Page MenuHomePhabricator
Differential D14444

Remove Join Policy from Phame
ClosedPublic
Actions

Authored by chad on Nov 9 2015, 4:16 AM.
Tags
None
Referenced Files
F14054628: D14444.diff
Sat, Nov 16, 3:33 AM
F14043634: D14444.diff
Tue, Nov 12, 11:50 AM
F14029310: D14444.id34914.diff
Fri, Nov 8, 8:25 PM
F14029309: D14444.id34910.diff
Fri, Nov 8, 8:25 PM
F14029308: D14444.id.diff
Fri, Nov 8, 8:25 PM
F14029307: D14444.diff
Fri, Nov 8, 8:25 PM
F14025663: D14444.diff
Thu, Nov 7, 7:29 PM
F13991091: D14444.diff
Tue, Oct 22, 8:43 AM
View All Files
Subscribers
Korvin

Details

Reviewers
epriestley
Maniphest Tasks
T5371: Allow other people to view and edit unpublished Phame blogs
Commits
Restricted Diffusion Commit
rPdf23d893f7ca: Remove Join Policy from Phame
Summary

Drops Join Policy, uses Edit Policy where needed. Allows anyone with Blog Edit permissions to post and edit any post on that blog. Fixes T5371

Test Plan

Draft Post as chad, see post, log in with notchad, edit that post and publish it.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

chad updated this revision to Diff 34910.Nov 9 2015, 4:16 AM
chad retitled this revision from to Remove Join Policy from Phame.
chad updated this object.
chad edited the test plan for this revision. (Show Details)
chad added a reviewer: epriestley.
Herald added a subscriber: Korvin. · View Herald TranscriptNov 9 2015, 4:16 AM
chad updated this object.Nov 9 2015, 4:19 AM
chad added a task: T5371: Allow other people to view and edit unpublished Phame blogs.
epriestley accepted this revision.Nov 9 2015, 3:12 PM
epriestley edited edge metadata.

Cool, I think this is a good simplification. It's also easy for us to add a separate policy back later if we need it, but harder to remove this policy once we unprototype.

src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php
75–78

You should also require CAN_VIEW here.

src/applications/phame/storage/PhamePost.php
197–212

At some point in the future we should make sure getBlog() always exists (I think this is an artifact of an earlier time when a post could belong to multiple blogs) and clean this up, but it's fine for now.

This revision is now accepted and ready to land.Nov 9 2015, 3:12 PM
Closed by commit rPdf23d893f7ca: Remove Join Policy from Phame (authored by chad, committed by chad). · Explain WhyNov 9 2015, 4:53 PM
This revision was automatically updated to reflect the committed changes.
chad marked 2 inline comments as done.
epriestley mentioned this in T12900: Phame blog draft posts are visible to users who can edit the blog, but the UI states that they are visible to only authors.Jul 5 2017, 4:47 PM

Revision Contents
Changeset List

PathSize
resources/
sql/
autopatches/
2 lines
src/
applications/
phame/
conduit/
3 lines
controller/
blog/
13 lines
13 lines
post/
2 lines
6 lines
2 lines
editor/
1 line
storage/
23 lines
13 lines

Diff 34914

View Options

resources/sql/autopatches/20151108.phame.blog.joinpolicy.sql

Loading...
View Options

src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php

Loading...
View Options

src/applications/phame/controller/blog/PhameBlogEditController.php

Loading...
View Options

src/applications/phame/controller/blog/PhameBlogViewController.php

Loading...
View Options

src/applications/phame/controller/post/PhamePostEditController.php

Loading...
View Options

src/applications/phame/controller/post/PhamePostNewController.php

Loading...
View Options

src/applications/phame/controller/post/PhamePostViewController.php

Loading...
View Options

src/applications/phame/editor/PhameBlogEditor.php

Loading...
View Options

src/applications/phame/storage/PhameBlog.php

Loading...
View Options

src/applications/phame/storage/PhamePost.php

Loading...
Phabricator · Built by Phacility