Update Charge and Cart policies in Phortune, and make URIs more consistent

Configure Feed

Issues Pull Requests Commits Tags

Feed URL

Select the types of activity you want to include in your feed.

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

Configure Feed

Issues Pull Requests Commits Tags

Feed URL

Select the types of activity you want to include in your feed.

Update Charge and Cart policies in Phortune, and make URIs more consistent

Summary:
Ref T13366. Depends on D20721. Continue applying UI and policy updates to the last two Phortune objects.

Charges aren't mutable and Carts are already transactional, so this is less involved than prior changes.

Test Plan: Viewed various charge/order interfaces as merchants and account members.

Maniphest Tasks: T13366

Differential Revision: https://secure.phabricator.com/D20732

epriestley 6 years ago c93ac91d a542024b

+218 -172

16 changed files

expand all collapse all

src

__phutil_library_map__.php

applications

phortune

application

PhabricatorPhortuneApplication.php

controller

account

PhortuneAccountChargeListController.php

PhortuneAccountChargesController.php

PhortuneAccountController.php

PhortuneAccountOrderListController.php

PhortuneAccountPaymentMethodController.php

PhortuneAccountProfileController.php

PhortuneAccountSubscriptionViewController.php

charge

PhortuneChargeListController.php

query

PhortuneCartSearchEngine.php

PhortuneChargeSearchEngine.php

storage

PhortuneAccount.php

PhortuneCart.php

PhortuneCharge.php

PhortuneSubscription.php

+6 -2

src/__phutil_library_map__.php

reviewed

··· 5222 5222 'PhortuneAccountAddManagerController' => 'applications/phortune/controller/account/PhortuneAccountAddManagerController.php', 5223 5223 'PhortuneAccountBillingAddressTransaction' => 'applications/phortune/xaction/PhortuneAccountBillingAddressTransaction.php', 5224 5224 'PhortuneAccountBillingNameTransaction' => 'applications/phortune/xaction/PhortuneAccountBillingNameTransaction.php', 5225 5225 + 'PhortuneAccountChargeListController' => 'applications/phortune/controller/account/PhortuneAccountChargeListController.php', 5225 5226 'PhortuneAccountChargesController' => 'applications/phortune/controller/account/PhortuneAccountChargesController.php', 5226 5227 'PhortuneAccountController' => 'applications/phortune/controller/account/PhortuneAccountController.php', 5227 5228 'PhortuneAccountDetailsController' => 'applications/phortune/controller/account/PhortuneAccountDetailsController.php', ··· 5246 5247 'PhortuneAccountListController' => 'applications/phortune/controller/account/PhortuneAccountListController.php', 5247 5248 'PhortuneAccountManagersController' => 'applications/phortune/controller/account/PhortuneAccountManagersController.php', 5248 5249 'PhortuneAccountNameTransaction' => 'applications/phortune/xaction/PhortuneAccountNameTransaction.php', 5250 5250 + 'PhortuneAccountOrderListController' => 'applications/phortune/controller/account/PhortuneAccountOrderListController.php', 5249 5251 