src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php at recaptime-dev/main

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

phorge / src / applications / conduit / controller / PhabricatorConduitTokenTerminateController.php

at recaptime-dev/main 100 lines 2.9 kB view raw

wrap content

epriestley Clean up redirect URIs for "Temporary Tokens" and "API Tokens" settings panels 9y ago

ec8581ab

  1<?php
  2
  3final class PhabricatorConduitTokenTerminateController
  4  extends PhabricatorConduitController {
  5
  6  public function handleRequest(AphrontRequest $request) {
  7    $viewer = $request->getViewer();
  8    $object_phid = $request->getStr('objectPHID');
  9    $id = $request->getURIData('id');
 10
 11    if ($id) {
 12      $token = id(new PhabricatorConduitTokenQuery())
 13        ->setViewer($viewer)
 14        ->withIDs(array($id))
 15        ->withExpired(false)
 16        ->requireCapabilities(
 17          array(
 18            PhabricatorPolicyCapability::CAN_VIEW,
 19            PhabricatorPolicyCapability::CAN_EDIT,
 20          ))
 21        ->executeOne();
 22      if (!$token) {
 23        return new Aphront404Response();
 24      }
 25
 26      $tokens = array($token);
 27      $object_phid = $token->getObjectPHID();
 28
 29      $title = pht('Terminate API Token');
 30      $body = pht(
 31        'Really terminate this token? Any system using this token '.
 32        'will no longer be able to make API requests.');
 33      $submit_button = pht('Terminate Token');
 34    } else {
 35      $tokens = id(new PhabricatorConduitTokenQuery())
 36        ->setViewer($viewer)
 37        ->withObjectPHIDs(array($object_phid))
 38        ->withExpired(false)
 39        ->requireCapabilities(
 40          array(
 41            PhabricatorPolicyCapability::CAN_VIEW,
 42            PhabricatorPolicyCapability::CAN_EDIT,
 43          ))
 44        ->execute();
 45
 46      $title = pht('Terminate API Tokens');
 47      $body = pht(
 48        'Really terminate all active API tokens? Any systems using these '.
 49        'tokens will no longer be able to make API requests.');
 50      $submit_button = pht('Terminate Tokens');
 51    }
 52
 53    if ($object_phid != $viewer->getPHID()) {
 54      $object = id(new PhabricatorObjectQuery())
 55        ->setViewer($viewer)
 56        ->withPHIDs(array($object_phid))
 57        ->executeOne();
 58      if (!$object) {
 59        return new Aphront404Response();
 60      }
 61    } else {
 62      $object = $viewer;
 63    }
 64
 65    $panel_uri = id(new PhabricatorConduitTokensSettingsPanel())
 66      ->setViewer($viewer)
 67      ->setUser($object)
 68      ->getPanelURI();
 69
 70    id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
 71      $viewer,
 72      $request,
 73      $panel_uri);
 74
 75    if (!$tokens) {
 76      return $this->newDialog()
 77        ->setTitle(pht('No Tokens to Terminate'))
 78        ->appendParagraph(
 79          pht('There are no API tokens to terminate.'))
 80        ->addCancelButton($panel_uri);
 81    }
 82
 83    if ($request->isFormPost()) {
 84      foreach ($tokens as $token) {
 85        $token
 86          ->setExpires(PhabricatorTime::getNow() - 60)
 87          ->save();
 88      }
 89      return id(new AphrontRedirectResponse())->setURI($panel_uri);
 90    }
 91
 92    return $this->newDialog()
 93      ->setTitle($title)
 94      ->addHiddenInput('objectPHID', $object_phid)
 95      ->appendParagraph($body)
 96      ->addSubmitButton($submit_button)
 97      ->addCancelButton($panel_uri);
 98  }
 99
100}

Configure Feed

Configure Feed