2011-01-16 13:51:39 -08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/**
|
2012-08-06 12:46:51 -07:00
|
|
|
* @task routing URI Routing
|
2011-01-16 13:51:39 -08:00
|
|
|
*/
|
|
|
|
|
abstract class AphrontApplicationConfiguration {
|
|
|
|
|
|
|
|
|
|
private $request;
|
|
|
|
|
private $host;
|
|
|
|
|
private $path;
|
2011-02-02 13:48:52 -08:00
|
|
|
private $console;
|
2011-01-16 13:51:39 -08:00
|
|
|
|
|
|
|
|
abstract public function getApplicationName();
|
|
|
|
|
abstract public function buildRequest();
|
2011-01-29 16:16:09 -08:00
|
|
|
abstract public function build404Controller();
|
2014-08-21 21:35:29 +10:00
|
|
|
abstract public function buildRedirectController($uri, $external);
|
2011-01-16 13:51:39 -08:00
|
|
|
|
|
|
|
|
final public function setRequest(AphrontRequest $request) {
|
|
|
|
|
$this->request = $request;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
final public function getRequest() {
|
|
|
|
|
return $this->request;
|
|
|
|
|
}
|
|
|
|
|
|
2011-02-02 13:48:52 -08:00
|
|
|
final public function getConsole() {
|
|
|
|
|
return $this->console;
|
|
|
|
|
}
|
2011-02-05 12:20:18 -08:00
|
|
|
|
2011-02-05 11:45:13 -08:00
|
|
|
final public function setConsole($console) {
|
|
|
|
|
$this->console = $console;
|
2012-04-02 18:35:09 -07:00
|
|
|
return $this;
|
2011-02-05 11:45:13 -08:00
|
|
|
}
|
2011-02-02 13:48:52 -08:00
|
|
|
|
2012-08-06 12:46:51 -07:00
|
|
|
final public function setHost($host) {
|
|
|
|
|
$this->host = $host;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
final public function getHost() {
|
|
|
|
|
return $this->host;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
final public function setPath($path) {
|
|
|
|
|
$this->path = $path;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
final public function getPath() {
|
|
|
|
|
return $this->path;
|
|
|
|
|
}
|
|
|
|
|
|
2014-09-10 06:49:56 +10:00
|
|
|
public function willBuildRequest() {}
|
2012-08-06 12:46:51 -07:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* -( URI Routing )-------------------------------------------------------- */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Using builtin and application routes, build the appropriate
|
|
|
|
|
* @{class:AphrontController} class for the request. To route a request, we
|
2012-09-30 17:10:27 -07:00
|
|
|
* first test if the HTTP_HOST is configured as a valid Phabricator URI. If
|
|
|
|
|
* it isn't, we do a special check to see if it's a custom domain for a blog
|
|
|
|
|
* in the Phame application and if that fails we error. Otherwise, we test
|
2014-10-13 11:17:23 -07:00
|
|
|
* against all application routes from installed
|
|
|
|
|
* @{class:PhabricatorApplication}s.
|
2012-08-06 12:46:51 -07:00
|
|
|
*
|
|
|
|
|
* If we match a route, we construct the controller it points at, build it,
|
|
|
|
|
* and return it.
|
|
|
|
|
*
|
|
|
|
|
* If we fail to match a route, but the current path is missing a trailing
|
|
|
|
|
* "/", we try routing the same path with a trailing "/" and do a redirect
|
|
|
|
|
* if that has a valid route. The idea is to canoncalize URIs for consistency,
|
|
|
|
|
* but avoid breaking noncanonical URIs that we can easily salvage.
|
|
|
|
|
*
|
|
|
|
|
* NOTE: We only redirect on GET. On POST, we'd drop parameters and most
|
|
|
|
|
* likely mutate the request implicitly, and a bad POST usually indicates a
|
|
|
|
|
* programming error rather than a sloppy typist.
|
|
|
|
|
*
|
|
|
|
|
* If the failing path already has a trailing "/", or we can't route the
|
|
|
|
|
* version with a "/", we call @{method:build404Controller}, which build a
|
|
|
|
|
* fallback @{class:AphrontController}.
|
|
|
|
|
*
|
|
|
|
|
* @return pair<AphrontController,dict> Controller and dictionary of request
|
|
|
|
|
* parameters.
|
|
|
|
|
* @task routing
|
|
|
|
|
*/
|
2011-01-16 13:51:39 -08:00
|
|
|
final public function buildController() {
|
|
|
|
|
$request = $this->getRequest();
|
2012-08-05 14:03:39 -07:00
|
|
|
|
2012-09-04 09:56:30 -07:00
|
|
|
if (PhabricatorEnv::getEnvConfig('security.require-https')) {
|
|
|
|
|
if (!$request->isHTTPS()) {
|
2013-06-19 01:33:27 -07:00
|
|
|
$https_uri = $request->getRequestURI();
|
|
|
|
|
$https_uri->setDomain($request->getHost());
|
|
|
|
|
$https_uri->setProtocol('https');
|
2014-08-21 21:35:29 +10:00
|
|
|
|
|
|
|
|
// In this scenario, we'll be redirecting to HTTPS using an absolute
|
|
|
|
|
// URI, so we need to permit an external redirect.
