Page MenuHomePhabricator
Files F190637

whyyyyyyyyyyyyyyyy
No One
Actions

Authored By
chasemp
Aug 14 2014, 8:48 PM
Size
4 KB
Referenced Files
None
Subscribers
None

whyyyyyyyyyyyyyyyy
View Options

<?php
class SecurityPolicyEnforcerAction extends HeraldCustomAction {
public function appliesToAdapter(HeraldAdapter $adapter) {
return $adapter instanceof HeraldManiphestTaskAdapter;
}
public function appliesToRuleType($rule_type) {
switch ($rule_type) {
case HeraldRuleTypeConfig::RULE_TYPE_GLOBAL:
return true;
case HeraldRuleTypeConfig::RULE_TYPE_PERSONAL:
case HeraldRuleTypeConfig::RULE_TYPE_OBJECT:
default:
return false;
}
}
public function getActionKey() {
return "SecurityPolicy";
}
public function getActionName() {
return "Ensure Security Task Policy Are Enforced";
}
public function getActionType() {
return "SecurityPolicyEnforcerAction";
}
public function applyEffect(
HeraldAdapter $adapter,
$object,
HeraldEffect $effect) {
/**
//this is kicked off by a herald rule that says any time
//a new task is created we run through this global rule
//we only act on security field settings here
//ideally each security field setting is it's own extensions?
// and herald can tell them apart utnil then we just do crappy
//if / else
Pseudo:
$task = get_new_task()
$custom_policies = $task->custompolicies()
security_policy = $custom_policies['security']
if security_policy == 'operations-request' {
...change task edit to operations-request project...
...change task view to operations-request project...
...strip existing folder project (make note in descript?)...
...apply operations-request project...
elif security_policy == 'operations-access-request' {
...change task edit to operations-access-request' project...
...change task view to operations-access-request' project...
...strip existing folder project (make note in descript?)...
...apply operations-request project...
...CREATE SECOND TASK...make it a blocker for this task
//the idea is public access-requests have a shadow ticket that is
//created as a blocker taht is "hidden" that is used to debate the
//request not in public
...change task edit to operations-access-request-private' project...
...change task view to operations-access-request-private' project...
...apply operations-request project...
elif security_policy == 'security-bug' {
...change task edit to security-bug project...
...change task view to security-bug project...
...strip existing folder project (make note in descript?)...
...apply operations-request project...
else {
pass
}
**/
//phlog(array($adapter));
$task = $adapter->getTask();
//works but undesirable
//phlog(array($task, $object));
//$task->setViewPolicy('PHID-PROJ-hxzt3eodbfkeqcyqoswh')
// ->setEditPolicy('PHID-PROJ-hxzt3eodbfkeqcyqoswh')
// ->save();
//$fields = $task->getCustomFields();
//phlog(array($fields));
//trial--
$transactions = array();
//static for now
$view_policy = 'PHID-PROJ-hxzt3eodbfkeqcyqoswh';
if ($view_policy !== null) {
$transactions[] = id(new ManiphestTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_VIEW_POLICY)
->setNewValue($view_policy);
}
//static for now
$edit_policy = 'PHID-PROJ-hxzt3eodbfkeqcyqoswh';
if ($edit_policy !== null) {
$transactions[] = id(new ManiphestTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
->setNewValue($edit_policy);
}
$content_source = PhabricatorContentSource::newForSource(
PhabricatorContentSource::SOURCE_HERALD,
array());
phlog(print_r($task));
$editor = id(new ManiphestTransactionEditor())
->setActor($task->getUser())
->setContentSource($content_source)
->setContinueOnNoEffect(true);
$editor->applyTransactions($task, $transactions);
return new HeraldApplyTranscript(
$effect,
true,
pht('Set security policy'));
}
}

File Metadata

Mime Type
text/plain; charset=utf-8
Storage Engine
amazon-s3
Storage Format
Raw Data
Storage Handle
phabricator/lu/rw/k2dw3kl4lw4h6zeq
Default Alt Text
whyyyyyyyyyyyyyyyy (4 KB)

Event Timeline

Phabricator · Built by Phacility