'PhortuneAccountOrdersController' => 'applications/phortune/controller/account/PhortuneAccountOrdersController.php', 5250 5252 'PhortuneAccountOverviewController' => 'applications/phortune/controller/account/PhortuneAccountOverviewController.php', 5251 5253 'PhortuneAccountPHIDType' => 'applications/phortune/phid/PhortuneAccountPHIDType.php', ··· 5279 5281 'PhortuneCartUpdateController' => 'applications/phortune/controller/cart/PhortuneCartUpdateController.php', 5280 5282 'PhortuneCartViewController' => 'applications/phortune/controller/cart/PhortuneCartViewController.php', 5281 5283 'PhortuneCharge' => 'applications/phortune/storage/PhortuneCharge.php', 5282 5282 - 'PhortuneChargeListController' => 'applications/phortune/controller/charge/PhortuneChargeListController.php', 5283 5284 'PhortuneChargePHIDType' => 'applications/phortune/phid/PhortuneChargePHIDType.php', 5284 5285 'PhortuneChargeQuery' => 'applications/phortune/query/PhortuneChargeQuery.php', 5285 5286 'PhortuneChargeSearchEngine' => 'applications/phortune/query/PhortuneChargeSearchEngine.php', ··· 11787 11788 'PhortuneAccountAddManagerController' => 'PhortuneAccountController', 11788 11789 'PhortuneAccountBillingAddressTransaction' => 'PhortuneAccountTransactionType', 11789 11790 'PhortuneAccountBillingNameTransaction' => 'PhortuneAccountTransactionType', 11791 11791 + 'PhortuneAccountChargeListController' => 'PhortuneAccountProfileController', 11790 11792 'PhortuneAccountChargesController' => 'PhortuneAccountProfileController', 11791 11793 'PhortuneAccountController' => 'PhortuneController', 11792 11794 'PhortuneAccountDetailsController' => 'PhortuneAccountProfileController', ··· 11816 11818 'PhortuneAccountListController' => 'PhortuneController', 11817 11819 'PhortuneAccountManagersController' => 'PhortuneAccountProfileController', 11818 11820 'PhortuneAccountNameTransaction' => 'PhortuneAccountTransactionType', 11821 11821 + 'PhortuneAccountOrderListController' => 'PhortuneAccountProfileController', 11819 11822 'PhortuneAccountOrdersController' => 'PhortuneAccountProfileController', 11820 11823 'PhortuneAccountOverviewController' => 'PhortuneAccountProfileController', 11821 11824 'PhortuneAccountPHIDType' => 'PhabricatorPHIDType', ··· 11836 11839 'PhortuneDAO', 11837 11840 'PhabricatorApplicationTransactionInterface', 11838 11841 'PhabricatorPolicyInterface', 11842 11842 + 'PhabricatorExtendedPolicyInterface', 11839 11843 ), 11840 11844 'PhortuneCartAcceptController' => 'PhortuneCartController', 11841 11845 'PhortuneCartCancelController' => 'PhortuneCartController', ··· 11855 11859 'PhortuneCharge' => array( 11856 11860 'PhortuneDAO', 11857 11861 'PhabricatorPolicyInterface', 11862 11862 + 'PhabricatorExtendedPolicyInterface', 11858 11863 ), 11859 11859 - 'PhortuneChargeListController' => 'PhortuneController', 11860 11864 'PhortuneChargePHIDType' => 'PhabricatorPHIDType', 11861 11865 'PhortuneChargeQuery' => 'PhabricatorCursorPagedPolicyAwareQuery', 11862 11866 'PhortuneChargeSearchEngine' => 'PhabricatorApplicationSearchEngine',

