@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Modernize Transaction value controller, fixing logged-out policy issue
Summary: Fixes T9869. This specific transaction endpoint was missing `shouldAllowPublic()`. Also modernize things a little.
Test Plan: Viewed a policy change by clicking the policy name from the transaction record on a public object while logged out.
Reviewers: chad
Reviewed By: chad
Maniphest Tasks: T9869
Differential Revision: https://secure.phabricator.com/D14606
+13
-15
+13
-15
src/applications/transactions/controller/PhabricatorApplicationTransactionValueController.php
+13
-15
src/applications/transactions/controller/PhabricatorApplicationTransactionValueController.php
···
3
3
final class PhabricatorApplicationTransactionValueController
4
4
extends PhabricatorApplicationTransactionController {
5
5
6
-
private $value;
7
-
private $phid;
8
-
9
-
public function willProcessRequest(array $data) {
10
-
$this->phid = $data['phid'];
11
-
$this->value = $data['value'];
6
+
public function shouldAllowPublic() {
7
+
return true;
12
8
}
13
9
14
-
public function processRequest() {
10
+
public function handleRequest(AphrontRequest $request) {
15
11
$request = $this->getRequest();
16
12
$viewer = $request->getUser();
17
13
14
+
$phid = $request->getURIData('phid');
15
+
$type = $request->getURIData('value');
16
+
18
17
$xaction = id(new PhabricatorObjectQuery())
19
18
->setViewer($viewer)
20
-
->withPHIDs(array($this->phid))
19
+
->withPHIDs(array($phid))
21
20
->executeOne();
22
21
if (!$xaction) {
23
22
return new Aphront404Response();
···
42
41
break;
43
42
}
44
43
45
-
if ($this->value == 'old') {
44
+
if ($type == 'old') {
46
45
$value = $xaction->getOldValue();
47
46
} else {
48
47
$value = $xaction->getNewValue();
49
48
}
49
+
50
50
$policy = id(new PhabricatorPolicyQuery())
51
51
->setViewer($viewer)
52
52
->withPHIDs(array($value))
···
54
54
if (!$policy) {
55
55
return new Aphront404Response();
56
56
}
57
+
57
58
if ($policy->getType() != PhabricatorPolicyType::TYPE_CUSTOM) {
58
59
return new Aphront404Response();
59
60
}
···
66
67
67
68
$this->requireResource('policy-transaction-detail-css');
68
69
$cancel_uri = $this->guessCancelURI($viewer, $xaction);
69
-
$dialog = id(new AphrontDialogView())
70
-
->setUser($viewer)
70
+
71
+
return $this->newDialog()
71
72
->setTitle($policy->getFullName())
72
73
->setWidth(AphrontDialogView::WIDTH_FORM)
73
-
->appendChild(
74
-
$this->renderPolicyDetails($policy, $rule_objects))
74
+
->appendChild($this->renderPolicyDetails($policy, $rule_objects))
75
75
->addCancelButton($cancel_uri, pht('Close'));
76
-
77
-
return id(new AphrontDialogResponse())->setDialog($dialog);
78
76
}
79
77
80
78
private function extractPHIDs(