Clean up supplemental capabilitiy checks in transaction edits
ClosedPublic
Actions

Authored by epriestley on Oct 18 2013, 10:55 PM.

Tags

None

Referenced Files

	F19096157: D7351.diff
	Thu, Dec 4, 8:11 AM

	F18791153: D7351.id.diff
	Oct 16 2025, 4:24 AM

	F18790517: D7351.id.diff
	Oct 15 2025, 3:10 PM

	F18789157: D7351.diff
	Oct 15 2025, 8:17 AM

	F18775460: D7351.id16554.diff
	Oct 10 2025, 7:08 PM

	F18734484: D7351.id.diff
	Sep 30 2025, 10:54 PM

	F18672570: D7351.diff
	Sep 25 2025, 7:48 AM

	F18620146: D7351.id.diff
	Sep 15 2025, 4:24 AM

View All Files

Subscribers

aran

Details

Reviewers

btrahan

Commits

Restricted Diffusion Commit
rP83c99be42348: Clean up supplemental capabilitiy checks in transaction edits

Summary

We have this commented-out chunk of code now which was originally buggy and is now just nonfunctional.

For now, the core edit types don't always require CAN_EDIT (e.g., subscribe, comment, add edges), except for editing the edit policy itself, which always does. Add a supplemental capability check there and let everything else go through with CAN_VIEW. We can buff the policy checks on application editors over time, they all require appropriate capabilities to get to in the first place anyway.

Test Plan

Created and edited some tasks without getting overwhelmed with policy exceptions.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

Sweet

Closed by commit rP83c99be42348 (authored by @epriestley).

Revision Contents
Changeset List

Path

Size

src/

applications/

transactions/

editor/

PhabricatorApplicationTransactionEditor.php

28 lines

Diff 16604

View Options

src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php

Clean up supplemental capabilitiy checks in transaction editsClosedPublicActions