+16 -20

src/applications/phortune/application/PhabricatorPhortuneApplication.php

reviewed

··· 34 34 return array( 35 35 '/phortune/' => array( 36 36 '' => 'PhortuneLandingController', 37 37 - '(?P<accountID>\d+)/' => array( 38 38 - '' => 'PhortuneAccountOverviewController', 39 39 - 'card/' => array( 40 40 - 'new/' => 'PhortunePaymentMethodCreateController', 41 41 - ), 42 42 - 'subscription/' => array( 43 43 - '(?:query/(?P<queryKey>[^/]+)/)?' 44 44 - => 'PhortuneSubscriptionListController', 45 45 - 'view/(?P<id>\d+)/' 46 46 - => 'PhortuneAccountSubscriptionViewController', 47 47 - 'order/(?P<subscriptionID>\d+)/' 48 48 - => 'PhortuneCartListController', 49 49 - ), 50 50 - 'order/(?:query/(?P<queryKey>[^/]+)/)?' 51 51 - => 'PhortuneCartListController', 52 52 - 'charge/(?:query/(?P<queryKey>[^/]+)/)?' 53 53 - => 'PhortuneChargeListController', 54 54 - ), 55 37 'card/(?P<id>\d+)/' => array( 56 38 'edit/' => 'PhortunePaymentMethodEditController', 57 39 'disable/' => 'PhortunePaymentMethodDisableController', ··· 65 47 ), 66 48 'account/' => array( 67 49 '' => 'PhortuneAccountListController', 50 50 + 68 51 $this->getEditRoutePattern('edit/') 69 52 => 'PhortuneAccountEditController', 70 53 71 54 '(?P<accountID>\d+)/' => array( 55 55 + '' => 'PhortuneAccountOverviewController', 72 56 'details/' => 'PhortuneAccountDetailsController', 73 57 'methods/' => array( 74 58 '' => 'PhortuneAccountPaymentMethodController', 75 59 '(?P<id>\d+)/' => 'PhortuneAccountPaymentMethodViewController', 60 60 + 'new/' => 'PhortunePaymentMethodCreateController', 76 61 ), 77 77 - 'orders/' => 'PhortuneAccountOrdersController', 78 78 - 'charges/' => 'PhortuneAccountChargesController', 62 62 + 'orders/' => array( 63 63 + '' => 'PhortuneAccountOrdersController', 64 64 + $this->getQueryRoutePattern('list/') 65 65 + => 'PhortuneAccountOrderListController', 66 66 + ), 67 67 + 'charges/' => array( 68 68 + '' => 'PhortuneAccountChargesController', 69 69 + $this->getQueryRoutePattern('list/') 70 70 + => 'PhortuneAccountChargeListController', 71 71 + ), 79 72 'subscriptions/' => array( 80 73 '' => 'PhortuneAccountSubscriptionController', 81 74 '(?P<subscriptionID>\d+)/' => array( 75 75 + '' => 'PhortuneAccountSubscriptionViewController', 82 76 'autopay/(?P<methodID>\d+)/' 83 77 => 'PhortuneAccountSubscriptionAutopayController', 78 78 + $this->getQueryRoutePattern('orders/') 79 79 + => 'PhortuneAccountOrderListController', 84 80 ), 85 81 ), 86 82 'managers/' => array(

+35

src/applications/phortune/controller/account/PhortuneAccountChargeListController.php

reviewed

··· 1 1 + <?php 2 2 + 3 3 + final class PhortuneAccountChargeListController 4 4 + extends PhortuneAccountProfileController { 5 5 + 6 6 + protected function shouldRequireAccountEditCapability() { 7 7 + return false; 8 8 + } 9 9 + 10 10 + protected function handleAccountRequest(AphrontRequest $request) { 11 11 + $viewer = $request->getViewer(); 12 12 + $account = $this->getAccount(); 13 13 + 14 14 + return id(new PhortuneChargeSearchEngine()) 15 15 + ->setAccount($account) 16 16 + ->setController($this) 17 17 + ->buildResponse(); 18 18 + } 19 19 + 20 20 + protected function buildApplicationCrumbs() { 21 21 + $crumbs = parent::buildApplicationCrumbs(); 22 22 + 23 23 + if ($this->hasAccount()) { 24 24 + $account = $this->getAccount(); 25 25 + $id = $account->getID(); 26 26 + 27 27 + $crumbs->addTextCrumb( 28 28 + pht('Charges'), 29 29 + $account->getChargesURI()); 30 30 + } 31 31 + 32 32 + return $crumbs; 33 33 + } 34 34 + 35 35 + }

+1 -1

src/applications/phortune/controller/account/PhortuneAccountChargesController.php

reviewed

··· 56 56 57 57 $handles = $this->loadViewerHandles($phids); 58 58 59 59 - $charges_uri = $this->getApplicationURI($account->getID().'/charge/'); 59 59 + $charges_uri = $account->getChargeListURI(); 60 60 61 61 $table = id(new PhortuneChargeTableView()) 62 62 ->setUser($viewer)

