+2

resources/sql/autopatches/20151108.phame.blog.joinpolicy.sql

reviewed

··· 1 1 + ALTER TABLE {$NAMESPACE}_phame.phame_blog 2 2 + DROP joinPolicy;

+2 -1

src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php

reviewed

··· 73 73 ->withPHIDs(array($blog_phid)) 74 74 ->requireCapabilities( 75 75 array( 76 76 - PhabricatorPolicyCapability::CAN_JOIN, 76 76 + PhabricatorPolicyCapability::CAN_VIEW, 77 77 + PhabricatorPolicyCapability::CAN_EDIT, 77 78 )) 78 79 ->executeOne(); 79 80

-13

src/applications/phame/controller/blog/PhameBlogEditController.php

reviewed

··· 49 49 $skin = $blog->getSkin(); 50 50 $can_view = $blog->getViewPolicy(); 51 51 $can_edit = $blog->getEditPolicy(); 52 52 - $can_join = $blog->getJoinPolicy(); 53 52 54 53 $e_name = true; 55 54 $e_custom_domain = null; ··· 62 61 $skin = $request->getStr('skin'); 63 62 $can_view = $request->getStr('can_view'); 64 63 $can_edit = $request->getStr('can_edit'); 65 65 - $can_join = $request->getStr('can_join'); 66 64 $v_projects = $request->getArr('projects'); 67 65 $v_cc = $request->getArr('cc'); 68 66 ··· 85 83 id(new PhameBlogTransaction()) 86 84 ->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY) 87 85 ->setNewValue($can_edit), 88 88 - id(new PhameBlogTransaction()) 89 89 - ->setTransactionType(PhabricatorTransactions::TYPE_JOIN_POLICY) 90 90 - ->setNewValue($can_join), 91 86 id(new PhameBlogTransaction()) 92 87 ->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS) 93 88 ->setNewValue(array('=' => $v_cc)), ··· 170 165 ->setPolicies($policies) 171 166 ->setValue($can_edit) 172 167 ->setName('can_edit')) 173 173 - ->appendChild( 174 174 - id(new AphrontFormPolicyControl()) 175 175 - ->setUser($viewer) 176 176 - ->setCapability(PhabricatorPolicyCapability::CAN_JOIN) 177 177 - ->setPolicyObject($blog) 178 178 - ->setPolicies($policies) 179 179 - ->setValue($can_join) 180 180 - ->setName('can_join')) 181 168 ->appendControl( 182 169 id(new AphrontFormTokenizerControl()) 183 170 ->setLabel(pht('Projects'))

+2 -11

src/applications/phame/controller/blog/PhameBlogViewController.php

reviewed

··· 100 100 pht('Editable By'), 101 101 $descriptions[PhabricatorPolicyCapability::CAN_EDIT]); 102 102 103 103 - $properties->addProperty( 104 104 - pht('Joinable By'), 105 105 - $descriptions[PhabricatorPolicyCapability::CAN_JOIN]); 106 106 - 107 103 $engine = id(new PhabricatorMarkupEngine()) 108 104 ->setViewer($viewer) 109 105 ->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION) ··· 136 132 $blog, 137 133 PhabricatorPolicyCapability::CAN_EDIT); 138 134 139 139 - $can_join = PhabricatorPolicyFilter::hasCapability( 140 140 - $viewer, 141 141 - $blog, 142 142 - PhabricatorPolicyCapability::CAN_JOIN); 143 143 - 144 135 $actions->addAction( 145 136 id(new PhabricatorActionView()) 146 137 ->setIcon('fa-plus') 147 138 ->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID())) 148 139 ->setName(pht('Write Post')) 149 149 - ->setDisabled(!$can_join) 150 150 - ->setWorkflow(!$can_join)); 140 140 + ->setDisabled(!$can_edit) 141 141 + ->setWorkflow(!$can_edit)); 151 142 152 143 $actions->addAction( 153 144 id(new PhabricatorActionView())

+1 -1

src/applications/phame/controller/post/PhamePostEditController.php

reviewed

··· 36 36 ->requireCapabilities( 37 37 array( 38 38 PhabricatorPolicyCapability::CAN_VIEW, 39 39 - PhabricatorPolicyCapability::CAN_JOIN, 39 39 + PhabricatorPolicyCapability::CAN_EDIT, 40 40 )) 41 41 ->executeOne(); 42 42 if (!$blog) {

+3 -3

src/applications/phame/controller/post/PhamePostNewController.php

reviewed

··· 30 30 ->withIDs(array($request->getInt('blog'))) 31 31 ->requireCapabilities( 32 32 array( 33 33 - PhabricatorPolicyCapability::CAN_JOIN, 33 33 + PhabricatorPolicyCapability::CAN_EDIT, 34 34 )) 35 35 ->executeOne(); 36 36 ··· 52 52 ->setViewer($viewer) 53 53 ->requireCapabilities( 54 54 array( 55 55 - PhabricatorPolicyCapability::CAN_JOIN, 55 55 + PhabricatorPolicyCapability::CAN_EDIT, 56 56 )) 57 57 ->execute(); 58 58 ··· 65 65 $notification = id(new PHUIInfoView()) 66 66 ->setSeverity(PHUIInfoView::SEVERITY_NODATA) 67 67 ->appendChild( 68 68 - pht('You do not have permission to join any blogs. Create a blog '. 68 68 + pht('You do not have permission to post to any blogs. Create a blog '. 69 69 'first, then you can post to it.')); 70 70 71 71 } else {

