@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Conduit: Add error handling calling token.give without objectPHID
Summary:
Throw a ConduitException when no objectPHID is passed instead of silently failing when trying to delete a token being `null`.
As a side effect, fix a PHP 8.5 deprecation warning.
Closes T16436
Test Plan: Go to http://phorge.localhost/conduit/method/token.give/ and press "Call Method". Try also after entering a random string in the "tokenPHID" field.
Reviewers: O1 Blessed Committers, mainframe98
Reviewed By: O1 Blessed Committers, mainframe98
Subscribers: mainframe98, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno
Maniphest Tasks: T16436
Differential Revision: https://we.phorge.it/D26647
+15
-2
+15
-2
src/applications/tokens/conduit/TokenGiveConduitAPIMethod.php
+15
-2
src/applications/tokens/conduit/TokenGiveConduitAPIMethod.php
···
21
21
return 'void';
22
22
}
23
23
24
+
protected function defineErrorTypes() {
25
+
return array(
26
+
'ERR-BAD-PHID' => pht(
27
+
'Must pass a PHID for parameter "%s".',
28
+
'objectPHID'),
29
+
);
30
+
}
31
+
24
32
protected function execute(ConduitAPIRequest $request) {
25
33
$content_source = $request->newContentSource();
34
+
$phid = $request->getValue('objectPHID');
35
+
36
+
if ($phid === null) {
37
+
throw new ConduitException('ERR-BAD-PHID');
38
+
}
26
39
27
40
$editor = id(new PhabricatorTokenGivenEditor())
28
41
->setActor($request->getUser())
···
30
43
31
44
if ($request->getValue('tokenPHID')) {
32
45
$editor->addToken(
33
-
$request->getValue('objectPHID'),
46
+
$phid,
34
47
$request->getValue('tokenPHID'));
35
48
} else {
36
-
$editor->deleteToken($request->getValue('objectPHID'));
49
+
$editor->deleteToken($phid);
37
50
}
38
51
}
39
52