D20737.id49450.diff
No OneTemporary
Actions

Size

13 KB

Referenced Files

None

Subscribers

None

D20737.id49450.diff
View Options

	diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
	--- a/src/__phutil_library_map__.php
	+++ b/src/__phutil_library_map__.php
	@@ -5294,6 +5294,8 @@
	'PhortuneDAO' => 'applications/phortune/storage/PhortuneDAO.php',
	'PhortuneDisplayException' => 'applications/phortune/exception/PhortuneDisplayException.php',
	'PhortuneErrCode' => 'applications/phortune/constants/PhortuneErrCode.php',
	+ 'PhortuneExternalController' => 'applications/phortune/controller/external/PhortuneExternalController.php',
	+ 'PhortuneExternalOverviewController' => 'applications/phortune/controller/external/PhortuneExternalOverviewController.php',
	'PhortuneInvoiceView' => 'applications/phortune/view/PhortuneInvoiceView.php',
	'PhortuneLandingController' => 'applications/phortune/controller/PhortuneLandingController.php',
	'PhortuneMemberHasAccountEdgeType' => 'applications/phortune/edge/PhortuneMemberHasAccountEdgeType.php',
	@@ -11879,6 +11881,8 @@
	'PhortuneDAO' => 'PhabricatorLiskDAO',
	'PhortuneDisplayException' => 'Exception',
	'PhortuneErrCode' => 'PhortuneConstants',
	+ 'PhortuneExternalController' => 'PhortuneController',
	+ 'PhortuneExternalOverviewController' => 'PhortuneExternalController',
	'PhortuneInvoiceView' => 'AphrontTagView',
	'PhortuneLandingController' => 'PhortuneController',
	'PhortuneMemberHasAccountEdgeType' => 'PhabricatorEdgeType',
	diff --git a/src/applications/phortune/application/PhabricatorPhortuneApplication.php b/src/applications/phortune/application/PhabricatorPhortuneApplication.php
	--- a/src/applications/phortune/application/PhabricatorPhortuneApplication.php
	+++ b/src/applications/phortune/application/PhabricatorPhortuneApplication.php
	@@ -104,6 +104,9 @@
	'(?P<id>\d+)/(?P<action>[^/]+)/'
	=> 'PhortuneProviderActionController',
	),
	+ 'external/(?P<addressKey>[^/]+)/(?P<accessKey>[^/]+)/' => array(
	+ '' => 'PhortuneExternalOverviewController',
	+ ),
	'merchant/' => array(
	$this->getQueryRoutePattern()
	=> 'PhortuneMerchantListController',
	diff --git a/src/applications/phortune/controller/account/PhortuneAccountEmailViewController.php b/src/applications/phortune/controller/account/PhortuneAccountEmailViewController.php
	--- a/src/applications/phortune/controller/account/PhortuneAccountEmailViewController.php
	+++ b/src/applications/phortune/controller/account/PhortuneAccountEmailViewController.php
	@@ -67,6 +67,12 @@
	$account->getID(),
	$address->getID()));

	+ if ($can_edit) {
	+ $external_uri = $address->getExternalURI();
	+ } else {
	+ $external_uri = null;
	+ }
	+
	$curtain = $this->newCurtainView($account);

	$curtain->addAction(
	@@ -77,6 +83,14 @@
	->setDisabled(!$can_edit)
	->setWorkflow(!$can_edit));

	+ $curtain->addAction(
	+ id(new PhabricatorActionView())
	+ ->setName(pht('Show External View'))
	+ ->setIcon('fa-eye')
	+ ->setHref($external_uri)
	+ ->setDisabled(!$can_edit)
	+ ->setOpenInNewWindow(true));
	+
	return $curtain;
	}

