diff --git a/src/applications/passphrase/conduit/PassphraseQueryConduitAPIMethod.php b/src/applications/passphrase/conduit/PassphraseQueryConduitAPIMethod.php index 07a8b0226e..0163cd5046 100644 --- a/src/applications/passphrase/conduit/PassphraseQueryConduitAPIMethod.php +++ b/src/applications/passphrase/conduit/PassphraseQueryConduitAPIMethod.php @@ -1,120 +1,132 @@ 'optional list', - 'phids' => 'optional list', - 'needSecrets' => 'optional bool', - 'needPublicKeys' => 'optional bool', - ) + $this->getPagerParamTypes(); + 'ids' => 'optional list', + 'phids' => 'optional list', + 'needSecrets' => 'optional bool', + 'needPublicKeys' => 'optional bool', + ); } protected function defineReturnType() { return 'list'; } protected function execute(ConduitAPIRequest $request) { - $query = id(new PassphraseCredentialQuery()) - ->setViewer($request->getUser()); + $query = $this->newQueryForRequest($request); if ($request->getValue('ids')) { $query->withIDs($request->getValue('ids')); } if ($request->getValue('phids')) { $query->withPHIDs($request->getValue('phids')); } if ($request->getValue('needSecrets')) { $query->needSecrets(true); } $pager = $this->newPager($request); $credentials = $query->executeWithCursorPager($pager); $results = array(); foreach ($credentials as $credential) { $type = PassphraseCredentialType::getTypeByConstant( $credential->getCredentialType()); if (!$type) { continue; } $public_key = null; if ($request->getValue('needPublicKeys') && $type->hasPublicKey()) { $public_key = $type->getPublicKey( $request->getUser(), $credential); } + $material = array(); + $secret = null; if ($request->getValue('needSecrets')) { if ($credential->getAllowConduit()) { - $secret = $credential->getSecret()->openEnvelope(); + $secret = $credential->getSecret(); + if ($secret) { + $secret = $secret->openEnvelope(); + } else { + $material['destroyed'] = pht( + 'The private material for this credential has been '. + 'destroyed.'); + } } } - $material = array(); switch ($credential->getCredentialType()) { case PassphraseCredentialTypeSSHPrivateKeyFile::CREDENTIAL_TYPE: if ($secret) { $material['file'] = $secret; } if ($public_key) { $material['publicKey'] = $public_key; } break; case PassphraseCredentialTypeSSHGeneratedKey::CREDENTIAL_TYPE: case PassphraseCredentialTypeSSHPrivateKeyText::CREDENTIAL_TYPE: if ($secret) { $material['privateKey'] = $secret; } if ($public_key) { $material['publicKey'] = $public_key; } break; case PassphraseCredentialTypePassword::CREDENTIAL_TYPE: if ($secret) { $material['password'] = $secret; } break; } if (!$credential->getAllowConduit()) { $material['noAPIAccess'] = pht( - 'This credential\'s private material '. - 'is not accessible via API calls.'); + 'This private material for this credential is not accessible via '. + 'API calls.'); } $results[$credential->getPHID()] = array( 'id' => $credential->getID(), 'phid' => $credential->getPHID(), 'type' => $credential->getCredentialType(), 'name' => $credential->getName(), + 'description' => $credential->getDescription(), 'uri' => PhabricatorEnv::getProductionURI('/'.$credential->getMonogram()), 'monogram' => $credential->getMonogram(), 'username' => $credential->getUsername(), 'material' => $material, ); } $result = array( 'data' => $results, ); return $this->addPagerResults($result, $pager); } }