[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  final class PhabricatorAuthRevokeTokenController
   4    extends PhabricatorAuthController {
   5  
   6    private $id;
   7  
   8    public function willProcessRequest(array $data) {
   9      $this->id = $data['id'];
  10    }
  11  
  12    public function processRequest() {
  13      $request = $this->getRequest();
  14      $viewer = $request->getUser();
  15  
  16      $is_all = ($this->id === 'all');
  17  
  18      $query = id(new PhabricatorAuthTemporaryTokenQuery())
  19        ->setViewer($viewer)
  20        ->withObjectPHIDs(array($viewer->getPHID()));
  21      if (!$is_all) {
  22        $query->withIDs(array($this->id));
  23      }
  24  
  25      $tokens = $query->execute();
  26      foreach ($tokens as $key => $token) {
  27        if (!$token->isRevocable()) {
  28          // Don't revoke unrevocable tokens.
  29          unset($tokens[$key]);
  30        }
  31      }
  32  
  33      $panel_uri = '/settings/panel/tokens/';
  34  
  35      if (!$tokens) {
  36        return $this->newDialog()
  37          ->setTitle(pht('No Matching Tokens'))
  38          ->appendParagraph(
  39            pht('There are no matching tokens to revoke.'))
  40          ->appendParagraph(
  41            pht(
  42              '(Some types of token can not be revoked, and you can not revoke '.
  43              'tokens which have already expired.)'))
  44          ->addCancelButton($panel_uri);
  45      }
  46  
  47      if ($request->isDialogFormPost()) {
  48        foreach ($tokens as $token) {
  49          $token->revokeToken();
  50        }
  51        return id(new AphrontRedirectResponse())->setURI($panel_uri);
  52      }
  53  
  54      if ($is_all) {
  55        $title = pht('Revoke Tokens?');
  56        $short = pht('Revoke Tokens');
  57        $body = pht(
  58          'Really revoke all tokens? Among other temporary authorizations, '.
  59          'this will disable any outstanding password reset or account '.
  60          'recovery links.');
  61      } else {
  62        $title = pht('Revoke Token?');
  63        $short = pht('Revoke Token');
  64        $body = pht(
  65          'Really revoke this token? Any temporary authorization it enables '.
  66          'will be disabled.');
  67      }
  68  
  69      return $this->newDialog()
  70        ->setTitle($title)
  71        ->setShortTitle($short)
  72        ->appendParagraph($body)
  73        ->addSubmitButton(pht('Revoke'))
  74        ->addCancelButton($panel_uri);
  75    }
  76  
  77  
  78  }