+2

src/applications/phame/controller/post/PhamePostViewController.php

reviewed

··· 123 123 id(new PhabricatorActionView()) 124 124 ->setIcon('fa-eye') 125 125 ->setHref($this->getApplicationURI('post/publish/'.$id.'/')) 126 126 + ->setDisabled(!$can_edit) 126 127 ->setName(pht('Preview / Publish'))); 127 128 } else { 128 129 $actions->addAction( ··· 130 131 ->setIcon('fa-eye-slash') 131 132 ->setHref($this->getApplicationURI('post/unpublish/'.$id.'/')) 132 133 ->setName(pht('Unpublish')) 134 134 + ->setDisabled(!$can_edit) 133 135 ->setWorkflow(true)); 134 136 } 135 137

-1

src/applications/phame/editor/PhameBlogEditor.php

reviewed

··· 20 20 $types[] = PhameBlogTransaction::TYPE_SKIN; 21 21 $types[] = PhabricatorTransactions::TYPE_VIEW_POLICY; 22 22 $types[] = PhabricatorTransactions::TYPE_EDIT_POLICY; 23 23 - $types[] = PhabricatorTransactions::TYPE_JOIN_POLICY; 24 23 25 24 return $types; 26 25 }

+2 -21

src/applications/phame/storage/PhameBlog.php

reviewed

··· 20 20 protected $creatorPHID; 21 21 protected $viewPolicy; 22 22 protected $editPolicy; 23 23 - protected $joinPolicy; 24 23 protected $mailKey; 25 24 26 25 private static $requestBlog; ··· 39 38 40 39 // T6203/NULLABILITY 41 40 // These policies should always be non-null. 42 42 - 'joinPolicy' => 'policy?', 43 41 'editPolicy' => 'policy?', 44 42 'viewPolicy' => 'policy?', 45 43 ), ··· 73 71 $blog = id(new PhameBlog()) 74 72 ->setCreatorPHID($actor->getPHID()) 75 73 ->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy()) 76 76 - ->setEditPolicy(PhabricatorPolicies::POLICY_USER) 77 77 - ->setJoinPolicy(PhabricatorPolicies::POLICY_USER); 74 74 + ->setEditPolicy(PhabricatorPolicies::POLICY_USER); 78 75 return $blog; 79 76 } 80 77 ··· 236 233 return array( 237 234 PhabricatorPolicyCapability::CAN_VIEW, 238 235 PhabricatorPolicyCapability::CAN_EDIT, 239 239 - PhabricatorPolicyCapability::CAN_JOIN, 240 236 ); 241 237 } 242 238 ··· 247 243 return $this->getViewPolicy(); 248 244 case PhabricatorPolicyCapability::CAN_EDIT: 249 245 return $this->getEditPolicy(); 250 250 - case PhabricatorPolicyCapability::CAN_JOIN: 251 251 - return $this->getJoinPolicy(); 252 246 } 253 247 } 254 248 255 249 public function hasAutomaticCapability($capability, PhabricatorUser $user) { 256 250 $can_edit = PhabricatorPolicyCapability::CAN_EDIT; 257 257 - $can_join = PhabricatorPolicyCapability::CAN_JOIN; 258 251 259 252 switch ($capability) { 260 253 case PhabricatorPolicyCapability::CAN_VIEW: ··· 262 255 if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) { 263 256 return true; 264 257 } 265 265 - if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_join)) { 266 266 - return true; 267 267 - } 268 268 - break; 269 269 - case PhabricatorPolicyCapability::CAN_JOIN: 270 270 - // Users who can edit a blog can always post to it. 271 271 - if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) { 272 272 - return true; 273 273 - } 274 258 break; 275 259 } 276 260 ··· 282 266 switch ($capability) { 283 267 case PhabricatorPolicyCapability::CAN_VIEW: 284 268 return pht( 285 285 - 'Users who can edit or post on a blog can always view it.'); 286 286 - case PhabricatorPolicyCapability::CAN_JOIN: 287 287 - return pht( 288 288 - 'Users who can edit a blog can always post on it.'); 269 269 + 'Users who can edit a blog can always view it.'); 289 270 } 290 271 291 272 return null;

+8 -5

src/applications/phame/storage/PhamePost.php

reviewed

··· 198 198 case PhabricatorPolicyCapability::CAN_VIEW: 199 199 if (!$this->isDraft() && $this->getBlog()) { 200 200 return $this->getBlog()->getViewPolicy(); 201 201 + } else if ($this->getBlog()) { 202 202 + return $this->getBlog()->getEditPolicy(); 203 203 + } 204 204 + break; 205 205 + case PhabricatorPolicyCapability::CAN_EDIT: 206 206 + if ($this->getBlog()) { 207 207 + return $this->getBlog()->getEditPolicy(); 201 208 } else { 202 209 return PhabricatorPolicies::POLICY_NOONE; 203 210 } 204 204 - break; 205 205 - case PhabricatorPolicyCapability::CAN_EDIT: 206 206 - return PhabricatorPolicies::POLICY_NOONE; 207 211 } 208 212 } 209 213 210 214 public function hasAutomaticCapability($capability, PhabricatorUser $user) { 211 211 - // A blog post's author can always view it, and is the only user allowed 212 212 - // to edit it. 215 215 + // A blog post's author can always view it. 213 216 214 217 switch ($capability) { 215 218 case PhabricatorPolicyCapability::CAN_VIEW: