No OneTemporary
Actions

Size

38 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/src/applications/herald/controller/HeraldRuleController.php b/src/applications/herald/controller/HeraldRuleController.php
	index d338f6a57e..eaf352a0a7 100644
	--- a/src/applications/herald/controller/HeraldRuleController.php
	+++ b/src/applications/herald/controller/HeraldRuleController.php
	@@ -1,728 +1,726 @@
	<?php

	final class HeraldRuleController extends HeraldController {

	public function handleRequest(AphrontRequest $request) {
	$viewer = $request->getViewer();
	$id = $request->getURIData('id');

	$content_type_map = HeraldAdapter::getEnabledAdapterMap($viewer);
	$rule_type_map = HeraldRuleTypeConfig::getRuleTypeMap();

	if ($id) {
	$rule = id(new HeraldRuleQuery())
	->setViewer($viewer)
	->withIDs(array($id))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$rule) {
	return new Aphront404Response();
	}
	$cancel_uri = '/'.$rule->getMonogram();
	} else {
	$new_uri = $this->getApplicationURI('new/');

	$rule = new HeraldRule();
	$rule->setAuthorPHID($viewer->getPHID());
	$rule->setMustMatchAll(1);

	$content_type = $request->getStr('content_type');
	$rule->setContentType($content_type);

	$rule_type = $request->getStr('rule_type');
	if (!isset($rule_type_map[$rule_type])) {
	return $this->newDialog()
	->setTitle(pht('Invalid Rule Type'))
	->appendParagraph(
	pht(
	'The selected rule type ("%s") is not recognized by Herald.',
	$rule_type))
	->addCancelButton($new_uri);
	}
	$rule->setRuleType($rule_type);

	try {
	$adapter = HeraldAdapter::getAdapterForContentType(
	$rule->getContentType());
	} catch (Exception $ex) {
	return $this->newDialog()
	->setTitle(pht('Invalid Content Type'))
	->appendParagraph(
	pht(
	'The selected content type ("%s") is not recognized by '.
	'Herald.',
	$rule->getContentType()))
	->addCancelButton($new_uri);
	}

	if (!$adapter->supportsRuleType($rule->getRuleType())) {
	return $this->newDialog()
	->setTitle(pht('Rule/Content Mismatch'))
	->appendParagraph(
	pht(
	'The selected rule type ("%s") is not supported by the selected '.
	'content type ("%s").',
	$rule->getRuleType(),
	$rule->getContentType()))
	->addCancelButton($new_uri);
	}

	if ($rule->isObjectRule()) {
	$rule->setTriggerObjectPHID($request->getStr('targetPHID'));
	$object = id(new PhabricatorObjectQuery())
	->setViewer($viewer)
	->withPHIDs(array($rule->getTriggerObjectPHID()))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$object) {
	throw new Exception(
	pht('No valid object provided for object rule!'));
	}

	if (!$adapter->canTriggerOnObject($object)) {
	throw new Exception(
	pht('Object is of wrong type for adapter!'));
	}
	}

	$cancel_uri = $this->getApplicationURI();
	}

	if ($rule->isGlobalRule()) {
	$this->requireApplicationCapability(
	HeraldManageGlobalRulesCapability::CAPABILITY);
	}

	$adapter = HeraldAdapter::getAdapterForContentType($rule->getContentType());

	$local_version = id(new HeraldRule())->getConfigVersion();
	if ($rule->getConfigVersion() > $local_version) {
	throw new Exception(
	pht(
	'This rule was created with a newer version of Herald. You can not '.
	'view or edit it in this older version. Upgrade your Phabricator '.
	'deployment.'));
	}

	// Upgrade rule version to our version, since we might add newly-defined
	// conditions, etc.
	$rule->setConfigVersion($local_version);

	$rule_conditions = $rule->loadConditions();
	$rule_actions = $rule->loadActions();

	$rule->attachConditions($rule_conditions);
	$rule->attachActions($rule_actions);

	$e_name = true;
	$errors = array();
	if ($request->isFormPost() && $request->getStr('save')) {
	list($e_name, $errors) = $this->saveRule($adapter, $rule, $request);
	if (!$errors) {
	$id = $rule->getID();
	$uri = '/'.$rule->getMonogram();
	return id(new AphrontRedirectResponse())->setURI($uri);
	}
	}

	$must_match_selector = $this->renderMustMatchSelector($rule);
	$repetition_selector = $this->renderRepetitionSelector($rule, $adapter);

	$handles = $this->loadHandlesForRule($rule);

	require_celerity_resource('herald-css');

	$content_type_name = $content_type_map[$rule->getContentType()];
	$rule_type_name = $rule_type_map[$rule->getRuleType()];

	$form = id(new AphrontFormView())
	->setUser($viewer)
	->setID('herald-rule-edit-form')
	->addHiddenInput('content_type', $rule->getContentType())
	->addHiddenInput('rule_type', $rule->getRuleType())
	->addHiddenInput('save', 1)
	->appendChild(
	// Build this explicitly (instead of using addHiddenInput())
	// so we can add a sigil to it.
	javelin_tag(
	'input',
	array(
	'type' => 'hidden',
	'name' => 'rule',
	'sigil' => 'rule',
	)))
	->appendChild(
	id(new AphrontFormTextControl())
	->setLabel(pht('Rule Name'))
	->setName('name')
	->setError($e_name)
	->setValue($rule->getName()));

	$trigger_object_control = false;
	if ($rule->isObjectRule()) {
	$trigger_object_control = id(new AphrontFormStaticControl())
	->setValue(
	pht(
	'This rule triggers for %s.',
	$handles[$rule->getTriggerObjectPHID()]->renderLink()));
	}


	$form
	->appendChild(
	id(new AphrontFormMarkupControl())
	->setValue(pht(
	'This %s rule triggers for %s.',
	phutil_tag('strong', array(), $rule_type_name),
	phutil_tag('strong', array(), $content_type_name))))
	->appendChild($trigger_object_control)
	->appendChild(
	id(new PHUIFormInsetView())
	->setTitle(pht('Conditions'))
	->setRightButton(javelin_tag(
	'a',
	array(
	'href' => '#',
	'class' => 'button button-green',
	'sigil' => 'create-condition',
	'mustcapture' => true,
	),
	pht('New Condition')))
	->setDescription(
	pht('When %s these conditions are met:', $must_match_selector))
	->setContent(javelin_tag(
	'table',
	array(
	'sigil' => 'rule-conditions',
	'class' => 'herald-condition-table',
	),
	'')))
	->appendChild(
	id(new PHUIFormInsetView())
	->setTitle(pht('Action'))
	->setRightButton(javelin_tag(
	'a',
	array(
	'href' => '#',
	'class' => 'button button-green',
	'sigil' => 'create-action',
	'mustcapture' => true,
	),
	pht('New Action')))
	->setDescription(pht(
	'Take these actions %s this rule matches:',
	$repetition_selector))
	->setContent(javelin_tag(
	'table',
	array(
	'sigil' => 'rule-actions',
	'class' => 'herald-action-table',
	),
	'')))
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue(pht('Save Rule'))
	->addCancelButton($cancel_uri));

	$this->setupEditorBehavior($rule, $handles, $adapter);

	$title = $rule->getID()
	? pht('Edit Herald Rule: %s', $rule->getName())
	: pht('Create Herald Rule: %s', idx($content_type_map, $content_type));

	- $icon = $rule->getID() ? 'fa-pencil' : 'fa-plus-square';
	-
	$form_box = id(new PHUIObjectBoxView())
	->setHeaderText($title)
	->setBackground(PHUIObjectBoxView::WHITE_CONFIG)
	->setFormErrors($errors)
	->setForm($form);

	$crumbs = $this
	->buildApplicationCrumbs()
	->addTextCrumb($title)
	->setBorder(true);

	$view = id(new PHUITwoColumnView())
	->setFooter($form_box);

	return $this->newPage()
	->setTitle($title)
	->setCrumbs($crumbs)
	->appendChild(
	array(
	$view,
	));
	}

	private function saveRule(HeraldAdapter $adapter, $rule, $request) {
	$new_name = $request->getStr('name');
	$match_all = ($request->getStr('must_match') == 'all');

	$repetition_policy_param = $request->getStr('repetition_policy');

	$e_name = true;
	$errors = array();

	if (!strlen($new_name)) {
	$e_name = pht('Required');
	$errors[] = pht('Rule must have a name.');
	}

	$data = null;
	try {
	$data = phutil_json_decode($request->getStr('rule'));
	} catch (PhutilJSONParserException $ex) {
	throw new PhutilProxyException(
	pht('Failed to decode rule data.'),
	$ex);
	}

	if (!is_array($data) \|\|
	!$data['conditions'] \|\|
	!$data['actions']) {
	throw new Exception(pht('Failed to decode rule data.'));
	}

	$conditions = array();
	foreach ($data['conditions'] as $condition) {
	if ($condition === null) {
	// We manage this as a sparse array on the client, so may receive
	// NULL if conditions have been removed.
	continue;
	}

