Changeset View
Changeset View
Standalone View
Standalone View
src/applications/phragment/controller/PhragmentController.php
Show First 20 Lines • Show All 78 Lines • ▼ Show 20 Lines | protected function createCurrentFragmentView($fragment, $is_history_view) { | ||||
$file = null; | $file = null; | ||||
$file_uri = null; | $file_uri = null; | ||||
if (!$fragment->isDirectory()) { | if (!$fragment->isDirectory()) { | ||||
$file = id(new PhabricatorFileQuery()) | $file = id(new PhabricatorFileQuery()) | ||||
->setViewer($viewer) | ->setViewer($viewer) | ||||
->withPHIDs(array($fragment->getLatestVersion()->getFilePHID())) | ->withPHIDs(array($fragment->getLatestVersion()->getFilePHID())) | ||||
->executeOne(); | ->executeOne(); | ||||
if ($file !== null) { | if ($file !== null) { | ||||
$file_uri = $file->getBestURI(); | $file_uri = $file->getDownloadURI(); | ||||
} | } | ||||
} | } | ||||
$header = id(new PHUIHeaderView()) | $header = id(new PHUIHeaderView()) | ||||
->setHeader($fragment->getName()) | ->setHeader($fragment->getName()) | ||||
->setPolicyObject($fragment) | ->setPolicyObject($fragment) | ||||
->setUser($viewer); | ->setUser($viewer); | ||||
$can_edit = PhabricatorPolicyFilter::hasCapability( | |||||
epriestley: This shouldn't be possible, since viewing the fragment should imply having permission on the… | |||||
$viewer, | |||||
$fragment, | |||||
PhabricatorPolicyCapability::CAN_EDIT); | |||||
$zip_uri = $this->getApplicationURI("zip/".$fragment->getPath()); | |||||
$actions = id(new PhabricatorActionListView()) | $actions = id(new PhabricatorActionListView()) | ||||
->setUser($viewer) | ->setUser($viewer) | ||||
->setObject($fragment) | ->setObject($fragment) | ||||
->setObjectURI($fragment->getURI()); | ->setObjectURI($fragment->getURI()); | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('Download Fragment')) | ->setName(pht('Download Fragment')) | ||||
->setHref($file_uri) | ->setHref($this->isCorrectlyConfigured() ? $file_uri : null) | ||||
->setDisabled($file === null) | ->setDisabled($file === null || !$this->isCorrectlyConfigured()) | ||||
->setIcon('download')); | ->setIcon('download')); | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('Download Contents as ZIP')) | ->setName(pht('Download Contents as ZIP')) | ||||
->setHref($this->getApplicationURI("zip/".$fragment->getPath())) | ->setHref($this->isCorrectlyConfigured() ? $zip_uri : null) | ||||
->setDisabled(false) // TODO: Policy | ->setDisabled(!$this->isCorrectlyConfigured()) | ||||
->setIcon('zip')); | ->setIcon('zip')); | ||||
if (!$fragment->isDirectory()) { | if (!$fragment->isDirectory()) { | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('Update Fragment')) | ->setName(pht('Update Fragment')) | ||||
->setHref($this->getApplicationURI("update/".$fragment->getPath())) | ->setHref($this->getApplicationURI("update/".$fragment->getPath())) | ||||
->setDisabled(false) // TODO: Policy | ->setDisabled(!$can_edit) | ||||
->setWorkflow(!$can_edit) | |||||
->setIcon('edit')); | ->setIcon('edit')); | ||||
} else { | } else { | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('Convert to File')) | ->setName(pht('Convert to File')) | ||||
->setHref($this->getApplicationURI("update/".$fragment->getPath())) | ->setHref($this->getApplicationURI("update/".$fragment->getPath())) | ||||
->setDisabled(false) // TODO: Policy | ->setDisabled(!$can_edit) | ||||
->setWorkflow(!$can_edit) | |||||
->setIcon('edit')); | ->setIcon('edit')); | ||||
} | } | ||||
$actions->addAction( | |||||
id(new PhabricatorActionView()) | |||||
->setName(pht('Set Fragment Policies')) | |||||
->setHref($this->getApplicationURI("policy/".$fragment->getPath())) | |||||
->setDisabled(!$can_edit) | |||||
->setWorkflow(!$can_edit) | |||||
->setIcon('edit')); | |||||
if ($is_history_view) { | if ($is_history_view) { | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('View Child Fragments')) | ->setName(pht('View Child Fragments')) | ||||
