No OneTemporary
Actions

Size

44 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/src/applications/files/controller/PhabricatorFileCommentController.php b/src/applications/files/controller/PhabricatorFileCommentController.php
	index c527e6fc12..11833ea8d8 100644
	--- a/src/applications/files/controller/PhabricatorFileCommentController.php
	+++ b/src/applications/files/controller/PhabricatorFileCommentController.php
	@@ -1,68 +1,62 @@
	<?php

	final class PhabricatorFileCommentController extends PhabricatorFileController {

	- private $id;
	-
	- public function willProcessRequest(array $data) {
	- $this->id = idx($data, 'id');
	- }
	-
	- public function processRequest() {
	- $request = $this->getRequest();
	- $user = $request->getUser();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();
	+ $id = $request->getURIData('id');

	if (!$request->isFormPost()) {
	return new Aphront400Response();
	}

	$file = id(new PhabricatorFileQuery())
	- ->setViewer($user)
	- ->withIDs(array($this->id))
	+ ->setViewer($viewer)
	+ ->withIDs(array($id))
	->executeOne();
	if (!$file) {
	return new Aphront404Response();
	}

	$is_preview = $request->isPreviewRequest();
	$draft = PhabricatorDraft::buildFromRequest($request);

	$view_uri = $file->getInfoURI();

	$xactions = array();
	$xactions[] = id(new PhabricatorFileTransaction())
	->setTransactionType(PhabricatorTransactions::TYPE_COMMENT)
	->attachComment(
	id(new PhabricatorFileTransactionComment())
	->setContent($request->getStr('comment')));

	$editor = id(new PhabricatorFileEditor())
	- ->setActor($user)
	+ ->setActor($viewer)
	->setContinueOnNoEffect($request->isContinueRequest())
	->setContentSourceFromRequest($request)
	->setIsPreview($is_preview);

	try {
	$xactions = $editor->applyTransactions($file, $xactions);
	} catch (PhabricatorApplicationTransactionNoEffectException $ex) {
	return id(new PhabricatorApplicationTransactionNoEffectResponse())
	->setCancelURI($view_uri)
	->setException($ex);
	}

	if ($draft) {
	$draft->replaceOrDelete();
	}

	if ($request->isAjax() && $is_preview) {
	return id(new PhabricatorApplicationTransactionResponse())
	- ->setViewer($user)
	+ ->setViewer($viewer)
	->setTransactions($xactions)
	->setIsPreview($is_preview);
	} else {
	return id(new AphrontRedirectResponse())
	->setURI($view_uri);
	}
	}

	}
	diff --git a/src/applications/files/controller/PhabricatorFileComposeController.php b/src/applications/files/controller/PhabricatorFileComposeController.php
	index f3e450add5..de5a6757a4 100644
	--- a/src/applications/files/controller/PhabricatorFileComposeController.php
	+++ b/src/applications/files/controller/PhabricatorFileComposeController.php
	@@ -1,341 +1,340 @@
	<?php

	final class PhabricatorFileComposeController
	extends PhabricatorFileController {

	- public function processRequest() {
	- $request = $this->getRequest();
	- $viewer = $request->getUser();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();

	$colors = array(
	'red' => pht('Verbillion'),
	'orange' => pht('Navel Orange'),
	'yellow' => pht('Prim Goldenrod'),
	'green' => pht('Lustrous Verdant'),
	'blue' => pht('Tropical Deep'),
	'sky' => pht('Wide Open Sky'),
	'indigo' => pht('Pleated Khaki'),
	'violet' => pht('Aged Merlot'),
	'pink' => pht('Easter Bunny'),
	'charcoal' => pht('Gemstone'),
	'backdrop' => pht('Driven Snow'),
	);

	$manifest = PHUIIconView::getSheetManifest(PHUIIconView::SPRITE_PROJECTS);

	if ($request->isFormPost()) {
	$project_phid = $request->getStr('projectPHID');
	if ($project_phid) {
	$project = id(new PhabricatorProjectQuery())
	->setViewer($viewer)
	->withPHIDs(array($project_phid))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$project) {
	return new Aphront404Response();
	}
	$icon = $project->getIcon();
	$color = $project->getColor();
	switch ($color) {
	case 'grey':
	$color = 'charcoal';
	break;
	case 'checkered':
	$color = 'backdrop';
	break;
	}
	} else {
	$icon = $request->getStr('icon');
	$color = $request->getStr('color');
	}

	if (!isset($colors[$color]) \|\| !isset($manifest['projects-'.$icon])) {
	return new Aphront404Response();
	}

	$root = dirname(phutil_get_library_root('phabricator'));
	$icon_file = $root.'/resources/sprite/projects_2x/'.$icon.'.png';
	$icon_data = Filesystem::readFile($icon_file);


	$data = $this->composeImage($color, $icon_data);

	$file = PhabricatorFile::buildFromFileDataOrHash(
	$data,
	array(
	'name' => 'project.png',
	'profile' => true,
	'canCDN' => true,
	));

	if ($project_phid) {
	$edit_uri = '/project/profile/'.$project->getID().'/';

	$xactions = array();
	$xactions[] = id(new PhabricatorProjectTransaction())
	->setTransactionType(PhabricatorProjectTransaction::TYPE_IMAGE)
	->setNewValue($file->getPHID());

	$editor = id(new PhabricatorProjectTransactionEditor())
	->setActor($viewer)
	->setContentSourceFromRequest($request)
	->setContinueOnMissingFields(true)
	->setContinueOnNoEffect(true);

