Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F2307763
PhabricatorOAuthClientEditController.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
5 KB
Referenced Files
None
Subscribers
None
PhabricatorOAuthClientEditController.php
View Options
<?php
/**
* @group oauthserver
*/
final
class
PhabricatorOAuthClientEditController
extends
PhabricatorOAuthClientBaseController
{
private
$isEdit
;
protected
function
isClientEdit
()
{
return
$this
->
isEdit
;
}
private
function
setIsClientEdit
(
$is_edit
)
{
$this
->
isEdit
=
(
bool
)
$is_edit
;
return
$this
;
}
protected
function
getExtraClientFilters
()
{
if
(
$this
->
isClientEdit
())
{
$filters
=
array
(
array
(
'url'
=>
$this
->
getFilter
(),
'label'
=>
'Edit Client'
)
);
}
else
{
$filters
=
array
();
}
return
$filters
;
}
public
function
getFilter
()
{
if
(
$this
->
isClientEdit
())
{
$filter
=
'client/edit/'
.
$this
->
getClientPHID
();
}
else
{
$filter
=
'client/create'
;
}
return
$filter
;
}
public
function
processRequest
()
{
$request
=
$this
->
getRequest
();
$current_user
=
$request
->
getUser
();
$error
=
null
;
$bad_redirect
=
false
;
$phid
=
$this
->
getClientPHID
();
// if we have a phid, then we're editing
$this
->
setIsClientEdit
(
$phid
);
if
(
$this
->
isClientEdit
())
{
$client
=
id
(
new
PhabricatorOAuthServerClient
())
->
loadOneWhere
(
'phid = %s'
,
$phid
);
$title
=
'Edit OAuth Client'
;
// validate the client
if
(
empty
(
$client
))
{
return
new
Aphront404Response
();
}
if
(
$client
->
getCreatorPHID
()
!=
$current_user
->
getPHID
())
{
$message
=
'Access denied to edit client with id '
.
$phid
.
'. '
.
'Only the user who created the client has permission to '
.
'edit the client.'
;
return
id
(
new
Aphront403Response
())
->
setForbiddenText
(
$message
);
}
$submit_button
=
'Save OAuth Client'
;
$secret
=
null
;
// new client - much simpler
}
else
{
$client
=
new
PhabricatorOAuthServerClient
();
$title
=
'Create OAuth Client'
;
$submit_button
=
'Create OAuth Client'
;
$secret
=
Filesystem
::
readRandomCharacters
(
32
);
}
if
(
$request
->
isFormPost
())
{
$redirect_uri
=
$request
->
getStr
(
'redirect_uri'
);
$client
->
setName
(
$request
->
getStr
(
'name'
));
$client
->
setRedirectURI
(
$redirect_uri
);
if
(
$secret
)
{
$client
->
setSecret
(
$secret
);
}
$client
->
setCreatorPHID
(
$current_user
->
getPHID
());
$uri
=
new
PhutilURI
(
$redirect_uri
);
$server
=
new
PhabricatorOAuthServer
();
if
(!
$server
->
validateRedirectURI
(
$uri
))
{
$error
=
new
AphrontErrorView
();
$error
->
setSeverity
(
AphrontErrorView
::
SEVERITY_ERROR
);
$error
->
setTitle
(
'Redirect URI must be a fully qualified domain name '
.
'with no fragments. See '
.
'http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-3.1.2 '
.
'for more information on the correct format.'
);
$bad_redirect
=
true
;
}
else
{
$client
->
save
();
// refresh the phid in case its a create
$phid
=
$client
->
getPHID
();
if
(
$this
->
isClientEdit
())
{
return
id
(
new
AphrontRedirectResponse
())
->
setURI
(
'/oauthserver/client/?edited='
.
$phid
);
}
else
{
return
id
(
new
AphrontRedirectResponse
())
->
setURI
(
'/oauthserver/client/?new='
.
$phid
);
}
}
}
$panel
=
new
AphrontPanelView
();
if
(
$this
->
isClientEdit
())
{
$delete_button
=
phutil_tag
(
'a'
,
array
(
'href'
=>
$client
->
getDeleteURI
(),
'class'
=>
'grey button'
,
),
'Delete OAuth Client'
);
$panel
->
addButton
(
$delete_button
);
}
$panel
->
setHeader
(
$title
);
$form
=
id
(
new
AphrontFormView
())
->
setUser
(
$current_user
)
->
appendChild
(
id
(
new
AphrontFormTextControl
())
->
setLabel
(
'Name'
)
->
setName
(
'name'
)
->
setValue
(
$client
->
getName
()));
if
(
$this
->
isClientEdit
())
{
$form
->
appendChild
(
id
(
new
AphrontFormTextControl
())
->
setLabel
(
'ID'
)
->
setValue
(
$phid
))
->
appendChild
(
id
(
new
AphrontFormStaticControl
())
->
setLabel
(
'Secret'
)
->
setValue
(
$client
->
getSecret
()));
}
$form
->
appendChild
(
id
(
new
AphrontFormTextControl
())
->
setLabel
(
'Redirect URI'
)
->
setName
(
'redirect_uri'
)
->
setValue
(
$client
->
getRedirectURI
())
->
setError
(
$bad_redirect
));
if
(
$this
->
isClientEdit
())
{
$created
=
phabricator_datetime
(
$client
->
getDateCreated
(),
$current_user
);
$updated
=
phabricator_datetime
(
$client
->
getDateModified
(),
$current_user
);
$form
->
appendChild
(
id
(
new
AphrontFormStaticControl
())
->
setLabel
(
'Created'
)
->
setValue
(
$created
))
->
appendChild
(
id
(
new
AphrontFormStaticControl
())
->
setLabel
(
'Last Updated'
)
->
setValue
(
$updated
));
}
$form
->
appendChild
(
id
(
new
AphrontFormSubmitControl
())
->
setValue
(
$submit_button
));
$panel
->
appendChild
(
$form
);
return
$this
->
buildStandardPageResponse
(
array
(
$error
,
$panel
),
array
(
'title'
=>
$title
));
}
}
File Metadata
Details
Attached
Mime Type
text/x-php
Expires
Tue, Sep 16, 2:39 AM (1 d, 22 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
441462
Default Alt Text
PhabricatorOAuthClientEditController.php (5 KB)
Attached To
Mode
rP Phorge
Attached
Detach File
Event Timeline
Log In to Comment