[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  final class PhabricatorFileDropUploadController
   4    extends PhabricatorFileController {
   5  
   6    /**
   7     * @phutil-external-symbol class PhabricatorStartup
   8     */
   9    public function processRequest() {
  10      $request = $this->getRequest();
  11      $viewer = $request->getUser();
  12  
  13      // NOTE: Throws if valid CSRF token is not present in the request.
  14      $request->validateCSRF();
  15  
  16      $data = PhabricatorStartup::getRawInput();
  17      $name = $request->getStr('name');
  18  
  19      // If there's no explicit view policy, make it very restrictive by default.
  20      // This is the correct policy for files dropped onto objects during
  21      // creation, comment and edit flows.
  22  
  23      $view_policy = $request->getStr('viewPolicy');
  24      if (!$view_policy) {
  25        $view_policy = $viewer->getPHID();
  26      }
  27  
  28      $file = PhabricatorFile::newFromXHRUpload(
  29        $data,
  30        array(
  31          'name' => $request->getStr('name'),
  32          'authorPHID' => $viewer->getPHID(),
  33          'viewPolicy' => $view_policy,
  34          'isExplicitUpload' => true,
  35        ));
  36  
  37      return id(new AphrontAjaxResponse())->setContent(
  38        array(
  39          'id'   => $file->getID(),
  40          'phid' => $file->getPHID(),
  41          'uri'  => $file->getBestURI(),
  42        ));
  43    }
  44  
  45  }