mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-26 08:42:41 +01:00
Lock policy queries to their applications
Summary: While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential. This has several parts: - For PolicyAware queries, provide an application class name method. - If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally. - For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles. Test Plan: - Added a unit test to verify I got all the class names right. - Browsed around, logged in/out as a normal user with public policies on and off. - Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted. Reviewers: btrahan Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D7367
This commit is contained in:
parent
32dd8af9e5
commit
2a5c987c71
99 changed files with 473 additions and 186 deletions
|
@ -96,4 +96,8 @@ final class PhabricatorAuthProviderConfigQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationAuth';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -163,4 +163,8 @@ final class PhabricatorExternalAccountQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPeople';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -55,4 +55,9 @@ final class PhabricatorChatLogChannelQuery
|
|||
|
||||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationChatlog';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -54,4 +54,9 @@ final class PhabricatorChatLogQuery
|
|||
|
||||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationChatlog';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -40,4 +40,8 @@ final class PhabricatorConduitLogQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationConduit';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -121,4 +121,8 @@ final class PhabricatorConduitMethodQuery
|
|||
return $methods;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationConduit';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorConfigPHIDTypeConfig extends PhabricatorPHIDType {
|
|||
return new PhabricatorConfigEntry();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorConfigEntryQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -53,4 +53,8 @@ final class PhabricatorConfigEntryQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationConfig';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -19,15 +19,12 @@ final class PhabricatorConpherencePHIDTypeThread extends PhabricatorPHIDType {
|
|||
return new ConpherenceThread();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new ConpherenceThreadQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -282,4 +282,8 @@ final class ConpherenceThreadQuery
|
|||
return $this;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationConpherence';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorCountdownPHIDTypeCountdown extends PhabricatorPHIDType {
|
|||
return new PhabricatorCountdown();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorCountdownQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -85,4 +85,8 @@ final class PhabricatorCountdownQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationCountdown';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -142,4 +142,8 @@ final class PhabricatorDaemonLogQuery
|
|||
}
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDaemons';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class DifferentialPHIDTypeRevision extends PhabricatorPHIDType {
|
|||
return new DifferentialRevision();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new DifferentialRevisionQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -137,4 +137,8 @@ final class DifferentialDiffQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDifferential';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -1189,7 +1189,8 @@ final class DifferentialRevisionQuery
|
|||
) + array_fuse($project_authority);
|
||||
}
|
||||
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDifferential';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -250,4 +250,8 @@ final class DiffusionCommitQuery
|
|||
}
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDiffusion';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class DivinerPHIDTypeAtom extends PhabricatorPHIDType {
|
|||
return new DivinerLiveSymbol();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new DivinerAtomQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class DivinerPHIDTypeBook extends PhabricatorPHIDType {
|
|||
return new DivinerLiveBook();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new DivinerBookQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -405,4 +405,8 @@ final class DivinerAtomQuery
|
|||
}
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDiviner';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -66,4 +66,9 @@ final class DivinerBookQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDiviner';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -52,4 +52,8 @@ final class DoorkeeperExternalObjectQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDoorkeeper';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -104,4 +104,9 @@ final class PhabricatorFeedQuery
|
|||
return $item['chronologicalKey'];
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationFeed';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorFilePHIDTypeFile extends PhabricatorPHIDType {
|
|||
return new PhabricatorFile();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorFileQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -235,4 +235,9 @@ final class PhabricatorFileQuery
|
|||
return 'f.id';
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationFiles';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -160,4 +160,9 @@ final class PhabricatorFlagQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationFlags';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class HeraldPHIDTypeRule extends PhabricatorPHIDType {
|
|||
return new HeraldRule();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new HeraldRuleQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -229,4 +229,9 @@ final class HeraldRuleQuery
