Differential D10985 Diff 26378 src/applications/conduit/controller/PhabricatorConduitTokenEditController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/conduit/controller/PhabricatorConduitTokenEditController.php
- This file was added.
<?php | |||||
final class PhabricatorConduitTokenEditController | |||||
extends PhabricatorConduitController { | |||||
public function handleRequest(AphrontRequest $request) { | |||||
$viewer = $request->getViewer(); | |||||
$id = $request->getURIData('id'); | |||||
if ($id) { | |||||
$token = id(new PhabricatorConduitTokenQuery()) | |||||
->setViewer($viewer) | |||||
->withIDs(array($id)) | |||||
->withExpired(false) | |||||
->requireCapabilities( | |||||
array( | |||||
PhabricatorPolicyCapability::CAN_VIEW, | |||||
PhabricatorPolicyCapability::CAN_EDIT, | |||||
)) | |||||
->executeOne(); | |||||
if (!$token) { | |||||
return new Aphront404Response(); | |||||
} | |||||
$object = $token->getObject(); | |||||
$is_new = false; | |||||
$title = pht('View API Token'); | |||||
} else { | |||||
$object = id(new PhabricatorObjectQuery()) | |||||
->setViewer($viewer) | |||||
->withPHIDs(array($request->getStr('objectPHID'))) | |||||
->requireCapabilities( | |||||
array( | |||||
PhabricatorPolicyCapability::CAN_VIEW, | |||||
PhabricatorPolicyCapability::CAN_EDIT, | |||||
)) | |||||
->executeOne(); | |||||
if (!$object) { | |||||
return new Aphront404Response(); | |||||
} | |||||
$token = PhabricatorConduitToken::initializeNewToken( | |||||
$object->getPHID(), | |||||
PhabricatorConduitToken::TYPE_STANDARD); | |||||
$is_new = true; | |||||
$title = pht('Generate API Token'); | |||||
$submit_button = pht('Generate Token'); | |||||
} | |||||
if ($viewer->getPHID() == $object->getPHID()) { | |||||
$panel_uri = '/settings/panel/apitokens/'; | |||||
} else { | |||||
$panel_uri = '/settings/'.$object->getID().'/panel/apitokens/'; | |||||
} | |||||
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession( | |||||
$viewer, | |||||
$request, | |||||
$panel_uri); | |||||
if ($request->isFormPost()) { | |||||
$token->save(); | |||||
if ($is_new) { | |||||
$token_uri = '/conduit/token/edit/'.$token->getID().'/'; | |||||
} else { | |||||
$token_uri = $panel_uri; | |||||
} | |||||
return id(new AphrontRedirectResponse())->setURI($token_uri); | |||||
} | |||||
$dialog = $this->newDialog() | |||||
->setTitle($title) | |||||
->addHiddenInput('objectPHID', $object->getPHID()); | |||||
if ($is_new) { | |||||
$dialog | |||||
->appendParagraph(pht('Generate a new API token?')) | |||||
->addSubmitButton($submit_button) | |||||
->addCancelButton($panel_uri); | |||||
} else { | |||||
$form = id(new AphrontFormView()) | |||||
->setUser($viewer) | |||||
->appendChild( | |||||
id(new AphrontFormTextControl()) | |||||
->setLabel(pht('Token')) | |||||
->setValue($token->getToken())); | |||||
$dialog | |||||
->appendForm($form) | |||||
->addCancelButton($panel_uri, pht('Done')); | |||||
} | |||||
return $dialog; | |||||
} | |||||
} |