Changeset View
Changeset View
Standalone View
Standalone View
src/applications/policy/filter/PhabricatorPolicyFilter.php
Show First 20 Lines • Show All 868 Lines • ▼ Show 20 Lines | private function rejectObjectFromSpace( | ||||
throw $exception; | throw $exception; | ||||
} | } | ||||
private function applyApplicationChecks(array $objects) { | private function applyApplicationChecks(array $objects) { | ||||
$viewer = $this->viewer; | $viewer = $this->viewer; | ||||
foreach ($objects as $key => $object) { | foreach ($objects as $key => $object) { | ||||
// Don't filter handles: users are allowed to see handles from an | |||||
// application they can't see even if they can not see objects from | |||||
// that application. Note that the application policies still apply to | |||||
// the underlying object, so these will be "Restricted Object" handles. | |||||
// If we don't let these through, PhabricatorHandleQuery will completely | |||||
epriestley: Fixed this typo locally. | |||||
// fail to load results for PHIDs that are part of applications which | |||||
// the viewer can not see, but a fundamental property of handles is that | |||||
// we always load something and they can safely be assumed to load. | |||||
if ($object instanceof PhabricatorObjectHandle) { | |||||
continue; | |||||
} | |||||
$phid = $object->getPHID(); | $phid = $object->getPHID(); | ||||
if (!$phid) { | if (!$phid) { | ||||
continue; | continue; | ||||
} | } | ||||
$application_class = $this->getApplicationForPHID($phid); | $application_class = $this->getApplicationForPHID($phid); | ||||
if ($application_class === null) { | if ($application_class === null) { | ||||
continue; | continue; | ||||
Show All 34 Lines |
Fixed this typo locally.