Changeset View
Changeset View
Standalone View
Standalone View
src/applications/base/controller/PhabricatorController.php
Show All 14 Lines | abstract class PhabricatorController extends AphrontController { | ||||
public function shouldRequireEnabledUser() { | public function shouldRequireEnabledUser() { | ||||
return true; | return true; | ||||
} | } | ||||
public function shouldAllowPublic() { | public function shouldAllowPublic() { | ||||
return false; | return false; | ||||
} | } | ||||
public function shouldAllowPartialSessions() { | |||||
return false; | |||||
} | |||||
public function shouldRequireEmailVerification() { | public function shouldRequireEmailVerification() { | ||||
return PhabricatorUserEmail::isEmailVerificationRequired(); | return PhabricatorUserEmail::isEmailVerificationRequired(); | ||||
} | } | ||||
public function shouldAllowRestrictedParameter($parameter_name) { | public function shouldAllowRestrictedParameter($parameter_name) { | ||||
return false; | return false; | ||||
} | } | ||||
Show All 17 Lines | if ($request->getUser()) { | ||||
if ($session_user) { | if ($session_user) { | ||||
$user = $session_user; | $user = $session_user; | ||||
} | } | ||||
} else { | } else { | ||||
// If the client doesn't have a session token, generate an anonymous | // If the client doesn't have a session token, generate an anonymous | ||||
// session. This is used to provide CSRF protection to logged-out users. | // session. This is used to provide CSRF protection to logged-out users. | ||||
$phsid = $session_engine->establishSession( | $phsid = $session_engine->establishSession( | ||||
PhabricatorAuthSession::TYPE_WEB, | PhabricatorAuthSession::TYPE_WEB, | ||||
null); | null, | ||||
$partial = false); | |||||
// This may be a resource request, in which case we just don't set | // This may be a resource request, in which case we just don't set | ||||
// the cookie. | // the cookie. | ||||
if ($request->canSetCookies()) { | if ($request->canSetCookies()) { | ||||
$request->setCookie(PhabricatorCookies::COOKIE_SESSION, $phsid); | $request->setCookie(PhabricatorCookies::COOKIE_SESSION, $phsid); | ||||
} | } | ||||
} | } | ||||
▲ Show 20 Lines • Show All 63 Lines • ▼ Show 20 Lines | $event = new PhabricatorEvent( | ||||
)); | )); | ||||
$event->setUser($user); | $event->setUser($user); | ||||
PhutilEventEngine::dispatchEvent($event); | PhutilEventEngine::dispatchEvent($event); | ||||
$checker_controller = $event->getValue('controller'); | $checker_controller = $event->getValue('controller'); | ||||
if ($checker_controller != $this) { | if ($checker_controller != $this) { | ||||
return $this->delegateToController($checker_controller); | return $this->delegateToController($checker_controller); | ||||
} | } | ||||
$auth_class = 'PhabricatorApplicationAuth'; | |||||
$auth_application = PhabricatorApplication::getByClass($auth_class); | |||||
// Require partial sessions to finish login before doing anything. | |||||
if (!$this->shouldAllowPartialSessions()) { | |||||
if ($user->hasSession() && | |||||
$user->getSession()->getIsPartial()) { | |||||
$login_controller = new PhabricatorAuthFinishController($request); | |||||
$this->setCurrentApplication($auth_application); | |||||
return $this->delegateToController($login_controller); | |||||
} | |||||
} | |||||
if ($this->shouldRequireLogin()) { | if ($this->shouldRequireLogin()) { | ||||
// This actually means we need either: | // This actually means we need either: | ||||
// - a valid user, or a public controller; and | // - a valid user, or a public controller; and | ||||
// - permission to see the application. | // - permission to see the application. | ||||
$auth_class = 'PhabricatorApplicationAuth'; | |||||
$auth_application = PhabricatorApplication::getByClass($auth_class); | |||||
$allow_public = $this->shouldAllowPublic() && | $allow_public = $this->shouldAllowPublic() && | ||||
PhabricatorEnv::getEnvConfig('policy.allow-public'); | PhabricatorEnv::getEnvConfig('policy.allow-public'); | ||||
// If this controller isn't public, and the user isn't logged in, require | // If this controller isn't public, and the user isn't logged in, require | ||||
// login. | // login. | ||||
if (!$allow_public && !$user->isLoggedIn()) { | if (!$allow_public && !$user->isLoggedIn()) { | ||||
$login_controller = new PhabricatorAuthStartController($request); | $login_controller = new PhabricatorAuthStartController($request); | ||||
$this->setCurrentApplication($auth_application); | $this->setCurrentApplication($auth_application); | ||||
▲ Show 20 Lines • Show All 332 Lines • Show Last 20 Lines |