recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Give Owners real view and edit policies

Summary: Fixes T10360. In modern code, most of the meat is automatic.

Test Plan:
- Edited view policy and edit policy from web UI.
- Viewed package, saw policy badge in header.
- Tried to edit a package as a user without permission, got appropriate disabled states and errors.
- Changed policies via Conduit.
- Tried to view a package as a user without permission.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10360

Differential Revision: https://secure.phabricator.com/D15275

epriestley 71ee97d7 f1f8ee8e

+83 -6
+2
resources/sql/autopatches/20160215.owners.policy.1.sql
··· 1 + ALTER TABLE {$NAMESPACE}_owners.owners_package 2 + ADD viewPolicy VARBINARY(64) NOT NULL;
+2
resources/sql/autopatches/20160215.owners.policy.2.sql
··· 1 + ALTER TABLE {$NAMESPACE}_owners.owners_package 2 + ADD editPolicy VARBINARY(64) NOT NULL;
+2
resources/sql/autopatches/20160215.owners.policy.3.sql
··· 1 + UPDATE {$NAMESPACE}_owners.owners_package 2 + SET viewPolicy = 'users' WHERE viewPolicy = '';
+2
resources/sql/autopatches/20160215.owners.policy.4.sql
··· 1 + UPDATE {$NAMESPACE}_owners.owners_package 2 + SET editPolicy = 'users' WHERE editPolicy = '';
+4
src/__phutil_library_map__.php
··· 2665 2665 'PhabricatorOwnersCustomFieldStorage' => 'applications/owners/storage/PhabricatorOwnersCustomFieldStorage.php', 2666 2666 'PhabricatorOwnersCustomFieldStringIndex' => 'applications/owners/storage/PhabricatorOwnersCustomFieldStringIndex.php', 2667 2667 'PhabricatorOwnersDAO' => 'applications/owners/storage/PhabricatorOwnersDAO.php', 2668 + 'PhabricatorOwnersDefaultEditCapability' => 'applications/owners/capability/PhabricatorOwnersDefaultEditCapability.php', 2669 + 'PhabricatorOwnersDefaultViewCapability' => 'applications/owners/capability/PhabricatorOwnersDefaultViewCapability.php', 2668 2670 'PhabricatorOwnersDetailController' => 'applications/owners/controller/PhabricatorOwnersDetailController.php', 2669 2671 'PhabricatorOwnersEditController' => 'applications/owners/controller/PhabricatorOwnersEditController.php', 2670 2672 'PhabricatorOwnersListController' => 'applications/owners/controller/PhabricatorOwnersListController.php', ··· 7036 7038 'PhabricatorOwnersCustomFieldStorage' => 'PhabricatorCustomFieldStorage', 7037 7039 'PhabricatorOwnersCustomFieldStringIndex' => 'PhabricatorCustomFieldStringIndexStorage', 7038 7040 'PhabricatorOwnersDAO' => 'PhabricatorLiskDAO', 7041 + 'PhabricatorOwnersDefaultEditCapability' => 'PhabricatorPolicyCapability', 7042 + 'PhabricatorOwnersDefaultViewCapability' => 'PhabricatorPolicyCapability', 7039 7043 'PhabricatorOwnersDetailController' => 'PhabricatorOwnersController', 7040 7044 'PhabricatorOwnersEditController' => 'PhabricatorOwnersController', 7041 7045 'PhabricatorOwnersListController' => 'PhabricatorOwnersController',
+15
src/applications/owners/application/PhabricatorOwnersApplication.php
··· 54 54 ); 55 55 } 56 56 57 + protected function getCustomCapabilities() { 58 + return array( 59 + PhabricatorOwnersDefaultViewCapability::CAPABILITY => array( 60 + 'caption' => pht('Default view policy for newly created packages.'), 61 + 'template' => PhabricatorOwnersPackagePHIDType::TYPECONST, 62 + 'capability' => PhabricatorPolicyCapability::CAN_VIEW, 63 + ), 64 + PhabricatorOwnersDefaultEditCapability::CAPABILITY => array( 65 + 'caption' => pht('Default edit policy for newly created packages.'), 66 + 'template' => PhabricatorOwnersPackagePHIDType::TYPECONST, 67 + 'capability' => PhabricatorPolicyCapability::CAN_EDIT, 68 + ), 69 + ); 70 + } 71 + 57 72 }
