
}
$class = idx($this->rowClasses, $row_num); $class = idx($this->rowClasses, $row_num);
if ($this->zebraStripes && ($row_num % 2)) { if ($this->zebraStripes && ($row_num % 2)) {
if ($class !== null) { if ($class !== null) {
@ -109,8 +125,14 @@ class AphrontTableView extends AphrontView {
$class = ' class="'.$class.'"'; $class = ' class="'.$class.'"';
} }
$table[] = '<tr'.$class.'>'; $table[] = '<tr'.$class.'>';
// NOTE: Use of a separate column counter is to allow this to work
// correctly if the row data has string or non-sequential keys.
$col_num = 0; $col_num = 0;
foreach ($row as $value) { foreach ($row as $value) {
if (!$visibility[$col_num]) {
++$col_num;
continue;
}
$class = $col_classes[$col_num]; $class = $col_classes[$col_num];
if ($class !== null) { if ($class !== null) {
$table[] = '<td'.$class.'>'; $table[] = '<td'.$class.'>';