	diff --git a/src/applications/phortune/controller/external/PhortuneExternalController.php b/src/applications/phortune/controller/external/PhortuneExternalController.php
	new file mode 100644
	--- /dev/null
	+++ b/src/applications/phortune/controller/external/PhortuneExternalController.php
	@@ -0,0 +1,147 @@
	+<?php
	+
	+abstract class PhortuneExternalController
	+ extends PhortuneController {
	+
	+ private $email;
	+
	+ final public function shouldAllowPublic() {
	+ return true;
	+ }
	+
	+ abstract protected function handleExternalRequest(AphrontRequest $request);
	+
	+ final protected function hasAccountEmail() {
	+ return (bool)$this->email;
	+ }
	+
	+ final protected function getAccountEmail() {
	+ return $this->email;
	+ }
	+
	+ final protected function getExternalViewer() {
	+ return PhabricatorUser::getOmnipotentUser();
	+ }
	+
	+ final public function handleRequest(AphrontRequest $request) {
	+ $address_key = $request->getURIData('addressKey');
	+ $access_key = $request->getURIData('accessKey');
	+
	+ $viewer = $this->getViewer();
	+ $xviewer = $this->getExternalViewer();
	+
	+ $email = id(new PhortuneAccountEmailQuery())
	+ ->setViewer($xviewer)
	+ ->withAddressKeys(array($address_key))
	+ ->executeOne();
	+ if (!$email) {
	+ return new Aphront404Response();
	+ }
	+
	+ $account = $email->getAccount();
	+
	+ $can_see = PhabricatorPolicyFilter::hasCapability(
	+ $viewer,
	+ $account,
	+ PhabricatorPolicyCapability::CAN_EDIT);
	+
	+ $email_display = phutil_tag('strong', array(), $email->getAddress());
	+ $user_display = phutil_tag('strong', array(), $viewer->getUsername());
	+
	+ $actual_key = $email->getAccessKey();
	+ if (!phutil_hashes_are_identical($access_key, $actual_key)) {
	+ $dialog = $this->newDialog()
	+ ->setTitle(pht('Email Access Link Out of Date'))
	+ ->appendParagraph(
	+ pht(
	+ 'You are trying to access this payment account as: %s',
	+ $email_display))
	+ ->appendParagraph(
	+ pht(
	+ 'The access link you have followed is out of date and no longer '.
	+ 'works.'));
	+
	+ if ($can_see) {
	+ $dialog->appendParagraph(
	+ pht(
	+ 'You are currently logged in as a user (%s) who has '.
	+ 'permission to manage the payment account, so you can '.
	+ 'continue to the updated link.',
	+ $user_display));
	+
	+ $dialog->addCancelButton(
	+ $email->getExternalURI(),
	+ pht('Continue to Updated Link'));
	+ } else {
	+ $dialog->appendParagraph(
	+ pht(
	+ 'To access information about this payment account, follow '.
	+ 'a more recent link or ask a user with access to give you '.
	+ 'an updated link.'));
	+ }
	+
	+ return $dialog;
	+ }
	+
	+ // TODO: Test that status is good.
	+
	+ $this->email = $email;
	+
	+ return $this->handleExternalRequest($request);
	+ }
	+
	+ final protected function newExternalCrumbs() {
	+ $viewer = $this->getViewer();
	+
	+ $crumbs = new PHUICrumbsView();
	+
	+ if ($this->hasAccountEmail()) {
	+ $email = $this->getAccountEmail();
	+ $account = $email->getAccount();
	+
	+ $crumb_name = pht(
	+ 'Payment Account: %s',
	+ $account->getName());
	+
	+ $crumb = id(new PHUICrumbView())
	+ ->setIcon('fa-diamond')
	+ ->setName($crumb_name);
	+
	+ $can_see = PhabricatorPolicyFilter::hasCapability(
	+ $viewer,
	+ $account,
	+ PhabricatorPolicyCapability::CAN_VIEW);
	+ if ($can_see) {
	+ $crumb->setHref($account->getURI());
	+ }
	+
	+ $crumbs
	+ ->addCrumb($crumb)
	+ ->addTextCrumb(pht('Viewing As "%s"', $email->getAddress()));
	+ } else {
	+ $crumb = id(new PHUICrumbView())
	+ ->setIcon('fa-diamond')
	+ ->setText(pht('External Account View'));
	+
	+ $crumbs->addCrumb($crumb);
	+ }
