Page MenuHomePhabricator

D17461.diff
No OneTemporary

D17461.diff

diff --git a/src/applications/tokens/controller/PhabricatorTokenGiveController.php b/src/applications/tokens/controller/PhabricatorTokenGiveController.php
--- a/src/applications/tokens/controller/PhabricatorTokenGiveController.php
+++ b/src/applications/tokens/controller/PhabricatorTokenGiveController.php
@@ -14,6 +14,24 @@
return new Aphront404Response();
}
+ $object = id(new PhabricatorObjectQuery())
+ ->setViewer($viewer)
+ ->withPHIDs(array($phid))
+ ->executeOne();
+
+ if (!($object instanceof PhabricatorTokenReceiverInterface)) {
+ return new Aphront400Response();
+ }
+
+ if (!PhabricatorPolicyFilter::canInteract($viewer, $object)) {
+ $lock = PhabricatorEditEngineLock::newForObject($viewer, $object);
+
+ $dialog = $this->newDialog()
+ ->addCancelButton($handle->getURI());
+
+ return $lock->willBlockUserInteractionWithDialog($dialog);
+ }
+
$current = id(new PhabricatorTokenGivenQuery())
->setViewer($viewer)
->withAuthorPHIDs(array($viewer->getPHID()))
diff --git a/src/applications/tokens/event/PhabricatorTokenUIEventListener.php b/src/applications/tokens/event/PhabricatorTokenUIEventListener.php
--- a/src/applications/tokens/event/PhabricatorTokenUIEventListener.php
+++ b/src/applications/tokens/event/PhabricatorTokenUIEventListener.php
@@ -37,6 +37,8 @@
return null;
}
+ $can_interact = PhabricatorPolicyFilter::canInteract($user, $object);
+
$current = id(new PhabricatorTokenGivenQuery())
->setViewer($user)
->withAuthorPHIDs(array($user->getPHID()))
@@ -48,14 +50,17 @@
->setWorkflow(true)
->setHref('/token/give/'.$object->getPHID().'/')
->setName(pht('Award Token'))
- ->setIcon('fa-trophy');
+ ->setIcon('fa-trophy')
+ ->setDisabled(!$can_interact);
} else {
$token_action = id(new PhabricatorActionView())
->setWorkflow(true)
->setHref('/token/give/'.$object->getPHID().'/')
->setName(pht('Rescind Token'))
- ->setIcon('fa-trophy');
+ ->setIcon('fa-trophy')
+ ->setDisabled(!$can_interact);
}
+
if (!$user->isLoggedIn()) {
$token_action->setDisabled(true);
}

File Metadata

Mime Type
text/plain
Expires
Sun, Jan 12, 4:48 PM (20 h, 40 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6987364
Default Alt Text
D17461.diff (2 KB)

Event Timeline