From 2a5c987c714d3ea07772d0d837a67c5da0bb12c0 Mon Sep 17 00:00:00 2001 From: epriestley Date: Mon, 21 Oct 2013 17:20:27 -0700 Subject: [PATCH] Lock policy queries to their applications Summary: While we mostly have reasonable effective object accessibility when you lock a user out of an application, it's primarily enforced at the controller level. Users can still, e.g., load the handles of objects they can't actually see. Instead, lock the queries to the applications so that you can, e.g., never load a revision if you don't have access to Differential. This has several parts: - For PolicyAware queries, provide an application class name method. - If the query specifies a class name and the user doesn't have permission to use it, fail the entire query unconditionally. - For handles, simplify query construction and count all the PHIDs as "restricted" so we get a UI full of "restricted" instead of "unknown" handles. Test Plan: - Added a unit test to verify I got all the class names right. - Browsed around, logged in/out as a normal user with public policies on and off. - Browsed around, logged in/out as a restricted user with public policies on and off. With restrictions, saw all traces of restricted apps removed or restricted. Reviewers: btrahan Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D7367 --- .../PhabricatorAuthProviderConfigQuery.php | 4 ++ .../query/PhabricatorExternalAccountQuery.php | 4 ++ .../PhabricatorChatLogChannelQuery.php | 5 ++ .../chatlog/PhabricatorChatLogQuery.php | 5 ++ .../query/PhabricatorConduitLogQuery.php | 4 ++ .../query/PhabricatorConduitMethodQuery.php | 4 ++ .../phid/PhabricatorConfigPHIDTypeConfig.php | 7 +-- .../query/PhabricatorConfigEntryQuery.php | 4 ++ .../PhabricatorConpherencePHIDTypeThread.php | 7 +-- .../query/ConpherenceThreadQuery.php | 4 ++ .../PhabricatorCountdownPHIDTypeCountdown.php | 7 +-- .../query/PhabricatorCountdownQuery.php | 4 ++ .../query/PhabricatorDaemonLogQuery.php | 4 ++ .../phid/DifferentialPHIDTypeRevision.php | 7 +-- .../query/DifferentialDiffQuery.php | 4 ++ .../query/DifferentialRevisionQuery.php | 5 +- .../diffusion/query/DiffusionCommitQuery.php | 4 ++ .../diviner/phid/DivinerPHIDTypeAtom.php | 7 +-- .../diviner/phid/DivinerPHIDTypeBook.php | 7 +-- .../diviner/query/DivinerAtomQuery.php | 4 ++ .../diviner/query/DivinerBookQuery.php | 5 ++ .../query/DoorkeeperExternalObjectQuery.php | 4 ++ .../feed/query/PhabricatorFeedQuery.php | 5 ++ .../phid/PhabricatorFilePHIDTypeFile.php | 7 +-- .../files/query/PhabricatorFileQuery.php | 5 ++ .../flag/query/PhabricatorFlagQuery.php | 5 ++ .../herald/phid/HeraldPHIDTypeRule.php | 7 +-- .../herald/query/HeraldRuleQuery.php | 5 ++ .../herald/query/HeraldTranscriptQuery.php | 3 ++ .../PhabricatorLegalpadPHIDTypeDocument.php | 7 +-- .../legalpad/query/LegalpadDocumentQuery.php | 3 ++ .../phid/PhabricatorMacroPHIDTypeMacro.php | 7 +-- .../macro/query/PhabricatorMacroQuery.php | 4 ++ .../PhabricatorMailingListPHIDTypeList.php | 7 +-- .../query/PhabricatorMailingListQuery.php | 4 ++ .../maniphest/phid/ManiphestPHIDTypeTask.php | 7 +-- .../maniphest/query/ManiphestTaskQuery.php | 5 ++ ...bricatorApplicationPHIDTypeApplication.php | 7 +-- .../query/PhabricatorApplicationQuery.php | 9 ++++ .../PhabricatorNotificationQuery.php | 6 +++ .../phid/PhabricatorOwnersPHIDTypePackage.php | 7 +-- .../query/PhabricatorOwnersPackageQuery.php | 5 ++ .../phid/PhabricatorPastePHIDTypePaste.php | 7 +-- .../paste/query/PhabricatorPasteQuery.php | 5 ++ .../PhabricatorPeoplePHIDTypeExternal.php | 7 +-- .../phid/PhabricatorPeoplePHIDTypeUser.php | 7 +-- .../people/query/PhabricatorPeopleQuery.php | 4 ++ .../phid/PhabricatorPhamePHIDTypeBlog.php | 7 +-- .../phid/PhabricatorPhamePHIDTypePost.php | 7 +-- .../phame/query/PhameBlogQuery.php | 5 ++ .../phame/query/PhamePostQuery.php | 5 ++ .../phid/query/PhabricatorHandleQuery.php | 4 ++ .../phid/query/PhabricatorObjectQuery.php | 4 ++ .../phid/type/PhabricatorPHIDType.php | 47 ++++++++++++++++- .../phlux/phid/PhluxPHIDTypeVariable.php | 7 +-- .../phlux/query/PhluxVariableQuery.php | 4 ++ .../pholio/phid/PholioPHIDTypeImage.php | 7 +-- .../pholio/phid/PholioPHIDTypeMock.php | 7 +-- .../pholio/query/PholioImageQuery.php | 4 ++ .../pholio/query/PholioMockQuery.php | 4 ++ .../phortune/query/PhortuneAccountQuery.php | 5 ++ .../query/PhortunePaymentMethodQuery.php | 5 ++ .../phortune/query/PhortuneProductQuery.php | 4 ++ .../query/PhrequentUserTimeQuery.php | 5 ++ .../phid/PhrictionPHIDTypeDocument.php | 7 +-- .../query/PhrictionDocumentQuery.php | 5 ++ .../PhabricatorPolicyAwareTestQuery.php | 4 ++ .../__tests__/PhabricatorPolicyTestCase.php | 16 ++++++ .../phid/PhabricatorPolicyPHIDTypePolicy.php | 7 +-- .../policy/query/PhabricatorPolicyQuery.php | 5 ++ .../ponder/phid/PonderPHIDTypeAnswer.php | 7 +-- .../ponder/phid/PonderPHIDTypeQuestion.php | 7 +-- .../ponder/query/PonderAnswerQuery.php | 5 ++ .../ponder/query/PonderQuestionQuery.php | 5 ++ .../PhabricatorProjectPHIDTypeProject.php | 7 +-- .../project/query/PhabricatorProjectQuery.php | 5 ++ .../releeph/phid/ReleephPHIDTypeBranch.php | 7 +-- .../releeph/phid/ReleephPHIDTypeProject.php | 7 +-- .../releeph/phid/ReleephPHIDTypeRequest.php | 7 +-- .../releeph/query/ReleephBranchQuery.php | 5 ++ .../releeph/query/ReleephProjectQuery.php | 4 ++ .../releeph/query/ReleephRequestQuery.php | 5 ++ ...catorRepositoryPHIDTypeArcanistProject.php | 7 +-- .../PhabricatorRepositoryPHIDTypeCommit.php | 7 +-- ...habricatorRepositoryPHIDTypeRepository.php | 7 +-- ...bricatorRepositoryArcanistProjectQuery.php | 6 +++ .../query/PhabricatorRepositoryQuery.php | 5 ++ .../query/PhabricatorNamedQueryQuery.php | 6 +++ .../query/PhabricatorSavedQueryQuery.php | 6 +++ .../phid/PhabricatorSlowvotePHIDTypePoll.php | 7 +-- .../query/PhabricatorSlowvoteQuery.php | 5 ++ .../phid/PhabricatorTokenPHIDTypeToken.php | 7 +-- .../query/PhabricatorTokenGivenQuery.php | 4 ++ .../tokens/query/PhabricatorTokenQuery.php | 5 ++ .../query/PhabricatorTokenReceiverQuery.php | 4 ++ ...licationTransactionPHIDTypeTransaction.php | 18 +++++-- ...atorApplicationTransactionCommentQuery.php | 6 +++ ...PhabricatorApplicationTransactionQuery.php | 6 +++ .../policy/PhabricatorPolicyAwareQuery.php | 52 +++++++++++++++++-- 99 files changed, 473 insertions(+), 186 deletions(-) diff --git a/src/applications/auth/query/PhabricatorAuthProviderConfigQuery.php b/src/applications/auth/query/PhabricatorAuthProviderConfigQuery.php index 7362bddf7d..46b1c51211 100644 --- a/src/applications/auth/query/PhabricatorAuthProviderConfigQuery.php +++ b/src/applications/auth/query/PhabricatorAuthProviderConfigQuery.php @@ -96,4 +96,8 @@ final class PhabricatorAuthProviderConfigQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationAuth'; + } + } diff --git a/src/applications/auth/query/PhabricatorExternalAccountQuery.php b/src/applications/auth/query/PhabricatorExternalAccountQuery.php index b8cb53cc2c..37ec836065 100644 --- a/src/applications/auth/query/PhabricatorExternalAccountQuery.php +++ b/src/applications/auth/query/PhabricatorExternalAccountQuery.php @@ -163,4 +163,8 @@ final class PhabricatorExternalAccountQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPeople'; + } + } diff --git