	$obj = new HeraldCondition();
	$obj->setFieldName($condition[0]);
	$obj->setFieldCondition($condition[1]);

	if (is_array($condition[2])) {
	$obj->setValue(array_keys($condition[2]));
	} else {
	$obj->setValue($condition[2]);
	}

	try {
	$adapter->willSaveCondition($obj);
	} catch (HeraldInvalidConditionException $ex) {
	$errors[] = $ex->getMessage();
	}

	$conditions[] = $obj;
	}

	$actions = array();
	foreach ($data['actions'] as $action) {
	if ($action === null) {
	// Sparse on the client; removals can give us NULLs.
	continue;
	}

	if (!isset($action[1])) {
	// Legitimate for any action which doesn't need a target, like
	// "Do nothing".
	$action[1] = null;
	}

	$obj = new HeraldActionRecord();
	$obj->setAction($action[0]);
	$obj->setTarget($action[1]);

	try {
	$adapter->willSaveAction($rule, $obj);
	} catch (HeraldInvalidActionException $ex) {
	$errors[] = $ex->getMessage();
	}

	$actions[] = $obj;
	}

	if (!$errors) {
	$new_state = id(new HeraldRuleSerializer())->serializeRuleComponents(
	$match_all,
	$conditions,
	$actions,
	$repetition_policy_param);

	$xactions = array();
	$xactions[] = id(new HeraldRuleTransaction())
	->setTransactionType(HeraldRuleTransaction::TYPE_EDIT)
	->setNewValue($new_state);
	$xactions[] = id(new HeraldRuleTransaction())
	->setTransactionType(HeraldRuleTransaction::TYPE_NAME)
	->setNewValue($new_name);

	try {
	id(new HeraldRuleEditor())
	->setActor($this->getViewer())
	->setContinueOnNoEffect(true)
	->setContentSourceFromRequest($request)
	->applyTransactions($rule, $xactions);
	return array(null, null);
	} catch (Exception $ex) {
	$errors[] = $ex->getMessage();
	}
	}

	// mutate current rule, so it would be sent to the client in the right state
	$rule->setMustMatchAll((int)$match_all);
	$rule->setName($new_name);
	$rule->setRepetitionPolicy(
	HeraldRepetitionPolicyConfig::toInt($repetition_policy_param));
	$rule->attachConditions($conditions);
	$rule->attachActions($actions);

	return array($e_name, $errors);
	}

	private function setupEditorBehavior(
	HeraldRule $rule,
	array $handles,
	HeraldAdapter $adapter) {

	$all_rules = $this->loadRulesThisRuleMayDependUpon($rule);
	$all_rules = mpull($all_rules, 'getName', 'getPHID');
	asort($all_rules);

	$all_fields = $adapter->getFieldNameMap();
	$all_conditions = $adapter->getConditionNameMap();
	$all_actions = $adapter->getActionNameMap($rule->getRuleType());

	$fields = $adapter->getFields();
	$field_map = array_select_keys($all_fields, $fields);

	// Populate any fields which exist in the rule but which we don't know the
	// names of, so that saving a rule without touching anything doesn't change
	// it.
	foreach ($rule->getConditions() as $condition) {
	$field_name = $condition->getFieldName();

	if (empty($field_map[$field_name])) {
	$field_map[$field_name] = pht('<Unknown Field "%s">', $field_name);
	}
	}

	$actions = $adapter->getActions($rule->getRuleType());
	$action_map = array_select_keys($all_actions, $actions);

	// Populate any actions which exist in the rule but which we don't know the
	// names of, so that saving a rule without touching anything doesn't change
	// it.
	foreach ($rule->getActions() as $action) {
	$action_name = $action->getAction();

	if (empty($action_map[$action_name])) {
	$action_map[$action_name] = pht('<Unknown Action "%s">', $action_name);
	}
	}

	$config_info = array();
	$config_info['fields'] = $this->getFieldGroups($adapter, $field_map);
	$config_info['conditions'] = $all_conditions;
	$config_info['actions'] = $this->getActionGroups($adapter, $action_map);
	$config_info['valueMap'] = array();

	foreach ($field_map as $field => $name) {
	try {
	$field_conditions = $adapter->getConditionsForField($field);
	} catch (Exception $ex) {
	$field_conditions = array(HeraldAdapter::CONDITION_UNCONDITIONALLY);
	}
	$config_info['conditionMap'][$field] = $field_conditions;
	}

	foreach ($field_map as $field => $fname) {
	foreach ($config_info['conditionMap'][$field] as $condition) {
	$value_key = $adapter->getValueTypeForFieldAndCondition(
	$field,
	$condition);

	if ($value_key instanceof HeraldFieldValue) {
	$value_key->setViewer($this->getViewer());

