diff --git a/src/applications/maniphest/controller/ManiphestBatchEditController.php b/src/applications/maniphest/controller/ManiphestBatchEditController.php index 2859eaae57..e4086b2d18 100644 --- a/src/applications/maniphest/controller/ManiphestBatchEditController.php +++ b/src/applications/maniphest/controller/ManiphestBatchEditController.php @@ -25,6 +25,12 @@ final class ManiphestBatchEditController extends ManiphestController { $task_ids = $request->getStrList('batch'); } + if (!$task_ids) { + throw new Exception( + pht( + 'No tasks are selected.')); + } + $tasks = id(new ManiphestTaskQuery()) ->setViewer($viewer) ->withIDs($task_ids) @@ -37,6 +43,12 @@ final class ManiphestBatchEditController extends ManiphestController { ->needProjectPHIDs(true) ->execute(); + if (!$tasks) { + throw new Exception( + pht( + "You don't have permission to edit any of the selected tasks.")); + } + if ($project) { $cancel_uri = '/project/board/'.$project->getID().'/'; $redirect_uri = $cancel_uri;