|
|
|
|
|
return $this->buildRedirectController($https_uri, true);
|
2012-09-04 09:56:30 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-19 04:16:09 -07:00
|
|
|
$path = $request->getPath();
|
|
|
|
|
$host = $request->getHost();
|
|
|
|
|
$base_uri = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
|
|
|
|
|
$prod_uri = PhabricatorEnv::getEnvConfig('phabricator.production-uri');
|
|
|
|
|
$file_uri = PhabricatorEnv::getEnvConfig(
|
|
|
|
|
'security.alternate-file-domain');
|
2013-05-26 10:57:29 -07:00
|
|
|
$allowed_uris = PhabricatorEnv::getEnvConfig('phabricator.allowed-uris');
|
2013-05-19 04:16:09 -07:00
|
|
|
|
|
|
|
|
$uris = array_merge(
|
|
|
|
|
array(
|
|
|
|
|
$base_uri,
|
|
|
|
|
$prod_uri,
|
|
|
|
|
),
|
2013-05-26 10:57:29 -07:00
|
|
|
$allowed_uris);
|
2013-05-19 04:16:09 -07:00
|
|
|
|
2014-07-25 06:40:05 -07:00
|
|
|
$cdn_routes = array(
|
|
|
|
|
'/res/',
|
|
|
|
|
'/file/data/',
|
|
|
|
|
'/file/xform/',
|
|
|
|
|
'/phame/r/',
|
|
|
|
|
);
|
|
|
|
|
|
2013-05-19 04:16:09 -07:00
|
|
|
$host_match = false;
|
|
|
|
|
foreach ($uris as $uri) {
|
|
|
|
|
if ($host === id(new PhutilURI($uri))->getDomain()) {
|
|
|
|
|
$host_match = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-01-22 13:57:02 -08:00
|
|
|
|
2014-07-25 06:40:05 -07:00
|
|
|
if (!$host_match) {
|
|
|
|
|
if ($host === id(new PhutilURI($file_uri))->getDomain()) {
|
|
|
|
|
foreach ($cdn_routes as $route) {
|
|
|
|
|
if (strncmp($path, $route, strlen($route)) == 0) {
|
|
|
|
|
$host_match = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-22 13:57:02 -08:00
|
|
|
// NOTE: If the base URI isn't defined yet, don't activate alternate
|
|
|
|
|
// domains.
|
2013-05-19 04:16:09 -07:00
|
|
|
if ($base_uri && !$host_match) {
|
2012-10-15 14:49:52 -07:00
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
$blog = id(new PhameBlogQuery())
|
2012-10-15 14:50:12 -07:00
|
|
|
->setViewer(new PhabricatorUser())
|
2012-10-15 14:49:52 -07:00
|
|
|
->withDomain($host)
|
|
|
|
|
->executeOne();
|
|
|
|
|
} catch (PhabricatorPolicyException $ex) {
|
|
|
|
|
throw new Exception(
|
2014-06-09 11:36:49 -07:00
|
|
|
'This blog is not visible to logged out users, so it can not be '.
|
|
|
|
|
'visited from a custom domain.');
|
2012-10-15 14:49:52 -07:00
|
|
|
}
|
|
|
|
|
|
2012-09-30 17:10:27 -07:00
|
|
|
if (!$blog) {
|
2012-10-03 19:45:24 -07:00
|
|
|
if ($prod_uri && $prod_uri != $base_uri) {
|
2012-09-30 17:10:27 -07:00
|
|
|
$prod_str = ' or '.$prod_uri;
|
|
|
|
|
} else {
|
|
|
|
|
$prod_str = '';
|
|
|
|
|
}
|
|
|
|
|
throw new Exception(
|
|
|
|
|
'Specified domain '.$host.' is not configured for Phabricator '.
|
|
|
|
|
'requests. Please use '.$base_uri.$prod_str.' to visit this instance.'
