Page MenuHomePhabricator
Files F15286101

D7317.id16482.diff
No OneTemporary
Actions

D7317.id16482.diff
View Options

Index: src/__phutil_library_map__.php
===================================================================
--- src/__phutil_library_map__.php
+++ src/__phutil_library_map__.php
@@ -803,6 +803,7 @@
'PackageDeleteMail' => 'applications/owners/mail/PackageDeleteMail.php',
'PackageMail' => 'applications/owners/mail/PackageMail.php',
'PackageModifyMail' => 'applications/owners/mail/PackageModifyMail.php',
+ 'PasteCapabilityDefaultView' => 'applications/paste/capability/PasteCapabilityDefaultView.php',
'PasteCreateMailReceiver' => 'applications/paste/mail/PasteCreateMailReceiver.php',
'PasteEmbedView' => 'applications/paste/view/PasteEmbedView.php',
'PasteMockMailReceiver' => 'applications/paste/mail/PasteMockMailReceiver.php',
@@ -1292,6 +1293,7 @@
'PhabricatorLocalTimeTestCase' => 'view/__tests__/PhabricatorLocalTimeTestCase.php',
'PhabricatorLogoutController' => 'applications/auth/controller/PhabricatorLogoutController.php',
'PhabricatorMacroAudioController' => 'applications/macro/controller/PhabricatorMacroAudioController.php',
+ 'PhabricatorMacroCapabilityManage' => 'applications/macro/capability/PhabricatorMacroCapabilityManage.php',
'PhabricatorMacroCommentController' => 'applications/macro/controller/PhabricatorMacroCommentController.php',
'PhabricatorMacroConfigOptions' => 'applications/macro/config/PhabricatorMacroConfigOptions.php',
'PhabricatorMacroController' => 'applications/macro/controller/PhabricatorMacroController.php',
@@ -2943,6 +2945,7 @@
'PackageDeleteMail' => 'PackageMail',
'PackageMail' => 'PhabricatorMail',
'PackageModifyMail' => 'PackageMail',
+ 'PasteCapabilityDefaultView' => 'PhabricatorPolicyCapability',
'PasteCreateMailReceiver' => 'PhabricatorMailReceiver',
'PasteEmbedView' => 'AphrontView',
'PasteMockMailReceiver' => 'PhabricatorObjectMailReceiver',
@@ -3482,6 +3485,7 @@
'PhabricatorLocalTimeTestCase' => 'PhabricatorTestCase',
'PhabricatorLogoutController' => 'PhabricatorAuthController',
'PhabricatorMacroAudioController' => 'PhabricatorMacroController',
+ 'PhabricatorMacroCapabilityManage' => 'PhabricatorPolicyCapability',
'PhabricatorMacroCommentController' => 'PhabricatorMacroController',
'PhabricatorMacroConfigOptions' => 'PhabricatorApplicationConfigOptions',
'PhabricatorMacroController' => 'PhabricatorController',
Index: src/applications/base/PhabricatorApplication.php
===================================================================
--- src/applications/base/PhabricatorApplication.php
+++ src/applications/base/PhabricatorApplication.php
@@ -349,11 +349,7 @@
switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW:
- if (PhabricatorEnv::getEnvConfig('policy.allow-public')) {
- return PhabricatorPolicies::POLICY_PUBLIC;
- } else {
- return PhabricatorPolicies::POLICY_USER;
- }
+ return PhabricatorPolicies::getMostOpenPolicy();
case PhabricatorPolicyCapability::CAN_EDIT:
return PhabricatorPolicies::POLICY_ADMIN;
default:
Index: src/applications/macro/application/PhabricatorApplicationMacro.php
===================================================================
--- src/applications/macro/application/PhabricatorApplicationMacro.php
+++ src/applications/macro/application/PhabricatorApplicationMacro.php
@@ -42,4 +42,12 @@
);
}
+ protected function getCustomCapabilities() {
+ return array(
+ PhabricatorMacroCapabilityManage::CAPABILITY => array(
+ 'caption' => pht('Allows creating and editing macros.')
+ ),
+ );
+ }
+
}
Index: src/applications/macro/capability/PhabricatorMacroCapabilityManage.php
===================================================================
--- /dev/null
+++ src/applications/macro/capability/PhabricatorMacroCapabilityManage.php
@@ -0,0 +1,20 @@
+<?php
+
+final class PhabricatorMacroCapabilityManage
+ extends PhabricatorPolicyCapability {
+
+ const CAPABILITY = 'macro.manage';
+
+ public function getCapabilityKey() {
+ return self::CAPABILITY;
+ }
+
+ public function getCapabilityName() {
+ return pht('Can Manage Macros');