	$spec = $value_key->getControlSpecificationDictionary();
	$value_key = $value_key->getFieldValueKey();
	$config_info['valueMap'][$value_key] = $spec;
	}

	$config_info['values'][$field][$condition] = $value_key;
	}
	}

	$config_info['rule_type'] = $rule->getRuleType();

	foreach ($action_map as $action => $name) {
	try {
	$value_key = $adapter->getValueTypeForAction(
	$action,
	$rule->getRuleType());
	} catch (Exception $ex) {
	$value_key = new HeraldEmptyFieldValue();
	}

	if ($value_key instanceof HeraldFieldValue) {
	$value_key->setViewer($this->getViewer());

	$spec = $value_key->getControlSpecificationDictionary();
	$value_key = $value_key->getFieldValueKey();
	$config_info['valueMap'][$value_key] = $spec;
	}

	$config_info['targets'][$action] = $value_key;
	}

	$default_group = head($config_info['fields']);
	$default_field = head_key($default_group['options']);
	$default_condition = head($config_info['conditionMap'][$default_field]);
	$default_actions = head($config_info['actions']);
	$default_action = head_key($default_actions['options']);

	if ($rule->getConditions()) {
	$serial_conditions = array();
	foreach ($rule->getConditions() as $condition) {
	$value = $adapter->getEditorValueForCondition(
	$this->getViewer(),
	$condition);

	$serial_conditions[] = array(
	$condition->getFieldName(),
	$condition->getFieldCondition(),
	$value,
	);
	}
	} else {
	$serial_conditions = array(
	array($default_field, $default_condition, null),
	);
	}

	if ($rule->getActions()) {
	$serial_actions = array();
	foreach ($rule->getActions() as $action) {
	$value = $adapter->getEditorValueForAction(
	$this->getViewer(),
	$action);

	$serial_actions[] = array(
	$action->getAction(),
	$value,
	);
	}
	} else {
	$serial_actions = array(
	array($default_action, null),
	);
	}

	Javelin::initBehavior(
	'herald-rule-editor',
	array(
	'root' => 'herald-rule-edit-form',
	'default' => array(
	'field' => $default_field,
	'condition' => $default_condition,
	'action' => $default_action,
	),
	'conditions' => (object)$serial_conditions,
	'actions' => (object)$serial_actions,
	'template' => $this->buildTokenizerTemplates() + array(
	'rules' => $all_rules,
	),
	'info' => $config_info,
	));
	}

	private function loadHandlesForRule($rule) {
	$phids = array();

	foreach ($rule->getActions() as $action) {
	if (!is_array($action->getTarget())) {
	continue;
	}
	foreach ($action->getTarget() as $target) {
	$target = (array)$target;
	foreach ($target as $phid) {
	$phids[] = $phid;
	}
	}
	}

	foreach ($rule->getConditions() as $condition) {
	$value = $condition->getValue();
	if (is_array($value)) {
	foreach ($value as $phid) {
	$phids[] = $phid;
	}
	}
	}

	$phids[] = $rule->getAuthorPHID();

	if ($rule->isObjectRule()) {
	$phids[] = $rule->getTriggerObjectPHID();
	}

	return $this->loadViewerHandles($phids);
	}


	/**
	* Render the selector for the "When (all of \| any of) these conditions are
	* met:" element.
	*/
	private function renderMustMatchSelector($rule) {
	return AphrontFormSelectControl::renderSelectTag(
	$rule->getMustMatchAll() ? 'all' : 'any',
	array(
	'all' => pht('all of'),
	'any' => pht('any of'),
	),
	array(
	'name' => 'must_match',
	));
	}


	/**
	* Render the selector for "Take these actions (every time \| only the first
	* time) this rule matches..." element.
	*/
	private function renderRepetitionSelector($rule, HeraldAdapter $adapter) {
	$repetition_policy = HeraldRepetitionPolicyConfig::toString(
	$rule->getRepetitionPolicy());

	$repetition_options = $adapter->getRepetitionOptions();
	$repetition_names = HeraldRepetitionPolicyConfig::getMap();
	$repetition_map = array_select_keys($repetition_names, $repetition_options);

	if (count($repetition_map) < 2) {
	return head($repetition_names);
	} else {
	return AphrontFormSelectControl::renderSelectTag(
	$repetition_policy,
	$repetition_map,
	array(
	'name' => 'repetition_policy',
	));
	}
	}


	protected function buildTokenizerTemplates() {
	$template = new AphrontTokenizerTemplateView();
	$template = $template->render();
	return array(
	'markup' => $template,
	);
	}


