| [ Index ] |
PHP Cross Reference of Phabricator |
[Summary view] [Print] [Text view]
1 <?php 2 3 final class PassphraseCredentialRevealController 4 extends PassphraseController { 5 6 private $id; 7 8 public function willProcessRequest(array $data) { 9 $this->id = $data['id']; 10 } 11 12 public function processRequest() { 13 $request = $this->getRequest(); 14 $viewer = $request->getUser(); 15 16 $credential = id(new PassphraseCredentialQuery()) 17 ->setViewer($viewer) 18 ->withIDs(array($this->id)) 19 ->requireCapabilities( 20 array( 21 PhabricatorPolicyCapability::CAN_VIEW, 22 PhabricatorPolicyCapability::CAN_EDIT, 23 )) 24 ->needSecrets(true) 25 ->executeOne(); 26 if (!$credential) { 27 return new Aphront404Response(); 28 } 29 30 $view_uri = '/K'.$credential->getID(); 31 32 $token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession( 33 $viewer, 34 $request, 35 $view_uri); 36 $is_locked = $credential->getIsLocked(); 37 38 if ($is_locked) { 39 return $this->newDialog() 40 ->setUser($viewer) 41 ->setTitle(pht('Credential is locked')) 42 ->appendChild( 43 pht( 44 'This credential can not be shown, because it is locked.')) 45 ->addCancelButton($view_uri); 46 } 47 48 if ($request->isFormPost()) { 49 $secret = $credential->getSecret(); 50 if (!$secret) { 51 $body = pht('This credential has no associated secret.'); 52 } else if (!strlen($secret->openEnvelope())) { 53 $body = pht('This credential has an empty secret.'); 54 } else { 55 $body = id(new PHUIFormLayoutView()) 56 ->appendChild( 57 id(new AphrontFormTextAreaControl()) 58 ->setLabel(pht('Plaintext')) 59 ->setReadOnly(true) 60 ->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_TALL) 61 ->setValue($secret->openEnvelope())); 62 } 63 64 // NOTE: Disable workflow on the cancel button to reload the page so 65 // the viewer can see that their view was logged. 66 67 $dialog = id(new AphrontDialogView()) 68 ->setUser($viewer) 69 ->setWidth(AphrontDialogView::WIDTH_FORM) 70 ->setTitle(pht('Credential Secret (%s)', $credential->getMonogram())) 71 ->appendChild($body) 72 ->setDisableWorkflowOnCancel(true) 73 ->addCancelButton($view_uri, pht('Done')); 74 75 $type_secret = PassphraseCredentialTransaction::TYPE_LOOKEDATSECRET; 76 $xactions = array(id(new PassphraseCredentialTransaction()) 77 ->setTransactionType($type_secret) 78 ->setNewValue(true), 79 ); 80 81 $editor = id(new PassphraseCredentialTransactionEditor()) 82 ->setActor($viewer) 83 ->setContinueOnNoEffect(true) 84 ->setContentSourceFromRequest($request) 85 ->applyTransactions($credential, $xactions); 86 87 return id(new AphrontDialogResponse())->setDialog($dialog); 88 } 89 90 $is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business'); 91 92 if ($is_serious) { 93 $body = pht( 94 'The secret associated with this credential will be shown in plain '. 95 'text on your screen.'); 96 } else { 97 $body = pht( 98 'The secret associated with this credential will be shown in plain '. 99 'text on your screen. Before continuing, wrap your arms around '. 100 'your monitor to create a human shield, keeping it safe from '. 101 'prying eyes. Protect company secrets!'); 102 } 103 return $this->newDialog() 104 ->setUser($viewer) 105 ->setTitle(pht('Really show secret?')) 106 ->appendChild($body) 107 ->addSubmitButton(pht('Show Secret')) 108 ->addCancelButton($view_uri); 109 } 110 111 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Nov 30 09:20:46 2014 | Cross-referenced by PHPXref 0.7.1 |