+1 -1

src/applications/phortune/controller/account/PhortuneAccountController.php

reviewed

··· 23 23 abstract protected function shouldRequireAccountEditCapability(); 24 24 abstract protected function handleAccountRequest(AphrontRequest $request); 25 25 26 26 - private function hasAccount() { 26 26 + final protected function hasAccount() { 27 27 return (bool)$this->account; 28 28 } 29 29

+58

src/applications/phortune/controller/account/PhortuneAccountOrderListController.php

reviewed

··· 1 1 + <?php 2 2 + 3 3 + final class PhortuneAccountOrderListController 4 4 + extends PhortuneAccountProfileController { 5 5 + 6 6 + private $subscription; 7 7 + 8 8 + protected function shouldRequireAccountEditCapability() { 9 9 + return false; 10 10 + } 11 11 + 12 12 + protected function handleAccountRequest(AphrontRequest $request) { 13 13 + $viewer = $request->getViewer(); 14 14 + $account = $this->getAccount(); 15 15 + 16 16 + $engine = id(new PhortuneCartSearchEngine()) 17 17 + ->setController($this) 18 18 + ->setAccount($account); 19 19 + 20 20 + $subscription_id = $request->getURIData('subscriptionID'); 21 21 + if ($subscription_id) { 22 22 + $subscription = id(new PhortuneSubscriptionQuery()) 23 23 + ->setViewer($viewer) 24 24 + ->withIDs(array($subscription_id)) 25 25 + ->executeOne(); 26 26 + if (!$subscription) { 27 27 + return new Aphront404Response(); 28 28 + } 29 29 + 30 30 + $engine->setSubscription($subscription); 31 31 + $this->subscription = $subscription; 32 32 + } 33 33 + 34 34 + return $engine->buildResponse(); 35 35 + } 36 36 + 37 37 + protected function buildApplicationCrumbs() { 38 38 + $crumbs = parent::buildApplicationCrumbs(); 39 39 + 40 40 + $subscription = $this->subscription; 41 41 + if ($subscription) { 42 42 + $crumbs->addTextCrumb( 43 43 + $subscription->getObjectName(), 44 44 + $subscription->getURI()); 45 45 + } else if ($this->hasAccount()) { 46 46 + $account = $this->getAccount(); 47 47 + $id = $account->getID(); 48 48 + 49 49 + $crumbs->addTextCrumb( 50 50 + pht('Orders'), 51 51 + $account->getOrdersURI()); 52 52 + } 53 53 + 54 54 + return $crumbs; 55 55 + } 56 56 + 57 57 + 58 58 + }

+1 -1

src/applications/phortune/controller/account/PhortuneAccountPaymentMethodController.php

reviewed

··· 50 50 ->setTag('a') 51 51 ->setText(pht('Add Payment Method')) 52 52 ->setIcon('fa-plus') 53 53 - ->setHref($this->getApplicationURI("{$id}/card/new/")) 53 53 + ->setHref($this->getApplicationURI("account/{$id}/methods/new/")) 54 54 ->setDisabled(!$can_edit) 55 55 ->setWorkflow(!$can_edit); 56 56

+7 -11

src/applications/phortune/controller/account/PhortuneAccountProfileController.php