	/**
	* Load rules for the "Another Herald rule..." condition dropdown, which
	* allows one rule to depend upon the success or failure of another rule.
	*/
	private function loadRulesThisRuleMayDependUpon(HeraldRule $rule) {
	$viewer = $this->getRequest()->getUser();

	// Any rule can depend on a global rule.
	$all_rules = id(new HeraldRuleQuery())
	->setViewer($viewer)
	->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_GLOBAL))
	->withContentTypes(array($rule->getContentType()))
	->execute();

	if ($rule->isObjectRule()) {
	// Object rules may depend on other rules for the same object.
	$all_rules += id(new HeraldRuleQuery())
	->setViewer($viewer)
	->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_OBJECT))
	->withContentTypes(array($rule->getContentType()))
	->withTriggerObjectPHIDs(array($rule->getTriggerObjectPHID()))
	->execute();
	}

	if ($rule->isPersonalRule()) {
	// Personal rules may depend upon your other personal rules.
	$all_rules += id(new HeraldRuleQuery())
	->setViewer($viewer)
	->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_PERSONAL))
	->withContentTypes(array($rule->getContentType()))
	->withAuthorPHIDs(array($rule->getAuthorPHID()))
	->execute();
	}

	// mark disabled rules as disabled since they are not useful as such;
	// don't filter though to keep edit cases sane / expected
	foreach ($all_rules as $current_rule) {
	if ($current_rule->getIsDisabled()) {
	$current_rule->makeEphemeral();
	$current_rule->setName($rule->getName().' '.pht('(Disabled)'));
	}
	}

	// A rule can not depend upon itself.
	unset($all_rules[$rule->getID()]);

	return $all_rules;
	}

	private function getFieldGroups(HeraldAdapter $adapter, array $field_map) {
	$group_map = array();
	foreach ($field_map as $field_key => $field_name) {
	$group_key = $adapter->getFieldGroupKey($field_key);
	$group_map[$group_key][$field_key] = $field_name;
	}

	return $this->getGroups(
	$group_map,
	HeraldFieldGroup::getAllFieldGroups());
	}

	private function getActionGroups(HeraldAdapter $adapter, array $action_map) {
	$group_map = array();
	foreach ($action_map as $action_key => $action_name) {
	$group_key = $adapter->getActionGroupKey($action_key);
	$group_map[$group_key][$action_key] = $action_name;
	}

	return $this->getGroups(
	$group_map,
	HeraldActionGroup::getAllActionGroups());
	}

	private function getGroups(array $item_map, array $group_list) {
	assert_instances_of($group_list, 'HeraldGroup');

	$groups = array();
	foreach ($item_map as $group_key => $options) {
	asort($options);

	$group_object = idx($group_list, $group_key);
	if ($group_object) {
	$group_label = $group_object->getGroupLabel();
	$group_order = $group_object->getSortKey();
	} else {
	$group_label = nonempty($group_key, pht('Other'));
	$group_order = 'Z';
	}

	$groups[] = array(
	'label' => $group_label,
	'options' => $options,
	'order' => $group_order,
	);
	}

	return array_values(isort($groups, 'order'));
	}


	}
	diff --git a/src/applications/passphrase/controller/PassphraseCredentialCreateController.php b/src/applications/passphrase/controller/PassphraseCredentialCreateController.php
	index 87afe22cc6..b237ef378b 100644
	--- a/src/applications/passphrase/controller/PassphraseCredentialCreateController.php
	+++ b/src/applications/passphrase/controller/PassphraseCredentialCreateController.php
	@@ -1,74 +1,69 @@
	<?php

	final class PassphraseCredentialCreateController extends PassphraseController {

	public function handleRequest(AphrontRequest $request) {
	$viewer = $request->getViewer();

	$types = PassphraseCredentialType::getAllCreateableTypes();
	$types = mpull($types, null, 'getCredentialType');
	$types = msort($types, 'getCredentialTypeName');

	$errors = array();
	$e_type = null;

	if ($request->isFormPost()) {
	$type = $request->getStr('type');
	if (empty($types[$type])) {
	$errors[] = pht('You must choose a credential type.');
	$e_type = pht('Required');
	}

	if (!$errors) {
	$uri = $this->getApplicationURI('edit/?type='.$type);
	return id(new AphrontRedirectResponse())->setURI($uri);
	}
	}

