Page MenuHomePhabricator
Files F14756082

D17257.id41512.diff
No OneTemporary
Actions

D17257.id41512.diff
View Options

diff --git a/src/applications/search/engine/PhabricatorProfileMenuEngine.php b/src/applications/search/engine/PhabricatorProfileMenuEngine.php
--- a/src/applications/search/engine/PhabricatorProfileMenuEngine.php
+++ b/src/applications/search/engine/PhabricatorProfileMenuEngine.php
@@ -497,10 +497,34 @@
$viewer = $this->getViewer();
$object = $this->getProfileObject();
- PhabricatorPolicyFilter::requireCapability(
- $viewer,
- $object,
- PhabricatorPolicyCapability::CAN_EDIT);
+ // If you're reordering global items, you need to be able to edit the
+ // object the menu appears on. If you're reordering custom items, you only
+ // need to be able to edit the custom object. Currently, the custom object
+ // is always the viewing user's own user object.
+ $custom_phid = $this->getCustomPHID();
+ if (!$custom_phid) {
+ PhabricatorPolicyFilter::requireCapability(
+ $viewer,
+ $object,
+ PhabricatorPolicyCapability::CAN_EDIT);
+ } else {
+ $policy_object = id(new PhabricatorObjectQuery())
+ ->setViewer($viewer)
+ ->withPHIDs(array($custom_phid))
+ ->executeOne();
+
+ if (!$policy_object) {
+ throw new Exception(
+ pht(
+ 'Failed to load custom PHID "%s"!',
+ $custom_phid));
+ }
+
+ PhabricatorPolicyFilter::requireCapability(
+ $viewer,
+ $policy_object,
+ PhabricatorPolicyCapability::CAN_EDIT);
+ }
$controller = $this->getController();
$request = $controller->getRequest();

File Metadata

Mime Type
text/plain
Expires
Wed, Jan 22, 7:07 PM (14 h, 7 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7035148
Default Alt Text
D17257.id41512.diff (1 KB)

Event Timeline

Phabricator · Built by Phacility