Changeset View
Changeset View
Standalone View
Standalone View
src/applications/files/controller/PhabricatorFileDataController.php
Show First 20 Lines • Show All 113 Lines • ▼ Show 20 Lines | private function loadFile() { | ||||
// the URI. Knowledge of this secret is sufficient to retrieve the file. | // the URI. Knowledge of this secret is sufficient to retrieve the file. | ||||
// For some requests, we also have a valid viewer. However, for many | // For some requests, we also have a valid viewer. However, for many | ||||
// requests (like alternate domain requests or Git LFS requests) we will | // requests (like alternate domain requests or Git LFS requests) we will | ||||
// not. Even if we do have a valid viewer, use the omnipotent viewer to | // not. Even if we do have a valid viewer, use the omnipotent viewer to | ||||
// make this logic simpler and more consistent. | // make this logic simpler and more consistent. | ||||
// Beyond making the policy check itself more consistent, this also makes | // Beyond making the policy check itself more consistent, this also makes | ||||
// sure we're consitent about returning HTTP 404 on bad requests instead | // sure we're consistent about returning HTTP 404 on bad requests instead | ||||
// of serving HTTP 200 with a login page, which can mislead some clients. | // of serving HTTP 200 with a login page, which can mislead some clients. | ||||
$viewer = PhabricatorUser::getOmnipotentUser(); | $viewer = PhabricatorUser::getOmnipotentUser(); | ||||
$file = id(new PhabricatorFileQuery()) | $file = id(new PhabricatorFileQuery()) | ||||
->setViewer($viewer) | ->setViewer($viewer) | ||||
->withPHIDs(array($this->phid)) | ->withPHIDs(array($this->phid)) | ||||
->withIsDeleted(false) | ->withIsDeleted(false) | ||||
▲ Show 20 Lines • Show All 61 Lines • Show Last 20 Lines |