	$editor->applyTransactions($project, $xactions);

	return id(new AphrontRedirectResponse())->setURI($edit_uri);
	} else {
	$content = array(
	'phid' => $file->getPHID(),
	);

	return id(new AphrontAjaxResponse())->setContent($content);
	}
	}

	$value_color = head_key($colors);
	$value_icon = head_key($manifest);
	$value_icon = substr($value_icon, strlen('projects-'));

	require_celerity_resource('people-profile-css');

	$buttons = array();
	foreach ($colors as $color => $name) {
	$buttons[] = javelin_tag(
	'button',
	array(
	'class' => 'grey profile-image-button',
	'sigil' => 'has-tooltip compose-select-color',
	'style' => 'margin: 0 8px 8px 0',
	'meta' => array(
	'color' => $color,
	'tip' => $name,
	),
	),
	id(new PHUIIconView())
	->addClass('compose-background-'.$color));
	}

	$sort_these_first = array(
	'projects-fa-briefcase',
	'projects-fa-tags',
	'projects-fa-folder',
	'projects-fa-group',
	'projects-fa-bug',
	'projects-fa-trash-o',
	'projects-fa-calendar',
	'projects-fa-flag-checkered',
	'projects-fa-envelope',
	'projects-fa-truck',
	'projects-fa-lock',
	'projects-fa-umbrella',
	'projects-fa-cloud',
	'projects-fa-building',
	'projects-fa-credit-card',
	'projects-fa-flask',
	);

	$manifest = array_select_keys(
	$manifest,
	$sort_these_first)
	+ $manifest;

	$icons = array();

	$icon_quips = array(
	'8ball' => pht('Take a Risk'),
	'alien' => pht('Foreign Interface'),
	'announce' => pht('Louder is Better'),
	'art' => pht('Unique Snowflake'),
	'award' => pht('Shooting Star'),
	'bacon' => pht('Healthy Vegetables'),
	'bandaid' => pht('Durable Infrastructure'),
	'beer' => pht('Healthy Vegetable Juice'),
	'bomb' => pht('Imminent Success'),
	'briefcase' => pht('Adventure Pack'),
	'bug' => pht('Costumed Egg'),
	'calendar' => pht('Everyone Loves Meetings'),
	'cloud' => pht('Water Cycle'),
	'coffee' => pht('Half-Whip Nonfat Soy Latte'),
	'creditcard' => pht('Expense It'),
	'death' => pht('Calcium Promotes Bone Health'),
	'desktop' => pht('Magical Portal'),
	'dropbox' => pht('Cardboard Box'),
	'education' => pht('Debt'),
	'experimental' => pht('CAUTION: Dangerous Chemicals'),
	'facebook' => pht('Popular Social Network'),
	'facility' => pht('Pollution Solves Problems'),
	'film' => pht('Actual Physical Film'),
	'forked' => pht('You Can\'t Eat Soup'),
	'games' => pht('Serious Business'),
	'ghost' => pht('Haunted'),
	'gift' => pht('Surprise!'),
	'globe' => pht('Scanner Sweep'),
	'golf' => pht('Business Meeting'),
	'heart' => pht('Undergoing a Major Surgery'),
	'intergalactic' => pht('Jupiter'),
	'lock' => pht('Extremely Secret'),
	'mail' => pht('Oragami'),
	'martini' => pht('Healthy Olive Drink'),
	'medical' => pht('Medic!'),
	'mobile' => pht('Cellular Telephone'),
	'music' => pht("\xE2\x99\xAB"),
	'news' => pht('Actual Physical Newspaper'),
	'orgchart' => pht('It\'s Good to be King'),
	'peoples' => pht('Angel and Devil'),
	'piechart' => pht('Actual Physical Pie'),
	'poison' => pht('Healthy Bone Juice'),
	'putabirdonit' => pht('Put a Bird On It'),
	'radiate' => pht('Radiant Beauty'),
	'savings' => pht('Oink Oink'),
	'search' => pht('Sleuthing'),
	'shield' => pht('Royal Crest'),
	'speed' => pht('Slow and Steady'),
	'sprint' => pht('Fire Exit'),
	'star' => pht('The More You Know'),
	'storage' => pht('Stack of Pancakes'),
	'tablet' => pht('Cellular Telephone For Giants'),
	'travel' => pht('Pretty Clearly an Airplane'),
	'twitter' => pht('Bird Stencil'),
	'warning' => pht('No Caution Required, Everything Looks Safe'),
	'whale' => pht('Friendly Walrus'),
	'fa-flask' => pht('Experimental'),
	'fa-briefcase' => pht('Briefcase'),
	'fa-bug' => pht('Bug'),
	'fa-building' => pht('Company'),
	'fa-calendar' => pht('Deadline'),
	'fa-cloud' => pht('The Cloud'),
	'fa-credit-card' => pht('Accounting'),
	'fa-envelope' => pht('Communication'),
	'fa-flag-checkered' => pht('Goal'),
	'fa-folder' => pht('Folder'),
	'fa-group' => pht('Team'),
	'fa-lock' => pht('Policy'),
	'fa-tags' => pht('Tag'),
	'fa-trash-o' => pht('Garbage'),
	'fa-truck' => pht('Release'),
	'fa-umbrella' => pht('An Umbrella'),
	);

	foreach ($manifest as $icon => $spec) {
	$icon = substr($icon, strlen('projects-'));