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationHerald';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -94,5 +94,8 @@ final class HeraldTranscriptQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationHerald';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -19,16 +19,13 @@ final class PhabricatorLegalpadPHIDTypeDocument extends PhabricatorPHIDType {
|
|||
return new LegalpadDocument();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new LegalpadDocumentQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->needDocumentBodies(true)
|
||||
->execute();
|
||||
->needDocumentBodies(true);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -181,5 +181,8 @@ final class LegalpadDocumentQuery
|
|||
return $documents;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationLegalpad';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorMacroPHIDTypeMacro extends PhabricatorPHIDType {
|
|||
return new PhabricatorFileImageMacro();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorMacroQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -216,4 +216,8 @@ final class PhabricatorMacroQuery
|
|||
return 'm.id';
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationMacro';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorMailingListPHIDTypeList extends PhabricatorPHIDType {
|
|||
return new PhabricatorMetaMTAMailingList();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorMailingListQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -53,4 +53,8 @@ final class PhabricatorMailingListQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationMailingLists';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class ManiphestPHIDTypeTask extends PhabricatorPHIDType {
|
|||
return new ManiphestTask();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new ManiphestTaskQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -886,4 +886,9 @@ final class ManiphestTaskQuery
|
|||
return 'task.phid';
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationManiphest';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -17,15 +17,12 @@ final class PhabricatorApplicationPHIDTypeApplication
|
|||
return null;
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorApplicationQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -132,4 +132,13 @@ final class PhabricatorApplicationQuery
|
|||
return $apps;
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// NOTE: Although this belongs to the "Applications" application, trying
|
||||
// to filter its results just leaves us recursing indefinitely. Users
|
||||
// always have access to applications regardless of other policy settings
|
||||
// anyway.
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -111,4 +111,10 @@ final class PhabricatorNotificationQuery
|
|||
return $item->getChronologicalKey();
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// TODO: No actual "Notification" app yet, but there probably should be.
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorOwnersPHIDTypePackage extends PhabricatorPHIDType {
|
|||
return new PhabricatorOwnersPackage();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorOwnersPackageQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -79,4 +79,9 @@ final class PhabricatorOwnersPackageQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationOwners';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorPastePHIDTypePaste extends PhabricatorPHIDType {
|
|||
return new PhabricatorPaste();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorPasteQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -249,4 +249,9 @@ final class PhabricatorPasteQuery
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPaste';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorPeoplePHIDTypeExternal extends PhabricatorPHIDType {
|
|||
return new PhabricatorExternalAccount();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorExternalAccountQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,17 +16,14 @@ final class PhabricatorPeoplePHIDTypeUser extends PhabricatorPHIDType {
|
|||
return new PhabricatorUser();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorPeopleQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->needProfileImage(true)
|
||||
->needStatus(true)
|
||||
->execute();
|
||||
->needStatus(true);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -282,4 +282,8 @@ final class PhabricatorPeopleQuery
|
|||
return 'user.phid';
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPeople';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -19,15 +19,12 @@ final class PhabricatorPhamePHIDTypeBlog extends PhabricatorPHIDType {
|
|||
return new PhameBlog();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhameBlogQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -19,15 +19,12 @@ final class PhabricatorPhamePHIDTypePost extends PhabricatorPHIDType {
|
|||
return new PhamePost();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhamePostQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -75,4 +75,9 @@ final class PhameBlogQuery extends PhabricatorCursorPagedPolicyAwareQuery {
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// TODO: Can we set this without breaking public blogs?
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -141,4 +141,9 @@ final class PhamePostQuery extends PhabricatorCursorPagedPolicyAwareQuery {
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// TODO: Does setting this break public blogs?
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -67,4 +67,8 @@ final class PhabricatorHandleQuery
|
|||
return $results;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -152,4 +152,8 @@ final class PhabricatorObjectQuery
|
|||
return true;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -9,11 +9,54 @@ abstract class PhabricatorPHIDType {
|
|||
return null;
|
||||
}
|
||||
|
||||
abstract public function loadObjects(
|
||||
/**
|
||||
* Build a @{class:PhabricatorPolicyAwareQuery} to load objects of this type
|
||||
* by PHID.
|
||||
*
|
||||
* If you can not build a single query which satisfies this requirement, you
|
||||
* can provide a dummy implementation for this method and overload
|
||||
* @{method:loadObjects} instead.
|
||||
*
|
||||
* @param PhabricatorObjectQuery Query being executed.
