recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Conpherence: Add a capability to restrict room creation

Summary:
This capability controls which users are allowed to create rooms.
By default anyone is allowed to do so, similar to how it was before.

Closes T16021

Test Plan:
* Change the policy for room creation in Conpherence to Administrators
* Sign-in with a non administrator
* Go to conpherence and see that "Create a Room" is greyed out
* Click on "Create a Room" and see an error message warning about insufficient permissions

Reviewers: O1 Blessed Committers, avivey

Reviewed By: O1 Blessed Committers, avivey

Subscribers: avivey, tobiaswiese, valerio.bozzolan, Matthew, Cigaryno

Maniphest Tasks: T16021

Differential Revision: https://we.phorge.it/D26375

mainframe98 58bb96ae 5d98b56e

+56
+2
src/__phutil_library_map__.php
··· 379 379 'ConpherenceConduitAPIMethod' => 'applications/conpherence/conduit/ConpherenceConduitAPIMethod.php', 380 380 'ConpherenceConstants' => 'applications/conpherence/constants/ConpherenceConstants.php', 381 381 'ConpherenceController' => 'applications/conpherence/controller/ConpherenceController.php', 382 + 'ConpherenceCreateRoomCapability' => 'applications/conpherence/capability/ConpherenceCreateRoomCapability.php', 382 383 'ConpherenceCreateThreadConduitAPIMethod' => 'applications/conpherence/conduit/ConpherenceCreateThreadConduitAPIMethod.php', 383 384 'ConpherenceDAO' => 'applications/conpherence/storage/ConpherenceDAO.php', 384 385 'ConpherenceDurableColumnView' => 'applications/conpherence/view/ConpherenceDurableColumnView.php', ··· 6403 6404 'ConpherenceConduitAPIMethod' => 'ConduitAPIMethod', 6404 6405 'ConpherenceConstants' => 'Phobject', 6405 6406 'ConpherenceController' => 'PhabricatorController', 6407 + 'ConpherenceCreateRoomCapability' => 'PhabricatorPolicyCapability', 6406 6408 'ConpherenceCreateThreadConduitAPIMethod' => 'ConpherenceConduitAPIMethod', 6407 6409 'ConpherenceDAO' => 'PhabricatorLiskDAO', 6408 6410 'ConpherenceDurableColumnView' => 'AphrontTagView',
+8
src/applications/conpherence/application/PhabricatorConpherenceApplication.php
··· 76 76 ); 77 77 } 78 78 79 + protected function getCustomCapabilities() { 80 + return array( 81 + ConpherenceCreateRoomCapability::CAPABILITY => array( 82 + 'default' => PhabricatorPolicies::POLICY_USER, 83 + ), 84 + ); 85 + } 86 + 79 87 public function getMailCommandObjects() { 80 88 81 89 // TODO: Conpherence threads don't currently support any commands directly,
+16
src/applications/conpherence/capability/ConpherenceCreateRoomCapability.php
··· 1 + <?php 2 + 3 + final class ConpherenceCreateRoomCapability 4 + extends PhabricatorPolicyCapability { 5 + 6 + const CAPABILITY = 'conpherence.create'; 7 + 8 + public function getCapabilityName() { 9 + return pht('Can Create Rooms'); 10 + } 11 + 12 + public function describeCapabilityRejection() { 13 + return pht('You do not have permission to create new rooms.'); 14 + } 15 + 16 + }
+6
src/applications/conpherence/controller/ConpherenceRoomEditController.php
··· 4 4 extends ConpherenceController { 5 5 6 6 public function handleRequest(AphrontRequest $request) { 7 + $id = $request->getURIData('id'); 8 + if (!$id) { 9 + $this->requireApplicationCapability( 10 + ConpherenceCreateRoomCapability::CAPABILITY); 11 + } 12 + 7 13 return id(new ConpherenceEditEngine()) 8 14 ->setController($this) 9 15 ->buildResponse();
+5
src/applications/conpherence/editor/ConpherenceEditEngine.php
··· 61 61 return $object->getURI(); 62 62 } 63 63 64 + protected function getCreateNewObjectPolicy() { 65 + return $this->getApplication()->getPolicy( 66 + ConpherenceCreateRoomCapability::CAPABILITY); 67 + } 68 + 64 69 public function isEngineConfigurable() { 65 70 return false; 66 71 }
+19
src/applications/conpherence/view/ConpherenceThreadListView.php
··· 24 24 public function render() { 25 25 require_celerity_resource('conpherence-menu-css'); 26 26 27 + $viewer = $this->getViewer(); 28 + $can_create_room = PhabricatorPolicyFilter::hasCapability( 29 + $viewer, 30 + PhabricatorApplication::getByClass( 31 + PhabricatorConpherenceApplication::class), 32 + ConpherenceCreateRoomCapability::CAPABILITY); 33 + 27 34 $menu = id(new PHUIListView()) 28 35 ->addClass('conpherence-menu') 29 36 ->setID('conpherence-menu'); ··· 43 50 ->setType(PHUIListItemView::TYPE_LINK) 44 51 ->setHref('/conpherence/new/') 45 52 ->setWorkflow(true) 53 + ->setDisabled(!$can_create_room) 46 54 ->setName(pht('Create a Room')); 47 55 $menu->addMenuItem($create_item); 48 56 } ··· 109 117 } 110 118 111 119 private function buildHeaderItemView() { 120 + $viewer = $this->getViewer(); 121 + $can_create_room = PhabricatorPolicyFilter::hasCapability( 122 + $viewer, 123 + PhabricatorApplication::getByClass( 124 + PhabricatorConpherenceApplication::class), 125 + ConpherenceCreateRoomCapability::CAPABILITY); 126 + 112 127 $rooms = phutil_tag( 113 128 'a', 114 129 array( ··· 125 140 ->setMetaData(array( 126 141 'tip' => pht('New Room'), 127 142 )); 143 + 144 + if (!$can_create_room) { 145 + $new_icon->setColor('lightgreytext'); 146 + } 128 147 129 148 $search_icon = id(new PHUIIconView()) 130 149 ->setIcon('fa-search')