Page MenuHomePhabricator
Differential D20732 Diff 49439 src/applications/phortune/storage/PhortuneCart.php

Changeset View

Standalone View

View Options

src/applications/phortune/storage/PhortuneCart.php

<?php <?php
final class PhortuneCart extends PhortuneDAO final class PhortuneCart extends PhortuneDAO
implements implements
PhabricatorApplicationTransactionInterface, PhabricatorApplicationTransactionInterface,
PhabricatorPolicyInterface { PhabricatorPolicyInterface,
PhabricatorExtendedPolicyInterface {
const STATUS_BUILDING = 'cart:building'; const STATUS_BUILDING = 'cart:building';
const STATUS_READY = 'cart:ready'; const STATUS_READY = 'cart:ready';
const STATUS_PURCHASING = 'cart:purchasing'; const STATUS_PURCHASING = 'cart:purchasing';
const STATUS_CHARGED = 'cart:charged'; const STATUS_CHARGED = 'cart:charged';
const STATUS_HOLD = 'cart:hold'; const STATUS_HOLD = 'cart:hold';
const STATUS_REVIEW = 'cart:review'; const STATUS_REVIEW = 'cart:review';
const STATUS_PURCHASED = 'cart:purchased'; const STATUS_PURCHASED = 'cart:purchased';
▲ Show 20 LinesShow All 632 Lines▼ Show 20 Lines/* -( PhabricatorPolicyInterface )----------------------------------------- */
public function getCapabilities() { public function getCapabilities() {
return array( return array(
PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT, PhabricatorPolicyCapability::CAN_EDIT,
); );
} }
public function getPolicy($capability) { public function getPolicy($capability) {
// NOTE: Both view and edit use the account's edit policy. We punch a hole return PhabricatorPolicies::getMostOpenPolicy();
// through this for merchants, below.
return $this
->getAccount()
->getPolicy(PhabricatorPolicyCapability::CAN_EDIT);
} }
public function hasAutomaticCapability($capability, PhabricatorUser $viewer) { public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
if ($this->getAccount()->hasAutomaticCapability($capability, $viewer)) { if ($capability === PhabricatorPolicyCapability::CAN_VIEW) {
return true; $any_edit = PhortuneMerchantQuery::canViewersEditMerchants(
} array($viewer->getPHID()),
array($this->getMerchantPHID()));
// If the viewer controls the merchant this order was placed with, they if ($any_edit) {
// can view the order.
if ($capability == PhabricatorPolicyCapability::CAN_VIEW) {
$can_admin = PhabricatorPolicyFilter::hasCapability(
$viewer,
$this->getMerchant(),
PhabricatorPolicyCapability::CAN_EDIT);
if ($can_admin) {
return true; return true;
} }
} }
return false; return false;
} }
public function describeAutomaticCapability($capability) {
/* -( PhabricatorExtendedPolicyInterface )--------------------------------- */
public function getExtendedPolicy($capability, PhabricatorUser $viewer) {
if ($this->hasAutomaticCapability($capability, $viewer)) {
return array();
}
return array( return array(
pht('Orders inherit the policies of the associated account.'), array(
pht('The merchant you placed an order with can review and manage it.'), $this->getAccount(),
PhabricatorPolicyCapability::CAN_EDIT,
),
); );
} }
} }
Phabricator · Built by Phacility