	$types_control = id(new AphrontFormRadioButtonControl())
	->setName('type')
	->setLabel(pht('Credential Type'))
	->setError($e_type);

	foreach ($types as $type) {
	$types_control->addButton(
	$type->getCredentialType(),
	$type->getCredentialTypeName(),
	$type->getCredentialTypeDescription());
	}

	$form = id(new AphrontFormView())
	->setUser($viewer)
	->appendChild($types_control)
	->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue(pht('Continue'))
	->addCancelButton($this->getApplicationURI()));

	$title = pht('New Credential');

	$crumbs = $this->buildApplicationCrumbs();
	$crumbs->addTextCrumb(pht('Create'));
	$crumbs->setBorder(true);

	$box = id(new PHUIObjectBoxView())
	- ->setHeaderText(pht('Credential'))
	+ ->setHeaderText($title)
	->setFormErrors($errors)
	- ->setBackground(PHUIObjectBoxView::BLUE_PROPERTY)
	+ ->setBackground(PHUIObjectBoxView::WHITE_CONFIG)
	->setForm($form);

	- $header = id(new PHUIHeaderView())
	- ->setHeader($title)
	- ->setHeaderIcon('fa-plus-square');
	-
	$view = id(new PHUITwoColumnView())
	- ->setHeader($header)
	->setFooter($box);

	return $this->newPage()
	->setTitle($title)
	->setCrumbs($crumbs)
	->appendChild($view);
	}

	}
	diff --git a/src/applications/passphrase/controller/PassphraseCredentialEditController.php b/src/applications/passphrase/controller/PassphraseCredentialEditController.php
	index a35bd3479e..91c8d93883 100644
	--- a/src/applications/passphrase/controller/PassphraseCredentialEditController.php
	+++ b/src/applications/passphrase/controller/PassphraseCredentialEditController.php
	@@ -1,392 +1,381 @@
	<?php

	final class PassphraseCredentialEditController extends PassphraseController {

	public function handleRequest(AphrontRequest $request) {
	$viewer = $request->getViewer();
	$id = $request->getURIData('id');

	if ($id) {
	$credential = id(new PassphraseCredentialQuery())
	->setViewer($viewer)
	->withIDs(array($id))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$credential) {
	return new Aphront404Response();
	}

	$type = $this->getCredentialType($credential->getCredentialType());
	$type_const = $type->getCredentialType();

	$is_new = false;
	} else {
	$type_const = $request->getStr('type');
	$type = $this->getCredentialType($type_const);

	if (!$type->isCreateable()) {
	throw new Exception(
	pht(
	'Credential has noncreateable type "%s"!',
	$type_const));
	}

	$credential = PassphraseCredential::initializeNewCredential($viewer)
	->setCredentialType($type->getCredentialType())
	->setProvidesType($type->getProvidesType())
	->attachImplementation($type);

	$is_new = true;

	// Prefill username if provided.
	$credential->setUsername((string)$request->getStr('username'));

	if (!$request->getStr('isInitialized')) {
	$type->didInitializeNewCredential($viewer, $credential);
	}
	}

	$errors = array();

	$v_name = $credential->getName();
	$e_name = true;

	$v_desc = $credential->getDescription();
	$v_space = $credential->getSpacePHID();

	$v_username = $credential->getUsername();
	$e_username = true;

	$v_is_locked = false;

	$bullet = "\xE2\x80\xA2";

	$v_secret = $credential->getSecretID() ? str_repeat($bullet, 32) : null;
	if ($is_new && ($v_secret === null)) {
	// If we're creating a new credential, the credential type may have
	// populated the secret for us (for example, generated an SSH key). In
	// this case,
	try {
	$v_secret = $credential->getSecret()->openEnvelope();
	} catch (Exception $ex) {
	// Ignore this.
	}
	}

	$validation_exception = null;
	$errors = array();
	$e_password = null;
	if ($request->isFormPost()) {

	$v_name = $request->getStr('name');
	$v_desc = $request->getStr('description');
	$v_username = $request->getStr('username');
	$v_view_policy = $request->getStr('viewPolicy');
	$v_edit_policy = $request->getStr('editPolicy');
	$v_is_locked = $request->getStr('lock');

	$v_secret = $request->getStr('secret');
	$v_space = $request->getStr('spacePHID');
	$v_password = $request->getStr('password');
	$v_decrypt = $v_secret;

