recaptime.dev
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
1<?php
2
3final class PassphraseCredentialRevealController
4 extends PassphraseController {
5
6 public function handleRequest(AphrontRequest $request) {
7 $viewer = $request->getViewer();
8 $id = $request->getURIData('id');
9
10 $credential = id(new PassphraseCredentialQuery())
11 ->setViewer($viewer)
12 ->withIDs(array($id))
13 ->requireCapabilities(
14 array(
15 PhabricatorPolicyCapability::CAN_VIEW,
16 PhabricatorPolicyCapability::CAN_EDIT,
17 ))
18 ->needSecrets(true)
19 ->executeOne();
20 if (!$credential) {
21 return new Aphront404Response();
22 }
23
24 $view_uri = $credential->getURI();
25
26 $is_locked = $credential->getIsLocked();
27
28 if ($is_locked) {
29 return $this->newDialog()
30 ->setUser($viewer)
31 ->setTitle(pht('Credential is locked'))
32 ->appendChild(
33 pht(
34 'This credential can not be shown, because it is locked.'))
35 ->addCancelButton($view_uri);
36 }
37
38 if ($request->isFormOrHisecPost()) {
39 $secret = $credential->getSecret();
40 if (!$secret) {
41 $body = pht('This credential has no associated secret.');
42 } else if (!strlen($secret->openEnvelope())) {
43 $body = pht('This credential has an empty secret.');
44 } else {
45 Javelin::initBehavior('select-on-click');
46 $body = id(new PHUIFormLayoutView())
47 ->appendChild(
48 id(new AphrontFormTextAreaControl())
49 ->setLabel(pht('Plaintext'))
50 ->setReadOnly(true)
51 ->setSigil('select-on-click')
52 ->setCustomClass('PhabricatorMonospaced')
53 ->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_TALL)
54 ->setValue($secret->openEnvelope()));
55 }
56
57 // NOTE: Disable workflow on the cancel button to reload the page so
58 // the viewer can see that their view was logged.
59
60 $dialog = id(new AphrontDialogView())
61 ->setUser($viewer)
62 ->setWidth(AphrontDialogView::WIDTH_FORM)
63 ->setTitle(pht('Credential Secret (%s)', $credential->getMonogram()))
64 ->appendChild($body)
65 ->setDisableWorkflowOnCancel(true)
66 ->addCancelButton($view_uri, pht('Done'));
67
68 $type_secret = PassphraseCredentialLookedAtTransaction::TRANSACTIONTYPE;
69 $xactions = array(
70 id(new PassphraseCredentialTransaction())
71 ->setTransactionType($type_secret)
72 ->setNewValue(true),
73 );
74
75 $editor = id(new PassphraseCredentialTransactionEditor())
76 ->setActor($viewer)
77 ->setCancelURI($view_uri)
78 ->setContinueOnNoEffect(true)
79 ->setContentSourceFromRequest($request)
80 ->applyTransactions($credential, $xactions);
81
82 return id(new AphrontDialogResponse())->setDialog($dialog);
83 }
84
85 $is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
86
87 if ($is_serious) {
88 $body = pht(
89 'The secret associated with this credential will be shown in plain '.
90 'text on your screen.');
91 } else {
92 $body = pht(
93 'The secret associated with this credential will be shown in plain '.
94 'text on your screen. Before continuing, wrap your arms around '.
95 'your monitor to create a human shield, keeping it safe from '.
96 'prying eyes. Protect company secrets!');
97 }
98 return $this->newDialog()
99 ->setUser($viewer)
100 ->setTitle(pht('Really show secret?'))
101 ->appendChild($body)
102 ->addSubmitButton(pht('Show Secret'))
103 ->addCancelButton($view_uri);
104 }
105
106}