	$icons[] = javelin_tag(
	'button',
	array(
	'class' => 'grey profile-image-button',
	'sigil' => 'has-tooltip compose-select-icon',
	'style' => 'margin: 0 8px 8px 0',
	'meta' => array(
	'icon' => $icon,
	'tip' => idx($icon_quips, $icon, $icon),
	),
	),
	id(new PHUIIconView())
	->setSpriteIcon($icon)
	->setSpriteSheet(PHUIIconView::SPRITE_PROJECTS));
	}

	$dialog_id = celerity_generate_unique_node_id();
	$color_input_id = celerity_generate_unique_node_id();
	$icon_input_id = celerity_generate_unique_node_id();
	$preview_id = celerity_generate_unique_node_id();

	$preview = id(new PHUIIconView())
	->setID($preview_id)
	->addClass('compose-background-'.$value_color)
	->setSpriteIcon($value_icon)
	->setSpriteSheet(PHUIIconView::SPRITE_PROJECTS);

	$color_input = javelin_tag(
	'input',
	array(
	'type' => 'hidden',
	'name' => 'color',
	'value' => $value_color,
	'id' => $color_input_id,
	));

	$icon_input = javelin_tag(
	'input',
	array(
	'type' => 'hidden',
	'name' => 'icon',
	'value' => $value_icon,
	'id' => $icon_input_id,
	));

	Javelin::initBehavior('phabricator-tooltips');
	Javelin::initBehavior(
	'icon-composer',
	array(
	'dialogID' => $dialog_id,
	'colorInputID' => $color_input_id,
	'iconInputID' => $icon_input_id,
	'previewID' => $preview_id,
	'defaultColor' => $value_color,
	'defaultIcon' => $value_icon,
	));

	$dialog = id(new AphrontDialogView())
	->setUser($viewer)
	->setFormID($dialog_id)
	->setClass('compose-dialog')
	->setTitle(pht('Compose Image'))
	->appendChild(
	phutil_tag(
	'div',
	array(
	'class' => 'compose-header',
	),
	pht('Choose Background Color')))
	->appendChild($buttons)
	->appendChild(
	phutil_tag(
	'div',
	array(
	'class' => 'compose-header',
	),
	pht('Choose Icon')))
	->appendChild($icons)
	->appendChild(
	phutil_tag(
	'div',
	array(
	'class' => 'compose-header',
	),
	pht('Preview')))
	->appendChild($preview)
	->appendChild($color_input)
	->appendChild($icon_input)
	->addCancelButton('/')
	->addSubmitButton(pht('Save Image'));

	return id(new AphrontDialogResponse())->setDialog($dialog);
	}

	private function composeImage($color, $icon_data) {
	$icon_img = imagecreatefromstring($icon_data);

	$map = id(new CelerityResourceTransformer())
	->getCSSVariableMap();

	$color_string = idx($map, $color, '#ff00ff');
	$color_const = hexdec(trim($color_string, '#'));

	$canvas = imagecreatetruecolor(100, 100);
	imagefill($canvas, 0, 0, $color_const);

	imagecopy($canvas, $icon_img, 0, 0, 0, 0, 100, 100);

	return PhabricatorImageTransformer::saveImageDataInAnyFormat(
	$canvas,
	'image/png');
	}

	}
	diff --git a/src/applications/files/controller/PhabricatorFileDataController.php b/src/applications/files/controller/PhabricatorFileDataController.php
	index e528eb15f2..848560f099 100644
	--- a/src/applications/files/controller/PhabricatorFileDataController.php
	+++ b/src/applications/files/controller/PhabricatorFileDataController.php
	@@ -1,235 +1,231 @@
	<?php

	final class PhabricatorFileDataController extends PhabricatorFileController {

	private $phid;
	private $key;
	private $token;
	private $file;

	- public function willProcessRequest(array $data) {
	- $this->phid = $data['phid'];
	- $this->key = $data['key'];
	- $this->token = idx($data, 'token');
	- }
	-
	public function shouldRequireLogin() {
	return false;
	}

	- public function processRequest() {
	- $request = $this->getRequest();
	- $viewer = $this->getViewer();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();
	+ $this->phid = $request->getURIData('phid');
	+ $this->key = $request->getURIData('key');
	+ $this->token = $request->getURIData('token');

	$alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
	$base_uri = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
	$alt_uri = new PhutilURI($alt);
	$alt_domain = $alt_uri->getDomain();
	$req_domain = $request->getHost();
	$main_domain = id(new PhutilURI($base_uri))->getDomain();

	$cache_response = true;

	if (empty($alt) \|\| $main_domain == $alt_domain) {
	// Alternate files domain isn't configured or it's set
	// to the same as the default domain

	$response = $this->loadFile($viewer);
	if ($response) {
	return $response;
	}
	$file = $this->getFile();

	// when the file is not CDNable, don't allow cache
	$cache_response = $file->getCanCDN();
	} else if ($req_domain != $alt_domain) {
	// Alternate domain is configured but this request isn't using it

	$response = $this->loadFile($viewer);
	if ($response) {
	return $response;
	}
	$file = $this->getFile();

	// if the user can see the file, generate a token;
	// redirect to the alt domain with the token;
	$token_uri = $file->getCDNURIWithToken();
	$token_uri = new PhutilURI($token_uri);
	$token_uri = $this->addURIParameters($token_uri);

	return id(new AphrontRedirectResponse())
	->setIsExternal(true)
	->setURI($token_uri);

	} else {
	// We are using the alternate domain. We don't have authentication
	// on this domain, so we bypass policy checks when loading the file.