	$env_secret = new PhutilOpaqueEnvelope($v_secret);
	$env_password = new PhutilOpaqueEnvelope($v_password);

	if ($type->requiresPassword($env_secret)) {
	if (strlen($v_password)) {
	$v_decrypt = $type->decryptSecret($env_secret, $env_password);
	if ($v_decrypt === null) {
	$e_password = pht('Incorrect');
	$errors[] = pht(
	'This key requires a password, but the password you provided '.
	'is incorrect.');
	} else {
	$v_decrypt = $v_decrypt->openEnvelope();
	}
	} else {
	$e_password = pht('Required');
	$errors[] = pht(
	'This key requires a password. You must provide the password '.
	'for the key.');
	}
	}

	if (!$errors) {
	$type_name =
	PassphraseCredentialNameTransaction::TRANSACTIONTYPE;
	$type_desc =
	PassphraseCredentialDescriptionTransaction::TRANSACTIONTYPE;
	$type_username =
	PassphraseCredentialUsernameTransaction::TRANSACTIONTYPE;
	$type_destroy =
	PassphraseCredentialDestroyTransaction::TRANSACTIONTYPE;
	$type_secret_id =
	PassphraseCredentialSecretIDTransaction::TRANSACTIONTYPE;
	$type_is_locked =
	PassphraseCredentialLockTransaction::TRANSACTIONTYPE;

	$type_view_policy = PhabricatorTransactions::TYPE_VIEW_POLICY;
	$type_edit_policy = PhabricatorTransactions::TYPE_EDIT_POLICY;
	$type_space = PhabricatorTransactions::TYPE_SPACE;

	$xactions = array();

	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_name)
	->setNewValue($v_name);

	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_desc)
	->setNewValue($v_desc);

	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_view_policy)
	->setNewValue($v_view_policy);

	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_edit_policy)
	->setNewValue($v_edit_policy);

	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_space)
	->setNewValue($v_space);

	// Open a transaction in case we're writing a new secret; this limits
	// the amount of code which handles secret plaintexts.
	$credential->openTransaction();

	if (!$credential->getIsLocked()) {
	if ($type->shouldRequireUsername()) {
	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_username)
	->setNewValue($v_username);
	}
	// If some value other than a sequence of bullets was provided for
	// the credential, update it. In particular, note that we are
	// explicitly allowing empty secrets: one use case is HTTP auth where
	// the username is a secret token which covers both identity and
	// authentication.

	if (!preg_match('/^('.$bullet.')+$/', trim($v_decrypt))) {
	// If the credential was previously destroyed, restore it when it is
	// edited if a secret is provided.
	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_destroy)
	->setNewValue(0);

	$new_secret = id(new PassphraseSecret())
	->setSecretData($v_decrypt)
	->save();
	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_secret_id)
	->setNewValue($new_secret->getID());
	}

	$xactions[] = id(new PassphraseCredentialTransaction())
	->setTransactionType($type_is_locked)
	->setNewValue($v_is_locked);
	}

	try {
	$editor = id(new PassphraseCredentialTransactionEditor())
	->setActor($viewer)
	->setContinueOnNoEffect(true)
	->setContentSourceFromRequest($request)
	->applyTransactions($credential, $xactions);

	$credential->saveTransaction();

	if ($request->isAjax()) {
	return id(new AphrontAjaxResponse())->setContent(
	array(
	'phid' => $credential->getPHID(),
	'name' => 'K'.$credential->getID().' '.$credential->getName(),
	));
	} else {
	return id(new AphrontRedirectResponse())
	->setURI('/K'.$credential->getID());
	}
	} catch (PhabricatorApplicationTransactionValidationException $ex) {
	$credential->killTransaction();

	$validation_exception = $ex;

	$e_name = $ex->getShortMessage($type_name);
	$e_username = $ex->getShortMessage($type_username);

	$credential->setViewPolicy($v_view_policy);
	$credential->setEditPolicy($v_edit_policy);
	}
	}
	}

	$policies = id(new PhabricatorPolicyQuery())
	->setViewer($viewer)
	->setObject($credential)
	->execute();

	$secret_control = $type->newSecretControl();
	$credential_is_locked = $credential->getIsLocked();

