@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Allow broader HTTP access to public repositories, respect nonstandard Phabricator HTTP port when generating repository URIs
Summary:
Fixes T11030. Fixes T11032.
- Allow HTTP access to "Public" repositories even if `diffusion.allow-http-auth` is disabled.
- If you run Phabricator on an unusual port (???) use that port as the default when generating HTTP URIs.
Test Plan:
- Faked `phabricator.base-uri` to an unusual port, saw repository HTTP URI generate with an unusual port.
- Disabled `diffusion.allow-http-auth`, confirmed that toggling view policy between "public" and "users" activated or deactivated HTTP clone URI.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T11030, T11032
Differential Revision: https://secure.phabricator.com/D15973
+43
-9
+7
-1
src/applications/repository/storage/PhabricatorRepository.php
+7
-1
src/applications/repository/storage/PhabricatorRepository.php
···
2078
2078
PhabricatorRepositoryURI::BUILTIN_IDENTIFIER_ID => true,
2079
2079
);
2080
2080
2081
-
$allow_http = PhabricatorEnv::getEnvConfig('diffusion.allow-http-auth');
2081
+
// If the view policy of the repository is public, support anonymous HTTP
2082
+
// even if authenticated HTTP is not supported.
2083
+
if ($this->getViewPolicy() === PhabricatorPolicies::POLICY_PUBLIC) {
2084
+
$allow_http = true;
2085
+
} else {
2086
+
$allow_http = PhabricatorEnv::getEnvConfig('diffusion.allow-http-auth');
2087
+
}
2082
2088
2083
2089
$base_uri = PhabricatorEnv::getURI('/');
2084
2090
$base_uri = new PhutilURI($base_uri);
+32
-6
src/applications/repository/storage/PhabricatorRepositoryURI.php
+32
-6
src/applications/repository/storage/PhabricatorRepositoryURI.php
···
379
379
}
380
380
381
381
private function getForcedPort() {
382
-
switch ($this->getBuiltinProtocol()) {
383
-
case self::BUILTIN_PROTOCOL_SSH:
384
-
return PhabricatorEnv::getEnvConfig('diffusion.ssh-port');
385
-
case self::BUILTIN_PROTOCOL_HTTP:
386
-
case self::BUILTIN_PROTOCOL_HTTPS:
387
-
default:
382
+
$protocol = $this->getBuiltinProtocol();
383
+
384
+
if ($protocol == self::BUILTIN_PROTOCOL_SSH) {
385
+
return PhabricatorEnv::getEnvConfig('diffusion.ssh-port');
386
+
}
387
+
388
+
// If Phabricator is running on a nonstandard port, use that as the defualt
389
+
// port for URIs with the same protocol.
390
+
391
+
$is_http = ($protocol == self::BUILTIN_PROTOCOL_HTTP);
392
+
$is_https = ($protocol == self::BUILTIN_PROTOCOL_HTTPS);
393
+
394
+
if ($is_http || $is_https) {
395
+
$uri = PhabricatorEnv::getURI('/');
396
+
$uri = new PhutilURI($uri);
397
+
398
+
$port = $uri->getPort();
399
+
if (!$port) {
388
400
return null;
401
+
}
402
+
403
+
$uri_protocol = $uri->getProtocol();
404
+
$use_port =
405
+
($is_http && ($uri_protocol == 'http')) ||
406
+
($is_https && ($uri_protocol == 'https'));
407
+
408
+
if (!$use_port) {
409
+
return null;
410
+
}
411
+
412
+
return $port;
389
413
}
414
+
415
+
return null;
390
416
}
391
417
392
418
private function getForcedPath() {
+4
-2
src/docs/user/userguide/diffusion_uris.diviner
+4
-2
src/docs/user/userguide/diffusion_uris.diviner
···
173
173
**HTTP**: The `http://` clone URI will be available if these conditions are
174
174
satisfied:
175
175
176
-
- `diffusion.allow-http-auth` must be enabled.
176
+
- `diffusion.allow-http-auth` must be enabled or the repository view policy
177
+
must be "Public".
177
178
- The repository must be a Git or Mercurial repository.
178
179
- `security.require-https` must be disabled.
179
180
180
181
**HTTPS**: The `https://` clone URI will be available if these conditions are
181
182
satisfied:
182
183
183
-
- `diffusion.allow-http-auth` must be enabled.
184
+
- `diffusion.allow-http-auth` must be enabled or the repository view policy
185
+
must be "Public".
184
186
- The repository must be a Git or Mercurial repository.
185
187
- The `phabricator.base-uri` protocol must be `https://`.
186
188