Page MenuHomePhabricator
Files F14008741

D8560.diff
No OneTemporary
Actions

D8560.diff
View Options

diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -1726,6 +1726,8 @@
'PhabricatorOAuthServerConsoleController' => 'applications/oauthserver/controller/PhabricatorOAuthServerConsoleController.php',
'PhabricatorOAuthServerController' => 'applications/oauthserver/controller/PhabricatorOAuthServerController.php',
'PhabricatorOAuthServerDAO' => 'applications/oauthserver/storage/PhabricatorOAuthServerDAO.php',
+ 'PhabricatorOAuthServerPHIDTypeClient' => 'applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClient.php',
+ 'PhabricatorOAuthServerPHIDTypeClientAuthorization' => 'applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClientAuthorization.php',
'PhabricatorOAuthServerScope' => 'applications/oauthserver/PhabricatorOAuthServerScope.php',
'PhabricatorOAuthServerTestCase' => 'applications/oauthserver/__tests__/PhabricatorOAuthServerTestCase.php',
'PhabricatorOAuthServerTestController' => 'applications/oauthserver/controller/PhabricatorOAuthServerTestController.php',
@@ -4456,12 +4458,16 @@
'PhabricatorNotificationQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'PhabricatorNotificationStatusController' => 'PhabricatorNotificationController',
'PhabricatorNotificationTestController' => 'PhabricatorNotificationController',
- 'PhabricatorOAuthClientAuthorization' => 'PhabricatorOAuthServerDAO',
+ 'PhabricatorOAuthClientAuthorization' =>
+ array(
+ 0 => 'PhabricatorOAuthServerDAO',
+ 1 => 'PhabricatorPolicyInterface',
+ ),
'PhabricatorOAuthClientAuthorizationBaseController' => 'PhabricatorOAuthServerController',
'PhabricatorOAuthClientAuthorizationDeleteController' => 'PhabricatorOAuthClientAuthorizationBaseController',
'PhabricatorOAuthClientAuthorizationEditController' => 'PhabricatorOAuthClientAuthorizationBaseController',
'PhabricatorOAuthClientAuthorizationListController' => 'PhabricatorOAuthClientAuthorizationBaseController',
- 'PhabricatorOAuthClientAuthorizationQuery' => 'PhabricatorOffsetPagedQuery',
+ 'PhabricatorOAuthClientAuthorizationQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'PhabricatorOAuthClientBaseController' => 'PhabricatorOAuthServerController',
'PhabricatorOAuthClientDeleteController' => 'PhabricatorOAuthClientBaseController',
'PhabricatorOAuthClientEditController' => 'PhabricatorOAuthClientBaseController',
@@ -4471,11 +4477,17 @@
'PhabricatorOAuthServerAccessToken' => 'PhabricatorOAuthServerDAO',
'PhabricatorOAuthServerAuthController' => 'PhabricatorAuthController',
'PhabricatorOAuthServerAuthorizationCode' => 'PhabricatorOAuthServerDAO',
- 'PhabricatorOAuthServerClient' => 'PhabricatorOAuthServerDAO',
- 'PhabricatorOAuthServerClientQuery' => 'PhabricatorOffsetPagedQuery',
+ 'PhabricatorOAuthServerClient' =>
+ array(
+ 0 => 'PhabricatorOAuthServerDAO',
+ 1 => 'PhabricatorPolicyInterface',
+ ),
+ 'PhabricatorOAuthServerClientQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'PhabricatorOAuthServerConsoleController' => 'PhabricatorOAuthServerController',
'PhabricatorOAuthServerController' => 'PhabricatorController',
'PhabricatorOAuthServerDAO' => 'PhabricatorLiskDAO',
+ 'PhabricatorOAuthServerPHIDTypeClient' => 'PhabricatorPHIDType',
+ 'PhabricatorOAuthServerPHIDTypeClientAuthorization' => 'PhabricatorPHIDType',
'PhabricatorOAuthServerTestCase' => 'PhabricatorTestCase',
'PhabricatorOAuthServerTestController' => 'PhabricatorOAuthServerController',
