Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F79252010
PassphraseCredentialRevealController.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sun, Aug 25, 12:15
Size
3 KB
Mime Type
text/x-php
Expires
Tue, Aug 27, 12:15 (2 d)
Engine
blob
Format
Raw Data
Handle
20166152
Attached To
rPH Phabricator
PassphraseCredentialRevealController.php
View Options
<?php
final
class
PassphraseCredentialRevealController
extends
PassphraseController
{
private
$id
;
public
function
willProcessRequest
(
array
$data
)
{
$this
->
id
=
$data
[
'id'
];
}
public
function
processRequest
()
{
$request
=
$this
->
getRequest
();
$viewer
=
$request
->
getUser
();
$credential
=
id
(
new
PassphraseCredentialQuery
())
->
setViewer
(
$viewer
)
->
withIDs
(
array
(
$this
->
id
))
->
requireCapabilities
(
array
(
PhabricatorPolicyCapability
::
CAN_VIEW
,
PhabricatorPolicyCapability
::
CAN_EDIT
,
))
->
needSecrets
(
true
)
->
executeOne
();
if
(!
$credential
)
{
return
new
Aphront404Response
();
}
$view_uri
=
'/K'
.
$credential
->
getID
();
$token
=
id
(
new
PhabricatorAuthSessionEngine
())->
requireHighSecuritySession
(
$viewer
,
$request
,
$view_uri
);
$is_locked
=
$credential
->
getIsLocked
();
if
(
$is_locked
)
{
return
$this
->
newDialog
()
->
setUser
(
$viewer
)
->
setTitle
(
pht
(
'Credential is locked'
))
->
appendChild
(
pht
(
'This credential can not be shown, because it is locked.'
))
->
addCancelButton
(
$view_uri
);
}
if
(
$request
->
isFormPost
())
{
if
(
$credential
->
getSecret
())
{
$body
=
id
(
new
PHUIFormLayoutView
())
->
appendChild
(
id
(
new
AphrontFormTextAreaControl
())
->
setLabel
(
pht
(
'Plaintext'
))
->
setReadOnly
(
true
)
->
setHeight
(
AphrontFormTextAreaControl
::
HEIGHT_VERY_TALL
)
->
setValue
(
$credential
->
getSecret
()->
openEnvelope
()));
}
else
{
$body
=
pht
(
'This credential has no associated secret.'
);
}
// NOTE: Disable workflow on the cancel button to reload the page so
// the viewer can see that their view was logged.
$dialog
=
id
(
new
AphrontDialogView
())
->
setUser
(
$viewer
)
->
setWidth
(
AphrontDialogView
::
WIDTH_FORM
)
->
setTitle
(
pht
(
'Credential Secret (%s)'
,
$credential
->
getMonogram
()))
->
appendChild
(
$body
)
->
setDisableWorkflowOnCancel
(
true
)
->
addCancelButton
(
$view_uri
,
pht
(
'Done'
));
$type_secret
=
PassphraseCredentialTransaction
::
TYPE_LOOKEDATSECRET
;
$xactions
=
array
(
id
(
new
PassphraseCredentialTransaction
())
->
setTransactionType
(
$type_secret
)
->
setNewValue
(
true
));
$editor
=
id
(
new
PassphraseCredentialTransactionEditor
())
->
setActor
(
$viewer
)
->
setContinueOnNoEffect
(
true
)
->
setContentSourceFromRequest
(
$request
)
->
applyTransactions
(
$credential
,
$xactions
);
return
id
(
new
AphrontDialogResponse
())->
setDialog
(
$dialog
);
}
$is_serious
=
PhabricatorEnv
::
getEnvConfig
(
'phabricator.serious-business'
);
if
(
$is_serious
)
{
$body
=
pht
(
'The secret associated with this credential will be shown in plain '
.
'text on your screen.'
);
}
else
{
$body
=
pht
(
'The secret associated with this credential will be shown in plain '
.
'text on your screen. Before continuing, wrap your arms around '
.
'your monitor to create a human shield, keeping it safe from '
.
'prying eyes. Protect company secrets!'
);
}
return
$this
->
newDialog
()
->
setUser
(
$viewer
)
->
setTitle
(
pht
(
'Really show secret?'
))
->
appendChild
(
$body
)
->
addSubmitButton
(
pht
(
'Show Secret'
))
->
addCancelButton
(
$view_uri
);
}
}
Event Timeline
Log In to Comment