recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Improve subproject/milestone error handling for users who can't create projects

Summary:
Fixes T10357.

- Show a better (more descriptive) error message when a user who can't create projects tries to create a subproject or milestone.
- Disable the subproject actions if you don't have create permission.

All this stuff was already enforced properly: this diff doesn't make any actual policy changes, just improves the UI for users who lack permission.

Test Plan:
- As an unprivileged user (no "Can Create Projects"), tried to create a subproject or milestone.
- After patch, got a disabled action, with more specific and helpful error than before.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10357

Differential Revision: https://secure.phabricator.com/D15274

epriestley f1f8ee8e 76ea6781

+10 -2
+5
src/applications/project/controller/PhabricatorProjectEditController.php
··· 24 24 25 25 $id = $request->getURIData('id'); 26 26 if (!$id) { 27 + // This capability is checked again later, but checking it here 28 + // explicitly gives us a better error message. 29 + $this->requireApplicationCapability( 30 + ProjectCreateProjectsCapability::CAPABILITY); 31 + 27 32 $parent_id = head($request->getArr('parent')); 28 33 if (!$parent_id) { 29 34 $parent_id = $request->getStr('parent');
+5 -2
src/applications/project/controller/PhabricatorProjectSubprojectsController.php
··· 181 181 $viewer = $this->getViewer(); 182 182 $id = $project->getID(); 183 183 184 + $can_create = $this->hasApplicationCapability( 185 + ProjectCreateProjectsCapability::CAPABILITY); 186 + 184 187 $can_edit = PhabricatorPolicyFilter::hasCapability( 185 188 $viewer, 186 189 $project, ··· 198 201 $milestone_text = pht('Create Milestone'); 199 202 } 200 203 201 - $can_milestone = ($can_edit && $allows_milestones); 204 + $can_milestone = ($can_create && $can_edit && $allows_milestones); 202 205 $milestone_href = "/project/edit/?milestone={$id}"; 203 206 204 207 $view->addAction( ··· 209 212 ->setDisabled(!$can_milestone) 210 213 ->setWorkflow(!$can_milestone)); 211 214 212 - $can_subproject = ($can_edit && $allows_subprojects); 215 + $can_subproject = ($can_create && $can_edit && $allows_subprojects); 213 216 214 217 // If we're offering to create the first subproject, we're going to warn 215 218 // the user about the effects before moving forward.