reviewed

··· 3 3 abstract class PhortuneAccountProfileController 4 4 extends PhortuneAccountController { 5 5 6 6 - public function buildApplicationMenu() { 7 7 - return $this->buildSideNavView()->getMenu(); 8 8 - } 9 9 - 10 6 protected function buildHeaderView() { 11 7 $viewer = $this->getViewer(); 12 8 $account = $this->getAccount(); ··· 44 40 $nav->addFilter( 45 41 'overview', 46 42 pht('Overview'), 47 47 - $this->getApplicationURI("/{$id}/"), 43 43 + $account->getURI(), 48 44 'fa-user-circle'); 49 45 50 46 $nav->newLink('details') ··· 59 55 $nav->addFilter( 60 56 'methods', 61 57 pht('Payment Methods'), 62 62 - $this->getApplicationURI("/account/{$id}/methods/"), 58 58 + $account->getPaymentMethodsURI(), 63 59 'fa-credit-card'); 64 60 65 61 $nav->addFilter( 66 62 'subscriptions', 67 63 pht('Subscriptions'), 68 68 - $this->getApplicationURI("/account/{$id}/subscriptions/"), 64 64 + $account->getSubscriptionsURI(), 69 65 'fa-retweet'); 70 66 71 67 $nav->addFilter( 72 68 'orders', 73 69 pht('Order History'), 74 74 - $this->getApplicationURI("/account/{$id}/orders/"), 70 70 + $account->getOrdersURI(), 75 71 'fa-shopping-bag'); 76 72 77 73 $nav->addFilter( 78 74 'charges', 79 75 pht('Charge History'), 80 80 - $this->getApplicationURI("/account/{$id}/charges/"), 76 76 + $account->getChargesURI(), 81 77 'fa-calculator'); 82 78 83 79 $nav->addLabel(pht('Personnel')); ··· 90 86 91 87 $nav->newLink('addresses') 92 88 ->setname(pht('Email Addresses')) 93 93 - ->setHref($this->getApplicationURI("/account/{$id}/addresses/")) 89 89 + ->setHref($account->getEmailAddressesURI()) 94 90 ->setIcon('fa-envelope-o') 95 91 ->setWorkflow(!$can_edit) 96 92 ->setDisabled(!$can_edit); ··· 130 126 } 131 127 $handles = $this->loadViewerHandles($phids); 132 128 133 133 - $orders_uri = $this->getApplicationURI($account->getID().'/order/'); 129 129 + $orders_uri = $account->getOrderListURI(); 134 130 135 131 $table = id(new PhortuneOrderTableView()) 136 132 ->setUser($viewer)

+2 -2

src/applications/phortune/controller/account/PhortuneAccountSubscriptionViewController.php

reviewed

··· 12 12 13 13 $subscription = id(new PhortuneSubscriptionQuery()) 14 14 ->setViewer($viewer) 15 15 - ->withIDs(array($request->getURIData('id'))) 15 15 + ->withIDs(array($request->getURIData('subscriptionID'))) 16 16 ->needTriggers(true) 17 17 ->executeOne(); 18 18 if (!$subscription) { ··· 179 179 $account = $subscription->getAccount(); 180 180 181 181 $add_method_uri = urisprintf( 182 182 - '/phortune/account/%d/card/new/?subscriptionID=%s', 182 182 + '/account/%d/methods/new/?subscriptionID=%s', 183 183 $account->getID(), 184 184 $subscription->getID()); 185 185 $add_method_uri = $this->getApplicationURI($add_method_uri);

