recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Remove some defunct old-style transaction policy checks

Summary:
Ref PHI193. This method of enforcing policy checks is now (mostly) obsolete, and they're generally checked at the Controller/API level instead.

Notably, this method does not call `adjustObjectForPolicyChecks(...)` properly, so it can not handle special cases like "creating a project and taking its newly created members into account" for object policies like "Project Members".

Just remove these checks, which are redundant with checks elsewhere.

Test Plan:
- Set Project application default edit policy to "Administrators and Project Members".
- Tried to create a project as a non-administrator, adding myself.
- Before patch: policy fatal on a VOID object (the project with no PHID generated yet).
- After patch: object created properly. Got a sensible policy error if I didn't include myself as a member.
- Also verified that other edit rules are still enforced/respected (I can't edit stuff I shouldn't be able to edit).
- There's at least a bit of unit test coverage of this, too, which I updated to work via API (which hits the new broad capability checks) instead of via low-level transactions (which enforce only a subset of policy operations now).

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D18763

epriestley 587faa6f cc865e54

+13 -17
+13 -7
src/applications/project/__tests__/PhabricatorProjectCoreTestCase.php
··· 146 146 $user = $this->createUser(); 147 147 $user->save(); 148 148 149 - $user2 = $this->createUser(); 150 - $user2->save(); 149 + $user->setAllowInlineCacheGeneration(true); 151 150 152 151 $proj = $this->createProject($user); 153 152 ··· 1289 1288 1290 1289 $new_name = $proj->getName().' '.mt_rand(); 1291 1290 1292 - $xaction = new PhabricatorProjectTransaction(); 1293 - $xaction->setTransactionType( 1294 - PhabricatorProjectNameTransaction::TRANSACTIONTYPE); 1295 - $xaction->setNewValue($new_name); 1291 + $params = array( 1292 + 'objectIdentifier' => $proj->getID(), 1293 + 'transactions' => array( 1294 + array( 1295 + 'type' => 'name', 1296 + 'value' => $new_name, 1297 + ), 1298 + ), 1299 + ); 1296 1300 1297 - $this->applyTransactions($proj, $user, array($xaction)); 1301 + id(new ConduitCall('project.edit', $params)) 1302 + ->setUser($user) 1303 + ->execute(); 1298 1304 1299 1305 return true; 1300 1306 }
-10
src/applications/project/editor/PhabricatorProjectTransactionEditor.php
··· 120 120 PhabricatorApplicationTransaction $xaction) { 121 121 122 122 switch ($xaction->getTransactionType()) { 123 - case PhabricatorProjectNameTransaction::TRANSACTIONTYPE: 124 - case PhabricatorProjectStatusTransaction::TRANSACTIONTYPE: 125 - case PhabricatorProjectImageTransaction::TRANSACTIONTYPE: 126 - case PhabricatorProjectIconTransaction::TRANSACTIONTYPE: 127 - case PhabricatorProjectColorTransaction::TRANSACTIONTYPE: 128 - PhabricatorPolicyFilter::requireCapability( 129 - $this->requireActor(), 130 - $object, 131 - PhabricatorPolicyCapability::CAN_EDIT); 132 - return; 133 123 case PhabricatorProjectLockTransaction::TRANSACTIONTYPE: 134 124 PhabricatorPolicyFilter::requireCapability( 135 125 $this->requireActor(),