'PhabricatorOAuthServerTokenController' => 'PhabricatorAuthController',
diff --git a/src/applications/oauthserver/controller/client/PhabricatorOAuthClientListController.php b/src/applications/oauthserver/controller/client/PhabricatorOAuthClientListController.php
--- a/src/applications/oauthserver/controller/client/PhabricatorOAuthClientListController.php
+++ b/src/applications/oauthserver/controller/client/PhabricatorOAuthClientListController.php
@@ -22,8 +22,9 @@
$pager->setPageSize($page_size);
$pager->setOffset($offset);
- $query = new PhabricatorOAuthServerClientQuery();
- $query->withCreatorPHIDs(array($current_user->getPHID()));
+ $query = id(new PhabricatorOAuthServerClientQuery())
+ ->setViewer($current_user)
+ ->withCreatorPHIDs(array($current_user->getPHID()));
$clients = $query->executeWithOffsetPager($pager);
$rows = array();
diff --git a/src/applications/oauthserver/controller/clientauthorization/PhabricatorOAuthClientAuthorizationListController.php b/src/applications/oauthserver/controller/clientauthorization/PhabricatorOAuthClientAuthorizationListController.php
--- a/src/applications/oauthserver/controller/clientauthorization/PhabricatorOAuthClientAuthorizationListController.php
+++ b/src/applications/oauthserver/controller/clientauthorization/PhabricatorOAuthClientAuthorizationListController.php
@@ -22,8 +22,9 @@
$pager->setPageSize($page_size);
$pager->setOffset($offset);
- $query = new PhabricatorOAuthClientAuthorizationQuery();
- $query->withUserPHIDs(array($current_user->getPHID()));
+ $query = id(new PhabricatorOAuthClientAuthorizationQuery())
+ ->setViewer($current_user)
+ ->withUserPHIDs(array($current_user->getPHID()));
$authorizations = $query->executeWithOffsetPager($pager);
$client_authorizations = mpull($authorizations, null, 'getClientPHID');
diff --git a/src/applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClient.php b/src/applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClient.php
new file mode 100644
--- /dev/null
+++ b/src/applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClient.php
@@ -0,0 +1,40 @@
+<?php
+
+final class PhabricatorOAuthServerPHIDTypeClient
+ extends PhabricatorPHIDType {
+
+ const TYPECONST = 'OASC';
+
+ public function getTypeConstant() {
+ return self::TYPECONST;
+ }
+
+ public function getTypeName() {
+ return pht('OAuth Application');
+ }
+
+ public function newObject() {
+ return new PhabricatorOAuthServerClient();
+ }
+
+ protected function buildQueryForObjects(
+ PhabricatorObjectQuery $query,
+ array $phids) {
+
+ return id(new PhabricatorOAuthServerClientQuery())
+ ->withPHIDs($phids);
+ }
+
+ public function loadHandles(
+ PhabricatorHandleQuery $query,
+ array $handles,
+ array $objects) {
+
+ foreach ($handles as $phid => $handle) {
+ $client = $objects[$phid];
+
+ $handle->setName($client->getName());
+ }
+ }
+
+}
diff --git a/src/applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClientAuthorization.php b/src/applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClientAuthorization.php
new file mode 100644
--- /dev/null
+++ b/src/applications/oauthserver/phid/PhabricatorOAuthServerPHIDTypeClientAuthorization.php
@@ -0,0 +1,39 @@
+<?php
+
+final class PhabricatorOAuthServerPHIDTypeClientAuthorization
+ extends PhabricatorPHIDType {
+
+ const TYPECONST = 'OASA';
+
+ public function getTypeConstant() {
+ return self::TYPECONST;
+ }
+
+ public function getTypeName() {
+ return pht('OAuth Authorization');
