Page MenuHomePhabricator
Files F15411354

D7351.diff
No OneTemporary
Actions

D7351.diff
View Options

Index: src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
===================================================================
--- src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
+++ src/applications/transactions/editor/PhabricatorApplicationTransactionEditor.php
@@ -697,19 +697,27 @@
$object,
PhabricatorPolicyCapability::CAN_VIEW);
- // TODO: This should be "$object", not "$xaction", but probably breaks a
- // lot of stuff if fixed -- you don't need to be able to edit in order to
- // comment. Instead, transactions should specify the capabilities they
- // require.
+ foreach ($xactions as $xaction) {
+ $this->requireCapabilities($object, $xaction);
+ }
+ }
- /*
+ protected function requireCapabilities(
+ PhabricatorLiskDAO $object,
+ PhabricatorApplicationTransaction $xaction) {
- PhabricatorPolicyFilter::requireCapability(
- $actor,
- $xaction,
- PhabricatorPolicyCapability::CAN_EDIT);
+ switch ($xaction->getTransactionType()) {
+ case PhabricatorTransactions::TYPE_EDIT_POLICY:
+ // You must have the edit capability to alter the edit policy of an
+ // object. For other default transaction types, we don't enforce
+ // anything for the moment.
- */
+ PhabricatorPolicyFilter::requireCapability(
+ $this->requireActor(),
+ $object,
+ PhabricatorPolicyCapability::CAN_EDIT);
+ break;
+ }
}
private function buildMentionTransaction(

File Metadata

Mime Type
text/plain
Expires
Thu, Mar 20, 9:08 AM (2 w, 2 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7672047
Default Alt Text
D7351.diff (1 KB)

Event Timeline

Phabricator · Built by Phacility