Differential D10985 Diff 26395 src/applications/conduit/controller/PhabricatorConduitTokenEditController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/conduit/controller/PhabricatorConduitTokenEditController.php
- This file was added.
| <?php | |||||
| final class PhabricatorConduitTokenEditController | |||||
| extends PhabricatorConduitController { | |||||
| public function handleRequest(AphrontRequest $request) { | |||||
| $viewer = $request->getViewer(); | |||||
| $id = $request->getURIData('id'); | |||||
| if ($id) { | |||||
| $token = id(new PhabricatorConduitTokenQuery()) | |||||
| ->setViewer($viewer) | |||||
| ->withIDs(array($id)) | |||||
| ->withExpired(false) | |||||
| ->requireCapabilities( | |||||
| array( | |||||
| PhabricatorPolicyCapability::CAN_VIEW, | |||||
| PhabricatorPolicyCapability::CAN_EDIT, | |||||
| )) | |||||
| ->executeOne(); | |||||
| if (!$token) { | |||||
| return new Aphront404Response(); | |||||
| } | |||||
| $object = $token->getObject(); | |||||
| $is_new = false; | |||||
| $title = pht('View API Token'); | |||||
| } else { | |||||
| $object = id(new PhabricatorObjectQuery()) | |||||
| ->setViewer($viewer) | |||||
| ->withPHIDs(array($request->getStr('objectPHID'))) | |||||
| ->requireCapabilities( | |||||
| array( | |||||
| PhabricatorPolicyCapability::CAN_VIEW, | |||||
| PhabricatorPolicyCapability::CAN_EDIT, | |||||
| )) | |||||
| ->executeOne(); | |||||
| if (!$object) { | |||||
| return new Aphront404Response(); | |||||
| } | |||||
| $token = PhabricatorConduitToken::initializeNewToken( | |||||
| $object->getPHID(), | |||||
| PhabricatorConduitToken::TYPE_STANDARD); | |||||
| $is_new = true; | |||||
| $title = pht('Generate API Token'); | |||||
| $submit_button = pht('Generate Token'); | |||||
| } | |||||
| if ($viewer->getPHID() == $object->getPHID()) { | |||||
| $panel_uri = '/settings/panel/apitokens/'; | |||||
| } else { | |||||
| $panel_uri = '/settings/'.$object->getID().'/panel/apitokens/'; | |||||
| } | |||||
| id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession( | |||||
| $viewer, | |||||
| $request, | |||||
| $panel_uri); | |||||
| if ($request->isFormPost()) { | |||||
| $token->save(); | |||||
| if ($is_new) { | |||||
| $token_uri = '/conduit/token/edit/'.$token->getID().'/'; | |||||
| } else { | |||||
| $token_uri = $panel_uri; | |||||
| } | |||||
| return id(new AphrontRedirectResponse())->setURI($token_uri); | |||||
| } | |||||
| $dialog = $this->newDialog() | |||||
| ->setTitle($title) | |||||
| ->addHiddenInput('objectPHID', $object->getPHID()); | |||||
| if ($is_new) { | |||||
| $dialog | |||||
| ->appendParagraph(pht('Generate a new API token?')) | |||||
| ->addSubmitButton($submit_button) | |||||
| ->addCancelButton($panel_uri); | |||||
| } else { | |||||
| $form = id(new AphrontFormView()) | |||||
| ->setUser($viewer) | |||||
| ->appendChild( | |||||
| id(new AphrontFormTextControl()) | |||||
| ->setLabel(pht('Token')) | |||||
| ->setValue($token->getToken())); | |||||
| $dialog | |||||
| ->appendForm($form) | |||||
| ->addCancelButton($panel_uri, pht('Done')); | |||||
| } | |||||
| return $dialog; | |||||
| } | |||||
| } | |||||