	$bypass_policies = PhabricatorUser::getOmnipotentUser();
	$response = $this->loadFile($bypass_policies);
	if ($response) {
	return $response;
	}
	$file = $this->getFile();

	$acquire_token_uri = id(new PhutilURI($file->getViewURI()))
	->setDomain($main_domain);
	$acquire_token_uri = $this->addURIParameters($acquire_token_uri);

	if ($this->token) {
	// validate the token, if it is valid, continue
	$validated_token = $file->validateOneTimeToken($this->token);

	if (!$validated_token) {
	$dialog = $this->newDialog()
	->setShortTitle(pht('Expired File'))
	->setTitle(pht('File Link Has Expired'))
	->appendParagraph(
	pht(
	'The link you followed to view this file is invalid or '.
	'expired.'))
	->appendParagraph(
	pht(
	'Continue to generate a new link to the file. You may be '.
	'required to log in.'))
	->addCancelButton(
	$acquire_token_uri,
	pht('Continue'));

	// Build an explicit response so we can respond with HTTP/403 instead
	// of HTTP/200.
	$response = id(new AphrontDialogResponse())
	->setDialog($dialog)
	->setHTTPResponseCode(403);

	return $response;
	}
	// return the file data without cache headers
	$cache_response = false;
	} else if (!$file->getCanCDN()) {
	// file cannot be served via cdn, and no token given
	// redirect to the main domain to aquire a token

	// This is marked as an "external" URI because it is fully qualified.
	return id(new AphrontRedirectResponse())
	->setIsExternal(true)
	->setURI($acquire_token_uri);
	}
	}

	$response = new AphrontFileResponse();
	if ($cache_response) {
	$response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
	}

	$begin = null;
	$end = null;

	// NOTE: It's important to accept "Range" requests when playing audio.
	// If we don't, Safari has difficulty figuring out how long sounds are
	// and glitches when trying to loop them. In particular, Safari sends
	// an initial request for bytes 0-1 of the audio file, and things go south
	// if we can't respond with a 206 Partial Content.
	$range = $request->getHTTPHeader('range');
	if ($range) {
	$matches = null;
	if (preg_match('/^bytes=(\d+)-(\d+)$/', $range, $matches)) {
	// Note that the "Range" header specifies bytes differently than
	// we do internally: the range 0-1 has 2 bytes (byte 0 and byte 1).
	$begin = (int)$matches[1];
	$end = (int)$matches[2] + 1;

	$response->setHTTPResponseCode(206);
	$response->setRange($begin, ($end - 1));
	}
	} else if (isset($validated_token)) {
	// We set this on the response, and the response deletes it after the
	// transfer completes. This allows transfers to be resumed, in theory.
	$response->setTemporaryFileToken($validated_token);
	}

	$is_viewable = $file->isViewableInBrowser();
	$force_download = $request->getExists('download');

	if ($is_viewable && !$force_download) {
	$response->setMimeType($file->getViewableMimeType());
	} else {
	if (!$request->isHTTPPost() && !$alt_domain) {
	// NOTE: Require POST to download files from the primary domain. We'd
	// rather go full-bore and do a real CSRF check, but can't currently
	// authenticate users on the file domain. This should blunt any
	// attacks based on iframes, script tags, applet tags, etc., at least.
	// Send the user to the "info" page if they're using some other method.

	// This is marked as "external" because it is fully qualified.
	return id(new AphrontRedirectResponse())
	->setIsExternal(true)
	->setURI(PhabricatorEnv::getProductionURI($file->getBestURI()));
	}
	$response->setMimeType($file->getMimeType());
	$response->setDownload($file->getName());
	}

	$iterator = $file->getFileDataIterator($begin, $end);

	$response->setContentLength($file->getByteSize());
	$response->setContentIterator($iterator);

	return $response;
	}

	/**
	* Add passthrough parameters to the URI so they aren't lost when we
	* redirect to acquire tokens.
	*/
	private function addURIParameters(PhutilURI $uri) {
	$request = $this->getRequest();

	if ($request->getBool('download')) {
	$uri->setQueryParam('download', 1);
	}

	return $uri;
	}

	private function loadFile(PhabricatorUser $viewer) {
	$file = id(new PhabricatorFileQuery())
	->setViewer($viewer)
	->withPHIDs(array($this->phid))
	->executeOne();

	if (!$file) {
	return new Aphront404Response();
	}

	if (!$file->validateSecretKey($this->key)) {
	return new Aphront403Response();
	}

	if ($file->getIsPartial()) {
	// We may be on the CDN domain, so we need to use a fully-qualified URI
	// here to make sure we end up back on the main domain.
	$info_uri = PhabricatorEnv::getURI($file->getInfoURI());

	return $this->newDialog()
	->setTitle(pht('Partial Upload'))
	->appendParagraph(
	pht(
	'This file has only been partially uploaded. It must be '.
	'uploaded completely before you can download it.'))
	->addCancelButton($info_uri);
	}

	$this->file = $file;

	return null;
	}

	private function getFile() {
	if (!$this->file) {
	throw new PhutilInvalidStateException('loadFile');
	}
	return $this->file;
	}