-74

src/applications/phortune/controller/charge/PhortuneChargeListController.php

reviewed

··· 1 1 - <?php 2 2 - 3 3 - final class PhortuneChargeListController 4 4 - extends PhortuneController { 5 5 - 6 6 - private $account; 7 7 - 8 8 - public function handleRequest(AphrontRequest $request) { 9 9 - $viewer = $request->getViewer(); 10 10 - $querykey = $request->getURIData('queryKey'); 11 11 - $account_id = $request->getURIData('accountID'); 12 12 - 13 13 - $engine = new PhortuneChargeSearchEngine(); 14 14 - 15 15 - if ($account_id) { 16 16 - $account = id(new PhortuneAccountQuery()) 17 17 - ->setViewer($viewer) 18 18 - ->withIDs(array($account_id)) 19 19 - ->requireCapabilities( 20 20 - array( 21 21 - PhabricatorPolicyCapability::CAN_VIEW, 22 22 - PhabricatorPolicyCapability::CAN_EDIT, 23 23 - )) 24 24 - ->executeOne(); 25 25 - if (!$account) { 26 26 - return new Aphront404Response(); 27 27 - } 28 28 - $this->account = $account; 29 29 - $engine->setAccount($account); 30 30 - } else { 31 31 - return new Aphront404Response(); 32 32 - } 33 33 - 34 34 - $controller = id(new PhabricatorApplicationSearchController()) 35 35 - ->setQueryKey($querykey) 36 36 - ->setSearchEngine($engine) 37 37 - ->setNavigation($this->buildSideNavView()); 38 38 - 39 39 - return $this->delegateToController($controller); 40 40 - } 41 41 - 42 42 - public function buildSideNavView() { 43 43 - $viewer = $this->getViewer(); 44 44 - 45 45 - $nav = new AphrontSideNavFilterView(); 46 46 - $nav->setBaseURI(new PhutilURI($this->getApplicationURI())); 47 47 - 48 48 - id(new PhortuneChargeSearchEngine()) 49 49 - ->setViewer($viewer) 50 50 - ->addNavigationItems($nav->getMenu()); 51 51 - 52 52 - $nav->selectFilter(null); 53 53 - 54 54 - return $nav; 55 55 - } 56 56 - 57 57 - protected function buildApplicationCrumbs() { 58 58 - $crumbs = parent::buildApplicationCrumbs(); 59 59 - 60 60 - $account = $this->account; 61 61 - if ($account) { 62 62 - $id = $account->getID(); 63 63 - $crumbs->addTextCrumb( 64 64 - $account->getName(), 65 65 - $this->getApplicationURI("{$id}/")); 66 66 - $crumbs->addTextCrumb( 67 67 - pht('Charges'), 68 68 - $this->getApplicationURI("{$id}/charge/")); 69 69 - } 70 70 - 71 71 - return $crumbs; 72 72 - } 73 73 - 74 74 - }

+1 -19

src/applications/phortune/query/PhortuneCartSearchEngine.php

reviewed

··· 62 62 $merchant = $this->getMerchant(); 63 63 $account = $this->getAccount(); 64 64 if ($merchant) { 65 65 - $can_edit = PhabricatorPolicyFilter::hasCapability( 66 66 - $viewer, 67 67 - $merchant, 68 68 - PhabricatorPolicyCapability::CAN_EDIT); 69 69 - if (!$can_edit) { 70 70 - throw new Exception( 71 71 - pht('You can not query orders for a merchant you do not control.')); 72 72 - } 73 65 $query->withMerchantPHIDs(array($merchant->getPHID())); 74 66 } else if ($account) { 75 75 - $can_edit = PhabricatorPolicyFilter::hasCapability( 76 76 - $viewer, 77 77 - $account, 78 78 - PhabricatorPolicyCapability::CAN_EDIT); 79 79 - if (!$can_edit) { 80 80 - throw new Exception( 81 81 - pht( 82 82 - 'You can not query orders for an account you are not '. 83 83 - 'a member of.')); 84 84 - } 85 67 $query->withAccountPHIDs(array($account->getPHID())); 86 68 } else { 87 69 $accounts = id(new PhortuneAccountQuery()) ··· 125 107 if ($merchant) { 126 108 return '/phortune/merchant/orders/'.$merchant->getID().'/'.$path; 127 109 } else if ($account) { 128 128 - return '/phortune/'.$account->getID().'/order/'.$path; 110 110 + return $account->getOrderListURI($path); 129 111 } else { 130 112 return '/phortune/order/'.$path; 131 113 }

-10

src/applications/phortune/query/PhortuneChargeSearchEngine.php

reviewed

··· 40 40 41 41 $account = $this->getAccount(); 42 42 if ($account) { 43 43 - $can_edit = PhabricatorPolicyFilter::hasCapability( 44 44 - $viewer, 45 45 - $account, 46 46 - PhabricatorPolicyCapability::CAN_EDIT); 47 47 - if (!$can_edit) { 48 48 - throw new Exception( 49 49 - pht( 50 50 - 'You can not query charges for an account you are not '. 51 51 - 'a member of.')); 52 52 - } 53 43 $query->withAccountPHIDs(array($account->getPHID())); 54 44 } else { 55 45 $accounts = id(new PhortuneAccountQuery())