|
||||
* @param list<phid> PHIDs to load.
|
||||
* @return PhabricatorPolicyAwareQuery Query object which loads the
|
||||
* specified PHIDs when executed.
|
||||
*/
|
||||
abstract protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids);
|
||||
|
||||
|
||||
/**
|
||||
* Load objects of this type, by PHID. For most PHID types, it is only
|
||||
* necessary to implement @{method:buildQueryForObjects} to get object
|
||||
* loading to work.
|
||||
*
|
||||
* @param PhabricatorObjectQuery Query being executed.
|
||||
* @param list<phid> PHIDs to load.
|
||||
* @return list<wild> Corresponding objects.
|
||||
*/
|
||||
public function loadObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
$object_query = $this->buildQueryForObjects($query, $phids)
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query);
|
||||
|
||||
// If the user doesn't have permission to use the application at all,
|
||||
// just mark all the PHIDs as filtered. This primarily makes these
|
||||
// objects show up as "Restricted" instead of "Unknown" when loaded as
|
||||
// handles, which is technically true.
|
||||
if (!$object_query->canViewerUseQueryApplication()) {
|
||||
$object_query->addPolicyFilteredPHIDs(array_fuse($phids));
|
||||
return array();
|
||||
}
|
||||
|
||||
return $object_query->execute();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Populate provided handles with application-specific data, like titles and
|
||||
* URIs.
|
||||
|
@ -38,7 +81,7 @@ abstract class PhabricatorPHIDType {
|
|||
* @param PhabricatorHandleQuery Issuing query object.
|
||||
* @param list<PhabricatorObjectHandle> Handles to populate with data.
|
||||
* @param list<Object> Objects for these PHIDs loaded by
|
||||
* @{method:loadObjects()}.
|
||||
* @{method:buildQueryForObjects()}.
|
||||
* @return void
|
||||
*/
|
||||
abstract public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhluxPHIDTypeVariable extends PhabricatorPHIDType {
|
|||
return new PhluxVariable();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhluxVariableQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -65,4 +65,8 @@ final class PhluxVariableQuery
|
|||
return true;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPhlux';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PholioPHIDTypeImage extends PhabricatorPHIDType {
|
|||
return new PholioImage();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PholioImageQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PholioPHIDTypeMock extends PhabricatorPHIDType {
|
|||
return new PholioMock();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PholioMockQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -161,4 +161,8 @@ final class PholioImageQuery
|
|||
return $images;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPholio';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -161,4 +161,8 @@ final class PholioMockQuery
|
|||
}
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPholio';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -95,4 +95,9 @@ final class PhortuneAccountQuery
|
|||
return implode(' ', $joins);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPhortune';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -110,4 +110,9 @@ final class PhortunePaymentMethodQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPhortune';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -53,4 +53,8 @@ final class PhortuneProductQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPhortune';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -302,4 +302,9 @@ final class PhrequentUserTimeQuery
|
|||
return $sum_ended['N'] + $sum_not_ended['N'];
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPhrequent';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhrictionPHIDTypeDocument extends PhabricatorPHIDType {
|
|||
return new PhrictionDocument();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhrictionDocumentQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -185,4 +185,9 @@ final class PhrictionDocumentQuery
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPhriction';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -33,4 +33,8 @@ final class PhabricatorPolicyAwareTestQuery
|
|||
$this->offset += count($page);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -210,6 +210,22 @@ final class PhabricatorPolicyTestCase extends PhabricatorTestCase {
|
|||
count($query->execute()));
|
||||
}
|
||||
|
||||
public function testAllQueriesBelongToActualApplications() {
|
||||
$queries = id(new PhutilSymbolLoader())
|
||||
->setAncestorClass('PhabricatorPolicyAwareQuery')
|
||||
->loadObjects();
|
||||
|
||||
foreach ($queries as $qclass => $query) {
|
||||
$class = $query->getQueryApplicationClass();
|
||||
if (!$class) {
|
||||
continue;
|
||||
}
|
||||
$this->assertEqual(
|
||||
true,
|
||||
class_exists($class),
|
||||
"Application class '{$class}' for query '{$qclass}'");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Test an object for visibility across multiple user specifications.
