phabricator/src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php

<?php

final class PhabricatorHighSecurityRequestExceptionHandler
  extends PhabricatorRequestExceptionHandler {

  public function getRequestExceptionHandlerPriority() {
    return 310000;
  }

  public function getRequestExceptionHandlerDescription() {
    return pht(
      'Handles high security exceptions which occur when a user needs '.
      'to present MFA credentials to take an action.');
  }

  public function canHandleRequestThrowable(
    AphrontRequest $request,
    $throwable) {

    if (!$this->isPhabricatorSite($request)) {
      return false;
    }

    return ($throwable instanceof PhabricatorAuthHighSecurityRequiredException);
  }

  public function handleRequestThrowable(
    AphrontRequest $request,
    $throwable) {

    $viewer = $this->getViewer($request);

    $form = id(new PhabricatorAuthSessionEngine())->renderHighSecurityForm(
      $throwable->getFactors(),
      $throwable->getFactorValidationResults(),
      $viewer,
      $request);

    $dialog = id(new AphrontDialogView())
      ->setUser($viewer)
      ->setTitle(pht('Entering High Security'))
      ->setShortTitle(pht('Security Checkpoint'))
      ->setWidth(AphrontDialogView::WIDTH_FORM)
      ->addHiddenInput(AphrontRequest::TYPE_HISEC, true)
      ->setErrors(
        array(
          pht(
            'You are taking an action which requires you to enter '.
            'high security.'),
        ))
      ->appendParagraph(
        pht(
          'High security mode helps protect your account from security '.
          'threats, like session theft or someone messing with your stuff '.
          'while you\'re grabbing a coffee. To enter high security mode, '.
          'confirm your credentials.'))
      ->appendChild($form->buildLayoutView())
      ->appendParagraph(
        pht(
          'Your account will remain in high security mode for a short '.
          'period of time. When you are finished taking sensitive '.
          'actions, you should leave high security.'))
      ->setSubmitURI($request->getPath())
      ->addCancelButton($throwable->getCancelURI())
      ->addSubmitButton(pht('Enter High Security'));

    $request_parameters = $request->getPassthroughRequestParameters(
      $respect_quicksand = true);
    foreach ($request_parameters as $key => $value) {
      $dialog->addHiddenInput($key, $value);
    }

    return $dialog;
  }

}
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00			`<?php`

			`final class PhabricatorHighSecurityRequestExceptionHandler`
			`extends PhabricatorRequestExceptionHandler {`

			`public function getRequestExceptionHandlerPriority() {`
			`return 310000;`
			`}`

			`public function getRequestExceptionHandlerDescription() {`
			`return pht(`
			`'Handles high security exceptions which occur when a user needs '.`
			`'to present MFA credentials to take an action.');`
			`}`

Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`public function canHandleRequestThrowable(`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00			`AphrontRequest $request,`
Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`$throwable) {`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00
			`if (!$this->isPhabricatorSite($request)) {`
			`return false;`
			`}`

Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`return ($throwable instanceof PhabricatorAuthHighSecurityRequiredException);`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00			`}`

Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`public function handleRequestThrowable(`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00			`AphrontRequest $request,`
Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`$throwable) {`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00
			`$viewer = $this->getViewer($request);`

			`$form = id(new PhabricatorAuthSessionEngine())->renderHighSecurityForm(`
Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`$throwable->getFactors(),`
			`$throwable->getFactorValidationResults(),`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00			`$viewer,`
			`$request);`

			`$dialog = id(new AphrontDialogView())`
			`->setUser($viewer)`
			`->setTitle(pht('Entering High Security'))`
			`->setShortTitle(pht('Security Checkpoint'))`
			`->setWidth(AphrontDialogView::WIDTH_FORM)`
			`->addHiddenInput(AphrontRequest::TYPE_HISEC, true)`
			`->setErrors(`
			`array(`
			`pht(`
			`'You are taking an action which requires you to enter '.`
			`'high security.'),`
			`))`
			`->appendParagraph(`
			`pht(`
			`'High security mode helps protect your account from security '.`
			`'threats, like session theft or someone messing with your stuff '.`
			`'while you\'re grabbing a coffee. To enter high security mode, '.`
			`'confirm your credentials.'))`
			`->appendChild($form->buildLayoutView())`
			`->appendParagraph(`
			`pht(`
			`'Your account will remain in high security mode for a short '.`
			`'period of time. When you are finished taking sensitive '.`
			`'actions, you should leave high security.'))`
			`->setSubmitURI($request->getPath())`
Pass all Throwables to Exception Handlers, not just Exceptions Summary: Ref T12855. PHP7 introduced "Throwables", which are sort of like super exceptions. Some errors that PHP raises at runtime have become Throwables instead of old-school errors now. The major effect this has is blank pages during development under PHP7 for certain classes of errors: they skip all the nice "show a pretty error" handlers and This isn't a compelete fix, but catches the most common classes of unexpected Throwable and sends them through the normal machinery. Principally, it shows a nice stack trace again instead of a blank page for a larger class of typos and minor mistakes. Test Plan: Before: blank page. After: {F5007979} Reviewers: chad, amckinley Reviewed By: chad Maniphest Tasks: T12855 Differential Revision: https://secure.phabricator.com/D18136 2017-06-19 12:51:00 -07:00			`->addCancelButton($throwable->getCancelURI())`
Modularize Aphront exception handling Summary: Ref T1806. Ref T7173. Depends on D14047. Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`. Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses. Test Plan: {F777391} - Hit a Conduit error (made a method throw). - Hit an Ajax error (made comment preview throw). - Hit a high security error (tried to edit TOTP). - Hit a rate limiting error (added a bunch of email addresses). - Hit a policy error (tried to look at something with no permission). - Hit an arbitrary exception (made a randomc ontroller throw). Reviewers: chad Reviewed By: chad Maniphest Tasks: T1806, T7173 Differential Revision: https://secure.phabricator.com/D14049 2015-09-03 10:04:42 -07:00			`->addSubmitButton(pht('Enter High Security'));`

			`$request_parameters = $request->getPassthroughRequestParameters(`
			`$respect_quicksand = true);`
			`foreach ($request_parameters as $key => $value) {`
			`$dialog->addHiddenInput($key, $value);`
			`}`

			`return $dialog;`
			`}`

			`}`