+35 -1

src/applications/phortune/storage/PhortuneAccount.php

reviewed

··· 102 102 } 103 103 104 104 public function getURI() { 105 105 - return '/phortune/'.$this->getID().'/'; 105 105 + return urisprintf( 106 106 + '/phortune/account/%d/', 107 107 + $this->getID()); 106 108 } 107 109 108 110 public function getDetailsURI() { ··· 111 113 $this->getID()); 112 114 } 113 115 116 116 + public function getOrdersURI() { 117 117 + return urisprintf( 118 118 + '/phortune/account/%d/orders/', 119 119 + $this->getID()); 120 120 + } 121 121 + 122 122 + public function getOrderListURI($path = '') { 123 123 + return urisprintf( 124 124 + '/phortune/account/%d/orders/list/%s', 125 125 + $this->getID(), 126 126 + $path); 127 127 + } 128 128 + 129 129 + public function getSubscriptionsURI() { 130 130 + return urisprintf( 131 131 + '/phortune/account/%d/subscriptions/', 132 132 + $this->getID()); 133 133 + } 134 134 + 114 135 public function getEmailAddressesURI() { 115 136 return urisprintf( 116 137 '/phortune/account/%d/addresses/', ··· 121 142 return urisprintf( 122 143 '/phortune/account/%d/methods/', 123 144 $this->getID()); 145 145 + } 146 146 + 147 147 + public function getChargesURI() { 148 148 + return urisprintf( 149 149 + '/phortune/account/%d/charges/', 150 150 + $this->getID()); 151 151 + } 152 152 + 153 153 + public function getChargeListURI($path = '') { 154 154 + return urisprintf( 155 155 + '/phortune/account/%d/charges/list/%s', 156 156 + $this->getID(), 157 157 + $path); 124 158 } 125 159 126 160 public function attachMerchantPHIDs(array $merchant_phids) {

+21 -21

src/applications/phortune/storage/PhortuneCart.php

reviewed

··· 3 3 final class PhortuneCart extends PhortuneDAO 4 4 implements 5 5 PhabricatorApplicationTransactionInterface, 6 6 - PhabricatorPolicyInterface { 6 6 + PhabricatorPolicyInterface, 7 7 + PhabricatorExtendedPolicyInterface { 7 8 8 9 const STATUS_BUILDING = 'cart:building'; 9 10 const STATUS_READY = 'cart:ready'; ··· 652 653 } 653 654 654 655 public function getPolicy($capability) { 655 655 - // NOTE: Both view and edit use the account's edit policy. We punch a hole 656 656 - // through this for merchants, below. 657 657 - return $this 658 658 - ->getAccount() 659 659 - ->getPolicy(PhabricatorPolicyCapability::CAN_EDIT); 656 656 + return PhabricatorPolicies::getMostOpenPolicy(); 660 657 } 661 658 662 659 public function hasAutomaticCapability($capability, PhabricatorUser $viewer) { 663 663 - if ($this->getAccount()->hasAutomaticCapability($capability, $viewer)) { 664 664 - return true; 665 665 - } 666 666 - 667 667 - // If the viewer controls the merchant this order was placed with, they 668 668 - // can view the order. 669 669 - if ($capability == PhabricatorPolicyCapability::CAN_VIEW) { 670 670 - $can_admin = PhabricatorPolicyFilter::hasCapability( 671 671 - $viewer, 672 672 - $this->getMerchant(), 673 673 - PhabricatorPolicyCapability::CAN_EDIT); 674 674 - if ($can_admin) { 660 660 + if ($capability === PhabricatorPolicyCapability::CAN_VIEW) { 661 661 + $any_edit = PhortuneMerchantQuery::canViewersEditMerchants( 662 662 + array($viewer->getPHID()), 663 663 + array($this->getMerchantPHID())); 664 664 + if ($any_edit) { 675 665 return true; 676 666 } 677 667 } ··· 679 669 return false; 680 670 } 681 671 682 682 - public function describeAutomaticCapability($capability) { 672 672 + 673 673 + /* -( PhabricatorExtendedPolicyInterface )--------------------------------- */ 674 674 + 675 675 + 676 676 + public function getExtendedPolicy($capability, PhabricatorUser $viewer) { 677 677 + if ($this->hasAutomaticCapability($capability, $viewer)) { 678 678 + return array(); 679 679 + } 680 680 + 683 681 return array( 684 684 - pht('Orders inherit the policies of the associated account.'), 685 685 - pht('The merchant you placed an order with can review and manage it.'), 682 682 + array( 683 683 + $this->getAccount(), 684 684 + PhabricatorPolicyCapability::CAN_EDIT, 685 685 + ), 686 686 ); 687 687 } 688 688

+30 -5

src/applications/phortune/storage/PhortuneCharge.php

reviewed

··· 7 7 * charge followed by a successful charge. 8 8 */ 9 9 final class PhortuneCharge extends PhortuneDAO 10 10 - implements PhabricatorPolicyInterface { 10 10 + implements 11 11 + PhabricatorPolicyInterface, 12 12 + PhabricatorExtendedPolicyInterface { 11 13 12 14 const STATUS_CHARGING = 'charge:charging'; 13 15 const STATUS_CHARGED = 'charge:charged'; ··· 162 164 public function getCapabilities() { 163 165 return array( 164 166 PhabricatorPolicyCapability::CAN_VIEW, 167 167 + PhabricatorPolicyCapability::CAN_EDIT, 165 168 ); 166 169 } 167 170 168 171 public function getPolicy($capability) { 169 169 - return $this->getAccount()->getPolicy($capability); 172 172 + return PhabricatorPolicies::getMostOpenPolicy(); 170 173 } 171 174 172 175 public function hasAutomaticCapability($capability, PhabricatorUser $viewer) { 173 173 - return $this->getAccount()->hasAutomaticCapability($capability, $viewer); 176 176 + if ($capability === PhabricatorPolicyCapability::CAN_VIEW) { 177 177 + $any_edit = PhortuneMerchantQuery::canViewersEditMerchants( 178 178 + array($viewer->getPHID()), 179 179 + array($this->getMerchantPHID())); 180 180 + if ($any_edit) { 181 181 + return true; 182 182 + } 183 183 + } 184 184 + 185 185 + return false; 174 186 } 175 187 176 176 - public function describeAutomaticCapability($capability) { 177 177 - return pht('Charges inherit the policies of the associated account.'); 188 188 + 189 189 + /* -( PhabricatorExtendedPolicyInterface )--------------------------------- */ 190 190 + 191 191 + 192 192 + public function getExtendedPolicy($capability, PhabricatorUser $viewer) { 193 193 + if ($this->hasAutomaticCapability($capability, $viewer)) { 194 194 + return array(); 195 195 + } 196 196 + 197 197 + return array( 198 198 + array( 199 199 + $this->getAccount(), 200 200 + PhabricatorPolicyCapability::CAN_EDIT, 201 201 + ), 202 202 + ); 178 203 } 179 204 180 205 }

+4 -4

src/applications/phortune/storage/PhortuneSubscription.php

reviewed

··· 189 189 } 190 190 191 191 public function getURI() { 192 192 - $account_id = $this->getAccount()->getID(); 193 193 - $id = $this->getID(); 194 194 - 195 195 - return "/phortune/{$account_id}/subscription/view/{$id}/"; 192 192 + return urisprintf( 193 193 + '/phortune/account/%d/subscriptions/%d/', 194 194 + $this->getAccount()->getID(), 195 195 + $this->getID()); 196 196 } 197 197 198 198 public function getEditURI() {