1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 16:22:43 +01:00

Add bin/policy unlock

Summary: Ref T603. We might need a fine-grained CLI tool later on, but here's a bat we can bludgeon things with.

Test Plan:
  - Ran `bin/policy unlock D12` (adjusted policies).
  - Ran `bin/policy unlock rPca85c457ebcb` (got "not mutable" stuff).

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7189
This commit is contained in:
epriestley 2013-10-01 16:01:15 -07:00
parent fb93fd007f
commit 1d1ecb5629
3 changed files with 107 additions and 0 deletions

View file

@ -16,6 +16,7 @@ $args->parseStandardArguments();
$workflows = array( $workflows = array(
new PhabricatorPolicyManagementShowWorkflow(), new PhabricatorPolicyManagementShowWorkflow(),
new PhabricatorPolicyManagementUnlockWorkflow(),
new PhutilHelpArgumentWorkflow(), new PhutilHelpArgumentWorkflow(),
); );

View file

@ -1469,6 +1469,7 @@ phutil_register_library_map(array(
'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php', 'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php',
'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php', 'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php',
'PhabricatorPolicyManagementShowWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementShowWorkflow.php', 'PhabricatorPolicyManagementShowWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementShowWorkflow.php',
'PhabricatorPolicyManagementUnlockWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementUnlockWorkflow.php',
'PhabricatorPolicyManagementWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementWorkflow.php', 'PhabricatorPolicyManagementWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementWorkflow.php',
'PhabricatorPolicyQuery' => 'applications/policy/query/PhabricatorPolicyQuery.php', 'PhabricatorPolicyQuery' => 'applications/policy/query/PhabricatorPolicyQuery.php',
'PhabricatorPolicyTestCase' => 'applications/policy/__tests__/PhabricatorPolicyTestCase.php', 'PhabricatorPolicyTestCase' => 'applications/policy/__tests__/PhabricatorPolicyTestCase.php',
@ -3627,6 +3628,7 @@ phutil_register_library_map(array(
'PhabricatorPolicyException' => 'Exception', 'PhabricatorPolicyException' => 'Exception',
'PhabricatorPolicyExplainController' => 'PhabricatorPolicyController', 'PhabricatorPolicyExplainController' => 'PhabricatorPolicyController',
'PhabricatorPolicyManagementShowWorkflow' => 'PhabricatorPolicyManagementWorkflow', 'PhabricatorPolicyManagementShowWorkflow' => 'PhabricatorPolicyManagementWorkflow',
'PhabricatorPolicyManagementUnlockWorkflow' => 'PhabricatorPolicyManagementWorkflow',
'PhabricatorPolicyManagementWorkflow' => 'PhutilArgumentWorkflow', 'PhabricatorPolicyManagementWorkflow' => 'PhutilArgumentWorkflow',
'PhabricatorPolicyQuery' => 'PhabricatorQuery', 'PhabricatorPolicyQuery' => 'PhabricatorQuery',
'PhabricatorPolicyTestCase' => 'PhabricatorTestCase', 'PhabricatorPolicyTestCase' => 'PhabricatorTestCase',

View file

@ -0,0 +1,104 @@
<?php
final class PhabricatorPolicyManagementUnlockWorkflow
extends PhabricatorPolicyManagementWorkflow {
protected function didConstruct() {
$this
->setName('unlock')
->setSynopsis(
'Unlock an object by setting its policies to allow anyone to view '.
'and edit it.')
->setExamples(
"**unlock** D123")
->setArguments(
array(
array(
'name' => 'objects',
'wildcard' => true,
),
));
}
public function execute(PhutilArgumentParser $args) {
$console = PhutilConsole::getConsole();
$viewer = PhabricatorUser::getOmnipotentUser();
$obj_names = $args->getArg('objects');
if (!$obj_names) {
throw new PhutilArgumentUsageException(
pht(
"Specify the name of an object to unlock."));
} else if (count($obj_names) > 1) {
throw new PhutilArgumentUsageException(
pht(
"Specify the name of exactly one object to unlock."));
}
$object = id(new PhabricatorObjectQuery())
->setViewer($viewer)
->withNames($obj_names)
->executeOne();
if (!$object) {
$name = head($obj_names);
throw new PhutilArgumentUsageException(
pht(
"No such object '%s'!",
$name));
}
$handle = id(new PhabricatorHandleQuery())
->setViewer($viewer)
->withPHIDs(array($object->getPHID()))
->executeOne();
$console->writeOut("%s\n", pht('Unlocking: %s', $handle->getFullName()));
$updated = false;
foreach ($object->getCapabilities() as $capability) {
switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW:
try {
$object->setViewPolicy(PhabricatorPolicies::POLICY_USER);
$console->writeOut("%s\n", pht('Unlocked view policy.'));
$updated = true;
} catch (Exception $ex) {
$console->writeOut("%s\n", pht('View policy is not mutable.'));
}
break;
case PhabricatorPolicyCapability::CAN_EDIT:
try {
$object->setEditPolicy(PhabricatorPolicies::POLICY_USER);
$console->writeOut("%s\n", pht('Unlocked edit policy.'));
$updated = true;
} catch (Exception $ex) {
$console->writeOut("%s\n", pht('Edit policy is not mutable.'));
}
break;
case PhabricatorPolicyCapability::CAN_JOIN:
try {
$object->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
$console->writeOut("%s\n", pht('Unlocked join policy.'));
$updated = true;
} catch (Exception $ex) {
$console->writeOut("%s\n", pht('Join policy is not mutable.'));
}
break;
}
}
if ($updated) {
$object->save();
$console->writeOut("%s\n", pht('Saved object.'));
} else {
$console->writeOut(
"%s\n",
pht(
'Object has no mutable policies. Try unlocking parent/container '.
'object instead. For example, to gain access to a commit, unlock '.
'the repository it belongs to.'));
}
}
}