phorge-phorge/src/applications/policy/config/PhabricatorPolicyConfigOptions.php

<?php

final class PhabricatorPolicyConfigOptions
  extends PhabricatorApplicationConfigOptions {

  public function getName() {
    return pht('Policy');
  }

  public function getDescription() {
    return pht('Options relating to object visibility.');
  }

  public function getFontIcon() {
    return 'fa-lock';
  }

  public function getGroup() {
    return 'apps';
  }

  public function getOptions() {
    $policy_locked_type = 'custom:PolicyLockOptionType';
    $policy_locked_example = array(
      'people.create.users' => 'admin',);
    $json = new PhutilJSON();
    $policy_locked_example = $json->encodeFormatted($policy_locked_example);

    return array(
      $this->newOption('policy.allow-public', 'bool', false)
        ->setBoolOptions(
          array(
            pht('Allow Public Visibility'),
            pht('Require Login'),
          ))
        ->setSummary(pht('Allow users to set object visibility to public.'))
        ->setDescription(
          pht(
            "Phabricator allows you to set the visibility of objects (like ".
            "repositories and tasks) to 'Public', which means **anyone ".
            "on the internet can see them, without needing to log in or ".
            "have an account**.".
            "\n\n".
            "This is intended for open source projects. Many installs will ".
            "never want to make anything public, so this policy is disabled ".
            "by default. You can enable it here, which will let you set the ".
            "policy for objects to 'Public'.".
            "\n\n".
            "Enabling this setting will immediately open up some features, ".
            "like the user directory. Anyone on the internet will be able to ".
            "access these features.".
            "\n\n".
            "With this setting disabled, the 'Public' policy is not ".
            "available, and the most open policy is 'All Users' (which means ".
            "users must have accounts and be logged in to view things).")),
      $this->newOption('policy.locked', $policy_locked_type, array())
        ->setLocked(true)
        ->setSummary(pht(
          'Lock specific application policies so they can not be edited.'))
        ->setDescription(pht(
          'Phabricator has application policies which can dictate whether '.
          'users can take certain actions, such as creating new users. '."\n\n".
          'This setting allows for "locking" these policies such that no '.
          'further edits can be made on a per-policy basis.'))
          ->addExample($policy_locked_example,
                       pht('Lock Create User Policy To Admins')),
    );
  }

}
Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`<?php`

			`final class PhabricatorPolicyConfigOptions`
			`extends PhabricatorApplicationConfigOptions {`

			`public function getName() {`
Change double quotes to single quotes. Summary: Ran `arc lint --apply-patches --everything` over rP, mainly to change double quotes to single quotes where appropriate. These changes also validate that the `ArcanistXHPASTLinter::LINT_DOUBLE_QUOTE` rule is working as expected. Test Plan: Eyeballed it. Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin, hach-que Differential Revision: https://secure.phabricator.com/D9431 2014-06-09 20:36:49 +02:00			`return pht('Policy');`
Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`}`

			`public function getDescription() {`
Change double quotes to single quotes. Summary: Ran `arc lint --apply-patches --everything` over rP, mainly to change double quotes to single quotes where appropriate. These changes also validate that the `ArcanistXHPASTLinter::LINT_DOUBLE_QUOTE` rule is working as expected. Test Plan: Eyeballed it. Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin, hach-que Differential Revision: https://secure.phabricator.com/D9431 2014-06-09 20:36:49 +02:00			`return pht('Options relating to object visibility.');`
Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`}`

Use icons with Config Options page Summary: This sets an icon for each config, makes it easier to scan. Test Plan: Reload Config page, see all new icons {F281089} Reviewers: btrahan, epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Differential Revision: https://secure.phabricator.com/D11619 2015-02-02 19:17:25 +01:00			`public function getFontIcon() {`
			`return 'fa-lock';`
			`}`

Add getGroup to ConfigOptions Summary: Adds core and apps grouping to configuration options, makes it somewhat easier to browse config options. Test Plan: Set each option, review list. Breakdown is nearly 50/50 apps/core. Reviewers: btrahan, epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Differential Revision: https://secure.phabricator.com/D11722 2015-02-09 22:10:56 +01:00			`public function getGroup() {`
			`return 'apps';`
			`}`

Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`public function getOptions() {`
Config - add an option to lock policy settings Summary: Fixes T6947 Test Plan: locked people.create.user and noted the UI only showed a link to the existing policy with no way to edit it. tried to set the config to all the various bad things and saw helpful error messages telling me what I did wrong. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6947 Differential Revision: https://secure.phabricator.com/D11358 2015-01-13 20:46:29 +01:00			`$policy_locked_type = 'custom:PolicyLockOptionType';`
			`$policy_locked_example = array(`
			`'people.create.users' => 'admin',);`
			`$json = new PhutilJSON();`
			`$policy_locked_example = $json->encodeFormatted($policy_locked_example);`

Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`return array(`
			`$this->newOption('policy.allow-public', 'bool', false)`
			`->setBoolOptions(`
			`array(`
			`pht('Allow Public Visibility'),`
Minor formatting changes Summary: Apply some autofix linter rules. Test Plan: `arc lint` and `arc unit` Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin, hach-que Differential Revision: https://secure.phabricator.com/D10585 2014-10-07 15:01:04 +02:00			`pht('Require Login'),`
			`))`
Change double quotes to single quotes. Summary: Ran `arc lint --apply-patches --everything` over rP, mainly to change double quotes to single quotes where appropriate. These changes also validate that the `ArcanistXHPASTLinter::LINT_DOUBLE_QUOTE` rule is working as expected. Test Plan: Eyeballed it. Reviewers: #blessed_reviewers, epriestley Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin, hach-que Differential Revision: https://secure.phabricator.com/D9431 2014-06-09 20:36:49 +02:00			`->setSummary(pht('Allow users to set object visibility to public.'))`
Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`->setDescription(`
			`pht(`
			`"Phabricator allows you to set the visibility of objects (like ".`
			`"repositories and tasks) to 'Public', which means **anyone ".`
			`"on the internet can see them, without needing to log in or ".`
			`"have an account**.".`
			`"\n\n".`
			`"This is intended for open source projects. Many installs will ".`
			`"never want to make anything public, so this policy is disabled ".`
			`"by default. You can enable it here, which will let you set the ".`
			`"policy for objects to 'Public'.".`
			`"\n\n".`
			`"Enabling this setting will immediately open up some features, ".`
			`"like the user directory. Anyone on the internet will be able to ".`
			`"access these features.".`
			`"\n\n".`
			`"With this setting disabled, the 'Public' policy is not ".`
			`"available, and the most open policy is 'All Users' (which means ".`
			`"users must have accounts and be logged in to view things).")),`
Config - add an option to lock policy settings Summary: Fixes T6947 Test Plan: locked people.create.user and noted the UI only showed a link to the existing policy with no way to edit it. tried to set the config to all the various bad things and saw helpful error messages telling me what I did wrong. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6947 Differential Revision: https://secure.phabricator.com/D11358 2015-01-13 20:46:29 +01:00			`$this->newOption('policy.locked', $policy_locked_type, array())`
Followup from D11358#106424 and make policy.locked fully work Summary: Fast commit. Also forgot to make the config override the existing policy. I think this is the right spot and we're good? Ref T6947. Test Plan: viewed the application settings page for people application and saw the correct overrode setting. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6947 Differential Revision: https://secure.phabricator.com/D11373 2015-01-13 21:03:11 +01:00			`->setLocked(true)`
Config - add an option to lock policy settings Summary: Fixes T6947 Test Plan: locked people.create.user and noted the UI only showed a link to the existing policy with no way to edit it. tried to set the config to all the various bad things and saw helpful error messages telling me what I did wrong. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6947 Differential Revision: https://secure.phabricator.com/D11358 2015-01-13 20:46:29 +01:00			`->setSummary(pht(`
			`'Lock specific application policies so they can not be edited.'))`
			`->setDescription(pht(`
			`'Phabricator has application policies which can dictate whether '.`
			`'users can take certain actions, such as creating new users. '."\n\n".`
			`'This setting allows for "locking" these policies such that no '.`
			`'further edits can be made on a per-policy basis.'))`
			`->addExample($policy_locked_example,`
			`pht('Lock Create User Policy To Admins')),`
Move policy config to "Policy" app and make `policy.allow-public` description scarier Summary: Ref T603. We have a real policy app now, so put the config options there. Revise the description of the public policy switch to make it clear that enabling it immediately opens up the user directory and various other interfaces. Test Plan: Viewed/edited config setting. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7154 2013-09-27 19:50:19 +02:00			`);`
			`}`

			`}`