コード例 #1
0
 public function processRequest()
 {
     $alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
     if (!$alt) {
         return new Aphront400Response();
     }
     $request = $this->getRequest();
     $alt_domain = id(new PhutilURI($alt))->getDomain();
     if ($alt_domain != $request->getHost()) {
         return new Aphront400Response();
     }
     $file = id(new PhabricatorFile())->loadOneWhere('phid = %s', $this->phid);
     if (!$file) {
         return new Aphront404Response();
     }
     if (!$file->validateSecretKey($this->key)) {
         return new Aphront404Response();
     }
     // It's safe to bypass view restrictions because we know we are being served
     // off an alternate domain which we will not set cookies on.
     $data = $file->loadFileData();
     $response = new AphrontFileResponse();
     $response->setContent($data);
     $response->setMimeType($file->getMimeType());
     $response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
     return $response;
 }
コード例 #2
0
 public function processRequest()
 {
     $path = $this->path;
     // Sanity checking to keep this from exposing anything sensitive.
     $path = preg_replace('@(//|\\.\\.)@', '', $path);
     $matches = null;
     if (!preg_match('/\\.(css|js)$/', $path, $matches)) {
         throw new Exception("Only CSS and JS resources may be served.");
     }
     if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && !PhabricatorEnv::getEnvConfig('celerity.force-disk-reads')) {
         // Return a "304 Not Modified". We don't care about the value of this
         // field since we never change what resource is served by a given URI.
         return $this->makeResponseCacheable(new Aphront304Response());
     }
     $type = $matches[1];
     $root = dirname(phutil_get_library_root('phabricator'));
     if ($this->package) {
         $map = CelerityResourceMap::getInstance();
         $paths = $map->resolvePackage($this->hash);
         if (!$paths) {
             return new Aphront404Response();
         }
         try {
             $data = array();
             foreach ($paths as $path) {
                 $data[] = Filesystem::readFile($root . '/webroot/' . $path);
             }
             $data = implode("\n\n", $data);
         } catch (Exception $ex) {
             return new Aphront404Response();
         }
     } else {
         try {
             $data = Filesystem::readFile($root . '/webroot/' . $path);
         } catch (Exception $ex) {
             return new Aphront404Response();
         }
     }
     $response = new AphrontFileResponse();
     $response->setContent($data);
     switch ($type) {
         case 'css':
             $response->setMimeType("text/css; charset=utf-8");
             break;
         case 'js':
             $response->setMimeType("text/javascript; charset=utf-8");
             break;
     }
     return $this->makeResponseCacheable($response);
 }
コード例 #3
0
 public function processRequest()
 {
     $path = $this->path;
     // Sanity checking to keep this from exposing anything sensitive, since it
     // ultimately boils down to disk reads.
     if (preg_match('@(//|\\.\\.)@', $path)) {
         return new Aphront400Response();
     }
     $type = CelerityResourceTransformer::getResourceType($path);
     $type_map = $this->getSupportedResourceTypes();
     if (empty($type_map[$type])) {
         throw new Exception("Only static resources may be served.");
     }
     if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && !PhabricatorEnv::getEnvConfig('celerity.force-disk-reads')) {
         // Return a "304 Not Modified". We don't care about the value of this
         // field since we never change what resource is served by a given URI.
         return $this->makeResponseCacheable(new Aphront304Response());
     }
     $root = dirname(phutil_get_library_root('phabricator'));
     if ($this->package) {
         $map = CelerityResourceMap::getInstance();
         $paths = $map->resolvePackage($this->hash);
         if (!$paths) {
             return new Aphront404Response();
         }
         try {
             $data = array();
             foreach ($paths as $package_path) {
                 $data[] = Filesystem::readFile($root . '/webroot/' . $package_path);
             }
             $data = implode("\n\n", $data);
         } catch (Exception $ex) {
             return new Aphront404Response();
         }
     } else {
         try {
             $data = Filesystem::readFile($root . '/webroot/' . $path);
         } catch (Exception $ex) {
             return new Aphront404Response();
         }
     }
     $xformer = new CelerityResourceTransformer();
     $xformer->setMinify(PhabricatorEnv::getEnvConfig('celerity.minify'));
     $xformer->setCelerityMap(CelerityResourceMap::getInstance());
     $data = $xformer->transformResource($path, $data);
     $response = new AphrontFileResponse();
     $response->setContent($data);
     $response->setMimeType($type_map[$type]);
     return $this->makeResponseCacheable($response);
 }
コード例 #4
0
 public function processRequest()
 {
     // Build the view selection form.