	}
	diff --git a/src/applications/files/controller/PhabricatorFileDeleteController.php b/src/applications/files/controller/PhabricatorFileDeleteController.php
	index ed245c5cba..a07fe2e91a 100644
	--- a/src/applications/files/controller/PhabricatorFileDeleteController.php
	+++ b/src/applications/files/controller/PhabricatorFileDeleteController.php
	@@ -1,51 +1,45 @@
	<?php

	final class PhabricatorFileDeleteController extends PhabricatorFileController {

	- private $id;
	-
	- public function willProcessRequest(array $data) {
	- $this->id = $data['id'];
	- }
	-
	- public function processRequest() {
	- $request = $this->getRequest();
	- $user = $request->getUser();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();
	+ $id = $request->getURIData('id');

	$file = id(new PhabricatorFileQuery())
	- ->setViewer($user)
	- ->withIDs(array($this->id))
	+ ->setViewer($viewer)
	+ ->withIDs(array($id))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$file) {
	return new Aphront404Response();
	}

	- if (($user->getPHID() != $file->getAuthorPHID()) &&
	- (!$user->getIsAdmin())) {
	+ if (($viewer->getPHID() != $file->getAuthorPHID()) &&
	+ (!$viewer->getIsAdmin())) {
	return new Aphront403Response();
	}

	if ($request->isFormPost()) {
	$file->delete();
	return id(new AphrontRedirectResponse())->setURI('/file/');
	}

	$dialog = new AphrontDialogView();
	- $dialog->setUser($user);
	+ $dialog->setUser($viewer);
	$dialog->setTitle(pht('Really delete file?'));
	$dialog->appendChild(hsprintf(
	'<p>%s</p>',
	pht(
	"Permanently delete '%s'? This action can not be undone.",
	$file->getName())));
	$dialog->addSubmitButton(pht('Delete'));
	$dialog->addCancelButton($file->getInfoURI());

	return id(new AphrontDialogResponse())->setDialog($dialog);
	}
	}
	diff --git a/src/applications/files/controller/PhabricatorFileDropUploadController.php b/src/applications/files/controller/PhabricatorFileDropUploadController.php
	index 34f6bc81e8..fbc4daa93c 100644
	--- a/src/applications/files/controller/PhabricatorFileDropUploadController.php
	+++ b/src/applications/files/controller/PhabricatorFileDropUploadController.php
	@@ -1,123 +1,122 @@
	<?php

	final class PhabricatorFileDropUploadController
	extends PhabricatorFileController {

	/**
	* @phutil-external-symbol class PhabricatorStartup
	*/
	- public function processRequest() {
	- $request = $this->getRequest();
	- $viewer = $request->getUser();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();

	// NOTE: Throws if valid CSRF token is not present in the request.
	$request->validateCSRF();

	$name = $request->getStr('name');
	$file_phid = $request->getStr('phid');
	// If there's no explicit view policy, make it very restrictive by default.
	// This is the correct policy for files dropped onto objects during
	// creation, comment and edit flows.
	$view_policy = $request->getStr('viewPolicy');
	if (!$view_policy) {
	$view_policy = $viewer->getPHID();
	}

	$is_chunks = $request->getBool('querychunks');
	if ($is_chunks) {
	$params = array(
	'filePHID' => $file_phid,
	);

	$result = id(new ConduitCall('file.querychunks', $params))
	->setUser($viewer)
	->execute();

	return id(new AphrontAjaxResponse())->setContent($result);
	}

	$is_allocate = $request->getBool('allocate');
	if ($is_allocate) {
	$params = array(
	'name' => $name,
	'contentLength' => $request->getInt('length'),
	'viewPolicy' => $view_policy,
	);

	$result = id(new ConduitCall('file.allocate', $params))
	->setUser($viewer)
	->execute();

	$file_phid = $result['filePHID'];
	if ($file_phid) {
	$file = $this->loadFile($file_phid);
	$result += $this->getFileDictionary($file);
	}

	return id(new AphrontAjaxResponse())->setContent($result);
	}

	// Read the raw request data. We're either doing a chunk upload or a
	// vanilla upload, so we need it.
	$data = PhabricatorStartup::getRawInput();

	$is_chunk_upload = $request->getBool('uploadchunk');
	if ($is_chunk_upload) {
	$params = array(
	'filePHID' => $file_phid,
	'byteStart' => $request->getInt('byteStart'),
	'data' => $data,
	);

	$result = id(new ConduitCall('file.uploadchunk', $params))
	->setUser($viewer)
	->execute();

	$file = $this->loadFile($file_phid);
	if ($file->getIsPartial()) {
	$result = array();
	} else {
	$result = array(
	'complete' => true,
	) + $this->getFileDictionary($file);
	}

	return id(new AphrontAjaxResponse())->setContent($result);
	}

	$file = PhabricatorFile::newFromXHRUpload(
	$data,
	array(
	'name' => $request->getStr('name'),
	'authorPHID' => $viewer->getPHID(),
	'viewPolicy' => $view_policy,
	'isExplicitUpload' => true,
	));

	$result = $this->getFileDictionary($file);
	return id(new AphrontAjaxResponse())->setContent($result);
	}

	private function getFileDictionary(PhabricatorFile $file) {
	return array(
	'id' => $file->getID(),
	'phid' => $file->getPHID(),
	'uri' => $file->getBestURI(),
	);
	}

	private function loadFile($file_phid) {
	$viewer = $this->getViewer();

