Changeset View
Changeset View
Standalone View
Standalone View
src/applications/conduit/call/ConduitCall.php
| Show First 20 Lines • Show All 108 Lines • ▼ Show 20 Lines | if (!$this->shouldRequireAuthentication()) { | ||||
| // No auth requirement here. | // No auth requirement here. | ||||
| } else { | } else { | ||||
| $allow_public = $this->handler->shouldAllowPublic() && | $allow_public = $this->handler->shouldAllowPublic() && | ||||
| PhabricatorEnv::getEnvConfig('policy.allow-public'); | PhabricatorEnv::getEnvConfig('policy.allow-public'); | ||||
| if (!$allow_public) { | if (!$allow_public) { | ||||
| if (!$user->isLoggedIn() && !$user->isOmnipotent()) { | if (!$user->isLoggedIn() && !$user->isOmnipotent()) { | ||||
| // TODO: As per below, this should get centralized and cleaned up. | // TODO: As per below, this should get centralized and cleaned up. | ||||
| throw new ConduitException("ERR-INVALID-AUTH"); | throw new ConduitException('ERR-INVALID-AUTH'); | ||||
| } | } | ||||
| } | } | ||||
| // TODO: This would be slightly cleaner by just using a Query, but the | // TODO: This would be slightly cleaner by just using a Query, but the | ||||
| // Conduit auth workflow requires the Call and User be built separately. | // Conduit auth workflow requires the Call and User be built separately. | ||||
| // Just do it this way for the moment. | // Just do it this way for the moment. | ||||
| $application = $this->handler->getApplication(); | $application = $this->handler->getApplication(); | ||||
| if ($application) { | if ($application) { | ||||
| $can_view = PhabricatorPolicyFilter::hasCapability( | $can_view = PhabricatorPolicyFilter::hasCapability( | ||||
| $user, | $user, | ||||
| $application, | $application, | ||||
| PhabricatorPolicyCapability::CAN_VIEW); | PhabricatorPolicyCapability::CAN_VIEW); | ||||
| if (!$can_view) { | if (!$can_view) { | ||||
| throw new ConduitException( | throw new ConduitException( | ||||
| pht( | pht( | ||||
| "You do not have access to the application which provides this ". | 'You do not have access to the application which provides this '. | ||||
| "API method.")); | 'API method.')); | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| if (!$this->shouldForceLocal() && $this->servers) { | if (!$this->shouldForceLocal() && $this->servers) { | ||||
| $server = $this->pickRandomServer($this->servers); | $server = $this->pickRandomServer($this->servers); | ||||
| $client = new ConduitClient($server); | $client = new ConduitClient($server); | ||||
| $params = $this->request->getAllParameters(); | $params = $this->request->getAllParameters(); | ||||
| $params["__conduit__"]["isProxied"] = true; | $params['__conduit__']['isProxied'] = true; | ||||
| if ($this->handler->shouldRequireAuthentication()) { | if ($this->handler->shouldRequireAuthentication()) { | ||||
| $client->callMethodSynchronous( | $client->callMethodSynchronous( | ||||
| 'conduit.connect', | 'conduit.connect', | ||||
| array( | array( | ||||
| 'client' => 'PhabricatorConduit', | 'client' => 'PhabricatorConduit', | ||||
| 'clientVersion' => '1.0', | 'clientVersion' => '1.0', | ||||
| 'user' => $this->getUser()->getUserName(), | 'user' => $this->getUser()->getUserName(), | ||||
| 'certificate' => $this->getUser()->getConduitCertificate(), | 'certificate' => $this->getUser()->getConduitCertificate(), | ||||
| '__conduit__' => $params["__conduit__"], | '__conduit__' => $params['__conduit__'], | ||||
| )); | )); | ||||
| } | } | ||||
| return $client->callMethodSynchronous( | return $client->callMethodSynchronous( | ||||
| $this->method, | $this->method, | ||||
| $params); | $params); | ||||
| } else { | } else { | ||||
| return $this->handler->executeMethod($this->request); | return $this->handler->executeMethod($this->request); | ||||
| ▲ Show 20 Lines • Show All 50 Lines • Show Last 20 Lines | |||||