     $select_map = array('highlighted' => 'View as Highlighted Text', 'blame' => 'View as Highlighted Text with Blame', 'plain' => 'View as Plain Text', 'plainblame' => 'View as Plain Text with Blame', 'raw' => 'View as raw document');
     $request = $this->getRequest();
     $drequest = $this->getDiffusionRequest();
     $path = $drequest->getPath();
     $selected = $request->getStr('view');
     $needs_blame = $selected == 'blame' || $selected == 'plainblame';
     $file_query = DiffusionFileContentQuery::newFromDiffusionRequest($this->diffusionRequest);
     $file_query->setNeedsBlame($needs_blame);
     $file_query->loadFileContent();
     $data = $file_query->getRawData();
     if ($selected === 'raw') {
         $response = new AphrontFileResponse();
         $response->setContent($data);
         $mime_type = $this->getDocumentType($path);
         if ($mime_type) {
             $response->setMimeType($mime_type);
         } else {
             $as_filename = idx(pathinfo($path), 'basename');
             $response->setDownload($as_filename);
         }
         return $response;
     }
     $select = '<select name="view">';
     foreach ($select_map as $k => $v) {
         $option = phutil_render_tag('option', array('value' => $k, 'selected' => $k == $selected ? 'selected' : null), phutil_escape_html($v));
         $select .= $option;
     }
     $select .= '</select>';
     require_celerity_resource('diffusion-source-css');
     $view_select_panel = new AphrontPanelView();
     $view_select_form = phutil_render_tag('form', array('action' => $request->getRequestURI(), 'method' => 'get', 'class' => 'diffusion-browse-type-form'), $select . '<button>View</button>');
     $view_select_panel->appendChild($view_select_form);
     $view_select_panel->appendChild('<div style="clear: both;"></div>');
     // Build the content of the file.
     $corpus = $this->buildCorpus($selected, $file_query, $needs_blame, $drequest, $path, $data);
     // Render the page.
     $content = array();
     $content[] = $this->buildCrumbs(array('branch' => true, 'path' => true, 'view' => 'browse'));
     $content[] = $view_select_panel;
     $content[] = $corpus;
     $content[] = $this->buildOpenRevisions();
     $nav = $this->buildSideNav('browse', true);
     $nav->appendChild($content);
     $basename = basename($this->getDiffusionRequest()->getPath());
     return $this->buildStandardPageResponse($nav, array('title' => $basename));
 }
コード例 #5
0
 public function processRequest()
 {
     $request = $this->getRequest();
     $alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
     $uri = new PhutilURI($alt);
     $alt_domain = $uri->getDomain();
     if ($alt_domain && $alt_domain != $request->getHost()) {
         return id(new AphrontRedirectResponse())->setURI($uri->setPath($request->getPath()));
     }
     $file = id(new PhabricatorFile())->loadOneWhere('phid = %s', $this->phid);
     if (!$file) {
         return new Aphront404Response();
     }
     if (!$file->validateSecretKey($this->key)) {
         return new Aphront403Response();
     }
     $data = $file->loadFileData();
     $response = new AphrontFileResponse();
     $response->setContent($data);
     $response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
     $is_view = $file->isViewableInBrowser();
     if ($is_view) {
         $response->setMimeType($file->getViewableMimeType());
     } else {
         if (!$request->isHTTPPost()) {
             // NOTE: Require POST to download files. We'd rather go full-bore and
             // do a real CSRF check, but can't currently authenticate users on the
             // file domain. This should blunt any attacks based on iframes, script
             // tags, applet tags, etc., at least. Send the user to the "info" page
             // if they're using some other method.