+ }
+
+ public function newObject() {
+ return new PhabricatorOAuthClientAuthorization();
+ }
+
+ protected function buildQueryForObjects(
+ PhabricatorObjectQuery $query,
+ array $phids) {
+
+ return id(new PhabricatorOAuthClientAuthorizationQuery())
+ ->withPHIDs($phids);
+ }
+
+ public function loadHandles(
+ PhabricatorHandleQuery $query,
+ array $handles,
+ array $objects) {
+
+ foreach ($handles as $phid => $handle) {
+ $authorization = $objects[$phid];
+ $handle->setName(pht('Authorization %d', $authorization->getID()));
+ }
+ }
+
+}
diff --git a/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php b/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php
--- a/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php
+++ b/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php
@@ -1,18 +1,22 @@
<?php
final class PhabricatorOAuthClientAuthorizationQuery
-extends PhabricatorOffsetPagedQuery {
+ extends PhabricatorCursorPagedPolicyAwareQuery {
+
+ private $phids;
private $userPHIDs;
+ public function witHPHIDs(array $phids) {
+ $this->phids = $phids;
+ return $this;
+ }
+
public function withUserPHIDs(array $phids) {
$this->userPHIDs = $phids;
return $this;
}
- private function getUserPHIDs() {
- return $this->userPHIDs;
- }
- public function execute() {
+ public function loadPage() {
$table = new PhabricatorOAuthClientAuthorization();
$conn_r = $table->establishConnection('r');
@@ -32,13 +36,27 @@
private function buildWhereClause($conn_r) {
$where = array();
- if ($this->getUserPHIDs()) {
+ if ($this->phids) {
+ $where[] = qsprintf(
+ $conn_r,
+ 'phid IN (%Ls)',
+ $this->phids);
+ }
+
+ if ($this->userPHIDs) {
$where[] = qsprintf(
$conn_r,
'userPHID IN (%Ls)',
- $this->getUserPHIDs());
+ $this->userPHIDs);
}
+ $where[] = $this->buildPagingClause($conn_r);
+
return $this->formatWhereClause($where);
}
+
+ public function getQueryApplicationClass() {
+ return 'PhabricatorApplicationOAuthServer';
+ }
+
}
diff --git a/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php b/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php
--- a/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php
+++ b/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php
@@ -1,18 +1,22 @@
<?php
final class PhabricatorOAuthServerClientQuery
-extends PhabricatorOffsetPagedQuery {
+ extends PhabricatorCursorPagedPolicyAwareQuery {
+
+ private $phids;
private $creatorPHIDs;
+ public function withPHIDs(array $phids) {
+ $this->phids = $phids;
+ return $this;
+ }
+
public function withCreatorPHIDs(array $phids) {
$this->creatorPHIDs = $phids;
return $this;
}
- private function getCreatorPHIDs() {
- return $this->creatorPHIDs;
- }
- public function execute() {
+ public function loadPage() {
$table = new PhabricatorOAuthServerClient();
$conn_r = $table->establishConnection('r');
@@ -32,13 +36,27 @@
private function buildWhereClause($conn_r) {
$where = array();
- if ($this->getCreatorPHIDs()) {
+ if ($this->phids) {
+ $where[] = qsprintf(
+ $conn_r,
+ 'phid IN (%Ls)',
+ $this->phids);
+ }
+
+ if ($this->creatorPHIDs) {
$where[] = qsprintf(
$conn_r,
'creatorPHID IN (%Ls)',
- $this->getCreatorPHIDs());
+ $this->creatorPHIDs);
}
+ $where[] = $this->buildPagingClause($conn_r);
+
return $this->formatWhereClause($where);
}
+
+ public function getQueryApplicationClass() {
+ return 'PhabricatorApplicationOAuthServer';
+ }
+
}
diff --git a/src/applications/oauthserver/storage/PhabricatorOAuthClientAuthorization.php b/src/applications/oauthserver/storage/PhabricatorOAuthClientAuthorization.php
