Page MenuHomePhabricator

Add capabilities for editing task triage details (priority, assignee, etc)
ClosedPublic

Authored by epriestley on Oct 19 2013, 12:42 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 9, 4:16 AM
Unknown Object (File)
Mon, Dec 9, 4:16 AM
Unknown Object (File)
Mon, Dec 9, 4:16 AM
Unknown Object (File)
Mon, Dec 9, 4:16 AM
Unknown Object (File)
Sat, Dec 7, 7:00 AM
Unknown Object (File)
Wed, Nov 27, 3:24 PM
Unknown Object (File)
Wed, Nov 27, 2:28 PM
Unknown Object (File)
Wed, Nov 27, 2:28 PM
Subscribers

Details

Summary

This is primarily a client request, and a little bit use-case specific, but policies seem to be holding up well and I'm getting more comfortable about maintaining this. Much if it can run through ApplicationTransactions.

Allow the ability to edit status, policies, priorities, assignees and projects of a task to be restricted to some subset of users. Also allow bulk edit to be locked. This affects the editor itself and the edit, view and list interfaces.

Test Plan

As a restricted user, created, edited and commented on tasks. Tried to drag them around.

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
465โ€“467

This moves the capability checks to after filtering, primarily, so we don't trigger on no-effect changes.

(That second screenshot is confusing -- it was supposed to pick up the open dropdown menu, but it didn't. The point was that the dropdown menu just has a few items in it.)

Inline musing. This is pretty cool. Makes defending bootcamp reasonable possible for example.

src/applications/maniphest/controller/ManiphestTaskEditController.php
463โ€“464

I wonder if it would be better to have the UI locked out some how rather than just not shown?

When we started deploying this stuff at FB to lock down tools that accessed critical data, we tried to make it super, duper easier to request access. I like that as a concept to keep in mind - how do we make it easy for people to at least ask for access if they think they should have it and then how does streamlining that approvla go easily.