recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Stabilize fatals when a build has a build plan the viewer can't see because of policy restrictions

Summary:
Ref T13526. Currently, if a build plan is restricted, viewers may fatal when trying to view related builds.

The old behavior allowed them to see the build even if they can not see the build plan. This is sort of incoherent, but try to stabilize things before fixing this.

Test Plan:
This is a muddy change.

- Created a build with a build plan that Alice can't see.
- As Alice, viewed the build page (restricted before, restricted after); the buildable page (fatal before, works after).
- Also viewed a revision page (works before and after, but user-reported fatal).

Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam

Maniphest Tasks: T13526

Differential Revision: https://secure.phabricator.com/D21194

epriestley 304467fe 186a12ef

+28 -3
+12 -3
src/applications/differential/storage/DifferentialRevision.php
··· 870 870 871 871 foreach ($builds as $key => $build) { 872 872 $plan = $build->getBuildPlan(); 873 - $hold_key = $behavior->getPlanOption($plan)->getKey(); 874 873 875 - $hold_never = ($hold_key === $key_never); 876 - $hold_building = ($hold_key === $key_building); 874 + // See T13526. If the viewer can't see the build plan, pretend it has 875 + // generic options. This is often wrong, but "often wrong" is better than 876 + // "fatal". 877 + if ($plan) { 878 + $hold_key = $behavior->getPlanOption($plan)->getKey(); 879 + 880 + $hold_never = ($hold_key === $key_never); 881 + $hold_building = ($hold_key === $key_building); 882 + } else { 883 + $hold_never = false; 884 + $hold_building = false; 885 + } 877 886 878 887 // If the build "Never" holds drafts from promoting, we don't care what 879 888 // the status is.
+16
src/applications/harbormaster/storage/build/HarbormasterBuild.php
··· 235 235 $restartable = HarbormasterBuildPlanBehavior::BEHAVIOR_RESTARTABLE; 236 236 $plan = $this->getBuildPlan(); 237 237 238 + // See T13526. Users who can't see the "BuildPlan" can end up here with 239 + // no object. This is highly questionable. 240 + if (!$plan) { 241 + throw new HarbormasterRestartException( 242 + pht('No Build Plan Permission'), 243 + pht( 244 + 'You can not restart this build because you do not have '. 245 + 'permission to access the build plan.')); 246 + } 247 + 238 248 $option = HarbormasterBuildPlanBehavior::getBehavior($restartable) 239 249 ->getPlanOption($plan); 240 250 $option_key = $option->getKey(); ··· 388 398 389 399 public function assertCanIssueCommand(PhabricatorUser $viewer, $command) { 390 400 $plan = $this->getBuildPlan(); 401 + 402 + // See T13526. Users without permission to access the build plan can 403 + // currently end up here with no "BuildPlan" object. 404 + if (!$plan) { 405 + return false; 406 + } 391 407 392 408 $need_edit = true; 393 409 switch ($command) {