             return id(new AphrontRedirectResponse())->setURI(PhabricatorEnv::getProductionURI($file->getBestURI()));
         }
         $response->setMimeType($file->getMimeType());
         $response->setDownload($file->getName());
     }
     return $response;
 }
コード例 #6
0
 protected function serveResource(array $spec)
 {
     $path = $spec['path'];
     $hash = idx($spec, 'hash');
     // Sanity checking to keep this from exposing anything sensitive, since it
     // ultimately boils down to disk reads.
     if (preg_match('@(//|\\.\\.)@', $path)) {
         return new Aphront400Response();
     }
     $type = CelerityResourceTransformer::getResourceType($path);
     $type_map = self::getSupportedResourceTypes();
     if (empty($type_map[$type])) {
         throw new Exception(pht('Only static resources may be served.'));
     }
     $dev_mode = PhabricatorEnv::getEnvConfig('phabricator.developer-mode');
     $map = $this->getCelerityResourceMap();
     $expect_hash = $map->getHashForName($path);
     // Test if the URI hash is correct for our current resource map. If it
     // is not, refuse to cache this resource. This avoids poisoning caches
     // and CDNs if we're getting a request for a new resource to an old node
     // shortly after a push.
     $is_cacheable = $hash === $expect_hash;
     $is_locally_cacheable = $this->isLocallyCacheableResourceType($type);
     if (AphrontRequest::getHTTPHeader('If-Modified-Since') && $is_cacheable) {
         // Return a "304 Not Modified". We don't care about the value of this
         // field since we never change what resource is served by a given URI.
         return $this->makeResponseCacheable(new Aphront304Response());
     }
     $cache = null;
     $data = null;
     if ($is_cacheable && $is_locally_cacheable && !$dev_mode) {
         $cache = PhabricatorCaches::getImmutableCache();
         $request_path = $this->getRequest()->getPath();
         $cache_key = $this->getCacheKey($request_path);
         $data = $cache->getKey($cache_key);
     }
     if ($data === null) {
         if ($map->isPackageResource($path)) {
             $resource_names = $map->getResourceNamesForPackageName($path);
             if (!$resource_names) {
                 return new Aphront404Response();
             }
             try {
                 $data = array();
                 foreach ($resource_names as $resource_name) {
                     $data[] = $map->getResourceDataForName($resource_name);
                 }
                 $data = implode("\n\n", $data);
             } catch (Exception $ex) {
                 return new Aphront404Response();
             }
         } else {
             try {
                 $data = $map->getResourceDataForName($path);
             } catch (Exception $ex) {
                 return new Aphront404Response();
             }
         }
         $xformer = $this->buildResourceTransformer();
         if ($xformer) {
             $data = $xformer->transformResource($path, $data);
         }
         if ($cache) {
             $cache->setKey($cache_key, $data);
         }
     }
     $response = new AphrontFileResponse();
     $response->setContent($data);
     $response->setMimeType($type_map[$type]);
     // NOTE: This is a piece of magic required to make WOFF fonts work in
     // Firefox and IE. Possibly we should generalize this more.
     $cross_origin_types = array('woff' => true, 'woff2' => true, 'eot' => true);
     if (isset($cross_origin_types[$type])) {
         // We could be more tailored here, but it's not currently trivial to
         // generate a comprehensive list of valid origins (an install may have
         // arbitrarily many Phame blogs, for example), and we lose nothing by
         // allowing access from anywhere.
         $response->addAllowOrigin('*');
     }
     if ($is_cacheable) {
         $response = $this->makeResponseCacheable($response);
     }
     return $response;
 }
コード例 #7
0
 public function processRequest()
 {
     $request = $this->getRequest();
     $user = $request->getUser();
     $file = id(new PhabricatorFile())->loadOneWhere('phid = %s', $this->phid);
     if (!$file) {
         return new Aphront404Response();
     }
     switch ($this->view) {
         case 'download':
         case 'view':
             $data = $file->loadFileData();
             $response = new AphrontFileResponse();
             $response->setContent($data);
             $response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
             if ($this->view == 'view') {
                 if (!$file->isViewableInBrowser()) {
                     return new Aphront400Response();
                 }
                 $download = false;
             } else {
                 $download = true;
             }
             if ($download) {
                 if (!$request->isFormPost()) {
                     // Require a POST to download files to hinder attacks where you
                     // <applet src="http://phabricator.example.com/file/..." /> on some
                     // other domain.
