@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Allow "Default View" policies to be set to Public
Summary: Ref T603. Currently, we hard-code defense against setting policies to "Public" in several places, and special case only the CAN_VIEW policy. In fact, other policies (like Default View) should also be able to be set to public. Instead of hard-coding this, move it to the capability definitions.
Test Plan: Set default view policy in Maniphest to "Public", created a task, verified default policy.
Reviewers: btrahan, asherkin
Reviewed By: asherkin
CC: asherkin, aran
Maniphest Tasks: T603
Differential Revision: https://secure.phabricator.com/D7276
+36
-10
+4
src/applications/differential/capability/DifferentialCapabilityDefaultView.php
+4
src/applications/differential/capability/DifferentialCapabilityDefaultView.php
+4
src/applications/maniphest/capability/ManiphestCapabilityDefaultView.php
+4
src/applications/maniphest/capability/ManiphestCapabilityDefaultView.php
+3
-3
src/applications/meta/controller/PhabricatorApplicationEditController.php
+3
-3
src/applications/meta/controller/PhabricatorApplicationEditController.php
···
51
51
continue;
52
52
}
53
53
54
-
if ($new == PhabricatorPolicies::POLICY_PUBLIC &&
55
-
$capability != PhabricatorPolicyCapability::CAN_VIEW) {
56
-
// Can't set policies other than "view" to public.
54
+
$capobj = PhabricatorPolicyCapability::getCapabilityByKey($capability);
55
+
if (!$capobj || !$capobj->shouldAllowPublicPolicySetting()) {
56
+
// Can't set non-public policies to public.
57
57
continue;
58
58
}
59
59
+9
src/applications/policy/capability/PhabricatorPolicyCapability.php
+9
src/applications/policy/capability/PhabricatorPolicyCapability.php
···
40
40
return null;
41
41
}
42
42
43
+
/**
44
+
* Can this capability be set to "public"? Broadly, this is only appropriate
45
+
* for view and view-related policies.
46
+
*
47
+
* @return bool True to allow the "public" policy. Returns false by default.
48
+
*/
49
+
public function shouldAllowPublicPolicySetting() {
50
+
return false;
51
+
}
43
52
44
53
final public static function getCapabilityByKey($key) {
45
54
return idx(self::getCapabilityMap(), $key);
+4
src/applications/policy/capability/PhabricatorPolicyCapabilityCanView.php
+4
src/applications/policy/capability/PhabricatorPolicyCapabilityCanView.php
+4
-3
src/applications/policy/filter/PhabricatorPolicyFilter.php
+4
-3
src/applications/policy/filter/PhabricatorPolicyFilter.php
···
173
173
$policy = PhabricatorPolicies::POLICY_USER;
174
174
}
175
175
176
-
// If the object is set to "public" but the capability is anything other
177
-
// than "view", restrict the policy to "user".
178
-
if ($capability != PhabricatorPolicyCapability::CAN_VIEW) {
176
+
// If the object is set to "public" but the capability is not a public
177
+
// capability, restrict the policy to "user".
178
+
$capobj = PhabricatorPolicyCapability::getCapabilityByKey($capability);
179
+
if (!$capobj || !$capobj->shouldAllowPublicPolicySetting()) {
179
180
$policy = PhabricatorPolicies::POLICY_USER;
180
181
}
181
182
}
+8
-4
src/view/form/control/AphrontFormPolicyControl.php
+8
-4
src/view/form/control/AphrontFormPolicyControl.php
···
36
36
}
37
37
38
38
protected function getOptions() {
39
+
$capability = $this->capability;
40
+
39
41
$options = array();
40
42
foreach ($this->policies as $policy) {
41
-
if (($policy->getPHID() == PhabricatorPolicies::POLICY_PUBLIC) &&
42
-
($this->capability != PhabricatorPolicyCapability::CAN_VIEW)) {
43
-
// Never expose "Public" for anything except "Can View".
44
-
continue;
43
+
if ($policy->getPHID() == PhabricatorPolicies::POLICY_PUBLIC) {
44
+
// Never expose "Public" for capabilities which don't support it.
45
+
$capobj = PhabricatorPolicyCapability::getCapabilityByKey($capability);
46
+
if (!$capobj || !$capobj->shouldAllowPublicPolicySetting()) {
47
+
continue;
48
+
}
45
49
}
46
50
47
51
$type_name = PhabricatorPolicyType::getPolicyTypeName($policy->getType());