	$file = id(new PhabricatorFileQuery())
	->setViewer($viewer)
	->withPHIDs(array($file_phid))
	->executeOne();
	if (!$file) {
	throw new Exception(pht('Failed to load file.'));
	}

	return $file;
	}

	}
	diff --git a/src/applications/files/controller/PhabricatorFileEditController.php b/src/applications/files/controller/PhabricatorFileEditController.php
	index a496202093..9c416b588c 100644
	--- a/src/applications/files/controller/PhabricatorFileEditController.php
	+++ b/src/applications/files/controller/PhabricatorFileEditController.php
	@@ -1,112 +1,106 @@
	<?php

	final class PhabricatorFileEditController extends PhabricatorFileController {

	- private $id;
	-
	- public function willProcessRequest(array $data) {
	- $this->id = $data['id'];
	- }
	-
	- public function processRequest() {
	- $request = $this->getRequest();
	- $viewer = $request->getUser();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();
	+ $id = $request->getURIData('id');

	$file = id(new PhabricatorFileQuery())
	->setViewer($viewer)
	- ->withIDs(array($this->id))
	+ ->withIDs(array($id))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$file) {
	return new Aphront404Response();
	}

	$title = pht('Edit %s', $file->getName());
	$file_name = $file->getName();
	$view_uri = '/'.$file->getMonogram();
	$error_name = true;
	$validation_exception = null;

	if ($request->isFormPost()) {
	$can_view = $request->getStr('canView');
	$file_name = $request->getStr('name');
	$errors = array();

	$type_name = PhabricatorFileTransaction::TYPE_NAME;

	$xactions = array();

	$xactions[] = id(new PhabricatorFileTransaction())
	->setTransactionType(PhabricatorTransactions::TYPE_VIEW_POLICY)
	->setNewValue($can_view);

	$xactions[] = id(new PhabricatorFileTransaction())
	->setTransactionType(PhabricatorFileTransaction::TYPE_NAME)
	->setNewValue($file_name);

	$editor = id(new PhabricatorFileEditor())
	->setActor($viewer)
	->setContentSourceFromRequest($request)
	->setContinueOnNoEffect(true);

	try {
	$editor->applyTransactions($file, $xactions);
	return id(new AphrontRedirectResponse())->setURI($view_uri);
	} catch (PhabricatorApplicationTransactionValidationException $ex) {
	$validation_exception = $ex;
	$error_name = $ex->getShortMessage($type_name);

	$file->setViewPolicy($can_view);
	}
	}


	$policies = id(new PhabricatorPolicyQuery())
	->setViewer($viewer)
	->setObject($file)
	->execute();

	$form = id(new AphrontFormView())
	->setUser($viewer)
	->appendChild(
	id(new AphrontFormTextControl())
	->setName('name')
	->setValue($file_name)
	->setLabel(pht('Name'))
	->setError($error_name))
	->appendChild(
	id(new AphrontFormPolicyControl())
	->setUser($viewer)
	->setCapability(PhabricatorPolicyCapability::CAN_VIEW)
	->setPolicyObject($file)
	->setPolicies($policies)
	->setName('canView'))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->addCancelButton($view_uri)
	->setValue(pht('Save Changes')));

	$crumbs = $this->buildApplicationCrumbs()
	->addTextCrumb($file->getMonogram(), $view_uri)
	->addTextCrumb(pht('Edit'));

	$object_box = id(new PHUIObjectBoxView())
	->setHeaderText($title)
	->setValidationException($validation_exception)
	->appendChild($form);

	return $this->buildApplicationPage(
	array(
	$crumbs,
	$object_box,
	),
	array(
	'title' => $title,
	));
	}

	}
	diff --git a/src/applications/files/controller/PhabricatorFileInfoController.php b/src/applications/files/controller/PhabricatorFileInfoController.php
	index 0e3d041eac..d9b5de14ee 100644
	--- a/src/applications/files/controller/PhabricatorFileInfoController.php
	+++ b/src/applications/files/controller/PhabricatorFileInfoController.php
	@@ -1,382 +1,374 @@
	<?php

	final class PhabricatorFileInfoController extends PhabricatorFileController {

	- private $phid;
	- private $id;
	-
	public function shouldAllowPublic() {
	return true;
	}

	- public function willProcessRequest(array $data) {
	- $this->phid = idx($data, 'phid');
	- $this->id = idx($data, 'id');
	- }
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();
	+ $id = $request->getURIData('id');
	+ $phid = $request->getURIData('phid');

	- public function processRequest() {
	- $request = $this->getRequest();
	- $user = $request->getUser();
	-
	- if ($this->phid) {
	+ if ($phid) {
	$file = id(new PhabricatorFileQuery())
	- ->setViewer($user)
	- ->withPHIDs(array($this->phid))
	+ ->setViewer($viewer)
	+ ->withPHIDs(array($phid))
	->executeOne();

	if (!$file) {
	return new Aphront404Response();
	}
	return id(new AphrontRedirectResponse())->setURI($file->getInfoURI());
	}
	$file = id(new PhabricatorFileQuery())
	- ->setViewer($user)
	- ->withIDs(array($this->id))
	+ ->setViewer($viewer)
	+ ->withIDs(array($id))
	->executeOne();
	if (!$file) {
	return new Aphront404Response();
	}

	$phid = $file->getPHID();

	$header = id(new PHUIHeaderView())
	- ->setUser($user)
	+ ->setUser($viewer)
	->setPolicyObject($file)
	->setHeader($file->getName());

