1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-17 10:11:10 +01:00

Make Maniphest list page react to viewer capabilities

Summary:
Ref T603. Basically:

  - Hide "Reports".
  - Hide "batch edit" and "export to excel".
  - Hide reprioritization controls.
  - I left the edit controls, they show a "login to continue" dialog when hit.
  - Allow tokenizer results to fill for public users.
  - Fix a bug where membership in projects was computed incorrectly in certain cases.
  - Add a unit test covering the project membership bug.

Test Plan: Viewed /maniphest/ when logged out, and while logged in.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7126
This commit is contained in:
epriestley 2013-09-25 13:45:04 -07:00
parent 800f6971bb
commit 1e2718d747
6 changed files with 62 additions and 4 deletions

View file

@ -1453,6 +1453,7 @@ phutil_register_library_map(array(
'PhabricatorPolicyCapability' => 'applications/policy/constants/PhabricatorPolicyCapability.php', 'PhabricatorPolicyCapability' => 'applications/policy/constants/PhabricatorPolicyCapability.php',
'PhabricatorPolicyConfigOptions' => 'applications/config/option/PhabricatorPolicyConfigOptions.php', 'PhabricatorPolicyConfigOptions' => 'applications/config/option/PhabricatorPolicyConfigOptions.php',
'PhabricatorPolicyConstants' => 'applications/policy/constants/PhabricatorPolicyConstants.php', 'PhabricatorPolicyConstants' => 'applications/policy/constants/PhabricatorPolicyConstants.php',
'PhabricatorPolicyDataTestCase' => 'applications/policy/__tests__/PhabricatorPolicyDataTestCase.php',
'PhabricatorPolicyException' => 'applications/policy/exception/PhabricatorPolicyException.php', 'PhabricatorPolicyException' => 'applications/policy/exception/PhabricatorPolicyException.php',
'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php', 'PhabricatorPolicyFilter' => 'applications/policy/filter/PhabricatorPolicyFilter.php',
'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php', 'PhabricatorPolicyInterface' => 'applications/policy/interface/PhabricatorPolicyInterface.php',
@ -3599,6 +3600,7 @@ phutil_register_library_map(array(
'PhabricatorPolicyAwareTestQuery' => 'PhabricatorPolicyAwareQuery', 'PhabricatorPolicyAwareTestQuery' => 'PhabricatorPolicyAwareQuery',
'PhabricatorPolicyCapability' => 'PhabricatorPolicyConstants', 'PhabricatorPolicyCapability' => 'PhabricatorPolicyConstants',
'PhabricatorPolicyConfigOptions' => 'PhabricatorApplicationConfigOptions', 'PhabricatorPolicyConfigOptions' => 'PhabricatorApplicationConfigOptions',
'PhabricatorPolicyDataTestCase' => 'PhabricatorTestCase',
'PhabricatorPolicyException' => 'Exception', 'PhabricatorPolicyException' => 'Exception',
'PhabricatorPolicyQuery' => 'PhabricatorQuery', 'PhabricatorPolicyQuery' => 'PhabricatorQuery',
'PhabricatorPolicyTestCase' => 'PhabricatorTestCase', 'PhabricatorPolicyTestCase' => 'PhabricatorTestCase',

View file

@ -20,8 +20,11 @@ abstract class ManiphestController extends PhabricatorController {
->setViewer($user) ->setViewer($user)
->addNavigationItems($nav->getMenu()); ->addNavigationItems($nav->getMenu());
$nav->addLabel(pht('Reports')); if ($user->isLoggedIn()) {
$nav->addFilter('report', pht('Reports')); // For now, don't give logged-out users access to reports.
$nav->addLabel(pht('Reports'));
$nav->addFilter('report', pht('Reports'));
}
$nav->selectFilter(null); $nav->selectFilter(null);

View file

@ -49,6 +49,13 @@ final class ManiphestTaskListController
$can_drag = ($order_parameter == 'priority') && $can_drag = ($order_parameter == 'priority') &&
($group_parameter == 'none' || $group_parameter == 'priority'); ($group_parameter == 'none' || $group_parameter == 'priority');
if (!$viewer->isLoggedIn()) {
// TODO: (T603) Eventually, we conceivably need to make each task
// draggable individually, since the user may be able to edit some but
// not others.
$can_drag = false;
}
$result = array(); $result = array();
$lists = array(); $lists = array();
@ -184,6 +191,12 @@ final class ManiphestTaskListController
private function renderBatchEditor(PhabricatorSavedQuery $saved_query) { private function renderBatchEditor(PhabricatorSavedQuery $saved_query) {
$user = $this->getRequest()->getUser(); $user = $this->getRequest()->getUser();
if (!$user->isLoggedIn()) {
// Don't show the batch editor or excel export for logged-out users.
// Technically we //could// let them export, but ehh.
return null;
}
Javelin::initBehavior( Javelin::initBehavior(
'maniphest-batch-selector', 'maniphest-batch-selector',
array( array(

View file

@ -0,0 +1,34 @@
<?php
final class PhabricatorPolicyDataTestCase extends PhabricatorTestCase {
protected function getPhabricatorTestCaseConfiguration() {
return array(
self::PHABRICATOR_TESTCONFIG_BUILD_STORAGE_FIXTURES => true,
);
}
public function testProjectPolicyMembership() {
$author = $this->generateNewTestUser();
$proj_a = id(new PhabricatorProject())
->setName('A')
->setAuthorPHID($author->getPHID())
->save();
$proj_b = id(new PhabricatorProject())
->setName('B')
->setAuthorPHID($author->getPHID())
->save();
$proj_a->setViewPolicy($proj_b->getPHID())->save();
$proj_b->setViewPolicy($proj_a->getPHID())->save();
$user = new PhabricatorUser();
$results = id(new PhabricatorProjectQuery())
->setViewer($user)
->execute();
$this->assertEqual(0, count($results));
}
}

View file

@ -213,7 +213,7 @@ final class PhabricatorPolicyFilter {
default: default:
$type = phid_get_type($policy); $type = phid_get_type($policy);
if ($type == PhabricatorProjectPHIDTypeProject::TYPECONST) { if ($type == PhabricatorProjectPHIDTypeProject::TYPECONST) {
if (isset($this->userProjects[$viewer->getPHID()][$policy])) { if (!empty($this->userProjects[$viewer->getPHID()][$policy])) {
return true; return true;
} else { } else {
$this->rejectObject($object, $policy, $capability); $this->rejectObject($object, $policy, $capability);

View file

@ -5,6 +5,10 @@ final class PhabricatorTypeaheadCommonDatasourceController
private $type; private $type;
public function shouldAllowPublic() {
return true;
}
public function willProcessRequest(array $data) { public function willProcessRequest(array $data) {
$this->type = $data['type']; $this->type = $data['type'];
} }
@ -230,7 +234,9 @@ final class PhabricatorTypeaheadCommonDatasourceController
} }
if ($need_repos) { if ($need_repos) {
$repos = id(new PhabricatorRepository())->loadAll(); $repos = id(new PhabricatorRepositoryQuery())
->setViewer($viewer)
->execute();
foreach ($repos as $repo) { foreach ($repos as $repo) {
$results[] = id(new PhabricatorTypeaheadResult()) $results[] = id(new PhabricatorTypeaheadResult())
->setName('r'.$repo->getCallsign().' ('.$repo->getName().')') ->setName('r'.$repo->getCallsign().' ('.$repo->getName().')')