                     return id(new AphrontRedirectResponse())->setURI($file->getInfoURI());
                 }
             }
             if ($download) {
                 $mime_type = $file->getMimeType();
             } else {
                 $mime_type = $file->getViewableMimeType();
             }
             // If an alternate file domain is configured, forbid all views which
             // don't originate from it.
             if (!$download) {
                 $alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
                 if ($alt) {
                     $domain = id(new PhutilURI($alt))->getDomain();
                     if ($domain != $request->getHost()) {
                         return new Aphront400Response();
                     }
                 }
             }
             $response->setMimeType($mime_type);
             if ($download) {
                 $response->setDownload($file->getName());
             }
             return $response;
         default:
             break;
     }
     $author_child = null;
     if ($file->getAuthorPHID()) {
         $author = id(new PhabricatorUser())->loadOneWhere('phid = %s', $file->getAuthorPHID());
         if ($author) {
             $author_child = id(new AphrontFormStaticControl())->setLabel('Author')->setName('author')->setValue($author->getUserName());
         }
     }
     $form = new AphrontFormView();
     if ($file->isViewableInBrowser()) {
         $form->setAction($file->getViewURI());
         $button_name = 'View File';
     } else {
         $form->setAction('/file/download/' . $file->getPHID() . '/');
         $button_name = 'Download File';
     }
     $file_id = 'F' . $file->getID();
     $form->setUser($user);
     $form->appendChild(id(new AphrontFormStaticControl())->setLabel('Name')->setName('name')->setValue($file->getName()))->appendChild(id(new AphrontFormStaticControl())->setLabel('ID')->setName('id')->setValue($file_id)->setCaption('Download this file with: <tt>arc download ' . phutil_escape_html($file_id) . '</tt>'))->appendChild(id(new AphrontFormStaticControl())->setLabel('PHID')->setName('phid')->setValue($file->getPHID()))->appendChild($author_child)->appendChild(id(new AphrontFormStaticControl())->setLabel('Created')->setName('created')->setValue(phabricator_datetime($file->getDateCreated(), $user)))->appendChild(id(new AphrontFormStaticControl())->setLabel('Mime Type')->setName('mime')->setValue($file->getMimeType()))->appendChild(id(new AphrontFormStaticControl())->setLabel('Size')->setName('size')->setValue($file->getByteSize() . ' bytes'))->appendChild(id(new AphrontFormStaticControl())->setLabel('Engine')->setName('storageEngine')->setValue($file->getStorageEngine()))->appendChild(id(new AphrontFormStaticControl())->setLabel('Format')->setName('storageFormat')->setValue($file->getStorageFormat()))->appendChild(id(new AphrontFormStaticControl())->setLabel('Handle')->setName('storageHandle')->setValue($file->getStorageHandle()))->appendChild(id(new AphrontFormSubmitControl())->setValue($button_name));
     $panel = new AphrontPanelView();
     $panel->setHeader('File Info - ' . $file->getName());
     $panel->appendChild($form);
     $panel->setWidth(AphrontPanelView::WIDTH_FORM);
     $transformations = id(new PhabricatorTransformedFile())->loadAllWhere('originalPHID = %s', $file->getPHID());
     $rows = array();
     foreach ($transformations as $transformed) {
         $phid = $transformed->getTransformedPHID();
         $rows[] = array(phutil_escape_html($transformed->getTransform()), phutil_render_tag('a', array('href' => PhabricatorFileURI::getViewURIForPHID($phid)), $phid));
     }
     $table = new AphrontTableView($rows);
     $table->setHeaders(array('Transform', 'File'));
     $xform_panel = new AphrontPanelView();
     $xform_panel->appendChild($table);
     $xform_panel->setWidth(AphrontPanelView::WIDTH_FORM);
     $xform_panel->setHeader('Transformations');
     return $this->buildStandardPageResponse(array($panel, $xform_panel), array('title' => 'File Info - ' . $file->getName()));
 }
コード例 #8
0
 public function processRequest()
 {
     $request = $this->getRequest();
     $viewer = $this->getViewer();
     $alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
     $base_uri = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
     $alt_uri = new PhutilURI($alt);
     $alt_domain = $alt_uri->getDomain();
     $req_domain = $request->getHost();
     $main_domain = id(new PhutilURI($base_uri))->getDomain();
     $cache_response = true;
     if (empty($alt) || $main_domain == $alt_domain) {
         // Alternate files domain isn't configured or it's set
         // to the same as the default domain
         $response = $this->loadFile($viewer);
         if ($response) {
             return $response;
         }
         $file = $this->getFile();
         // when the file is not CDNable, don't allow cache
         $cache_response = $file->getCanCDN();
     } else {
         if ($req_domain != $alt_domain) {
             // Alternate domain is configured but this request isn't using it
             $response = $this->loadFile($viewer);
             if ($response) {
                 return $response;
             }
             $file = $this->getFile();
             // if the user can see the file, generate a token;
             // redirect to the alt domain with the token;
             $token_uri = $file->getCDNURIWithToken();
             $token_uri = new PhutilURI($token_uri);
             $token_uri = $this->addURIParameters($token_uri);
             return id(new AphrontRedirectResponse())->setIsExternal(true)->setURI($token_uri);
         } else {
             // We are using the alternate domain. We don't have authentication
             // on this domain, so we bypass policy checks when loading the file.
             $bypass_policies = PhabricatorUser::getOmnipotentUser();
             $response = $this->loadFile($bypass_policies);
             if ($response) {
                 return $response;
             }
             $file = $this->getFile();
             $acquire_token_uri = id(new PhutilURI($file->getViewURI()))->setDomain($main_domain);
             $acquire_token_uri = $this->addURIParameters($acquire_token_uri);
             if ($this->token) {
                 // validate the token, if it is valid, continue
                 $validated_token = $file->validateOneTimeToken($this->token);
                 if (!$validated_token) {
                     $dialog = $this->newDialog()->setShortTitle(pht('Expired File'))->setTitle(pht('File Link Has Expired'))->appendParagraph(pht('The link you followed to view this file is invalid or ' . 'expired.'))->appendParagraph(pht('Continue to generate a new link to the file. You may be ' . 'required to log in.'))->addCancelButton($acquire_token_uri, pht('Continue'));
                     // Build an explicit response so we can respond with HTTP/403 instead
                     // of HTTP/200.
                     $response = id(new AphrontDialogResponse())->setDialog($dialog)->setHTTPResponseCode(403);
                     return $response;
                 }
                 // return the file data without cache headers
                 $cache_response = false;
             } else {
                 if (!$file->getCanCDN()) {
                     // file cannot be served via cdn, and no token given
                     // redirect to the main domain to aquire a token
                     // This is marked as an "external" URI because it is fully qualified.
                     return id(new AphrontRedirectResponse())->setIsExternal(true)->setURI($acquire_token_uri);
                 }
             }
         }
     }
     $response = new AphrontFileResponse();
     if ($cache_response) {
         $response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
     }
     $begin = null;
     $end = null;
     // NOTE: It's important to accept "Range" requests when playing audio.
     // If we don't, Safari has difficulty figuring out how long sounds are
     // and glitches when trying to loop them. In particular, Safari sends
     // an initial request for bytes 0-1 of the audio file, and things go south
     // if we can't respond with a 206 Partial Content.
     $range = $request->getHTTPHeader('range');
     if ($range) {
         $matches = null;
         if (preg_match('/^bytes=(\\d+)-(\\d+)$/', $range, $matches)) {
             // Note that the "Range" header specifies bytes differently than
             // we do internally: the range 0-1 has 2 bytes (byte 0 and byte 1).
             $begin = (int) $matches[1];
             $end = (int) $matches[2] + 1;
             $response->setHTTPResponseCode(206);
             $response->setRange($begin, $end - 1);
         }
     } else {
         if (isset($validated_token)) {
             // We set this on the response, and the response deletes it after the
             // transfer completes. This allows transfers to be resumed, in theory.
             $response->setTemporaryFileToken($validated_token);
         }
     }
     $is_viewable = $file->isViewableInBrowser();
     $force_download = $request->getExists('download');
     if ($is_viewable && !$force_download) {
         $response->setMimeType($file->getViewableMimeType());
     } else {
         if (!$request->isHTTPPost() && !$alt_domain) {
             // NOTE: Require POST to download files from the primary domain. We'd
             // rather go full-bore and do a real CSRF check, but can't currently
             // authenticate users on the file domain. This should blunt any
             // attacks based on iframes, script tags, applet tags, etc., at least.
             // Send the user to the "info" page if they're using some other method.
             // This is marked as "external" because it is fully qualified.
             return id(new AphrontRedirectResponse())->setIsExternal(true)->setURI(PhabricatorEnv::getProductionURI($file->getBestURI()));
         }
         $response->setMimeType($file->getMimeType());
         $response->setDownload($file->getName());
     }
     $iterator = $file->getFileDataIterator($begin, $end);
     $response->setContentLength($file->getByteSize());
     $response->setContentIterator($iterator);
     return $response;
 }
コード例 #9
0
 public function handleRequest(AphrontRequest $request)
 {
     $viewer = $request->getViewer();
     $this->phid = $request->getURIData('phid');
     $this->key = $request->getURIData('key');
     $alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
     $base_uri = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
     $alt_uri = new PhutilURI($alt);
     $alt_domain = $alt_uri->getDomain();
     $req_domain = $request->getHost();
     $main_domain = id(new PhutilURI($base_uri))->getDomain();
     if (!strlen($alt) || $main_domain == $alt_domain) {
         // No alternate domain.
         $should_redirect = false;
         $is_alternate_domain = false;
     } else {
         if ($req_domain != $alt_domain) {
             // Alternate domain, but this request is on the main domain.
             $should_redirect = true;
             $is_alternate_domain = false;
         } else {
             // Alternate domain, and on the alternate domain.
             $should_redirect = false;
             $is_alternate_domain = true;
         }
     }
     $response = $this->loadFile();
     if ($response) {
         return $response;
     }
     $file = $this->getFile();
     if ($should_redirect) {
         return id(new AphrontRedirectResponse())->setIsExternal(true)->setURI($file->getCDNURI());
     }
     $response = new AphrontFileResponse();
     $response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
     $response->setCanCDN($file->getCanCDN());
     $begin = null;
     $end = null;
     // NOTE: It's important to accept "Range" requests when playing audio.
     // If we don't, Safari has difficulty figuring out how long sounds are
     // and glitches when trying to loop them. In particular, Safari sends
     // an initial request for bytes 0-1 of the audio file, and things go south
     // if we can't respond with a 206 Partial Content.
     $range = $request->getHTTPHeader('range');
     if ($range) {
         $matches = null;
         if (preg_match('/^bytes=(\\d+)-(\\d+)$/', $range, $matches)) {
             // Note that the "Range" header specifies bytes differently than
             // we do internally: the range 0-1 has 2 bytes (byte 0 and byte 1).
             $begin = (int) $matches[1];
             $end = (int) $matches[2] + 1;
             $response->setHTTPResponseCode(206);
             $response->setRange($begin, $end - 1);
         }
     }
     $is_viewable = $file->isViewableInBrowser();
     $force_download = $request->getExists('download');
     $request_type = $request->getHTTPHeader('X-Phabricator-Request-Type');
     $is_lfs = $request_type == 'git-lfs';
     if ($is_viewable && !$force_download) {
         $response->setMimeType($file->getViewableMimeType());
     } else {
         if (!$request->isHTTPPost() && !$is_alternate_domain && !$is_lfs) {
             // NOTE: Require POST to download files from the primary domain. We'd
             // rather go full-bore and do a real CSRF check, but can't currently
             // authenticate users on the file domain. This should blunt any
             // attacks based on iframes, script tags, applet tags, etc., at least.
             // Send the user to the "info" page if they're using some other method.