	$form = id(new AphrontFormView())
	->setUser($viewer)
	->addHiddenInput('isInitialized', true)
	->addHiddenInput('type', $type_const)
	->appendChild(
	id(new AphrontFormTextControl())
	->setName('name')
	->setLabel(pht('Name'))
	->setValue($v_name)
	->setError($e_name))
	->appendChild(
	id(new PhabricatorRemarkupControl())
	->setUser($viewer)
	->setName('description')
	->setLabel(pht('Description'))
	->setValue($v_desc))
	- ->appendChild(
	- id(new AphrontFormMarkupControl())
	- ->setLabel(pht('Credential Type'))
	- ->setValue($type->getCredentialTypeName()))
	->appendChild(
	id(new AphrontFormDividerControl()))
	->appendControl(
	id(new AphrontFormPolicyControl())
	->setName('viewPolicy')
	->setPolicyObject($credential)
	->setSpacePHID($v_space)
	->setCapability(PhabricatorPolicyCapability::CAN_VIEW)
	->setPolicies($policies))
	->appendControl(
	id(new AphrontFormPolicyControl())
	->setName('editPolicy')
	->setPolicyObject($credential)
	->setCapability(PhabricatorPolicyCapability::CAN_EDIT)
	->setPolicies($policies))
	->appendChild(
	id(new AphrontFormDividerControl()));

	if ($credential_is_locked) {
	$form->appendRemarkupInstructions(
	pht('This credential is permanently locked and can not be edited.'));
	}

	if ($type->shouldRequireUsername()) {
	$form->appendChild(
	id(new AphrontFormTextControl())
	->setName('username')
	->setLabel(pht('Login/Username'))
	->setValue($v_username)
	->setDisabled($credential_is_locked)
	->setError($e_username));
	}

	$form->appendChild(
	$secret_control
	->setName('secret')
	->setLabel($type->getSecretLabel())
	->setDisabled($credential_is_locked)
	->setValue($v_secret));

	if ($type->shouldShowPasswordField()) {
	$form->appendChild(
	id(new AphrontFormPasswordControl())
	->setDisableAutocomplete(true)
	->setName('password')
	->setLabel($type->getPasswordLabel())
	->setDisabled($credential_is_locked)
	->setError($e_password));
	}

	if ($is_new) {
	$form->appendChild(
	id(new AphrontFormCheckboxControl())
	->addCheckbox(
	'lock',
	1,
	array(
	phutil_tag('strong', array(), pht('Lock Permanently:')),
	' ',
	pht('Prevent the secret from being revealed or changed.'),
	),
	$v_is_locked)
	->setDisabled($credential_is_locked));
	}

	$crumbs = $this->buildApplicationCrumbs();
	$crumbs->setBorder(true);

	if ($is_new) {
	- $title = pht('Create New Credential');
	+ $title = pht('New Credential: %s', $type->getCredentialTypeName());
	$crumbs->addTextCrumb(pht('Create'));
	$cancel_uri = $this->getApplicationURI();
	- $header_icon = 'fa-plus-square';
	} else {
	$title = pht('Edit Credential: %s', $credential->getName());
	$crumbs->addTextCrumb(
	'K'.$credential->getID(),
	'/K'.$credential->getID());
	$crumbs->addTextCrumb(pht('Edit'));
	$cancel_uri = '/K'.$credential->getID();
	- $header_icon = 'fa-pencil';
	}

	if ($request->isAjax()) {
	if ($errors) {
	$errors = id(new PHUIInfoView())->setErrors($errors);
	}

	return $this->newDialog()
	->setWidth(AphrontDialogView::WIDTH_FORM)
	->setTitle($title)
	->appendChild($errors)
	->appendChild($form->buildLayoutView())
	->addSubmitButton(pht('Create Credential'))
	->addCancelButton($cancel_uri);
	}

	$form->appendChild(
	id(new AphrontFormSubmitControl())
	->setValue(pht('Save'))
	->addCancelButton($cancel_uri));

	$box = id(new PHUIObjectBoxView())
	- ->setHeaderText(pht('Credential'))
	+ ->setHeaderText($title)
	->setFormErrors($errors)
	->setValidationException($validation_exception)
	- ->setBackground(PHUIObjectBoxView::BLUE_PROPERTY)
	+ ->setBackground(PHUIObjectBoxView::WHITE_CONFIG)
	->setForm($form);

	- $header = id(new PHUIHeaderView())
	- ->setHeader($title)
	- ->setHeaderIcon($header_icon);
	-
	$view = id(new PHUITwoColumnView())
	- ->setHeader($header)
	->setFooter(array(
	$box,
	));

	return $this->newPage()
	->setTitle($title)
	->setCrumbs($crumbs)
	->appendChild($view);
	}

	private function getCredentialType($type_const) {
	$type = PassphraseCredentialType::getTypeByConstant($type_const);

	if (!$type) {
	throw new Exception(
	pht('Credential has invalid type "%s"!', $type_const));
	}

	return $type;
	}

	}

File Metadata

Mime Type: text/x-diff
Expires: Thu, May 1, 10:07 AM (1 d, 15 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 108954
Default Alt Text: (38 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions