Changeset View
Changeset View
Standalone View
Standalone View
src/applications/base/controller/PhabricatorController.php
| Show All 14 Lines | abstract class PhabricatorController extends AphrontController { | ||||
| public function shouldRequireEnabledUser() { | public function shouldRequireEnabledUser() { | ||||
| return true; | return true; | ||||
| } | } | ||||
| public function shouldAllowPublic() { | public function shouldAllowPublic() { | ||||
| return false; | return false; | ||||
| } | } | ||||
| public function shouldAllowPartialSessions() { | |||||
| return false; | |||||
| } | |||||
| public function shouldRequireEmailVerification() { | public function shouldRequireEmailVerification() { | ||||
| return PhabricatorUserEmail::isEmailVerificationRequired(); | return PhabricatorUserEmail::isEmailVerificationRequired(); | ||||
| } | } | ||||
| public function shouldAllowRestrictedParameter($parameter_name) { | public function shouldAllowRestrictedParameter($parameter_name) { | ||||
| return false; | return false; | ||||
| } | } | ||||
| Show All 17 Lines | if ($request->getUser()) { | ||||
| if ($session_user) { | if ($session_user) { | ||||
| $user = $session_user; | $user = $session_user; | ||||
| } | } | ||||
| } else { | } else { | ||||
| // If the client doesn't have a session token, generate an anonymous | // If the client doesn't have a session token, generate an anonymous | ||||
| // session. This is used to provide CSRF protection to logged-out users. | // session. This is used to provide CSRF protection to logged-out users. | ||||
| $phsid = $session_engine->establishSession( | $phsid = $session_engine->establishSession( | ||||
| PhabricatorAuthSession::TYPE_WEB, | PhabricatorAuthSession::TYPE_WEB, | ||||
| null); | null, | ||||
| $partial = false); | |||||
| // This may be a resource request, in which case we just don't set | // This may be a resource request, in which case we just don't set | ||||
| // the cookie. | // the cookie. | ||||
| if ($request->canSetCookies()) { | if ($request->canSetCookies()) { | ||||
| $request->setCookie(PhabricatorCookies::COOKIE_SESSION, $phsid); | $request->setCookie(PhabricatorCookies::COOKIE_SESSION, $phsid); | ||||
| } | } | ||||
| } | } | ||||
| ▲ Show 20 Lines • Show All 63 Lines • ▼ Show 20 Lines | $event = new PhabricatorEvent( | ||||
| )); | )); | ||||
| $event->setUser($user); | $event->setUser($user); | ||||
| PhutilEventEngine::dispatchEvent($event); | PhutilEventEngine::dispatchEvent($event); | ||||
| $checker_controller = $event->getValue('controller'); | $checker_controller = $event->getValue('controller'); | ||||
| if ($checker_controller != $this) { | if ($checker_controller != $this) { | ||||
| return $this->delegateToController($checker_controller); | return $this->delegateToController($checker_controller); | ||||
| } | } | ||||
| $auth_class = 'PhabricatorApplicationAuth'; | |||||
| $auth_application = PhabricatorApplication::getByClass($auth_class); | |||||
| // Require partial sessions to finish login before doing anything. | |||||
| if (!$this->shouldAllowPartialSessions()) { | |||||
| if ($user->hasSession() && | |||||
| $user->getSession()->getIsPartial()) { | |||||
| $login_controller = new PhabricatorAuthFinishController($request); | |||||
| $this->setCurrentApplication($auth_application); | |||||
| return $this->delegateToController($login_controller); | |||||
| } | |||||
| } | |||||
| if ($this->shouldRequireLogin()) { | if ($this->shouldRequireLogin()) { | ||||
| // This actually means we need either: | // This actually means we need either: | ||||
| // - a valid user, or a public controller; and | // - a valid user, or a public controller; and | ||||
| // - permission to see the application. | // - permission to see the application. | ||||
| $auth_class = 'PhabricatorApplicationAuth'; | |||||
| $auth_application = PhabricatorApplication::getByClass($auth_class); | |||||
| $allow_public = $this->shouldAllowPublic() && | $allow_public = $this->shouldAllowPublic() && | ||||
| PhabricatorEnv::getEnvConfig('policy.allow-public'); | PhabricatorEnv::getEnvConfig('policy.allow-public'); | ||||
| // If this controller isn't public, and the user isn't logged in, require | // If this controller isn't public, and the user isn't logged in, require | ||||
| // login. | // login. | ||||
| if (!$allow_public && !$user->isLoggedIn()) { | if (!$allow_public && !$user->isLoggedIn()) { | ||||
| $login_controller = new PhabricatorAuthStartController($request); | $login_controller = new PhabricatorAuthStartController($request); | ||||
| $this->setCurrentApplication($auth_application); | $this->setCurrentApplication($auth_application); | ||||
| ▲ Show 20 Lines • Show All 332 Lines • Show Last 20 Lines | |||||