	$ttl = $file->getTTL();
	if ($ttl !== null) {
	$ttl_tag = id(new PHUITagView())
	->setType(PHUITagView::TYPE_STATE)
	->setBackgroundColor(PHUITagView::COLOR_YELLOW)
	->setName(pht('Temporary'));
	$header->addTag($ttl_tag);
	}

	$partial = $file->getIsPartial();
	if ($partial) {
	$partial_tag = id(new PHUITagView())
	->setType(PHUITagView::TYPE_STATE)
	->setBackgroundColor(PHUITagView::COLOR_ORANGE)
	->setName(pht('Partial Upload'));
	$header->addTag($partial_tag);
	}

	$actions = $this->buildActionView($file);
	$timeline = $this->buildTransactionView($file);
	$crumbs = $this->buildApplicationCrumbs();
	$crumbs->addTextCrumb(
	'F'.$file->getID(),
	$this->getApplicationURI("/info/{$phid}/"));

	$object_box = id(new PHUIObjectBoxView())
	->setHeader($header);

	$this->buildPropertyViews($object_box, $file, $actions);

	return $this->buildApplicationPage(
	array(
	$crumbs,
	$object_box,
	$timeline,
	),
	array(
	'title' => $file->getName(),
	'pageObjects' => array($file->getPHID()),
	));
	}

	private function buildTransactionView(PhabricatorFile $file) {
	- $user = $this->getRequest()->getUser();
	+ $viewer = $this->getViewer();

	$timeline = $this->buildTransactionTimeline(
	$file,
	new PhabricatorFileTransactionQuery());

	$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');

	$add_comment_header = $is_serious
	? pht('Add Comment')
	: pht('Question File Integrity');

	- $draft = PhabricatorDraft::newFromUserAndKey($user, $file->getPHID());
	+ $draft = PhabricatorDraft::newFromUserAndKey($viewer, $file->getPHID());

	$add_comment_form = id(new PhabricatorApplicationTransactionCommentView())
	- ->setUser($user)
	+ ->setUser($viewer)
	->setObjectPHID($file->getPHID())
	->setDraft($draft)
	->setHeaderText($add_comment_header)
	->setAction($this->getApplicationURI('/comment/'.$file->getID().'/'))
	->setSubmitButtonName(pht('Add Comment'));

	return array(
	$timeline,
	$add_comment_form,
	);
	}

	private function buildActionView(PhabricatorFile $file) {
	- $request = $this->getRequest();
	- $viewer = $request->getUser();
	+ $viewer = $this->getViewer();

	$id = $file->getID();

	$can_edit = PhabricatorPolicyFilter::hasCapability(
	$viewer,
	$file,
	PhabricatorPolicyCapability::CAN_EDIT);

	$view = id(new PhabricatorActionListView())
	->setUser($viewer)
	->setObjectURI($this->getRequest()->getRequestURI())
	->setObject($file);

	$can_download = !$file->getIsPartial();

	if ($file->isViewableInBrowser()) {
	$view->addAction(
	id(new PhabricatorActionView())
	->setName(pht('View File'))
	->setIcon('fa-file-o')
	->setHref($file->getViewURI())
	->setDisabled(!$can_download)
	->setWorkflow(!$can_download));
	} else {
	$view->addAction(
	id(new PhabricatorActionView())
	->setUser($viewer)
	->setRenderAsForm($can_download)
	->setDownload($can_download)
	->setName(pht('Download File'))
	->setIcon('fa-download')
	->setHref($file->getViewURI())
	->setDisabled(!$can_download)
	->setWorkflow(!$can_download));
	}

	$view->addAction(
	id(new PhabricatorActionView())
	->setName(pht('Edit File'))
	->setIcon('fa-pencil')
	->setHref($this->getApplicationURI("/edit/{$id}/"))
	->setWorkflow(!$can_edit)
	->setDisabled(!$can_edit));

	$view->addAction(
	id(new PhabricatorActionView())
	->setName(pht('Delete File'))
	->setIcon('fa-times')
	->setHref($this->getApplicationURI("/delete/{$id}/"))
	->setWorkflow(true)
	->setDisabled(!$can_edit));

	$view->addAction(
	id(new PhabricatorActionView())
	->setName(pht('View Transforms'))
	->setIcon('fa-crop')
	->setHref($this->getApplicationURI("/transforms/{$id}/")));

	return $view;
	}

	private function buildPropertyViews(
	PHUIObjectBoxView $box,
	PhabricatorFile $file,
	PhabricatorActionListView $actions) {
	$request = $this->getRequest();
	- $user = $request->getUser();
	+ $viewer = $request->getUser();

	$properties = id(new PHUIPropertyListView());
	$properties->setActionList($actions);
	$box->addPropertyList($properties, pht('Details'));

	if ($file->getAuthorPHID()) {
	$properties->addProperty(
	pht('Author'),
	- $user->renderHandle($file->getAuthorPHID()));
	+ $viewer->renderHandle($file->getAuthorPHID()));
	}

	$properties->addProperty(
	pht('Created'),
	- phabricator_datetime($file->getDateCreated(), $user));
	+ phabricator_datetime($file->getDateCreated(), $viewer));


	$finfo = id(new PHUIPropertyListView());
	$box->addPropertyList($finfo, pht('File Info'));

	$finfo->addProperty(
	pht('Size'),
	phutil_format_bytes($file->getByteSize()));

	$finfo->addProperty(
	pht('Mime Type'),
	$file->getMimeType());