	+
	+ return $crumbs;
	+ }
	+
	+ final protected function newExternalView() {
	+ $email = $this->getAccountEmail();
	+
	+ $messages = array();
	+ $messages[] = pht(
	+ 'You are viewing this payment account as: %s',
	+ phutil_tag('strong', array(), $email->getAddress()));
	+ $messages[] = pht(
	+ 'Anyone who has a link to this page can view order history for '.
	+ 'this payment account.');
	+
	+ return id(new PHUIInfoView())
	+ ->setSeverity(PHUIInfoView::SEVERITY_WARNING)
	+ ->setErrors($messages);
	+ }
	+}
	diff --git a/src/applications/phortune/controller/external/PhortuneExternalOverviewController.php b/src/applications/phortune/controller/external/PhortuneExternalOverviewController.php
	new file mode 100644
	--- /dev/null
	+++ b/src/applications/phortune/controller/external/PhortuneExternalOverviewController.php
	@@ -0,0 +1,91 @@
	+<?php
	+
	+final class PhortuneExternalOverviewController
	+ extends PhortuneExternalController {
	+
	+ protected function handleExternalRequest(AphrontRequest $request) {
	+ $xviewer = $this->getExternalViewer();
	+ $email = $this->getAccountEmail();
	+ $account = $email->getAccount();
	+
	+ $crumbs = $this->newExternalCrumbs()
	+ ->setBorder(true);
	+
	+ $header = id(new PHUIHeaderView())
	+ ->setHeader(pht('Invoices and Receipts: %s', $account->getName()));
	+
	+ $external_view = $this->newExternalView();
	+ $invoices_view = $this->newInvoicesView();
	+ $receipts_view = $this->newReceiptsView();
	+
	+ $column_view = id(new PHUITwoColumnView())
	+ ->setHeader($header)
	+ ->setFooter(
	+ array(
	+ $external_view,
	+ $invoices_view,
	+ $receipts_view,
	+ ));
	+
	+ return $this->newPage()
	+ ->setCrumbs($crumbs)
	+ ->setTitle(
	+ array(
	+ pht('Invoices and Receipts'),
	+ $account->getName(),
	+ ))
	+ ->appendChild($column_view);
	+ }
	+
	+ private function newInvoicesView() {
	+ $xviewer = $this->getExternalViewer();
	+ $email = $this->getAccountEmail();
	+ $account = $email->getAccount();
	+
	+ $invoices = id(new PhortuneCartQuery())
	+ ->setViewer($xviewer)
	+ ->withAccountPHIDs(array($account->getPHID()))
	+ ->needPurchases(true)
	+ ->withInvoices(true)
	+ ->execute();
	+
	+ $header = id(new PHUIHeaderView())
	+ ->setHeader(pht('Invoices'));
	+
	+ $invoices_table = id(new PhortuneOrderTableView())
	+ ->setViewer($xviewer)
	+ ->setCarts($invoices)
	+ ->setIsInvoices(true);
	+
	+ return id(new PHUIObjectBoxView())
	+ ->setHeader($header)
	+ ->setBackground(PHUIObjectBoxView::BLUE_PROPERTY)
	+ ->setTable($invoices_table);
	+ }
	+
	+ private function newReceiptsView() {
	+ $xviewer = $this->getExternalViewer();
	+ $email = $this->getAccountEmail();
	+ $account = $email->getAccount();
	+
	+ $receipts = id(new PhortuneCartQuery())
	+ ->setViewer($xviewer)
	+ ->withAccountPHIDs(array($account->getPHID()))
	+ ->needPurchases(true)
	+ ->withInvoices(false)
	+ ->execute();
	+
	+ $header = id(new PHUIHeaderView())
	+ ->setHeader(pht('Receipts'));
	+
	+ $receipts_table = id(new PhortuneOrderTableView())
	+ ->setViewer($xviewer)
	+ ->setCarts($receipts);
	+
	+ return id(new PHUIObjectBoxView())
	+ ->setHeader($header)
	+ ->setBackground(PHUIObjectBoxView::BLUE_PROPERTY)
	+ ->setTable($receipts_table);
	+ }
	+
	+}
	diff --git a/src/applications/phortune/query/PhortuneAccountEmailQuery.php b/src/applications/phortune/query/PhortuneAccountEmailQuery.php
	--- a/src/applications/phortune/query/PhortuneAccountEmailQuery.php
	+++ b/src/applications/phortune/query/PhortuneAccountEmailQuery.php
	@@ -6,6 +6,7 @@
	private $ids;
	private $phids;
	private $accountPHIDs;
	+ private $addressKeys;