             // This is marked as "external" because it is fully qualified.
             return id(new AphrontRedirectResponse())->setIsExternal(true)->setURI(PhabricatorEnv::getProductionURI($file->getBestURI()));
         }
         $response->setMimeType($file->getMimeType());
         $response->setDownload($file->getName());
     }
     $iterator = $file->getFileDataIterator($begin, $end);
     $response->setContentLength($file->getByteSize());
     $response->setContentIterator($iterator);
     return $response;
 }
コード例 #10
0
 public function processRequest()
 {
     $request = $this->getRequest();
     $user = $request->getUser();
     $file = id(new PhabricatorFile())->loadOneWhere('phid = %s', $this->phid);
     if (!$file) {
         return new Aphront404Response();
     }
     switch ($this->view) {
         case 'download':
         case 'view':
             $data = $file->loadFileData();
             $response = new AphrontFileResponse();
             $response->setContent($data);
             $response->setCacheDurationInSeconds(60 * 60 * 24 * 30);
             if ($this->view == 'view') {
                 if (!$file->isViewableInBrowser()) {
                     return new Aphront400Response();
                 }
                 $download = false;
             } else {
                 $download = true;
             }
             if ($download) {
                 $mime_type = $file->getMimeType();
             } else {
                 $mime_type = $file->getViewableMimeType();
             }
             $response->setMimeType($mime_type);
             if ($download) {
                 $response->setDownload($file->getName());
             }
             return $response;
         default:
             break;
     }
     $author_child = null;
     if ($file->getAuthorPHID()) {
         $author = id(new PhabricatorUser())->loadOneWhere('phid = %s', $file->getAuthorPHID());
         if ($author) {
             $author_child = id(new AphrontFormStaticControl())->setLabel('Author')->setName('author')->setValue($author->getUserName());
         }
     }
     $form = new AphrontFormView();
     if ($file->isViewableInBrowser()) {
         $form->setAction('/file/view/' . $file->getPHID() . '/');
         $button_name = 'View File';
     } else {
         $form->setAction('/file/download/' . $file->getPHID() . '/');
         $button_name = 'Download File';
     }
     $file_id = 'F' . $file->getID();
     $form->setUser($user);
     $form->appendChild(id(new AphrontFormStaticControl())->setLabel('Name')->setName('name')->setValue($file->getName()))->appendChild(id(new AphrontFormStaticControl())->setLabel('ID')->setName('id')->setValue($file_id)->setCaption('Download this file with: <tt>arc download ' . phutil_escape_html($file_id) . '</tt>'))->appendChild(id(new AphrontFormStaticControl())->setLabel('PHID')->setName('phid')->setValue($file->getPHID()))->appendChild($author_child)->appendChild(id(new AphrontFormStaticControl())->setLabel('Created')->setName('created')->setValue(phabricator_datetime($file->getDateCreated(), $user)))->appendChild(id(new AphrontFormStaticControl())->setLabel('Mime Type')->setName('mime')->setValue($file->getMimeType()))->appendChild(id(new AphrontFormStaticControl())->setLabel('Size')->setName('size')->setValue($file->getByteSize() . ' bytes'))->appendChild(id(new AphrontFormStaticControl())->setLabel('Engine')->setName('storageEngine')->setValue($file->getStorageEngine()))->appendChild(id(new AphrontFormStaticControl())->setLabel('Format')->setName('storageFormat')->setValue($file->getStorageFormat()))->appendChild(id(new AphrontFormStaticControl())->setLabel('Handle')->setName('storageHandle')->setValue($file->getStorageHandle()))->appendChild(id(new AphrontFormSubmitControl())->setValue($button_name));
     $panel = new AphrontPanelView();
     $panel->setHeader('File Info - ' . $file->getName());
     $panel->appendChild($form);
     $panel->setWidth(AphrontPanelView::WIDTH_FORM);
     $transformations = id(new PhabricatorTransformedFile())->loadAllWhere('originalPHID = %s', $file->getPHID());
     $rows = array();
     foreach ($transformations as $transformed) {
         $phid = $transformed->getTransformedPHID();
         $rows[] = array(phutil_escape_html($transformed->getTransform()), phutil_render_tag('a', array('href' => PhabricatorFileURI::getViewURIForPHID($phid)), $phid));
     }
     $table = new AphrontTableView($rows);
     $table->setHeaders(array('Transform', 'File'));
     $xform_panel = new AphrontPanelView();
     $xform_panel->appendChild($table);
     $xform_panel->setWidth(AphrontPanelView::WIDTH_FORM);
     $xform_panel->setHeader('Transformations');
     return $this->buildStandardPageResponse(array($panel, $xform_panel), array('title' => 'File Info - ' . $file->getName()));
 }