+ }
+
+ public function describeCapabilityRejection() {
+ return pht('You do not have permission to manage image macros.');
+ }
+
+}
Index: src/applications/macro/controller/PhabricatorMacroAudioController.php
===================================================================
--- src/applications/macro/controller/PhabricatorMacroAudioController.php
+++ src/applications/macro/controller/PhabricatorMacroAudioController.php
@@ -10,6 +10,10 @@
}
public function processRequest() {
+
+ $this->requireApplicationCapability(
+ PhabricatorMacroCapabilityManage::CAPABILITY);
+
$request = $this->getRequest();
$viewer = $request->getUser();
Index: src/applications/macro/controller/PhabricatorMacroController.php
===================================================================
--- src/applications/macro/controller/PhabricatorMacroController.php
+++ src/applications/macro/controller/PhabricatorMacroController.php
@@ -28,11 +28,16 @@
protected function buildApplicationCrumbs() {
$crumbs = parent::buildApplicationCrumbs();
+ $can_manage = $this->hasApplicationCapability(
+ PhabricatorMacroCapabilityManage::CAPABILITY);
+
$crumbs->addAction(
id(new PHUIListItemView())
->setName(pht('Create Macro'))
->setHref($this->getApplicationURI('/create/'))
- ->setIcon('create'));
+ ->setIcon('create')
+ ->setDisabled(!$can_manage)
+ ->setWorkflow(!$can_manage));
return $crumbs;
}
Index: src/applications/macro/controller/PhabricatorMacroDisableController.php
===================================================================
--- src/applications/macro/controller/PhabricatorMacroDisableController.php
+++ src/applications/macro/controller/PhabricatorMacroDisableController.php
@@ -10,6 +10,10 @@
}
public function processRequest() {
+
+ $this->requireApplicationCapability(
+ PhabricatorMacroCapabilityManage::CAPABILITY);
+
$request = $this->getRequest();
$user = $request->getUser();
Index: src/applications/macro/controller/PhabricatorMacroEditController.php
===================================================================
--- src/applications/macro/controller/PhabricatorMacroEditController.php
+++ src/applications/macro/controller/PhabricatorMacroEditController.php
@@ -11,17 +11,15 @@
public function processRequest() {
+ $this->requireApplicationCapability(
+ PhabricatorMacroCapabilityManage::CAPABILITY);
+
$request = $this->getRequest();
$user = $request->getUser();
if ($this->id) {
$macro = id(new PhabricatorMacroQuery())
->setViewer($user)
- ->requireCapabilities(
- array(
- PhabricatorPolicyCapability::CAN_VIEW,
- PhabricatorPolicyCapability::CAN_EDIT,
- ))
->withIDs(array($this->id))
->executeOne();
if (!$macro) {
Index: src/applications/macro/controller/PhabricatorMacroViewController.php
===================================================================
--- src/applications/macro/controller/PhabricatorMacroViewController.php
+++ src/applications/macro/controller/PhabricatorMacroViewController.php
@@ -70,6 +70,8 @@
->setMarkupEngine($engine);
$header = id(new PHUIHeaderView())
+ ->setUser($user)
+ ->setPolicyObject($macro)
->setHeader($title_long);
if ($macro->getIsDisabled()) {
@@ -128,6 +130,10 @@
}
private function buildActionView(PhabricatorFileImageMacro $macro) {
+
+ $can_manage = $this->hasApplicationCapability(
+ PhabricatorMacroCapabilityManage::CAPABILITY);
+
$request = $this->getRequest();
$view = id(new PhabricatorActionListView())
->setUser($request->getUser())
@@ -137,12 +143,16 @@
id(new PhabricatorActionView())
->setName(pht('Edit Macro'))
->setHref($this->getApplicationURI('/edit/'.$macro->getID().'/'))
+ ->setDisabled(!$can_manage)
+ ->setWorkflow(!$can_manage)
->setIcon('edit'));
$view->addAction(
id(new PhabricatorActionView())
->setName(pht('Edit Audio'))
->setHref($this->getApplicationURI('/audio/'.$macro->getID().'/'))
+ ->setDisabled(!$can_manage)
+ ->setWorkflow(!$can_manage)
->setIcon('herald'));
if ($macro->getIsDisabled()) {
@@ -151,6 +161,7 @@
->setName(pht('Restore Macro'))
->setHref($this->getApplicationURI('/disable/'.$macro->getID().'/'))
->setWorkflow(true)