	public function withIDs(array $ids) {
	$this->ids = $ids;
	@@ -22,6 +23,11 @@
	return $this;
	}

	+ public function withAddressKeys(array $keys) {
	+ $this->addressKeys = $keys;
	+ return $this;
	+ }
	+
	public function newResultObject() {
	return new PhortuneAccountEmail();
	}
	@@ -77,6 +83,13 @@
	$this->accountPHIDs);
	}

	+ if ($this->addressKeys !== null) {
	+ $where[] = qsprintf(
	+ $conn,
	+ 'address.addressKey IN (%Ls)',
	+ $this->addressKeys);
	+ }
	+
	return $where;
	}

	diff --git a/src/applications/phortune/storage/PhortuneAccountEmail.php b/src/applications/phortune/storage/PhortuneAccountEmail.php
	--- a/src/applications/phortune/storage/PhortuneAccountEmail.php
	+++ b/src/applications/phortune/storage/PhortuneAccountEmail.php
	@@ -78,6 +78,13 @@
	$this->getID());
	}

	+ public function getExternalURI() {
	+ return urisprintf(
	+ '/phortune/external/%s/%s/',
	+ $this->getAddressKey(),
	+ $this->getAccessKey());
	+ }
	+

	/* -( PhabricatorPolicyInterface )----------------------------------------- */

	diff --git a/src/applications/phortune/view/PhortuneOrderTableView.php b/src/applications/phortune/view/PhortuneOrderTableView.php
	--- a/src/applications/phortune/view/PhortuneOrderTableView.php
	+++ b/src/applications/phortune/view/PhortuneOrderTableView.php
	@@ -49,6 +49,7 @@

	$is_invoices = $this->getIsInvoices();
	$is_merchant = $this->getIsMerchantView();
	+ $is_external = (!$viewer->getPHID());

	$phids = array();
	foreach ($carts as $cart) {
	@@ -69,14 +70,18 @@

	if (count($purchases) == 1) {
	$purchase = head($purchases);
	- $purchase_name = $handles[$purchase->getPHID()]->renderLink();
	+ $purchase_name = $handles[$purchase->getPHID()]->getName();
	$purchases = array();
	} else {
	$purchase_name = '';
	}

	if ($is_invoices) {
	- $merchant_link = $handles[$cart->getMerchantPHID()]->renderLink();
	+ if ($is_external) {
	+ $merchant_link = $handles[$cart->getMerchantPHID()]->getName();
	+ } else {
	+ $merchant_link = $handles[$cart->getMerchantPHID()]->renderLink();
	+ }
	} else {
	$merchant_link = null;
	}
	@@ -97,13 +102,12 @@
	PhortuneCart::getNameForStatus($cart->getStatus()),
	phabricator_datetime($cart->getDateModified(), $viewer),
	phabricator_datetime($cart->getDateCreated(), $viewer),
	- phutil_tag(
	- 'a',
	- array(
	- 'href' => $cart->getCheckoutURI(),
	- 'class' => 'small button button-green',
	- ),
	- pht('Pay Now')),
	+ id(new PHUIButtonView())
	+ ->setTag('a')
	+ ->setColor('green')
	+ ->setHref($cart->getCheckoutURI())
	+ ->setText(pht('Pay Now'))
	+ ->setIcon('fa-credit-card'),
	);
	foreach ($purchases as $purchase) {
	$id = $purchase->getID();
	@@ -164,7 +168,7 @@

	// We show "Pay Now" for due invoices, but not if the viewer is the
	// merchant, since it doesn't make sense for them to pay.
	- ($is_invoices && !$is_merchant),
	+ ($is_invoices && !$is_merchant && !$is_external),
	));

	return $table;

File Metadata

Mime Type: text/plain
Expires: Tue, Mar 18, 9:53 AM (2 w, 4 d ago)
Storage Engine: blob
Storage Format: Encrypted (AES-256-CBC)
Storage Handle: 7223485
Default Alt Text: D20737.id49450.diff (13 KB)

D20737.id49450.diffNo OneTemporaryActions

D20737.id49450.diffView Options

File Metadata

Event Timeline

D20737.id49450.diff
No OneTemporary
Actions

D20737.id49450.diff
View Options