Page MenuHomePhabricator

D17696.id42562.diff
No OneTemporary

D17696.id42562.diff

diff --git a/src/applications/conpherence/controller/ConpherenceUpdateController.php b/src/applications/conpherence/controller/ConpherenceUpdateController.php
--- a/src/applications/conpherence/controller/ConpherenceUpdateController.php
+++ b/src/applications/conpherence/controller/ConpherenceUpdateController.php
@@ -20,7 +20,6 @@
$needed_capabilities[] = PhabricatorPolicyCapability::CAN_EDIT;
}
break;
- case ConpherenceUpdateActions::ADD_PERSON:
case ConpherenceUpdateActions::METADATA:
$needed_capabilities[] = PhabricatorPolicyCapability::CAN_EDIT;
break;
diff --git a/src/applications/conpherence/controller/ConpherenceViewController.php b/src/applications/conpherence/controller/ConpherenceViewController.php
--- a/src/applications/conpherence/controller/ConpherenceViewController.php
+++ b/src/applications/conpherence/controller/ConpherenceViewController.php
@@ -147,9 +147,6 @@
$user = $this->getRequest()->getUser();
$participating = $conpherence->getParticipantIfExists($user->getPHID());
- if (!$participating && $user->isLoggedIn()) {
- return null;
- }
$draft = PhabricatorDraft::newFromUserAndKey(
$user,
$conpherence->getPHID());
diff --git a/src/applications/conpherence/editor/ConpherenceEditor.php b/src/applications/conpherence/editor/ConpherenceEditor.php
--- a/src/applications/conpherence/editor/ConpherenceEditor.php
+++ b/src/applications/conpherence/editor/ConpherenceEditor.php
@@ -343,11 +343,24 @@
$actor_phid = $this->requireActor()->getPHID();
- // You need CAN_EDIT to change participants other than yourself.
- PhabricatorPolicyFilter::requireCapability(
- $this->requireActor(),
- $object,
- PhabricatorPolicyCapability::CAN_EDIT);
+ $is_join = (($add === array($actor_phid)) && !$rem);
+ $is_leave = (($rem === array($actor_phid)) && !$add);
+
+ if ($is_join) {
+ // Anyone can join a thread they can see.
+ } else if ($is_leave) {
+ // Anyone can leave a thread.
+ } else if ($add) {
+ // Anyone can add to a thread they can see.
+ } else if ($rem) {
+ // You need CAN_EDIT to remove participants other than yourself
+ // Though this is a bit broad since generally "room participants"
+ // is our default edit policy.
+ PhabricatorPolicyFilter::requireCapability(
+ $this->requireActor(),
+ $object,
+ PhabricatorPolicyCapability::CAN_EDIT);
+ }
break;
case ConpherenceThreadTitleTransaction::TRANSACTIONTYPE:

File Metadata

Mime Type
text/plain
Expires
Mon, May 20, 10:03 PM (3 w, 5 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6304193
Default Alt Text
D17696.id42562.diff (2 KB)

Event Timeline