	$width = $file->getImageWidth();
	if ($width) {
	$finfo->addProperty(
	pht('Width'),
	pht('%s px', new PhutilNumber($width)));
	}

	$height = $file->getImageHeight();
	if ($height) {
	$finfo->addProperty(
	pht('Height'),
	pht('%s px', new PhutilNumber($height)));
	}

	$is_image = $file->isViewableImage();
	if ($is_image) {
	$image_string = pht('Yes');
	$cache_string = $file->getCanCDN() ? pht('Yes') : pht('No');
	} else {
	$image_string = pht('No');
	$cache_string = pht('Not Applicable');
	}

	$finfo->addProperty(pht('Viewable Image'), $image_string);
	$finfo->addProperty(pht('Cacheable'), $cache_string);

	$builtin = $file->getBuiltinName();
	if ($builtin === null) {
	$builtin_string = pht('No');
	} else {
	$builtin_string = $builtin;
	}

	$finfo->addProperty(pht('Builtin'), $builtin_string);

	$is_profile = $file->getIsProfileImage()
	? pht('Yes')
	: pht('No');

	$finfo->addProperty(pht('Profile'), $is_profile);

	$storage_properties = new PHUIPropertyListView();
	$box->addPropertyList($storage_properties, pht('Storage'));

	$storage_properties->addProperty(
	pht('Engine'),
	$file->getStorageEngine());

	$storage_properties->addProperty(
	pht('Format'),
	$file->getStorageFormat());

	$storage_properties->addProperty(
	pht('Handle'),
	$file->getStorageHandle());


	$phids = $file->getObjectPHIDs();
	if ($phids) {
	$attached = new PHUIPropertyListView();
	$box->addPropertyList($attached, pht('Attached'));

	$attached->addProperty(
	pht('Attached To'),
	- $user->renderHandleList($phids));
	+ $viewer->renderHandleList($phids));
	}

	if ($file->isViewableImage()) {
	$image = phutil_tag(
	'img',
	array(
	'src' => $file->getViewURI(),
	'class' => 'phui-property-list-image',
	));

	$linked_image = phutil_tag(
	'a',
	array(
	'href' => $file->getViewURI(),
	),
	$image);

	$media = id(new PHUIPropertyListView())
	->addImageContent($linked_image);

	$box->addPropertyList($media);
	} else if ($file->isAudio()) {
	$audio = phutil_tag(
	'audio',
	array(
	'controls' => 'controls',
	'class' => 'phui-property-list-audio',
	),
	phutil_tag(
	'source',
	array(
	'src' => $file->getViewURI(),
	'type' => $file->getMimeType(),
	)));
	$media = id(new PHUIPropertyListView())
	->addImageContent($audio);

	$box->addPropertyList($media);
	}

	$engine = null;
	try {
	$engine = $file->instantiateStorageEngine();
	} catch (Exception $ex) {
	// Don't bother raising this anywhere for now.
	}

	if ($engine) {
	if ($engine->isChunkEngine()) {
	$chunkinfo = new PHUIPropertyListView();
	$box->addPropertyList($chunkinfo, pht('Chunks'));

	$chunks = id(new PhabricatorFileChunkQuery())
	- ->setViewer($user)
	+ ->setViewer($viewer)
	->withChunkHandles(array($file->getStorageHandle()))
	->execute();
	$chunks = msort($chunks, 'getByteStart');

	$rows = array();
	$completed = array();
	foreach ($chunks as $chunk) {
	$is_complete = $chunk->getDataFilePHID();

	$rows[] = array(
	$chunk->getByteStart(),
	$chunk->getByteEnd(),
	($is_complete ? pht('Yes') : pht('No')),
	);

	if ($is_complete) {
	$completed[] = $chunk;
	}
	}

	$table = id(new AphrontTableView($rows))
	->setHeaders(
	array(
	pht('Offset'),
	pht('End'),
	pht('Complete'),
	))
	->setColumnClasses(
	array(
	'',
	'',
	'wide',
	));

	$chunkinfo->addProperty(
	pht('Total Chunks'),
	count($chunks));

	$chunkinfo->addProperty(
	pht('Completed Chunks'),
	count($completed));

	$chunkinfo->addRawContent($table);
	}
	}

	}

	}
	diff --git a/src/applications/files/controller/PhabricatorFileUploadDialogController.php b/src/applications/files/controller/PhabricatorFileUploadDialogController.php
	index e99910c430..dd22caa74a 100644
	--- a/src/applications/files/controller/PhabricatorFileUploadDialogController.php
	+++ b/src/applications/files/controller/PhabricatorFileUploadDialogController.php
	@@ -1,20 +1,19 @@
	<?php

	final class PhabricatorFileUploadDialogController
	extends PhabricatorFileController {

	- public function processRequest() {
	- $request = $this->getRequest();
	- $user = $request->getUser();
	+ public function handleRequest(AphrontRequest $request) {
	+ $viewer = $request->getViewer();

	$dialog = id(new AphrontDialogView())
	- ->setUser($user)
	+ ->setUser($viewer)
	->setTitle(pht('Upload File'))
	->appendChild(pht(
	'To add files, drag and drop them into the comment text area.'))
	->addCancelButton('/', pht('Close'));

	return id(new AphrontDialogResponse())->setDialog($dialog);
	}

	}

File Metadata

Mime Type: text/x-diff
Expires: Sun, Jul 27, 5:17 PM (1 w, 8 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 186034
Default Alt Text: (44 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions