Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F14009173
D8564.id20319.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
16 KB
Referenced Files
None
Subscribers
None
D8564.id20319.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -4464,7 +4464,11 @@
'PhabricatorOAuthClientBaseController' => 'PhabricatorOAuthServerController',
'PhabricatorOAuthClientDeleteController' => 'PhabricatorOAuthClientBaseController',
'PhabricatorOAuthClientEditController' => 'PhabricatorOAuthClientBaseController',
- 'PhabricatorOAuthClientListController' => 'PhabricatorOAuthClientBaseController',
+ 'PhabricatorOAuthClientListController' =>
+ array(
+ 0 => 'PhabricatorOAuthClientBaseController',
+ 1 => 'PhabricatorApplicationSearchResultsControllerInterface',
+ ),
'PhabricatorOAuthClientViewController' => 'PhabricatorOAuthClientBaseController',
'PhabricatorOAuthResponse' => 'AphrontResponse',
'PhabricatorOAuthServerAccessToken' => 'PhabricatorOAuthServerDAO',
diff --git a/src/applications/oauthserver/application/PhabricatorApplicationOAuthServer.php b/src/applications/oauthserver/application/PhabricatorApplicationOAuthServer.php
--- a/src/applications/oauthserver/application/PhabricatorApplicationOAuthServer.php
+++ b/src/applications/oauthserver/application/PhabricatorApplicationOAuthServer.php
@@ -36,7 +36,7 @@
'(?:query/(?P<queryKey>[^/]+)/)?'
=> 'PhabricatorOAuthClientListController',
'auth/' => 'PhabricatorOAuthServerAuthController',
- 'test/' => 'PhabricatorOAuthServerTestController',
+ 'test/(?P<id>\d+)/' => 'PhabricatorOAuthServerTestController',
'token/' => 'PhabricatorOAuthServerTokenController',
'client/' => array(
'create/' => 'PhabricatorOAuthClientEditController',
diff --git a/src/applications/oauthserver/controller/PhabricatorOAuthServerTestController.php b/src/applications/oauthserver/controller/PhabricatorOAuthServerTestController.php
--- a/src/applications/oauthserver/controller/PhabricatorOAuthServerTestController.php
+++ b/src/applications/oauthserver/controller/PhabricatorOAuthServerTestController.php
@@ -1,55 +1,81 @@
<?php
-/**
- * @group oauthserver
- */
final class PhabricatorOAuthServerTestController
-extends PhabricatorOAuthServerController {
+ extends PhabricatorOAuthServerController {
+
+ private $id;
public function shouldRequireLogin() {
return true;
}
+ public function willProcessRequest(array $data) {
+ $this->id = $data['id'];
+ }
+
public function processRequest() {
- $request = $this->getRequest();
- $current_user = $request->getUser();
- $server = new PhabricatorOAuthServer();
+ $request = $this->getRequest();
+ $viewer = $request->getUser();
+
$panels = array();
$results = array();
- if (!$request->isFormPost()) {
- return new Aphront400Response();
- }
-
- $action = $request->getStr('action');
- if ($action !== 'testclientauthorization') {
+ $client = id(new PhabricatorOAuthServerClientQuery())
+ ->setViewer($viewer)
+ ->withIDs(array($this->id))
+ ->executeOne();
+ if (!$client) {
return new Aphront404Response();
}
- $user_phid = $current_user->getPHID();
- $client_phid = $request->getStr('client_phid');
- $client = id(new PhabricatorOAuthServerClient)
- ->loadOneWhere('phid = %s', $client_phid);
- if (!$client) {
- throw new Exception('Failed to load client!');
+ $view_uri = $client->getViewURI();
+
+ // Look for an existing authorization.
+ $authorization = id(new PhabricatorOAuthClientAuthorizationQuery())
+ ->setViewer($viewer)
+ ->withUserPHIDs(array($viewer->getPHID()))
+ ->withClientPHIDs(array($client->getPHID()))
+ ->executeOne();
+ if ($authorization) {
+ $dialog = id(new AphrontDialogView())
+ ->setUser($viewer)
+ ->setTitle(pht('Already Authorized'))
+ ->appendParagraph(
+ pht(
+ 'You have already authorized this application to access your '.
+ 'account.'))
+ ->addCancelButton($view_uri, pht('Close'));
+
+ return id(new AphrontDialogResponse())->setDialog($dialog);
}
- if ($client->getCreatorPHID() != $user_phid ||
- $current_user->getPHID() != $user_phid) {
- throw new Exception(
- 'Only allowed to make test data for yourself '.
- 'for clients you own!'
- );
+
+ if ($request->isFormPost()) {
+ $server = id(new PhabricatorOAuthServer())
+ ->setUser($viewer)
+ ->setClient($client);
+
+ $scope = array();
+ $authorization = $server->authorizeClient($scope);
+
+ $id = $authorization->getID();
+ $panel_uri = '/settings/panel/oauthorizations/?id='.$id;
+
+ return id(new AphrontRedirectResponse())->setURI($panel_uri);
}
- // blankclientauthorizations don't get scope
- $scope = array();
- $server->setUser($current_user);
- $server->setClient($client);
- $authorization = $server->authorizeClient($scope);
+ // TODO: It would be nice to put scope options in this dialog, maybe?
- $id = $authorization->getID();
- $panel_uri = '/settings/panel/oauthorizations/?id='.$id;
+ $dialog = id(new AphrontDialogView())
+ ->setUser($viewer)
+ ->setTitle(pht('Authorize Application?'))
+ ->appendParagraph(
+ pht(
+ 'This will create an authorization, permitting %s to access '.
+ 'your account.',
+ phutil_tag('strong', array(), $client->getName())))
+ ->addCancelButton($view_uri)
+ ->addSubmitButton(pht('Authorize Application'));
- return id(new AphrontRedirectResponse())->setURI($panel_uri);
+ return id(new AphrontDialogResponse())->setDialog($dialog);
}
}
diff --git a/src/applications/oauthserver/controller/client/PhabricatorOAuthClientDeleteController.php b/src/applications/oauthserver/controller/client/PhabricatorOAuthClientDeleteController.php
--- a/src/applications/oauthserver/controller/client/PhabricatorOAuthClientDeleteController.php
+++ b/src/applications/oauthserver/controller/client/PhabricatorOAuthClientDeleteController.php
@@ -1,47 +1,42 @@
<?php
-/**
- * @group oauthserver
- */
final class PhabricatorOAuthClientDeleteController
-extends PhabricatorOAuthClientBaseController {
+ extends PhabricatorOAuthClientBaseController {
public function processRequest() {
- $phid = $this->getClientPHID();
- $title = 'Delete OAuth Client';
- $request = $this->getRequest();
- $current_user = $request->getUser();
- $client = id(new PhabricatorOAuthServerClient())
- ->loadOneWhere('phid = %s',
- $phid);
+ $request = $this->getRequest();
+ $viewer = $request->getUser();
- if (empty($client)) {
+ $client = id(new PhabricatorOAuthServerClientQuery())
+ ->setViewer($viewer)
+ ->withPHIDs(array($this->getClientPHID()))
+ ->requireCapabilities(
+ array(
+ PhabricatorPolicyCapability::CAN_VIEW,
+ PhabricatorPolicyCapability::CAN_EDIT,
+ ))
+ ->executeOne();
+ if (!$client) {
return new Aphront404Response();
}
- if ($client->getCreatorPHID() != $current_user->getPHID()) {
- $message = 'Access denied to client with phid '.$phid.'. '.
- 'Only the user who created the client has permission to '.
- 'delete the client.';
- return id(new Aphront403Response())
- ->setForbiddenText($message);
- }
if ($request->isFormPost()) {
$client->delete();
- return id(new AphrontRedirectResponse())
- ->setURI('/oauthserver/client/?deleted=1');
+ $app_uri = $this->getApplicationURI();
+ return id(new AphrontRedirectResponse())->setURI($app_uri);
}
- $title .= ' '.$client->getName();
+ $dialog = id(new AphrontDialogView())
+ ->setUser($viewer)
+ ->setTitle(pht('Delete OAuth Application?'))
+ ->appendParagraph(
+ pht(
+ 'Really delete the OAuth application %s?',
+ phutil_tag('strong', array(), $client->getName())))
+ ->addCancelButton($client->getViewURI())
+ ->addSubmitButton(pht('Delete Application'));
- $dialog = new AphrontDialogView();
- $dialog->setUser($current_user);
- $dialog->setTitle($title);
- $dialog->appendChild(phutil_tag('p', array(), pht(
- 'Are you sure you want to delete this client?')));
- $dialog->addSubmitButton();
- $dialog->addCancelButton($client->getEditURI());
return id(new AphrontDialogResponse())->setDialog($dialog);
-
}
+
}
diff --git a/src/applications/oauthserver/controller/client/PhabricatorOAuthClientViewController.php b/src/applications/oauthserver/controller/client/PhabricatorOAuthClientViewController.php
--- a/src/applications/oauthserver/controller/client/PhabricatorOAuthClientViewController.php
+++ b/src/applications/oauthserver/controller/client/PhabricatorOAuthClientViewController.php
@@ -1,25 +1,11 @@
<?php
-/**
- * @group oauthserver
- */
final class PhabricatorOAuthClientViewController
-extends PhabricatorOAuthClientBaseController {
-
- protected function getFilter() {
- return 'client/view/'.$this->getClientPHID();
- }
-
- protected function getExtraClientFilters() {
- return array(
- array('url' => $this->getFilter(),
- 'label' => 'View Client')
- );
- }
+ extends PhabricatorOAuthClientBaseController {
public function processRequest() {
$request = $this->getRequest();
- $current_user = $request->getUser();
+ $viewer = $request->getUser();
$error = null;
$phid = $this->getClientPHID();
@@ -40,7 +26,7 @@
$panel->setHeader($title);
$form = id(new AphrontFormView())
- ->setUser($current_user)
+ ->setUser($viewer)
->appendChild(
id(new AphrontFormStaticControl())
->setLabel('Name')
@@ -49,7 +35,7 @@
id(new AphrontFormStaticControl())
->setLabel('ID')
->setValue($phid));
- if ($current_user->getPHID() == $client->getCreatorPHID()) {
+ if ($viewer->getPHID() == $client->getCreatorPHID()) {
$form
->appendChild(
id(new AphrontFormStaticControl())
@@ -62,9 +48,9 @@
->setLabel('Redirect URI')
->setValue($client->getRedirectURI()));
$created = phabricator_datetime($client->getDateCreated(),
- $current_user);
+ $viewer);
$updated = phabricator_datetime($client->getDateModified(),
- $current_user);
+ $viewer);
$form
->appendChild(
id(new AphrontFormStaticControl())
@@ -76,7 +62,7 @@
->setValue($updated));
$panel->appendChild($form);
$admin_panel = null;
- if ($client->getCreatorPHID() == $current_user->getPHID()) {
+ if ($client->getCreatorPHID() == $viewer->getPHID()) {
$edit_button = phutil_tag(
'a',
array(
@@ -87,7 +73,7 @@
$panel->addButton($edit_button);
$create_authorization_form = id(new AphrontFormView())
- ->setUser($current_user)
+ ->setUser($viewer)
->addHiddenInput('action', 'testclientauthorization')
->addHiddenInput('client_phid', $phid)
->setAction('/oauthserver/test/')
@@ -99,11 +85,104 @@
->appendChild($create_authorization_form);
}
- return $this->buildStandardPageResponse(
- array($error,
- $panel,
- $admin_panel
- ),
- array('title' => $title));
+ $header = $this->buildHeaderView($client);
+ $actions = $this->buildActionView($client);
+ $properties = $this->buildPropertyListView($client);
+ $properties->setActionList($actions);
+
+
+ $crumbs = $this->buildApplicationCrumbs();
+ $crumbs->addTextCrumb($client->getName());
+
+ $box = id(new PHUIObjectBoxView())
+ ->setHeader($header)
+ ->addPropertyList($properties);
+
+ return $this->buildApplicationPage(
+ array(
+ $crumbs,
+ $box,
+ ),
+ array(
+ 'title' => $title,
+ 'device' => true,
+ ));
+ }
+
+ private function buildHeaderView(PhabricatorOAuthServerClient $client) {
+ $viewer = $this->getRequest()->getUser();
+
+ $header = id(new PHUIHeaderView())
+ ->setUser($viewer)
+ ->setHeader(pht('OAuth Application: %s', $client->getName()))
+ ->setPolicyObject($client);
+
+ return $header;
+ }
+
