Don't allow logged out users to initialize a Workboard

Summary: Right now logged out users can enable a workboard on a project.

Test Plan: Log out, view a public project, click on Workboard, get not set up dialog. Click Cancel, return to project details.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D14304

src/applications/project/controller/PhabricatorProjectBoardViewController.php

@@ -67,6 +67,9 @@ final class PhabricatorProjectBoardViewController
     // TODO: Expand the checks here if we add the ability
     // to hide the Backlog column
     if (!$columns) {
+      if (!$viewer->isLoggedIn()) {
+        return $this->noAccessDialog($project);
+      }
       switch ($request->getStr('initialize-type')) {
         case 'backlog-only':
           $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
@@ -713,6 +716,20 @@ final class PhabricatorProjectBoardViewController
       ->setDialog($dialog);
   }
 
+  private function noAccessDialog(PhabricatorProject $project) {
+
+    $instructions = pht('This workboard has not been setup yet.');
+
+    $dialog = id(new AphrontDialogView())
+      ->setUser($this->getRequest()->getUser())
+      ->setTitle(pht('No Workboard'))
+      ->addCancelButton($this->getApplicationURI('view/'.$project->getID().'/'))
+      ->appendParagraph($instructions);
+
+    return id(new AphrontDialogResponse())
+      ->setDialog($dialog);
+  }
+
 
   /**
    * Add current state parameters (like order and the visibility of hidden