diff --git a/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php b/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php index db5d4b9fcb..dfdfceb519 100644 --- a/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php +++ b/src/applications/diffusion/query/DiffusionPullLogSearchEngine.php @@ -1,170 +1,186 @@ newQuery(); if ($map['repositoryPHIDs']) { $query->withRepositoryPHIDs($map['repositoryPHIDs']); } if ($map['pullerPHIDs']) { $query->withPullerPHIDs($map['pullerPHIDs']); } if ($map['createdStart'] || $map['createdEnd']) { $query->withEpochBetween( $map['createdStart'], $map['createdEnd']); } return $query; } protected function buildCustomSearchFields() { return array( id(new PhabricatorSearchDatasourceField()) ->setDatasource(new DiffusionRepositoryDatasource()) ->setKey('repositoryPHIDs') ->setAliases(array('repository', 'repositories', 'repositoryPHID')) ->setLabel(pht('Repositories')) ->setDescription( pht('Search for pull logs for specific repositories.')), id(new PhabricatorUsersSearchField()) ->setKey('pullerPHIDs') ->setAliases(array('puller', 'pullers', 'pullerPHID')) ->setLabel(pht('Pullers')) ->setDescription( pht('Search for pull logs by specific users.')), id(new PhabricatorSearchDateField()) ->setLabel(pht('Created After')) ->setKey('createdStart'), id(new PhabricatorSearchDateField()) ->setLabel(pht('Created Before')) ->setKey('createdEnd'), ); } protected function newExportFields() { - return array( + $viewer = $this->requireViewer(); + + $fields = array( id(new PhabricatorPHIDExportField()) ->setKey('repositoryPHID') ->setLabel(pht('Repository PHID')), id(new PhabricatorStringExportField()) ->setKey('repository') ->setLabel(pht('Repository')), id(new PhabricatorPHIDExportField()) ->setKey('pullerPHID') ->setLabel(pht('Puller PHID')), id(new PhabricatorStringExportField()) ->setKey('puller') ->setLabel(pht('Puller')), id(new PhabricatorStringExportField()) ->setKey('protocol') ->setLabel(pht('Protocol')), id(new PhabricatorStringExportField()) ->setKey('result') ->setLabel(pht('Result')), id(new PhabricatorIntExportField()) ->setKey('code') ->setLabel(pht('Code')), id(new PhabricatorEpochExportField()) ->setKey('date') ->setLabel(pht('Date')), ); + + if ($viewer->getIsAdmin()) { + $fields[] = id(new PhabricatorStringExportField()) + ->setKey('remoteAddress') + ->setLabel(pht('Remote Address')); + } + + return $fields; } protected function newExportData(array $events) { $viewer = $this->requireViewer(); $phids = array(); foreach ($events as $event) { if ($event->getPullerPHID()) { $phids[] = $event->getPullerPHID(); } } $handles = $viewer->loadHandles($phids); $export = array(); foreach ($events as $event) { $repository = $event->getRepository(); if ($repository) { $repository_phid = $repository->getPHID(); $repository_name = $repository->getDisplayName(); } else { $repository_phid = null; $repository_name = null; } $puller_phid = $event->getPullerPHID(); if ($puller_phid) { $puller_name = $handles[$puller_phid]->getName(); } else { $puller_name = null; } - $export[] = array( + $map = array( 'repositoryPHID' => $repository_phid, 'repository' => $repository_name, 'pullerPHID' => $puller_phid, 'puller' => $puller_name, 'protocol' => $event->getRemoteProtocol(), 'result' => $event->getResultType(), 'code' => $event->getResultCode(), 'date' => $event->getEpoch(), ); + + if ($viewer->getIsAdmin()) { + $map['remoteAddress'] = $event->getRemoteAddress(); + } + + $export[] = $map; } return $export; } protected function getURI($path) { return '/diffusion/pulllog/'.$path; } protected function getBuiltinQueryNames() { return array( 'all' => pht('All Pull Logs'), ); } public function buildSavedQueryFromBuiltin($query_key) { $query = $this->newSavedQuery(); $query->setQueryKey($query_key); switch ($query_key) { case 'all': return $query; } return parent::buildSavedQueryFromBuiltin($query_key); } protected function renderResultList( array $logs, PhabricatorSavedQuery $query, array $handles) { $table = id(new DiffusionPullLogListView()) ->setViewer($this->requireViewer()) ->setLogs($logs); return id(new PhabricatorApplicationSearchResultView()) ->setTable($table); } } diff --git a/src/applications/diffusion/view/DiffusionPullLogListView.php b/src/applications/diffusion/view/DiffusionPullLogListView.php index f2e3280eba..8df35e2922 100644 --- a/src/applications/diffusion/view/DiffusionPullLogListView.php +++ b/src/applications/diffusion/view/DiffusionPullLogListView.php @@ -1,115 +1,105 @@ logs = $logs; return $this; } public function render() { $events = $this->logs; $viewer = $this->getViewer(); $handle_phids = array(); foreach ($events as $event) { if ($event->getPullerPHID()) { $handle_phids[] = $event->getPullerPHID(); } } $handles = $viewer->loadHandles($handle_phids); - // Figure out which repositories are editable. We only let you see remote - // IPs if you have edit capability on a repository. - $editable_repos = array(); - if ($events) { - $editable_repos = id(new