+ private function buildActionView(PhabricatorOAuthServerClient $client) {
+ $viewer = $this->getRequest()->getUser();
+
+ $can_edit = PhabricatorPolicyFilter::hasCapability(
+ $viewer,
+ $client,
+ PhabricatorPolicyCapability::CAN_EDIT);
+
+ $authorization = id(new PhabricatorOAuthClientAuthorizationQuery())
+ ->setViewer($viewer)
+ ->withUserPHIDs(array($viewer->getPHID()))
+ ->withClientPHIDs(array($client->getPHID()))
+ ->executeOne();
+ $is_authorized = (bool)$authorization;
+
+ $view = id(new PhabricatorActionListView())
+ ->setUser($viewer);
+
+ $view->addAction(
+ id(new PhabricatorActionView())
+ ->setName(pht('Edit Application'))
+ ->setIcon('edit')
+ ->setWorkflow(!$can_edit)
+ ->setDisabled(!$can_edit)
+ ->setHref($client->getEditURI()));
+
+ $view->addAction(
+ id(new PhabricatorActionView())
+ ->setName(pht('Delete Application'))
+ ->setIcon('delete')
+ ->setWorkflow(true)
+ ->setDisabled(!$can_edit)
+ ->setHref($client->getDeleteURI()));
+
+ $view->addAction(
+ id(new PhabricatorActionView())
+ ->setName(pht('Create Test Authorization'))
+ ->setIcon('wrench')
+ ->setWorkflow(true)
+ ->setDisabled($is_authorized)
+ ->setHref($this->getApplicationURI('test/'.$client->getID().'/')));
+
+ return $view;
+ }
+
+ private function buildPropertyListView(PhabricatorOAuthServerClient $client) {
+ $viewer = $this->getRequest()->getUser();
+
+ $view = id(new PHUIPropertyListView())
+ ->setUser($viewer);
+
+ $view->addProperty(
+ pht('Client ID'),
+ $client->getPHID());
+
+ $view->addProperty(
+ pht('Client Secret'),
+ $client->getSecret());
+
+ $view->addProperty(
+ pht('Created'),
+ phabricator_datetime($client->getDateCreated(), $viewer));
+
+ return $view;
}
}
diff --git a/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php b/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php
--- a/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php
+++ b/src/applications/oauthserver/query/PhabricatorOAuthClientAuthorizationQuery.php
@@ -5,6 +5,7 @@
private $phids;
private $userPHIDs;
+ private $clientPHIDs;
public function witHPHIDs(array $phids) {
$this->phids = $phids;
@@ -16,6 +17,11 @@
return $this;
}
+ public function withClientPHIDs(array $phids) {
+ $this->clientPHIDs = $phids;
+ return $this;
+ }
+
public function loadPage() {
$table = new PhabricatorOAuthClientAuthorization();
$conn_r = $table->establishConnection('r');
@@ -45,6 +51,7 @@
$client = idx($clients, $authorization->getClientPHID());
if (!$client) {
unset($authorizations[$key]);
+ continue;
}
$authorization->attachClient($client);
}
@@ -69,6 +76,13 @@
$this->userPHIDs);
}
+ if ($this->clientPHIDs) {
+ $where[] = qsprintf(
+ $conn_r,
+ 'clientPHID IN (%Ls)',
+ $this->clientPHIDs);
+ }
+
$where[] = $this->buildPagingClause($conn_r);
return $this->formatWhereClause($where);
diff --git a/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php b/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php
--- a/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php
+++ b/src/applications/oauthserver/query/PhabricatorOAuthServerClientQuery.php
@@ -3,9 +3,15 @@
final class PhabricatorOAuthServerClientQuery
extends PhabricatorCursorPagedPolicyAwareQuery {
+ private $ids;
private $phids;
private $creatorPHIDs;
+ public function withIDs(array $ids) {
+ $this->ids = $ids;
+ return $this;
+ }
+
public function withPHIDs(array $phids) {
$this->phids = $phids;
return $this;
@@ -35,6 +41,13 @@
private function buildWhereClause($conn_r) {
$where = array();
+ if ($this->ids) {
+ $where[] = qsprintf(
+ $conn_r,
+ 'id IN (%Ld)',
+ $this->ids);
+ }
+
if ($this->phids) {
$where[] = qsprintf(
$conn_r,
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Oct 31, 11:45 AM (2 w, 4 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6755274
Default Alt Text
D8564.id20319.diff (16 KB)
Attached To
Mode
D8564: Use modern UI for OAuthServer details page
Attached
Detach File
Event Timeline
Log In to Comment