Differential D10985 Diff 26395 src/applications/conduit/storage/PhabricatorConduitToken.php

Changeset View

Standalone View

src/applications/conduit/storage/PhabricatorConduitToken.php

This file was added.

				<?php

				final class PhabricatorConduitToken
				extends PhabricatorConduitDAO
				implements PhabricatorPolicyInterface {

				protected $objectPHID;
				protected $tokenType;
				protected $token;
				protected $expires;

				private $object = self::ATTACHABLE;

				const TYPE_STANDARD = 'api';
				const TYPE_TEMPORARY = 'tmp';

				public function getConfiguration() {
				return array(
				self::CONFIG_COLUMN_SCHEMA => array(
				'tokenType' => 'text32',
				'token' => 'text32',
				'expires' => 'epoch?',
				),
				self::CONFIG_KEY_SCHEMA => array(
				'key_object' => array(
				'columns' => array('objectPHID', 'tokenType'),
				),
				'key_token' => array(
				'columns' => array('token'),
				'unique' => true,
				),
				'key_expires' => array(
				'columns' => array('expires'),
				),
				),
				) + parent::getConfiguration();
				}

				public static function initializeNewToken($object_phid, $token_type) {
				$token = new PhabricatorConduitToken();
				$token->objectPHID = $object_phid;
				$token->tokenType = $token_type;
				$token->expires = $token->getTokenExpires($token_type);

				$secret = $token_type.'-'.Filesystem::readRandomCharacters(32);
				$secret = substr($secret, 0, 32);
				$token->token = $secret;

				return $token;
				}

				public static function getTokenTypeName($type) {
				$map = array(
				self::TYPE_STANDARD => pht('Standard API Token'),
				self::TYPE_TEMPORARY => pht('Temporary API Token'),
				);

				return idx($map, $type, $type);
				}

				private function getTokenExpires($token_type) {
				switch ($token_type) {
				case self::TYPE_STANDARD:
				return null;
				case self::TYPE_TEMPORARY:
				return PhabricatorTime::getNow() + phutil_units('24h in seconds');
				default:
				throw new Exception(
				pht('Unknown Conduit token type "%s"!', $token_type));
				}
				}

				public function getObject() {
				return $this->assertAttached($this->object);
				}

				public function attachObject(PhabricatorUser $object) {
				$this->object = $object;
				return $this;
				}


				/* -( PhabricatorPolicyInterface )----------------------------------------- */


				public function getCapabilities() {
				return array(
				PhabricatorPolicyCapability::CAN_VIEW,
				PhabricatorPolicyCapability::CAN_EDIT,
				);
				}

				public function getPolicy($capability) {
				return $this->getObject()->getPolicy($capability);
				}

				public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
				return $this->getObject()->hasAutomaticCapability($capability, $viewer);
				}

				public function describeAutomaticCapability($capability) {
				return pht(
				'Conduit tokens inherit the policies of the user they authenticate.');
				}

				}