@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
Don't skip policy checks on ObjectQuery if special capabilities are required
Summary: Ref T6741. As an optimization, we omit policy checks on ObjectQuery, but need to retain them if the query requests non-view permissions. This primarily affected Almanac properties.
Test Plan: Almanac properties now do full policy checks on ObjectQuery loads.
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Maniphest Tasks: T6741
Differential Revision: https://secure.phabricator.com/D11005
+10
-4
+10
-4
src/applications/phid/query/PhabricatorObjectQuery.php
+10
-4
src/applications/phid/query/PhabricatorObjectQuery.php
···
144
144
}
145
145
146
146
/**
147
-
* This query disables policy filtering because it is performed in the
148
-
* subqueries which actually load objects. We don't need to re-filter
149
-
* results, since policies have already been applied.
147
+
* This query disables policy filtering if the only required capability is
148
+
* the view capability.
149
+
*
150
+
* The view capability is always checked in the subqueries, so we do not need
151
+
* to re-filter results. For any other set of required capabilities, we do.
150
152
*/
151
153
protected function shouldDisablePolicyFiltering() {
152
-
return true;
154
+
$view_capability = PhabricatorPolicyCapability::CAN_VIEW;
155
+
if ($this->getRequiredCapabilities() === array($view_capability)) {
156
+
return true;
157
+
}
158
+
return false;
153
159
}
154
160
155
161
public function getQueryApplicationClass() {