Page MenuHomePhabricator

Add default policy to Files application
ClosedPublic

Authored by chad on Nov 20 2014, 9:01 PM.
Tags
None
Referenced Files
F14055178: D10888.diff
Sat, Nov 16, 9:12 AM
F14041486: D10888.diff
Mon, Nov 11, 7:03 PM
F14027198: D10888.diff
Fri, Nov 8, 5:53 AM
F13999641: D10888.diff
Thu, Oct 24, 4:08 PM
F13986203: D10888.id26153.diff
Mon, Oct 21, 1:19 AM
F13984553: D10888.id26159.diff
Sun, Oct 20, 2:09 PM
F13967846: D10888.id26154.diff
Oct 16 2024, 4:27 PM
F13963589: D10888.id26145.diff
Oct 15 2024, 4:46 PM

Details

Summary

WIP This adds default capability to the Files application

Test Plan

Set default to public, go to Files page, see public preset. Upload File. Doesn't work.

Diff Detail

Repository
rP Phabricator
Branch
files-policy
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 3118
Build 3124: [Placeholder Plan] Wait for 30 Seconds

Event Timeline

chad retitled this revision from to Add default policy to Files application.
chad updated this object.
chad edited the test plan for this revision. (Show Details)
chad added reviewers: epriestley, btrahan.
src/applications/files/storage/PhabricatorFile.php
279

This is my main question. Setting $viewer here means I'd have to update a dozen callsites and pass $viewer everywhere. Is that the correctest way? newFromFileData is the main function that gets called everywhere.

epriestley edited edge metadata.

We can pull the application without needing the viewer like this, using PhabricatorUser::getOmnipotentUser():

$app = id(new PhabricatorApplicationQuery())
    ->setViewer(PhabricatorUser::getOmnipotentUser())
    ->withClasses(array('PhabricatorFilesApplication'))
    ->executeOne();

It's slightly "better" to use a real user (and for many other applications there's some other reason we need a real user -- for example, to populate an author field), but there's no practical difference in this case. The big thing that using a real user does is make this fail in an obvious way if you messed something up and the user doesn't actually have access to use the application. However, Files is a required application and can not be uninstalled or have access limited, so it's moot in this case.

There are also a lot of cases where we create a file but don't necessarily have a meaningful viewer (for example, when pulling profile pictures from Facebook or Google during registration), so you wouldn't really be able to provide one there anyway.

So:

  • You can just use PhabricatorUser::getOmnipotentUser() to load the $app.
  • Maybe we'll refine this eventually and optionally let you pass a viewer in (after T5681?).
  • You don't need to update every callsite, just the user-facing ones. Some of them are really deep in non-user-facing workflows and can get cleaned up eventually.
  • Rest of this diff looks good.
This revision now requires changes to proceed.Nov 21 2014, 12:36 AM
chad edited edge metadata.
  • More lint
  • Update per comments
chad edited edge metadata.
  • missed a derp
epriestley edited edge metadata.
This revision is now accepted and ready to land.Nov 21 2014, 7:08 PM
This revision was automatically updated to reflect the committed changes.