--- a/src/applications/oauthserver/storage/PhabricatorOAuthClientAuthorization.php
+++ b/src/applications/oauthserver/storage/PhabricatorOAuthClientAuthorization.php
@@ -1,13 +1,9 @@
<?php
-/**
- * @group oauthserver
- */
final class PhabricatorOAuthClientAuthorization
-extends PhabricatorOAuthServerDAO {
+ extends PhabricatorOAuthServerDAO
+ implements PhabricatorPolicyInterface {
- protected $id;
- protected $phid;
protected $userPHID;
protected $clientPHID;
protected $scope;
@@ -38,6 +34,32 @@
public function generatePHID() {
return PhabricatorPHID::generateNewPHID(
- PhabricatorPHIDConstants::PHID_TYPE_OASA);
+ PhabricatorOAuthServerPHIDTypeClientAuthorization::TYPECONST);
}
+
+
+/* -( PhabricatorPolicyInterface )----------------------------------------- */
+
+
+ public function getCapabilities() {
+ return array(
+ PhabricatorPolicyCapability::CAN_VIEW,
+ );
+ }
+
+ public function getPolicy($capability) {
+ switch ($capability) {
+ case PhabricatorPolicyCapability::CAN_VIEW:
+ return PhabricatorPolicies::POLICY_NOONE;
+ }
+ }
+
+ public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
+ return ($viewer->getPHID() == $this->getUserPHID());
+ }
+
+ public function describeAutomaticCapability($capability) {
+ return pht('Authorizations can only be viewed by the authorizing user.');
+ }
+
}
diff --git a/src/applications/oauthserver/storage/PhabricatorOAuthServerClient.php b/src/applications/oauthserver/storage/PhabricatorOAuthServerClient.php
--- a/src/applications/oauthserver/storage/PhabricatorOAuthServerClient.php
+++ b/src/applications/oauthserver/storage/PhabricatorOAuthServerClient.php
@@ -1,13 +1,9 @@
<?php
-/**
- * @group oauthserver
- */
final class PhabricatorOAuthServerClient
-extends PhabricatorOAuthServerDAO {
+ extends PhabricatorOAuthServerDAO
+ implements PhabricatorPolicyInterface {
- protected $id;
- protected $phid;
protected $secret;
protected $name;
protected $redirectURI;
@@ -33,7 +29,32 @@
public function generatePHID() {
return PhabricatorPHID::generateNewPHID(
- PhabricatorPHIDConstants::PHID_TYPE_OASC);
+ PhabricatorOAuthServerPHIDTypeClient::TYPECONST);
+ }
+
+
+/* -( PhabricatorPolicyInterface )----------------------------------------- */
+
+
+ public function getCapabilities() {
+ return array(
+ PhabricatorPolicyCapability::CAN_VIEW,
+ );
+ }
+
+ public function getPolicy($capability) {
+ switch ($capability) {
+ case PhabricatorPolicyCapability::CAN_VIEW:
+ return PhabricatorPolicies::POLICY_USER;
+ }
+ }
+
+ public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
+ return false;
+ }
+
+ public function describeAutomaticCapability($capability) {
+ return null;
}
}
diff --git a/src/applications/phid/PhabricatorPHIDConstants.php b/src/applications/phid/PhabricatorPHIDConstants.php
--- a/src/applications/phid/PhabricatorPHIDConstants.php
+++ b/src/applications/phid/PhabricatorPHIDConstants.php
@@ -7,8 +7,6 @@
const PHID_TYPE_MAGIC = '!!!!';
const PHID_TYPE_STRY = 'STRY';
const PHID_TYPE_ACMT = 'ACMT';
- const PHID_TYPE_OASC = 'OASC';
- const PHID_TYPE_OASA = 'OASA';
const PHID_TYPE_TOBJ = 'TOBJ';
const PHID_TYPE_ACNT = 'ACNT';
const PHID_TYPE_PDCT = 'PDCT';

File Metadata

Mime Type
text/plain
Expires
Thu, Oct 31, 6:02 AM (2 w, 5 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6718867
Default Alt Text
D8560.diff (14 KB)

Event Timeline

Phabricator · Built by Phacility