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-15 14:50:12 -07:00
|
|
|
// TODO: Make this more flexible and modular so any application can
|
|
|
|
|
// do crazy stuff here if it wants.
|
2012-09-30 17:10:27 -07:00
|
|
|
|
2012-10-15 14:51:30 -07:00
|
|
|
$path = '/phame/live/'.$blog->getID().'/'.$path;
|
2012-09-30 17:10:27 -07:00
|
|
|
}
|
|
|
|
|
|
2012-08-06 12:46:51 -07:00
|
|
|
list($controller, $uri_data) = $this->buildControllerForPath($path);
|
|
|
|
|
if (!$controller) {
|
|
|
|
|
if (!preg_match('@/$@', $path)) {
|
|
|
|
|
// If we failed to match anything but don't have a trailing slash, try
|
|
|
|
|
// to add a trailing slash and issue a redirect if that resolves.
|
|
|
|
|
list($controller, $uri_data) = $this->buildControllerForPath($path.'/');
|
|
|
|
|
|
|
|
|
|
// NOTE: For POST, just 404 instead of redirecting, since the redirect
|
|
|
|
|
// will be a GET without parameters.
|
|
|
|
|
|
|
|
|
|
if ($controller && !$request->isHTTPPost()) {
|
2013-06-19 01:33:27 -07:00
|
|
|
$slash_uri = $request->getRequestURI()->setPath($path.'/');
|
2014-08-21 21:35:29 +10:00
|
|
|
|
|
|
|
|
$external = strlen($request->getRequestURI()->getDomain());
|
|
|
|
|
return $this->buildRedirectController($slash_uri, $external);
|
2012-08-06 12:46:51 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $this->build404Controller();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return array($controller, $uri_data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Map a specific path to the corresponding controller. For a description
|
|
|
|
|
* of routing, see @{method:buildController}.
|
|
|
|
|
*
|
|
|
|
|
* @return pair<AphrontController,dict> Controller and dictionary of request
|
|
|
|
|
* parameters.
|
|
|
|
|
* @task routing
|
|
|
|
|
*/
|
2012-08-09 22:11:50 -07:00
|
|
|
final public function buildControllerForPath($path) {
|
2012-08-05 14:03:39 -07:00
|
|
|
$maps = array();
|
|
|
|
|
|
|
|
|
|
$applications = PhabricatorApplication::getAllInstalledApplications();
|
|
|
|
|
foreach ($applications as $application) {
|
|
|
|
|
$maps[] = array($application, $application->getRoutes());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$current_application = null;
|
2012-08-06 12:46:51 -07:00
|
|
|
$controller_class = null;
|
2012-08-05 14:03:39 -07:00
|
|
|
foreach ($maps as $map_info) {
|
|
|
|
|
list($application, $map) = $map_info;
|
|
|
|
|
|
|
|
|
|
$mapper = new AphrontURIMapper($map);
|
|
|
|
|
list($controller_class, $uri_data) = $mapper->mapPath($path);
|
|
|
|
|
|
|
|
|
|
if ($controller_class) {
|
|
|
|
|
if ($application) {
|
|
|
|
|
$current_application = $application;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-01-16 13:51:39 -08:00
|
|
|
|
2011-01-29 16:16:09 -08:00
|
|
|
if (!$controller_class) {
|
2012-08-06 12:46:51 -07:00
|
|
|
return array(null, null);
|
2011-01-29 16:16:09 -08:00
|
|
|
}
|
|
|
|
|
|
2012-08-06 12:46:51 -07:00
|
|
|
$request = $this->getRequest();
|
|
|
|
|
|
Decouple some aspects of request routing and construction
Summary:
Ref T5702. This is a forward-looking change which provides some very broad API improvements but does not implement them. In particular:
- Controllers no longer require `$request` to construct. This is mostly for T5702, directly, but simplifies things in general. Instead, we call `setRequest()` before using a controller. Only a small number of sites activate controllers, so this is less code overall, and more consistent with most constructors not having any parameters or effects.
- `$request` now offers `getURIData($key, ...)`. This is an alternate way of accessing `$data` which is currently only available on `willProcessRequest(array $data)`. Almost all controllers which implement this method do so in order to read one or two things out of the URI data. Instead, let them just read this data directly when processing the request.
- Introduce `handleRequest(AphrontRequest $request)` and deprecate (very softly) `processRequest()`. The majority of `processRequest()` calls begin `$request = $this->getRequest()`, which is avoided with the more practical signature.
- Provide `getViewer()` on `$request`, and a convenience `getViewer()` on `$controller`. This fixes `$viewer = $request->getUser();` into `$viewer = $request->getViewer();`, and converts the `$request + $viewer` two-liner into a single `$this->getViewer()`.
Test Plan:
- Browsed around in general.
- Hit special controllers (redirect, 404).
- Hit AuditList controller (uses new style).
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T5702
Differential Revision: https://secure.phabricator.com/D10698
2014-10-17 05:01:40 -07:00
|
|
|
$controller = newv($controller_class, array());
|
2012-08-05 14:03:39 -07:00
|
|
|
if ($current_application) {
|
|
|
|
|
$controller->setCurrentApplication($current_application);
|
|
|
|
|
}
|
2011-01-16 13:51:39 -08:00
|
|
|
|
|
|
|
|
return array($controller, $uri_data);
|
|
|
|
|
}
|
2014-07-10 08:12:48 +10:00
|
|
|
|
2011-01-16 13:51:39 -08:00
|
|
|
}
|