mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-14 02:42:40 +01:00
Add bin/policy unlock
Summary: Ref T603. We might need a fine-grained CLI tool later on, but here's a bat we can bludgeon things with. Test Plan: - Ran `bin/policy unlock D12` (adjusted policies). - Ran `bin/policy unlock rPca85c457ebcb` (got "not mutable" stuff). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7189
This commit is contained in:
parent
fb93fd007f
commit
1d1ecb5629
3 changed files with 107 additions and 0 deletions
|
@ -16,6 +16,7 @@ $args->parseStandardArguments();
|
||||||
|
|
||||||
$workflows = array(
|
$workflows = array(
|
||||||
new PhabricatorPolicyManagementShowWorkflow(),
|
new PhabricatorPolicyManagementShowWorkflow(),
|
||||||
|
new PhabricatorPolicyManagementUnlockWorkflow(),
|
||||||
new PhutilHelpArgumentWorkflow(),
|
new PhutilHelpArgumentWorkflow(),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
@ -1469,6 +1469,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php',
|
'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php',
|
||||||
'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php',
|
'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php',
|
||||||
'PhabricatorPolicyManagementShowWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementShowWorkflow.php',
|
'PhabricatorPolicyManagementShowWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementShowWorkflow.php',
|
||||||
|
'PhabricatorPolicyManagementUnlockWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementUnlockWorkflow.php',
|
||||||
'PhabricatorPolicyManagementWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementWorkflow.php',
|
'PhabricatorPolicyManagementWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementWorkflow.php',
|
||||||
'PhabricatorPolicyQuery' => 'applications/policy/query/PhabricatorPolicyQuery.php',
|
'PhabricatorPolicyQuery' => 'applications/policy/query/PhabricatorPolicyQuery.php',
|
||||||
'PhabricatorPolicyTestCase' => 'applications/policy/__tests__/PhabricatorPolicyTestCase.php',
|
'PhabricatorPolicyTestCase' => 'applications/policy/__tests__/PhabricatorPolicyTestCase.php',
|
||||||
|
@ -3627,6 +3628,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorPolicyException' => 'Exception',
|
'PhabricatorPolicyException' => 'Exception',
|
||||||
'PhabricatorPolicyExplainController' => 'PhabricatorPolicyController',
|
'PhabricatorPolicyExplainController' => 'PhabricatorPolicyController',
|
||||||
'PhabricatorPolicyManagementShowWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
'PhabricatorPolicyManagementShowWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
||||||
|
'PhabricatorPolicyManagementUnlockWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
||||||
'PhabricatorPolicyManagementWorkflow' => 'PhutilArgumentWorkflow',
|
'PhabricatorPolicyManagementWorkflow' => 'PhutilArgumentWorkflow',
|
||||||
'PhabricatorPolicyQuery' => 'PhabricatorQuery',
|
'PhabricatorPolicyQuery' => 'PhabricatorQuery',
|
||||||
'PhabricatorPolicyTestCase' => 'PhabricatorTestCase',
|
'PhabricatorPolicyTestCase' => 'PhabricatorTestCase',
|
||||||
|
|
|
@ -0,0 +1,104 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
final class PhabricatorPolicyManagementUnlockWorkflow
|
||||||
|
extends PhabricatorPolicyManagementWorkflow {
|
||||||
|
|
||||||
|
protected function didConstruct() {
|
||||||
|
$this
|
||||||
|
->setName('unlock')
|
||||||
|
->setSynopsis(
|
||||||
|
'Unlock an object by setting its policies to allow anyone to view '.
|
||||||
|
'and edit it.')
|
||||||
|
->setExamples(
|
||||||
|
"**unlock** D123")
|
||||||
|
->setArguments(
|
||||||
|
array(
|
||||||
|
array(
|
||||||
|
'name' => 'objects',
|
||||||
|
'wildcard' => true,
|
||||||
|
),
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function execute(PhutilArgumentParser $args) {
|
||||||
|
$console = PhutilConsole::getConsole();
|
||||||
|
$viewer = PhabricatorUser::getOmnipotentUser();
|
||||||
|
|
||||||
|
$obj_names = $args->getArg('objects');
|
||||||
|
if (!$obj_names) {
|
||||||
|
throw new PhutilArgumentUsageException(
|
||||||
|
pht(
|
||||||
|
"Specify the name of an object to unlock."));
|
||||||
|
} else if (count($obj_names) > 1) {
|
||||||
|
throw new PhutilArgumentUsageException(
|
||||||
|
pht(
|
||||||
|
"Specify the name of exactly one object to unlock."));
|
||||||
|
}
|
||||||
|
|
||||||
|
$object = id(new PhabricatorObjectQuery())
|
||||||
|
->setViewer($viewer)
|
||||||
|
->withNames($obj_names)
|
||||||
|
->executeOne();
|
||||||
|
|
||||||
|
if (!$object) {
|
||||||
|
$name = head($obj_names);
|
||||||
|
throw new PhutilArgumentUsageException(
|
||||||
|
pht(
|
||||||
|
"No such object '%s'!",
|
||||||
|
$name));
|
||||||
|
}
|
||||||
|
|
||||||
|
$handle = id(new PhabricatorHandleQuery())
|
||||||
|
->setViewer($viewer)
|
||||||
|
->withPHIDs(array($object->getPHID()))
|
||||||
|
->executeOne();
|
||||||
|
|
||||||
|
$console->writeOut("%s\n", pht('Unlocking: %s', $handle->getFullName()));
|
||||||
|
|
||||||
|
$updated = false;
|
||||||
|
foreach ($object->getCapabilities() as $capability) {
|
||||||
|
switch ($capability) {
|
||||||
|
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||||
|
try {
|
||||||
|
$object->setViewPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$console->writeOut("%s\n", pht('Unlocked view policy.'));
|
||||||
|
$updated = true;
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$console->writeOut("%s\n", pht('View policy is not mutable.'));
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||||
|
try {
|
||||||
|
$object->setEditPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$console->writeOut("%s\n", pht('Unlocked edit policy.'));
|
||||||
|
$updated = true;
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$console->writeOut("%s\n", pht('Edit policy is not mutable.'));
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case PhabricatorPolicyCapability::CAN_JOIN:
|
||||||
|
try {
|
||||||
|
$object->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
|
$console->writeOut("%s\n", pht('Unlocked join policy.'));
|
||||||
|
$updated = true;
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$console->writeOut("%s\n", pht('Join policy is not mutable.'));
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($updated) {
|
||||||
|
$object->save();
|
||||||
|
$console->writeOut("%s\n", pht('Saved object.'));
|
||||||
|
} else {
|
||||||
|
$console->writeOut(
|
||||||
|
"%s\n",
|
||||||
|
pht(
|
||||||
|
'Object has no mutable policies. Try unlocking parent/container '.
|
||||||
|
'object instead. For example, to gain access to a commit, unlock '.
|
||||||
|
'the repository it belongs to.'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in a new issue