|
||||
|
|
|
@ -17,15 +17,12 @@ final class PhabricatorPolicyPHIDTypePolicy
|
|||
return new PhabricatorPolicy();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorPolicyQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -223,5 +223,10 @@ final class PhabricatorPolicyQuery
|
|||
return true;
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPolicy';
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PonderPHIDTypeAnswer extends PhabricatorPHIDType {
|
|||
return new PonderAnswer();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PonderAnswerQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PonderPHIDTypeQuestion extends PhabricatorPHIDType {
|
|||
return new PonderQuestion();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PonderQuestionQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -123,4 +123,9 @@ final class PonderAnswerQuery
|
|||
return true;
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPonder';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -194,4 +194,9 @@ final class PonderQuestionQuery
|
|||
return implode(' ', $joins);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationPonder';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorProjectPHIDTypeProject extends PhabricatorPHIDType {
|
|||
return new PhabricatorProject();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorProjectQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -260,4 +260,9 @@ final class PhabricatorProjectQuery
|
|||
return implode(' ', $joins);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationProject';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class ReleephPHIDTypeBranch extends PhabricatorPHIDType {
|
|||
return new ReleephBranch();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new ReleephBranchQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class ReleephPHIDTypeProject extends PhabricatorPHIDType {
|
|||
return new ReleephProject();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new ReleephProjectQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class ReleephPHIDTypeRequest extends PhabricatorPHIDType {
|
|||
return new ReleephRequest();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new ReleephRequestQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -129,4 +129,9 @@ final class ReleephBranchQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationReleeph';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -127,4 +127,8 @@ final class ReleephProjectQuery
|
|||
}
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationReleeph';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -232,4 +232,9 @@ final class ReleephRequestQuery
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationReleeph';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -20,15 +20,12 @@ final class PhabricatorRepositoryPHIDTypeArcanistProject
|
|||
return new PhabricatorRepositoryArcanistProject();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorRepositoryArcanistProjectQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorRepositoryPHIDTypeCommit extends PhabricatorPHIDType {
|
|||
return new PhabricatorRepositoryCommit();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new DiffusionCommitQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -17,15 +17,12 @@ final class PhabricatorRepositoryPHIDTypeRepository
|
|||
return new PhabricatorRepository();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorRepositoryQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -81,4 +81,10 @@ final class PhabricatorRepositoryArcanistProjectQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// TODO: Diffusion? Differential?
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -317,4 +317,9 @@ final class PhabricatorRepositoryQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationDiffusion';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -81,4 +81,10 @@ final class PhabricatorNamedQueryQuery
|
|||
|
||||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationSearch';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -65,4 +65,10 @@ final class PhabricatorSavedQueryQuery
|
|||
|
||||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationSearch';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorSlowvotePHIDTypePoll extends PhabricatorPHIDType {
|
|||
return new PhabricatorSlowvotePoll();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorSlowvoteQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -168,4 +168,9 @@ final class PhabricatorSlowvoteQuery
|
|||
return 'p.id';
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationSlowvote';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -16,15 +16,12 @@ final class PhabricatorTokenPHIDTypeToken extends PhabricatorPHIDType {
|
|||
return new PhabricatorToken();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorTokenQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
->withPHIDs($phids);
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
|
|
|
@ -89,4 +89,8 @@ final class PhabricatorTokenGivenQuery
|
|||
return $results;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationTokens';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -61,4 +61,9 @@ final class PhabricatorTokenQuery
|
|||
return $tokens;
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationTokens';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -34,4 +34,8 @@ final class PhabricatorTokenReceiverQuery
|
|||
return $this->tokenCounts;
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
return 'PhabricatorApplicationTokens';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -20,6 +20,12 @@ final class PhabricatorApplicationTransactionPHIDTypeTransaction
|
|||
return null;
|
||||
}
|
||||
|
||||
protected function buildQueryForObjects(
|
||||
PhabricatorObjectQuery $object_query,
|
||||
array $phids) {
|
||||
throw new Exception();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
PhabricatorObjectQuery $object_query,
|
||||
array $phids) {
|
||||
|
@ -55,11 +61,17 @@ final class PhabricatorApplicationTransactionPHIDTypeTransaction
|
|||
continue;
|
||||
}
|
||||
|
||||
$xactions = id(clone $query)
|
||||
$xaction_query = id(clone $query)
|
||||
->setViewer($object_query->getViewer())
|
||||
->setParentQuery($object_query)
|
||||
->withPHIDs($subtype_phids)
|
||||
->execute();
|
||||
->withPHIDs($subtype_phids);
|
||||
|
||||
if (!$xaction_query->canViewerUseQueryApplication()) {
|
||||
$object_query->addPolicyFilteredPHIDs(array_fuse($subtype_phids));
|
||||
continue;
|
||||
}
|
||||
|
||||
$xactions = $xaction_query->execute();
|
||||
|
||||
$results += mpull($xactions, null, 'getPHID');
|
||||
}
|
||||
|
|
|
@ -59,4 +59,10 @@ final class PhabricatorApplicationTransactionCommentQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// TODO: Figure out the app via the template?
