CoCalc -- PhabricatorConduitTokenTerminateController.php

GitHub Repository: freebsd/phabricator
Path: blob/master/src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php
¹²²⁵⁶ views
1
<?php
2

3
final class PhabricatorConduitTokenTerminateController
4
  extends PhabricatorConduitController {
5

6
  public function handleRequest(AphrontRequest $request) {
7
    $viewer = $request->getViewer();
8
    $object_phid = $request->getStr('objectPHID');
9
    $id = $request->getURIData('id');
10

11
    if ($id) {
12
      $token = id(new PhabricatorConduitTokenQuery())
13
        ->setViewer($viewer)
14
        ->withIDs(array($id))
15
        ->withExpired(false)
16
        ->requireCapabilities(
17
          array(
18
            PhabricatorPolicyCapability::CAN_VIEW,
19
            PhabricatorPolicyCapability::CAN_EDIT,
20
          ))
21
        ->executeOne();
22
      if (!$token) {
23
        return new Aphront404Response();
24
      }
25

26
      $tokens = array($token);
27
      $object_phid = $token->getObjectPHID();
28

29
      $title = pht('Terminate API Token');
30
      $body = pht(
31
        'Really terminate this token? Any system using this token '.
32
        'will no longer be able to make API requests.');
33
      $submit_button = pht('Terminate Token');
34
    } else {
35
      $tokens = id(new PhabricatorConduitTokenQuery())
36
        ->setViewer($viewer)
37
        ->withObjectPHIDs(array($object_phid))
38
        ->withExpired(false)
39
        ->requireCapabilities(
40
          array(
41
            PhabricatorPolicyCapability::CAN_VIEW,
42
            PhabricatorPolicyCapability::CAN_EDIT,
43
          ))
44
        ->execute();
45

46
      $title = pht('Terminate API Tokens');
47
      $body = pht(
48
        'Really terminate all active API tokens? Any systems using these '.
49
        'tokens will no longer be able to make API requests.');
50
      $submit_button = pht('Terminate Tokens');
51
    }
52

53
    if ($object_phid != $viewer->getPHID()) {
54
      $object = id(new PhabricatorObjectQuery())
55
        ->setViewer($viewer)
56
        ->withPHIDs(array($object_phid))
57
        ->executeOne();
58
      if (!$object) {
59
        return new Aphront404Response();
60
      }
61
    } else {
62
      $object = $viewer;
63
    }
64

65
    $panel_uri = id(new PhabricatorConduitTokensSettingsPanel())
66
      ->setViewer($viewer)
67
      ->setUser($object)
68
      ->getPanelURI();
69

70
    id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
71
      $viewer,
72
      $request,
73
      $panel_uri);
74

75
    if (!$tokens) {
76
      return $this->newDialog()
77
        ->setTitle(pht('No Tokens to Terminate'))
78
        ->appendParagraph(
79
          pht('There are no API tokens to terminate.'))
80
        ->addCancelButton($panel_uri);
81
    }
82

83
    if ($request->isFormPost()) {
84
      foreach ($tokens as $token) {
85
        $token
86
          ->setExpires(PhabricatorTime::getNow() - 60)
87
          ->save();
88
      }
89
      return id(new AphrontRedirectResponse())->setURI($panel_uri);
90
    }
91

92
    return $this->newDialog()
93
      ->setTitle($title)
94
      ->addHiddenInput('objectPHID', $object_phid)
95
      ->appendParagraph($body)
96
      ->addSubmitButton($submit_button)
97
      ->addCancelButton($panel_uri);
98
  }
99

100
}
101

102
Product

Resources

Company
