Commit a8e9da4a authored by Chad Little's avatar Chad Little
Browse files

Update Conduit for handleRequest

Summary: Ref T8628. Updates Conduit for handleRequest

Test Plan: Use Conduit, test list, method calls, try a query, post this diff.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T8628

Differential Revision: https://secure.phabricator.com/D14265
parent 47824914
......@@ -7,18 +7,9 @@ final class PhabricatorConduitAPIController
return false;
}
private $method;
public function willProcessRequest(array $data) {
$this->method = $data['method'];
return $this;
}
public function processRequest() {
public function handleRequest(AphrontRequest $request) {
$method = $request->getURIData('method');
$time_start = microtime(true);
$request = $this->getRequest();
$method = $this->method;
$api_request = null;
$method_implementation = null;
......@@ -55,7 +46,7 @@ final class PhabricatorConduitAPIController
$conduit_username = '-';
if ($call->shouldRequireAuthentication()) {
$metadata['scope'] = $call->getRequiredScope();
$auth_error = $this->authenticateUser($api_request, $metadata);
$auth_error = $this->authenticateUser($api_request, $metadata, $method);
// If we've explicitly authenticated the user here and either done
// CSRF validation or are using a non-web authentication mechanism.
$allow_unguarded_writes = true;
......@@ -169,7 +160,8 @@ final class PhabricatorConduitAPIController
*/
private function authenticateUser(
ConduitAPIRequest $api_request,
array $metadata) {
array $metadata,
$method) {
$request = $this->getRequest();
......@@ -207,7 +199,7 @@ final class PhabricatorConduitAPIController
unset($protocol_data['scope']);
ConduitClient::verifySignature(
$this->method,
$method,
$api_request->getAllParameters(),
$protocol_data,
$ssl_public_key);
......
......@@ -3,19 +3,13 @@
final class PhabricatorConduitListController
extends PhabricatorConduitController {
private $queryKey;
public function shouldAllowPublic() {
return true;
}
public function willProcessRequest(array $data) {
$this->queryKey = idx($data, 'queryKey');
}
public function processRequest() {
public function handleRequest(AphrontRequest $request) {
$controller = id(new PhabricatorApplicationSearchController())
->setQueryKey($this->queryKey)
->setQueryKey($request->getURIData('queryKey'))
->setSearchEngine(new PhabricatorConduitSearchEngine())
->setNavigation($this->buildSideNavView());
return $this->delegateToController($controller);
......
......@@ -3,9 +3,8 @@
final class PhabricatorConduitLogController
extends PhabricatorConduitController {
public function processRequest() {
$request = $this->getRequest();
$viewer = $request->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer();
$conn_table = new PhabricatorConduitConnectionLog();
$call_table = new PhabricatorConduitMethodCallLog();
......
......@@ -3,11 +3,11 @@
final class PhabricatorConduitTokenController
extends PhabricatorConduitController {
public function processRequest() {
$user = $this->getRequest()->getUser();
public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer();
id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
$user,
$viewer,
$this->getRequest(),
'/');
......@@ -19,13 +19,13 @@ final class PhabricatorConduitTokenController
$old_token = id(new PhabricatorConduitCertificateToken())
->loadOneWhere(
'userPHID = %s',
$user->getPHID());
$viewer->getPHID());
if ($old_token) {
$old_token->delete();
}
$token = id(new PhabricatorConduitCertificateToken())
->setUserPHID($user->getPHID())
->setUserPHID($viewer->getPHID())
->setToken(Filesystem::readRandomCharacters(40))
->save();
......@@ -42,7 +42,7 @@ final class PhabricatorConduitTokenController
Javelin::initBehavior('select-on-click');
$form = id(new AphrontFormView())
->setUser($user)
->setUser($viewer)
->appendRemarkupInstructions($pre_instructions)
->appendChild(
id(new AphrontFormTextAreaControl())
......
......@@ -5,8 +5,8 @@ final class PhabricatorConduitTokenEditController
public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer();
$id = $request->getURIData('id');
if ($id) {
$token = id(new PhabricatorConduitTokenQuery())
->setViewer($viewer)
......
......@@ -5,9 +5,9 @@ final class PhabricatorConduitTokenTerminateController
public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer();
$object_phid = $request->getStr('objectPHID');
$id = $request->getURIData('id');
if ($id) {
$token = id(new PhabricatorConduitTokenQuery())
->setViewer($viewer)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment