mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-21 22:32:41 +01:00
Add bin/policy unlock
Summary: Ref T603. We might need a fine-grained CLI tool later on, but here's a bat we can bludgeon things with. Test Plan: - Ran `bin/policy unlock D12` (adjusted policies). - Ran `bin/policy unlock rPca85c457ebcb` (got "not mutable" stuff). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7189
This commit is contained in:
parent
fb93fd007f
commit
1d1ecb5629
3 changed files with 107 additions and 0 deletions
|
@ -16,6 +16,7 @@ $args->parseStandardArguments();
|
|||
|
||||
$workflows = array(
|
||||
new PhabricatorPolicyManagementShowWorkflow(),
|
||||
new PhabricatorPolicyManagementUnlockWorkflow(),
|
||||
new PhutilHelpArgumentWorkflow(),
|
||||
);
|
||||
|
||||
|
|
|
@ -1469,6 +1469,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php',
|
||||
'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php',
|
||||
'PhabricatorPolicyManagementShowWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementShowWorkflow.php',
|
||||
'PhabricatorPolicyManagementUnlockWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementUnlockWorkflow.php',
|
||||
'PhabricatorPolicyManagementWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementWorkflow.php',
|
||||
'PhabricatorPolicyQuery' => 'applications/policy/query/PhabricatorPolicyQuery.php',
|
||||
'PhabricatorPolicyTestCase' => 'applications/policy/__tests__/PhabricatorPolicyTestCase.php',
|
||||
|
@ -3627,6 +3628,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyException' => 'Exception',
|
||||
'PhabricatorPolicyExplainController' => 'PhabricatorPolicyController',
|
||||
'PhabricatorPolicyManagementShowWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
||||
'PhabricatorPolicyManagementUnlockWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
||||
'PhabricatorPolicyManagementWorkflow' => 'PhutilArgumentWorkflow',
|
||||
'PhabricatorPolicyQuery' => 'PhabricatorQuery',
|
||||
'PhabricatorPolicyTestCase' => 'PhabricatorTestCase',
|
||||
|
|
|
@ -0,0 +1,104 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorPolicyManagementUnlockWorkflow
|
||||
extends PhabricatorPolicyManagementWorkflow {
|
||||
|
||||
protected function didConstruct() {
|
||||
$this
|
||||
->setName('unlock')
|
||||
->setSynopsis(
|
||||
'Unlock an object by setting its policies to allow anyone to view '.
|
||||
'and edit it.')
|
||||
->setExamples(
|
||||
"**unlock** D123")
|
||||
->setArguments(
|
||||
array(
|
||||
array(
|
||||
'name' => 'objects',
|
||||
'wildcard' => true,
|
||||
),
|
||||
));
|
||||
}
|
||||
|
||||
public function execute(PhutilArgumentParser $args) {
|
||||
$console = PhutilConsole::getConsole();
|
||||
$viewer = PhabricatorUser::getOmnipotentUser();
|
||||
|
||||
$obj_names = $args->getArg('objects');
|
||||
if (!$obj_names) {
|
||||
throw new PhutilArgumentUsageException(
|
||||
pht(
|
||||
"Specify the name of an object to unlock."));
|
||||
} else if (count($obj_names) > 1) {
|
||||
throw new PhutilArgumentUsageException(
|
||||
pht(
|
||||
"Specify the name of exactly one object to unlock."));
|
||||
}
|
||||
|
||||
$object = id(new PhabricatorObjectQuery())
|
||||
->setViewer($viewer)
|
||||
->withNames($obj_names)
|
||||
->executeOne();
|
||||
|
||||
if (!$object) {
|
||||
$name = head($obj_names);
|
||||
throw new PhutilArgumentUsageException(
|
||||
pht(
|
||||
"No such object '%s'!",
|
||||
$name));
|
||||
}
|
||||
|
||||
$handle = id(new PhabricatorHandleQuery())
|
||||
->setViewer($viewer)
|
||||
->withPHIDs(array($object->getPHID()))
|
||||
->executeOne();
|
||||
|
||||
$console->writeOut("%s\n", pht('Unlocking: %s', $handle->getFullName()));
|
||||
|
||||
$updated = false;
|
||||
foreach ($object->getCapabilities() as $capability) {
|
||||
switch ($capability) {
|
||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||
try {
|
||||
$object->setViewPolicy(PhabricatorPolicies::POLICY_USER);
|
||||
$console->writeOut("%s\n", pht('Unlocked view policy.'));
|
||||
$updated = true;
|
||||
} catch (Exception $ex) {
|
||||
$console->writeOut("%s\n", pht('View policy is not mutable.'));
|
||||
}
|
||||
break;
|
||||
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||
try {
|
||||
$object->setEditPolicy(PhabricatorPolicies::POLICY_USER);
|
||||
$console->writeOut("%s\n", pht('Unlocked edit policy.'));
|
||||
$updated = true;
|
||||
} catch (Exception $ex) {
|
||||
$console->writeOut("%s\n", pht('Edit policy is not mutable.'));
|
||||
}
|
||||
break;
|
||||
case PhabricatorPolicyCapability::CAN_JOIN:
|
||||
try {
|
||||
$object->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
|
||||
$console->writeOut("%s\n", pht('Unlocked join policy.'));
|
||||
$updated = true;
|
||||
} catch (Exception $ex) {
|
||||
$console->writeOut("%s\n", pht('Join policy is not mutable.'));
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ($updated) {
|
||||
$object->save();
|
||||
$console->writeOut("%s\n", pht('Saved object.'));
|
||||
} else {
|
||||
$console->writeOut(
|
||||
"%s\n",
|
||||
pht(
|
||||
'Object has no mutable policies. Try unlocking parent/container '.
|
||||
'object instead. For example, to gain access to a commit, unlock '.
|
||||
'the repository it belongs to.'));
|
||||
}
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in a new issue