Page MenuHomePhabricator
Differential D17485

Make "Can Interact" and logged-out users interact more gracefully
ClosedPublic
Actions

Authored by epriestley on Mar 9 2017, 4:46 PM.
Tags
None
Referenced Files
F19789155: D17485.id42048.diff
Feb 25 2026, 5:22 PM
F19706056: D17485.id42047.diff
Feb 11 2026, 9:02 AM
F19703821: D17485.diff
Feb 11 2026, 2:55 AM
F19703820: D17485.diff
Feb 11 2026, 2:55 AM
F19565026: D17485.id42048.diff
Jan 31 2026, 5:25 PM
F19512746: D17485.id42047.diff
Jan 13 2026, 1:57 AM
F19054601: D17485.id.diff
Nov 28 2025, 1:50 PM
F18992207: D17485.diff
Nov 19 2025, 1:23 AM
View All Files
Subscribers
None

Details

Reviewers
chad
Maniphest Tasks
T12378: "This task has been locked" on all logged out tasks
Commits
rPd0c648dfa53b: Make "Can Interact" and logged-out users interact more gracefully
Summary

Fixes T12378. Two minor issues here:

  • CAN_INTERACT on tasks uses "USER", but should just use the view policy, which may be more permissive ("PUBLIC").
  • CAN_INTERACT is currently prevented from being "PUBLIC" by additional safeguards. Define an explicit capability object for the permission which returns true from shouldAllowPublicPolicySetting().
Test Plan
  • Viewed an unlocked task as a logged-out user, saw "login to comment" instead of "locked".
  • Viewed a locked task as a logged-out user, saw "locked".

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley created this revision.Mar 9 2017, 4:46 PM
epriestley added inline comments.Mar 9 2017, 4:47 PM
src/applications/policy/capability/PhabricatorPolicyCanInteractCapability.php
14

We can't reasonably specialize this string, but it won't currently ever appear in the UI.

Harbormaster completed remote builds in B15953: Diff 42047.Mar 9 2017, 4:47 PM
chad accepted this revision.Mar 9 2017, 4:48 PM
This revision is now accepted and ready to land.Mar 9 2017, 4:48 PM
epriestley added a comment.Mar 9 2017, 4:50 PM

I had mistakenly believed this block was handling the "log in to comment" case, but it doesn't:

https://secure.phabricator.com/source/phabricator/browse/master/src/applications/transactions/editengine/PhabricatorEditEngine.php;4c7d464f8bf2627ef7455596fde2ae5667e67a57$1565-1570

The block already has a comment describing the case it does handle, so I think this was just carelessness on my part and don't see any technical change we can make to make this more clear.

We could add CAN_INTERACT tests to the test suite to shore this up a little bit, but I think the feature is potentially still in flux so I want to wait to pursue that.

Closed by commit rPd0c648dfa53b: Make "Can Interact" and logged-out users interact more gracefully (authored by epriestley, committed by epriestley). · Explain WhyMar 9 2017, 4:51 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
2 lines
applications/
maniphest/
storage/
2 lines
policy/
capability/
20 lines

Diff 42048

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/maniphest/storage/ManiphestTask.php

Loading...
View Options

src/applications/policy/capability/PhabricatorPolicyCanInteractCapability.php

Loading...
Phabricator · Built by Phacility