Fixes T11193. Assume this is the correct place to check for permissions before attaching edges.
- Maniphest Tasks
- T11193: UI: The wrong options are greyed out.
- rP83c470123151: Check CAN_VIEW and CAN_EDIT at SearchAttachController
Create a task and set edit policy to Admins, log into test account. Try to Edit Subtasks, Merge Duplicates, Attach a Diff, or Attach a Mock, get a Policy Dialog explaing why.
I think this is the right rule. It does create this sort of weird outcome when you can only edit one of the objects at the ends of a relationship. For example, if you can edit task X but not revision Y, you can edit the relationship between them from the task page but not the revision page.
I think this is actually reasonable/consistent/desirable and aligns with expectations, though, at least for "X is related to Y".
For "merge", we probably want to require that you be able to edit both tasks, but all of this is likely getting modularized/refreshed shortly anyway.