Differential D15594 Diff 37614 src/applications/conduit/controller/PhabricatorConduitAPIController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/conduit/controller/PhabricatorConduitAPIController.php
| Show First 20 Lines • Show All 389 Lines • ▼ Show 20 Lines | if ($access_token) { | ||||
| $ok = $this->authorizeOAuthMethodAccess($authorization, $method); | $ok = $this->authorizeOAuthMethodAccess($authorization, $method); | ||||
| if (!$ok) { | if (!$ok) { | ||||
| return array( | return array( | ||||
| 'ERR-OAUTH-ACCESS', | 'ERR-OAUTH-ACCESS', | ||||
| pht('You do not have authorization to call this method.'), | pht('You do not have authorization to call this method.'), | ||||
| ); | ); | ||||
| } | } | ||||
| $api_request->setOAuthToken($token); | |||||
| return $this->validateAuthenticatedUser( | return $this->validateAuthenticatedUser( | ||||
| $api_request, | $api_request, | ||||
| $user); | $user); | ||||
| } | } | ||||
| // Handle sessionless auth. | // Handle sessionless auth. | ||||
| // TODO: This is super messy. | // TODO: This is super messy. | ||||
| // TODO: Remove this in favor of token-based auth. | // TODO: Remove this in favor of token-based auth. | ||||
| ▲ Show 20 Lines • Show All 265 Lines • Show Last 20 Lines | |||||