+ ->setDisabled(!$can_manage)
->setIcon('undo'));
} else {
$view->addAction(
@@ -158,6 +169,7 @@
->setName(pht('Disable Macro'))
->setHref($this->getApplicationURI('/disable/'.$macro->getID().'/'))
->setWorkflow(true)
+ ->setDisabled(!$can_manage)
->setIcon('delete'));
}
Index: src/applications/macro/storage/PhabricatorFileImageMacro.php
===================================================================
--- src/applications/macro/storage/PhabricatorFileImageMacro.php
+++ src/applications/macro/storage/PhabricatorFileImageMacro.php
@@ -64,12 +64,11 @@
public function getCapabilities() {
return array(
PhabricatorPolicyCapability::CAN_VIEW,
- PhabricatorPolicyCapability::CAN_EDIT,
);
}
public function getPolicy($capability) {
- return PhabricatorPolicies::POLICY_USER;
+ return PhabricatorPolicies::getMostOpenPolicy();
}
public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
Index: src/applications/maniphest/controller/ManiphestTaskDetailController.php
===================================================================
--- src/applications/maniphest/controller/ManiphestTaskDetailController.php
+++ src/applications/maniphest/controller/ManiphestTaskDetailController.php
@@ -462,7 +462,7 @@
->setWorkflow(true)
->setIcon('merge')
->setDisabled(!$can_edit)
- ->setWorkflow(!$can_edit));
+ ->setWorkflow(true));
$view->addAction(
id(new PhabricatorActionView())
Index: src/applications/paste/application/PhabricatorApplicationPaste.php
===================================================================
--- src/applications/paste/application/PhabricatorApplicationPaste.php
+++ src/applications/paste/application/PhabricatorApplicationPaste.php
@@ -1,8 +1,5 @@
<?php
-/**
- * group paste
- */
final class PhabricatorApplicationPaste extends PhabricatorApplication {
public function getBaseURI() {
@@ -44,4 +41,13 @@
);
}
+ protected function getCustomCapabilities() {
+ return array(
+ PasteCapabilityDefaultView::CAPABILITY => array(
+ 'caption' => pht(
+ 'Default view policy for newly created pastes.')
+ ),
+ );
+ }
+
}
Index: src/applications/paste/capability/PasteCapabilityDefaultView.php
===================================================================
--- /dev/null
+++ src/applications/paste/capability/PasteCapabilityDefaultView.php
@@ -0,0 +1,20 @@
+<?php
+
+final class PasteCapabilityDefaultView
+ extends PhabricatorPolicyCapability {
+
+ const CAPABILITY = 'paste.default.view';
+
+ public function getCapabilityKey() {
+ return self::CAPABILITY;
+ }
+
+ public function getCapabilityName() {
+ return pht('Default View Policy');
+ }
+
+ public function shouldAllowPublicPolicySetting() {
+ return true;
+ }
+
+}
Index: src/applications/paste/conduit/ConduitAPI_paste_create_Method.php
===================================================================
--- src/applications/paste/conduit/ConduitAPI_paste_create_Method.php
+++ src/applications/paste/conduit/ConduitAPI_paste_create_Method.php
@@ -51,12 +51,10 @@
// TODO: This should use PhabricatorPasteEditor.
- $paste = new PhabricatorPaste();
+ $paste = PhabricatorPaste::initializeNewPaste($user);
$paste->setTitle($title);
$paste->setLanguage($language);
$paste->setFilePHID($paste_file->getPHID());
- $paste->setAuthorPHID($user->getPHID());
- $paste->setViewPolicy(PhabricatorPolicies::POLICY_USER);
$paste->save();
$paste_file->attachToObject($user, $paste->getPHID());
Index: src/applications/paste/controller/PhabricatorPasteEditController.php
===================================================================
--- src/applications/paste/controller/PhabricatorPasteEditController.php
+++ src/applications/paste/controller/PhabricatorPasteEditController.php
@@ -21,7 +21,7 @@
if (!$this->id) {
$is_create = true;
- $paste = new PhabricatorPaste();
+ $paste = PhabricatorPaste::initializeNewPaste($user);
$parent_id = $request->getStr('parent');
if ($parent_id) {
Index: src/applications/paste/query/PhabricatorPasteQuery.php
===================================================================
--- src/applications/paste/query/PhabricatorPasteQuery.php