PhabricatorRepositoryQuery()) - ->setViewer($viewer) - ->requireCapabilities( - array( - PhabricatorPolicyCapability::CAN_VIEW, - PhabricatorPolicyCapability::CAN_EDIT, - )) - ->withPHIDs(mpull($events, 'getRepositoryPHID')) - ->execute(); - $editable_repos = mpull($editable_repos, null, 'getPHID'); - } + // Only administrators can view remote addresses. + $remotes_visible = $viewer->getIsAdmin(); $rows = array(); - $any_host = false; foreach ($events as $event) { if ($event->getRepositoryPHID()) { $repository = $event->getRepository(); } else { $repository = null; } - // Reveal this if it's valid and the user can edit the repository. For - // invalid requests you currently have to go fishing in the database. - $remote_address = '-'; - if ($repository) { - if (isset($editable_repos[$event->getRepositoryPHID()])) { - $remote_address = $event->getRemoteAddress(); - } + if ($remotes_visible) { + $remote_address = $event->getRemoteAddress(); + } else { + $remote_address = null; } $event_id = $event->getID(); $repository_link = null; if ($repository) { $repository_link = phutil_tag( 'a', array( 'href' => $repository->getURI(), ), $repository->getDisplayName()); } $puller_link = null; if ($event->getPullerPHID()) { $puller_link = $viewer->renderHandle($event->getPullerPHID()); } $rows[] = array( $event_id, $repository_link, $puller_link, $remote_address, $event->getRemoteProtocolDisplayName(), $event->newResultIcon(), $event->getResultCode(), phabricator_datetime($event->getEpoch(), $viewer), ); } $table = id(new AphrontTableView($rows)) ->setHeaders( array( pht('Pull'), pht('Repository'), pht('Puller'), pht('From'), pht('Via'), null, pht('Code'), pht('Date'), )) ->setColumnClasses( array( 'n', '', '', 'n', 'wide', '', 'n', 'right', + )) + ->setColumnVisibility( + array( + true, + true, + true, + $remotes_visible, )); return $table; } } diff --git a/src/applications/diffusion/view/DiffusionPushLogListView.php b/src/applications/diffusion/view/DiffusionPushLogListView.php index 303f0519f6..77f28671c6 100644 --- a/src/applications/diffusion/view/DiffusionPushLogListView.php +++ b/src/applications/diffusion/view/DiffusionPushLogListView.php @@ -1,153 +1,140 @@ logs = $logs; return $this; } public function render() { $logs = $this->logs; $viewer = $this->getViewer(); $handle_phids = array(); foreach ($logs as $log) { $handle_phids[] = $log->getPusherPHID(); $device_phid = $log->getDevicePHID(); if ($device_phid) { $handle_phids[] = $device_phid; } } $handles = $viewer->loadHandles($handle_phids); - // Figure out which repositories are editable. We only let you see remote - // IPs if you have edit capability on a repository. - $editable_repos = array(); - if ($logs) { - $editable_repos = id(new PhabricatorRepositoryQuery()) - ->setViewer($viewer) - ->requireCapabilities( - array( - PhabricatorPolicyCapability::CAN_VIEW, - PhabricatorPolicyCapability::CAN_EDIT, - )) - ->withPHIDs(mpull($logs, 'getRepositoryPHID')) - ->execute(); - $editable_repos = mpull($editable_repos, null, 'getPHID'); - } + // Only administrators can view remote addresses. + $remotes_visible = $viewer->getIsAdmin(); $rows = array(); $any_host = false; foreach ($logs as $log) { $repository = $log->getRepository(); - // Reveal this if it's valid and the user can edit the repository. - $remote_address = '-'; - if (isset($editable_repos[$log->getRepositoryPHID()])) { + if ($remotes_visible) { $remote_address = $log->getPushEvent()->getRemoteAddress(); + } else { + $remote_address = null; } $event_id = $log->getPushEvent()->getID(); $old_ref_link = null; if ($log->getRefOld() != DiffusionCommitHookEngine::EMPTY_HASH) { $old_ref_link = phutil_tag( 'a', array( 'href' => $repository->getCommitURI($log->getRefOld()), ), $log->getRefOldShort()); } $device_phid = $log->getDevicePHID(); if ($device_phid) { $device = $viewer->renderHandle($device_phid); $any_host = true; } else { $device = null; } $rows[] = array( phutil_tag( 'a', array( 'href' => '/diffusion/pushlog/view/'.$event_id.'/', ), $event_id), phutil_tag( 'a', array( 'href' => $repository->getURI(), ), $repository->getDisplayName()), $viewer->renderHandle($log->getPusherPHID()), $remote_address, $log->getPushEvent()->getRemoteProtocol(), $device, $log->getRefType(), $log->getRefName(), $old_ref_link, phutil_tag( 'a', array( 'href' => $repository->getCommitURI($log->getRefNew()), ), $log->getRefNewShort()), // TODO: Make these human-readable. $log->getChangeFlags(), $log->getPushEvent()->getRejectCode(), $viewer->formatShortDateTime($log->getEpoch()), ); } $table = id(new AphrontTableView($rows)) ->setHeaders( array( pht('Push'), pht('Repository'), pht('Pusher'), pht('From'), pht('Via'), pht('Host'), pht('Type'), pht('Name'), pht('Old'), pht('New'), pht('Flags'), pht('Code'), pht('Date'), )) ->setColumnClasses( array( '', '', '', '', '', '', '', 'wide', 'n', 'n', 'right', )) ->setColumnVisibility( array( true, true, true, - true, + $remotes_visible, true, $any_host, )); return $table; } }