->setHref($this->getApplicationURI("browse/".$fragment->getPath())) | ->setHref($this->getApplicationURI("browse/".$fragment->getPath())) | ||||
->setIcon('browse')); | ->setIcon('browse')); | ||||
} else { | } else { | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('View History')) | ->setName(pht('View History')) | ||||
->setHref($this->getApplicationURI("history/".$fragment->getPath())) | ->setHref($this->getApplicationURI("history/".$fragment->getPath())) | ||||
->setIcon('history')); | ->setIcon('history')); | ||||
} | } | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('Create Snapshot')) | ->setName(pht('Create Snapshot')) | ||||
->setHref($this->getApplicationURI( | ->setHref($this->getApplicationURI( | ||||
"snapshot/create/".$fragment->getPath())) | "snapshot/create/".$fragment->getPath())) | ||||
->setDisabled(false) // TODO: Policy | ->setDisabled(!$can_edit) | ||||
->setWorkflow(!$can_edit) | |||||
->setIcon('snapshot')); | ->setIcon('snapshot')); | ||||
$actions->addAction( | $actions->addAction( | ||||
id(new PhabricatorActionView()) | id(new PhabricatorActionView()) | ||||
->setName(pht('Promote Snapshot to Here')) | ->setName(pht('Promote Snapshot to Here')) | ||||
->setHref($this->getApplicationURI( | ->setHref($this->getApplicationURI( | ||||
"snapshot/promote/latest/".$fragment->getPath())) | "snapshot/promote/latest/".$fragment->getPath())) | ||||
->setWorkflow(true) | ->setWorkflow(true) | ||||
->setDisabled(false) // TODO: Policy | ->setDisabled(!$can_edit) | ||||
->setIcon('promote')); | ->setIcon('promote')); | ||||
$properties = id(new PHUIPropertyListView()) | $properties = id(new PHUIPropertyListView()) | ||||
->setUser($viewer) | ->setUser($viewer) | ||||
->setObject($fragment) | ->setObject($fragment) | ||||
->setActionList($actions); | ->setActionList($actions); | ||||
if (!$fragment->isDirectory()) { | if (!$fragment->isDirectory()) { | ||||
Show All 21 Lines | if (count($snapshot_phids) > 0) { | ||||
$this->renderHandlesForPHIDs($snapshot_phids)); | $this->renderHandlesForPHIDs($snapshot_phids)); | ||||
} | } | ||||
return id(new PHUIObjectBoxView()) | return id(new PHUIObjectBoxView()) | ||||
->setHeader($header) | ->setHeader($header) | ||||
->addPropertyList($properties); | ->addPropertyList($properties); | ||||
} | } | ||||
function renderConfigurationWarningIfRequired() { | |||||
$alt = PhabricatorEnv::getEnvConfig("security.alternate-file-domain"); | |||||
if ($alt === null) { | |||||
return id(new AphrontErrorView()) | |||||
->setTitle(pht('security.alternate-file-domain must be configured!')) | |||||
->setSeverity(AphrontErrorView::SEVERITY_ERROR) | |||||
->appendChild(phutil_tag('p', array(), pht( | |||||
'Because Phragment generates files (such as ZIP archives and '. | |||||
'patches) as they are requested, it requires that you configure '. | |||||
'the `security.alterate-file-domain` option. This option on it\'s '. | |||||
'own will also provide additional security when serving files '. | |||||
'across Phabricator.'))); | |||||
} | |||||
return null; | |||||
} | |||||
/** | |||||
* We use this to disable the download links if the alternate domain is | |||||
* not configured correctly. Although the download links will mostly work | |||||
* for logged in users without an alternate domain, the behaviour is | |||||
* reasonably non-consistent and will deny public users, even if policies | |||||
* are configured otherwise (because the Files app does not support showing | |||||
* the info page to viewers who are not logged in). | |||||
*/ | |||||
function isCorrectlyConfigured() { | |||||
$alt = PhabricatorEnv::getEnvConfig("security.alternate-file-domain"); | |||||
return $alt !== null; | |||||
} | |||||
} | } |
This shouldn't be possible, since viewing the fragment should imply having permission on the file if we're writing the edge. So a better fix is to remove this and start writing the edges.