@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Prevent administrators from locking themselves out of applications

Summary: Ref T603. This could be a nicer UX, but limit the amount of foot-shooting that users can possibly do. You can still manage if you're really tricky ("Members of project X", then leave the project) but this should make it hard to make a mistake. It seems very unlikely any user ever intends to lock themselves out of an application.

Test Plan: Set an application's view policy to permissive ("Administrators") and nonpermissive ("No One") values. The former were accepted, the latter rejected.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7218

+13
+13
src/applications/meta/controller/PhabricatorApplicationEditController.php
··· 75 75 76 76 $value[$phid]['policy'] = $result + $value[$phid]['policy']; 77 77 78 + // Don't allow users to make policy edits which would lock them out of 79 + // applications, since they would be unable to undo those actions. 80 + PhabricatorEnv::overrideConfig($key, $value); 81 + PhabricatorPolicyFilter::mustRetainCapability( 82 + $user, 83 + $application, 84 + PhabricatorPolicyCapability::CAN_VIEW); 85 + 86 + PhabricatorPolicyFilter::mustRetainCapability( 87 + $user, 88 + $application, 89 + PhabricatorPolicyCapability::CAN_EDIT); 90 + 78 91 PhabricatorConfigEditor::storeNewValue( 79 92 $config_entry, 80 93 $value,