+12
src/applications/owners/capability/PhabricatorOwnersDefaultEditCapability.php
··· 1 + <?php 2 + 3 + final class PhabricatorOwnersDefaultEditCapability 4 + extends PhabricatorPolicyCapability { 5 + 6 + const CAPABILITY = 'owners.default.edit'; 7 + 8 + public function getCapabilityName() { 9 + return pht('Default Edit Policy'); 10 + } 11 + 12 + }
+16
src/applications/owners/capability/PhabricatorOwnersDefaultViewCapability.php
··· 1 + <?php 2 + 3 + final class PhabricatorOwnersDefaultViewCapability 4 + extends PhabricatorPolicyCapability { 5 + 6 + const CAPABILITY = 'owners.default.view'; 7 + 8 + public function getCapabilityName() { 9 + return pht('Default View Policy'); 10 + } 11 + 12 + public function shouldAllowPublicPolicySetting() { 13 + return true; 14 + } 15 + 16 + }
+4 -2
src/applications/owners/controller/PhabricatorOwnersDetailController.php
··· 211 211 private function buildPackageActionView(PhabricatorOwnersPackage $package) { 212 212 $viewer = $this->getViewer(); 213 213 214 - // TODO: Implement this capability. 215 - $can_edit = true; 214 + $can_edit = PhabricatorPolicyFilter::hasCapability( 215 + $viewer, 216 + $package, 217 + PhabricatorPolicyCapability::CAN_EDIT); 216 218 217 219 $id = $package->getID(); 218 220 $edit_uri = $this->getApplicationURI("/edit/{$id}/");
+1 -2
src/applications/owners/controller/PhabricatorOwnersPathsController.php
··· 12 12 ->requireCapabilities( 13 13 array( 14 14 PhabricatorPolicyCapability::CAN_VIEW, 15 - // TODO: Support this capability. 16 - // PhabricatorPolicyCapability::CAN_EDIT, 15 + PhabricatorPolicyCapability::CAN_EDIT, 17 16 )) 18 17 ->needPaths(true) 19 18 ->executeOne();
+3
src/applications/owners/editor/PhabricatorOwnersPackageTransactionEditor.php
··· 21 21 $types[] = PhabricatorOwnersPackageTransaction::TYPE_PATHS; 22 22 $types[] = PhabricatorOwnersPackageTransaction::TYPE_STATUS; 23 23 24 + $types[] = PhabricatorTransactions::TYPE_VIEW_POLICY; 25 + $types[] = PhabricatorTransactions::TYPE_EDIT_POLICY; 26 + 24 27 return $types; 25 28 } 26 29
+20 -2
src/applications/owners/storage/PhabricatorOwnersPackage.php
··· 18 18 protected $primaryOwnerPHID; 19 19 protected $mailKey; 20 20 protected $status; 21 + protected $viewPolicy; 22 + protected $editPolicy; 21 23 22 24 private $paths = self::ATTACHABLE; 23 25 private $owners = self::ATTACHABLE; ··· 27 29 const STATUS_ARCHIVED = 'archived'; 28 30 29 31 public static function initializeNewPackage(PhabricatorUser $actor) { 32 + $app = id(new PhabricatorApplicationQuery()) 33 + ->setViewer($actor) 34 + ->withClasses(array('PhabricatorOwnersApplication')) 35 + ->executeOne(); 36 + 37 + $view_policy = $app->getPolicy( 38 + PhabricatorOwnersDefaultViewCapability::CAPABILITY); 39 + $edit_policy = $app->getPolicy( 40 + PhabricatorOwnersDefaultEditCapability::CAPABILITY); 41 + 30 42 return id(new PhabricatorOwnersPackage()) 31 43 ->setAuditingEnabled(0) 44 + ->setViewPolicy($view_policy) 45 + ->setEditPolicy($edit_policy) 32 46 ->attachPaths(array()) 33 47 ->setStatus(self::STATUS_ACTIVE) 34 48 ->attachOwners(array()) ··· 287 301 } 288 302 289 303 public function getPolicy($capability) { 290 - // TODO: Implement proper policies. 291 - return PhabricatorPolicies::POLICY_USER; 304 + switch ($capability) { 305 + case PhabricatorPolicyCapability::CAN_VIEW: 306 + return $this->getViewPolicy(); 307 + case PhabricatorPolicyCapability::CAN_EDIT: 308 + return $this->getEditPolicy(); 309 + } 292 310 } 293 311 294 312 public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {