Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15452488
D8112.id18344.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
D8112.id18344.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -1048,6 +1048,7 @@
'PasteEmbedView' => 'applications/paste/view/PasteEmbedView.php',
'PasteMockMailReceiver' => 'applications/paste/mail/PasteMockMailReceiver.php',
'PasteReplyHandler' => 'applications/paste/mail/PasteReplyHandler.php',
+ 'PeopleCapabilityBrowseUserDirectory' => 'applications/people/capability/PeopleCapabilityBrowseUserDirectory.php',
'Phabricator404Controller' => 'applications/base/controller/Phabricator404Controller.php',
'PhabricatorAWSConfigOptions' => 'applications/config/option/PhabricatorAWSConfigOptions.php',
'PhabricatorAccessControlTestCase' => 'applications/base/controller/__tests__/PhabricatorAccessControlTestCase.php',
@@ -3636,6 +3637,7 @@
'PasteEmbedView' => 'AphrontView',
'PasteMockMailReceiver' => 'PhabricatorObjectMailReceiver',
'PasteReplyHandler' => 'PhabricatorMailReplyHandler',
+ 'PeopleCapabilityBrowseUserDirectory' => 'PhabricatorPolicyCapability',
'Phabricator404Controller' => 'PhabricatorController',
'PhabricatorAWSConfigOptions' => 'PhabricatorApplicationConfigOptions',
'PhabricatorAccessControlTestCase' => 'PhabricatorTestCase',
diff --git a/src/applications/people/application/PhabricatorApplicationPeople.php b/src/applications/people/application/PhabricatorApplicationPeople.php
--- a/src/applications/people/application/PhabricatorApplicationPeople.php
+++ b/src/applications/people/application/PhabricatorApplicationPeople.php
@@ -62,6 +62,14 @@
);
}
+
+ protected function getCustomCapabilities() {
+ return array(
+ PeopleCapabilityBrowseUserDirectory::CAPABILITY => array(
+ ),
+ );
+ }
+
public function loadStatus(PhabricatorUser $user) {
if (!$user->getIsAdmin()) {
return array();
diff --git a/src/applications/people/capability/PeopleCapabilityBrowseUserDirectory.php b/src/applications/people/capability/PeopleCapabilityBrowseUserDirectory.php
new file mode 100644
--- /dev/null
+++ b/src/applications/people/capability/PeopleCapabilityBrowseUserDirectory.php
@@ -0,0 +1,25 @@
+<?php
+
+final class PeopleCapabilityBrowseUserDirectory
+ extends PhabricatorPolicyCapability {
+
+ const CAPABILITY = 'people.browse';
+
+ public function getCapabilityKey() {
+ return self::CAPABILITY;
+ }
+
+ public function getCapabilityName() {
+ return pht('Can Browse User Directory');
+ }
+
+ public function shouldAllowPublicPolicySetting() {
+ return true;
+ }
+
+ public function describeCapabilityRejection() {
+ return pht(
+ 'You do not have permission to browse the user directory.');
+ }
+
+}
diff --git a/src/applications/people/controller/PhabricatorPeopleListController.php b/src/applications/people/controller/PhabricatorPeopleListController.php
--- a/src/applications/people/controller/PhabricatorPeopleListController.php
+++ b/src/applications/people/controller/PhabricatorPeopleListController.php
@@ -19,6 +19,11 @@
public function processRequest() {
$request = $this->getRequest();
+ $viewer = $request->getUser();
+
+ $this->requireApplicationCapability(
+ PeopleCapabilityBrowseUserDirectory::CAPABILITY);
+
$controller = id(new PhabricatorApplicationSearchController($request))
->setQueryKey($this->key)
->setSearchEngine(new PhabricatorPeopleSearchEngine())
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Mar 30, 5:14 AM (1 w, 2 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7726718
Default Alt Text
D8112.id18344.diff (3 KB)
Attached To
Mode
D8112: Add a granular capability for user directory browsing
Attached
Detach File
Event Timeline
Log In to Comment