+++ src/applications/paste/query/PhabricatorPasteQuery.php
@@ -175,7 +175,14 @@
unset($pastes[$key]);
continue;
}
- $paste->attachRawContent($file->loadFileData());
+ try {
+ $paste->attachRawContent($file->loadFileData());
+ } catch (Exception $ex) {
+ // We can hit various sorts of file storage issues here. Just drop the
+ // paste if the file is dead.
+ unset($pastes[$key]);
+ continue;
+ }
}
return $pastes;
Index: src/applications/paste/storage/PhabricatorPaste.php
===================================================================
--- src/applications/paste/storage/PhabricatorPaste.php
+++ src/applications/paste/storage/PhabricatorPaste.php
@@ -1,8 +1,5 @@
<?php
-/**
- * @group paste
- */
final class PhabricatorPaste extends PhabricatorPasteDAO
implements
PhabricatorSubscribableInterface,
@@ -20,6 +17,20 @@
private $content = self::ATTACHABLE;
private $rawContent = self::ATTACHABLE;
+ public static function initializeNewPaste(PhabricatorUser $actor) {
+ $app = id(new PhabricatorApplicationQuery())
+ ->setViewer($actor)
+ ->withClasses(array('PhabricatorApplicationPaste'))
+ ->executeOne();
+
+ $view_policy = $app->getPolicy(PasteCapabilityDefaultView::CAPABILITY);
+
+ return id(new PhabricatorPaste())
+ ->setTitle('')
+ ->setAuthorPHID($actor->getPHID())
+ ->setViewPolicy($view_policy);
+ }
+
public function getURI() {
return '/P'.$this->getID();
}
@@ -42,29 +53,6 @@
return parent::save();
}
- public function getCapabilities() {
- return array(
- PhabricatorPolicyCapability::CAN_VIEW,
- PhabricatorPolicyCapability::CAN_EDIT,
- );
- }
-
- public function getPolicy($capability) {
- if ($capability == PhabricatorPolicyCapability::CAN_VIEW) {
- return $this->viewPolicy;
- }
- return PhabricatorPolicies::POLICY_NOONE;
- }
-
- public function hasAutomaticCapability($capability, PhabricatorUser $user) {
- return ($user->getPHID() == $this->getAuthorPHID());
- }
-
- public function describeAutomaticCapability($capability) {
- return pht(
- 'The author of a paste can always view and edit it.');
- }
-
public function getFullName() {
$title = $this->getTitle();
if (!$title) {
@@ -91,7 +79,7 @@
return $this;
}
-/* -( PhabricatorSubscribableInterface Implementation )-------------------- */
+/* -( PhabricatorSubscribableInterface )----------------------------------- */
public function isAutomaticallySubscribed($phid) {
@@ -107,4 +95,31 @@
);
}
+
+/* -( PhabricatorPolicyInterface )----------------------------------------- */
+
+
+ public function getCapabilities() {
+ return array(
+ PhabricatorPolicyCapability::CAN_VIEW,
+ PhabricatorPolicyCapability::CAN_EDIT,
+ );
+ }
+
+ public function getPolicy($capability) {
+ if ($capability == PhabricatorPolicyCapability::CAN_VIEW) {
+ return $this->viewPolicy;
+ }
+ return PhabricatorPolicies::POLICY_NOONE;
+ }
+
+ public function hasAutomaticCapability($capability, PhabricatorUser $user) {
+ return ($user->getPHID() == $this->getAuthorPHID());
+ }
+
+ public function describeAutomaticCapability($capability) {
+ return pht('The author of a paste can always view and edit it.');
+ }
+
+
}
Index: src/applications/policy/constants/PhabricatorPolicies.php
===================================================================
--- src/applications/policy/constants/PhabricatorPolicies.php
+++ src/applications/policy/constants/PhabricatorPolicies.php
@@ -7,4 +7,19 @@
const POLICY_ADMIN = 'admin';
const POLICY_NOONE = 'no-one';
+ /**
+ * Returns the most public policy this install's configuration permits.
+ * This is either "public" (if available) or "all users" (if not).
+ *
+ * @return const Most open working policy constant.
+ */
+ public static function getMostOpenPolicy() {
+ if (PhabricatorEnv::getEnvConfig('policy.allow-public')) {
+ return PhabricatorPolicies::POLICY_PUBLIC;
+ } else {
+ return PhabricatorPolicies::POLICY_USER;
+ }
+ }
+
+
}

File Metadata

Mime Type
text/plain
Expires
Wed, Mar 5, 6:13 PM (2 w, 4 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7222618
Default Alt Text
D7317.id16482.diff (16 KB)

Event Timeline

Phabricator · Built by Phacility