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -160,4 +160,10 @@ abstract class PhabricatorApplicationTransactionQuery
|
|||
return $this->formatWhereClause($where);
|
||||
}
|
||||
|
||||
|
||||
public function getQueryApplicationClass() {
|
||||
// TODO: Sort this out?
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -35,6 +35,7 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery {
|
|||
private $capabilities;
|
||||
private $workspace = array();
|
||||
private $policyFilteredPHIDs = array();
|
||||
private $canUseApplication;
|
||||
|
||||
|
||||
/* -( Query Configuration )------------------------------------------------ */
|
||||
|
@ -213,9 +214,13 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery {
|
|||
$this->rawResultLimit = 0;
|
||||
}
|
||||
|
||||
try {
|
||||
$page = $this->loadPage();
|
||||
} catch (PhabricatorEmptyQueryException $ex) {
|
||||
if ($this->canViewerUseQueryApplication()) {
|
||||
try {
|
||||
$page = $this->loadPage();
|
||||
} catch (PhabricatorEmptyQueryException $ex) {
|
||||
$page = array();
|
||||
}
|
||||
} else {
|
||||
$page = array();
|
||||
}
|
||||
|
||||
|
@ -317,7 +322,7 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery {
|
|||
PhabricatorPolicyCapability::CAN_VIEW);
|
||||
}
|
||||
|
||||
protected function addPolicyFilteredPHIDs(array $phids) {
|
||||
public function addPolicyFilteredPHIDs(array $phids) {
|
||||
$this->policyFilteredPHIDs += $phids;
|
||||
if ($this->getParentQuery()) {
|
||||
$this->getParentQuery()->addPolicyFilteredPHIDs($phids);
|
||||
|
@ -581,4 +586,43 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery {
|
|||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* If this query belongs to an application, return the application class name
|
||||
* here. This will prevent the query from returning results if the viewer can
|
||||
* not access the application.
|
||||
*
|
||||
* If this query does not belong to an application, return `null`.
|
||||
*
|
||||
* @return string|null Application class name.
|
||||
*/
|
||||
abstract public function getQueryApplicationClass();
|
||||
|
||||
|
||||
/**
|
||||
* Determine if the viewer has permission to use this query's application.
|
||||
* For queries which aren't part of an application, this method always returns
|
||||
* true.
|
||||
*
|
||||
* @return bool True if the viewer has application-level permission to
|
||||
* execute the query.
|
||||
*/
|
||||
public function canViewerUseQueryApplication() {
|
||||
if ($this->canUseApplication === null) {
|
||||
$class = $this->getQueryApplicationClass();
|
||||
if (!$class) {
|
||||
$this->canUseApplication = true;
|
||||
} else {
|
||||
$result = id(new PhabricatorApplicationQuery())
|
||||
->setViewer($this->getViewer())
|
||||
->withClasses(array($class))
|
||||
->execute();
|
||||
|
||||
$this->canUseApplication = (bool)$result;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->canUseApplication;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue