public function didRunTestCases(array $test_cases)
 {
     if (self::$storageFixture) {
         self::$storageFixtureReferences--;
         if (!self::$storageFixtureReferences) {
             self::$storageFixture = null;
         }
     }
     --self::$testsAreRunning;
 }
Example #2
0
 public static function getDeviceID()
 {
     // While running unit tests, ignore any configured device identity.
     try {
         PhabricatorTestCase::assertExecutingUnitTests();
         return null;
     } catch (Exception $ex) {
         // Continue normally.
     }
     $device_id_path = self::getKeyPath('device.id');
     if (Filesystem::pathExists($device_id_path)) {
         return trim(Filesystem::readFile($device_id_path));
     }
     return null;
 }
 public function willBeginExecution()
 {
     $request = $this->getRequest();
     if ($request->getUser()) {
         // NOTE: Unit tests can set a user explicitly. Normal requests are not
         // permitted to do this.
         PhabricatorTestCase::assertExecutingUnitTests();
         $user = $request->getUser();
     } else {
         $user = new PhabricatorUser();
         $session_engine = new PhabricatorAuthSessionEngine();
         $phsid = $request->getCookie(PhabricatorCookies::COOKIE_SESSION);
         if (strlen($phsid)) {
             $session_user = $session_engine->loadUserForSession(PhabricatorAuthSession::TYPE_WEB, $phsid);
             if ($session_user) {
                 $user = $session_user;
             }
         } else {
             // If the client doesn't have a session token, generate an anonymous
             // session. This is used to provide CSRF protection to logged-out users.
             $phsid = $session_engine->establishSession(PhabricatorAuthSession::TYPE_WEB, null, $partial = false);
             // This may be a resource request, in which case we just don't set
             // the cookie.
             if ($request->canSetCookies()) {
                 $request->setCookie(PhabricatorCookies::COOKIE_SESSION, $phsid);
             }
         }
         if (!$user->isLoggedIn()) {
             $user->attachAlternateCSRFString(PhabricatorHash::digest($phsid));
         }
         $request->setUser($user);
     }
     PhabricatorEnv::setLocaleCode($user->getTranslation());
     $preferences = $user->loadPreferences();
     if (PhabricatorEnv::getEnvConfig('darkconsole.enabled')) {
         $dark_console = PhabricatorUserPreferences::PREFERENCE_DARK_CONSOLE;
         if ($preferences->getPreference($dark_console) || PhabricatorEnv::getEnvConfig('darkconsole.always-on')) {
             $console = new DarkConsoleCore();
             $request->getApplicationConfiguration()->setConsole($console);
         }
     }
     // NOTE: We want to set up the user first so we can render a real page
     // here, but fire this before any real logic.
     $restricted = array('code');
     foreach ($restricted as $parameter) {
         if ($request->getExists($parameter)) {
             if (!$this->shouldAllowRestrictedParameter($parameter)) {
                 throw new Exception(pht('Request includes restricted parameter "%s", but this ' . 'controller ("%s") does not whitelist it. Refusing to ' . 'serve this request because it might be part of a redirection ' . 'attack.', $parameter, get_class($this)));
             }
         }
     }
     if ($this->shouldRequireEnabledUser()) {
         if ($user->isLoggedIn() && !$user->getIsApproved()) {
             $controller = new PhabricatorAuthNeedsApprovalController();
             return $this->delegateToController($controller);
         }
         if ($user->getIsDisabled()) {
             $controller = new PhabricatorDisabledUserController();
             return $this->delegateToController($controller);
         }
     }
     $auth_class = 'PhabricatorAuthApplication';
     $auth_application = PhabricatorApplication::getByClass($auth_class);
     // Require partial sessions to finish login before doing anything.
     if (!$this->shouldAllowPartialSessions()) {
         if ($user->hasSession() && $user->getSession()->getIsPartial()) {
             $login_controller = new PhabricatorAuthFinishController();
             $this->setCurrentApplication($auth_application);
             return $this->delegateToController($login_controller);
         }
     }
     // Check if the user needs to configure MFA.
     $need_mfa = $this->shouldRequireMultiFactorEnrollment();
     $have_mfa = $user->getIsEnrolledInMultiFactor();
     if ($need_mfa && !$have_mfa) {
         // Check if the cache is just out of date. Otherwise, roadblock the user
         // and require MFA enrollment.
         $user->updateMultiFactorEnrollment();
         if (!$user->getIsEnrolledInMultiFactor()) {
             $mfa_controller = new PhabricatorAuthNeedsMultiFactorController();
             $this->setCurrentApplication($auth_application);
             return $this->delegateToController($mfa_controller);
         }
     }
     if ($this->shouldRequireLogin()) {
         // This actually means we need either:
         //   - a valid user, or a public controller; and
         //   - permission to see the application; and
         //   - permission to see at least one Space if spaces are configured.
         $allow_public = $this->shouldAllowPublic() && PhabricatorEnv::getEnvConfig('policy.allow-public');
         // If this controller isn't public, and the user isn't logged in, require
         // login.
         if (!$allow_public && !$user->isLoggedIn()) {
             $login_controller = new PhabricatorAuthStartController();
             $this->setCurrentApplication($auth_application);
             return $this->delegateToController($login_controller);
         }
         if ($user->isLoggedIn()) {
             if ($this->shouldRequireEmailVerification()) {
                 if (!$user->getIsEmailVerified()) {
                     $controller = new PhabricatorMustVerifyEmailController();
                     $this->setCurrentApplication($auth_application);
                     return $this->delegateToController($controller);
                 }
             }
         }
         // If Spaces are configured, require that the user have access to at
         // least one. If we don't do this, they'll get confusing error messages
         // later on.
         $spaces = PhabricatorSpacesNamespaceQuery::getSpacesExist();
         if ($spaces) {
             $viewer_spaces = PhabricatorSpacesNamespaceQuery::getViewerSpaces($user);
             if (!$viewer_spaces) {
                 $controller = new PhabricatorSpacesNoAccessController();
                 return $this->delegateToController($controller);
             }
         }
         // If the user doesn't have access to the application, don't let them use
         // any of its controllers. We query the application in order to generate
         // a policy exception if the viewer doesn't have permission.
         $application = $this->getCurrentApplication();
         if ($application) {
             id(new PhabricatorApplicationQuery())->setViewer($user)->withPHIDs(array($application->getPHID()))->executeOne();
         }
     }
     if (!$this->shouldAllowLegallyNonCompliantUsers()) {
         $legalpad_class = 'PhabricatorLegalpadApplication';
         $legalpad = id(new PhabricatorApplicationQuery())->setViewer($user)->withClasses(array($legalpad_class))->withInstalled(true)->execute();
         $legalpad = head($legalpad);
         $doc_query = id(new LegalpadDocumentQuery())->setViewer($user)->withSignatureRequired(1)->needViewerSignatures(true);
         if ($user->hasSession() && !$user->getSession()->getIsPartial() && !$user->getSession()->getSignedLegalpadDocuments() && $user->isLoggedIn() && $legalpad) {
             $sign_docs = $doc_query->execute();
             $must_sign_docs = array();
             foreach ($sign_docs as $sign_doc) {
                 if (!$sign_doc->getUserSignature($user->getPHID())) {
                     $must_sign_docs[] = $sign_doc;
                 }
             }
             if ($must_sign_docs) {
                 $controller = new LegalpadDocumentSignController();
                 $this->getRequest()->setURIMap(array('id' => head($must_sign_docs)->getID()));
                 $this->setCurrentApplication($legalpad);
                 return $this->delegateToController($controller);
             } else {
                 $engine = id(new PhabricatorAuthSessionEngine())->signLegalpadDocuments($user, $sign_docs);
             }
         }
     }
     // NOTE: We do this last so that users get a login page instead of a 403
     // if they need to login.
     if ($this->shouldRequireAdmin() && !$user->getIsAdmin()) {
         return new Aphront403Response();
     }
 }
 protected function didRunTests()
 {
     $config = $this->getComputedConfiguration();
     if ($config[self::PHABRICATOR_TESTCONFIG_ISOLATE_LISK]) {
         LiskDAO::endIsolateAllLiskEffectsToCurrentProcess();
     }
     if (self::$storageFixture) {
         self::$storageFixtureReferences--;
         if (!self::$storageFixtureReferences) {
             self::$storageFixture = null;
         }
     }
     try {
         unset($this->env);
     } catch (Exception $ex) {
         throw new Exception("Some test called PhabricatorEnv::beginScopedEnv(), but is still " . "holding a reference to the scoped environment!");
     }
 }
 protected function willRunTests()
 {
     parent::willRunTests();
     id(new PhabricatorCalendarHoliday())->setDay('2012-01-02')->setName(pht('International Testing Day'))->save();
 }