Use RepositoryQuery along common pathways · recaptime.dev/phorge@a096168

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

Use RepositoryQuery along common pathways

Summary: Ref T603. Make common repository queries (in Conduit and DiffusionRequest) policy-aware. These tend to get caugh by something else anyway, but tighten them up.

Test Plan: The conduit change already provided `user` everywhere. I verified that and browsed some pages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7060

epriestley 12 years ago a0961685 e7a7e431

+20 -9

2 changed files

expand all

src

applications

diffusion

conduit

ConduitAPI_diffusion_abstractquery_Method.php

request

DiffusionRequest.php

+4 -3

src/applications/diffusion/conduit/ConduitAPI_diffusion_abstractquery_Method.php

··· 43 43 $this->repository = $this->getDiffusionRequest()->getRepository(); 44 44 } else { 45 45 $callsign = $request->getValue('callsign'); 46 - $repository = id(new PhabricatorRepository())->loadOneWhere( 47 - 'callsign = %s', 48 - $callsign); 46 + $repository = id(new PhabricatorRepositoryQuery()) 47 + ->setViewer($request->getUser()) 48 + ->withCallsigns(array($callsign)) 49 + ->executeOne(); 49 50 if (!$repository) { 50 51 throw new ConduitException('ERR-UNKNOWN-REPOSITORY'); 51 52 }

+16 -6

src/applications/diffusion/request/DiffusionRequest.php

··· 46 46 * Parameters are: 47 47 * 48 48 * - `callsign` Repository callsign. Provide this or `repository`. 49 + * - `user` Viewing user. Required if `callsign` is provided. 49 50 * - `repository` Repository object. Provide this or `callsign`. 50 51 * - `branch` Optional, branch name. 51 52 * - `path` Optional, file path. ··· 63 64 } else if (!isset($data['repository']) && !isset($data['callsign'])) { 64 65 throw new Exception( 65 66 "One of 'repository' and 'callsign' is required."); 67 + } else if (isset($data['callsign']) && empty($data['user'])) { 68 + throw new Exception( 69 + "Parameter 'user' is required if 'callsign' is provided."); 66 70 } 67 71 68 72 if (isset($data['repository'])) { 69 73 $object = self::newFromRepository($data['repository']); 70 74 } else { 71 - $object = self::newFromCallsign($data['callsign']); 75 + $object = self::newFromCallsign($data['callsign'], $data['user']); 72 76 } 77 + 73 78 $object->initializeFromDictionary($data); 79 + 74 80 return $object; 75 81 } 76 82 ··· 89 95 AphrontRequest $request) { 90 96 91 97 $callsign = phutil_unescape_uri_path_component(idx($data, 'callsign')); 92 - $object = self::newFromCallsign($callsign); 98 + $object = self::newFromCallsign($callsign, $request->getUser()); 93 99 94 100 $use_branches = $object->getSupportsBranches(); 95 101 $parsed = self::parseRequestBlob(idx($data, 'dblob'), $use_branches); ··· 115 121 * Internal. Use @{method:newFromDictionary}, not this method. 116 122 * 117 123 * @param string Repository callsign. 124 + * @param PhabricatorUser Viewing user. 118 125 * @return DiffusionRequest New request object. 119 126 * @task new 120 127 */ 121 - final private static function newFromCallsign($callsign) { 122 - $repository = id(new PhabricatorRepository())->loadOneWhere( 123 - 'callsign = %s', 124 - $callsign); 128 + final private static function newFromCallsign( 129 + $callsign, 130 + PhabricatorUser $viewer) { 125 131 132 + $repository = id(new PhabricatorRepositoryQuery()) 133 + ->setViewer($viewer) 134 + ->withCallsigns(array($callsign)) 135 + ->executeOne(); 126 136 if (!$repository) { 127 137 throw new Exception("No such repository '{$callsign}'."); 128 138 }

Configure Feed

Configure Feed