a/src/applications/chatlog/PhabricatorChatLogChannelQuery.php b/src/applications/chatlog/PhabricatorChatLogChannelQuery.php index 98d23bd66d..cba9976c79 100644 --- a/src/applications/chatlog/PhabricatorChatLogChannelQuery.php +++ b/src/applications/chatlog/PhabricatorChatLogChannelQuery.php @@ -55,4 +55,9 @@ final class PhabricatorChatLogChannelQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationChatlog'; + } + } diff --git a/src/applications/chatlog/PhabricatorChatLogQuery.php b/src/applications/chatlog/PhabricatorChatLogQuery.php index 1c5a5ef43c..599a1d5c6d 100644 --- a/src/applications/chatlog/PhabricatorChatLogQuery.php +++ b/src/applications/chatlog/PhabricatorChatLogQuery.php @@ -54,4 +54,9 @@ final class PhabricatorChatLogQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationChatlog'; + } + } diff --git a/src/applications/conduit/query/PhabricatorConduitLogQuery.php b/src/applications/conduit/query/PhabricatorConduitLogQuery.php index 092f9d59bc..539d84785f 100644 --- a/src/applications/conduit/query/PhabricatorConduitLogQuery.php +++ b/src/applications/conduit/query/PhabricatorConduitLogQuery.php @@ -40,4 +40,8 @@ final class PhabricatorConduitLogQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationConduit'; + } + } diff --git a/src/applications/conduit/query/PhabricatorConduitMethodQuery.php b/src/applications/conduit/query/PhabricatorConduitMethodQuery.php index 02236d85b3..40c55a90c9 100644 --- a/src/applications/conduit/query/PhabricatorConduitMethodQuery.php +++ b/src/applications/conduit/query/PhabricatorConduitMethodQuery.php @@ -121,4 +121,8 @@ final class PhabricatorConduitMethodQuery return $methods; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationConduit'; + } + } diff --git a/src/applications/config/phid/PhabricatorConfigPHIDTypeConfig.php b/src/applications/config/phid/PhabricatorConfigPHIDTypeConfig.php index ae297edbef..204ab5b9a8 100644 --- a/src/applications/config/phid/PhabricatorConfigPHIDTypeConfig.php +++ b/src/applications/config/phid/PhabricatorConfigPHIDTypeConfig.php @@ -16,15 +16,12 @@ final class PhabricatorConfigPHIDTypeConfig extends PhabricatorPHIDType { return new PhabricatorConfigEntry(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorConfigEntryQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/config/query/PhabricatorConfigEntryQuery.php b/src/applications/config/query/PhabricatorConfigEntryQuery.php index 1f4026b58c..b23174bcd3 100644 --- a/src/applications/config/query/PhabricatorConfigEntryQuery.php +++ b/src/applications/config/query/PhabricatorConfigEntryQuery.php @@ -53,4 +53,8 @@ final class PhabricatorConfigEntryQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationConfig'; + } + } diff --git a/src/applications/conpherence/phid/PhabricatorConpherencePHIDTypeThread.php b/src/applications/conpherence/phid/PhabricatorConpherencePHIDTypeThread.php index dba81f2642..fd94da83a9 100644 --- a/src/applications/conpherence/phid/PhabricatorConpherencePHIDTypeThread.php +++ b/src/applications/conpherence/phid/PhabricatorConpherencePHIDTypeThread.php @@ -19,15 +19,12 @@ final class PhabricatorConpherencePHIDTypeThread extends PhabricatorPHIDType { return new ConpherenceThread(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new ConpherenceThreadQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/conpherence/query/ConpherenceThreadQuery.php b/src/applications/conpherence/query/ConpherenceThreadQuery.php index 0017b3ed2b..f36d9d8fd8 100644 --- a/src/applications/conpherence/query/ConpherenceThreadQuery.php +++ b/src/applications/conpherence/query/ConpherenceThreadQuery.php @@ -282,4 +282,8 @@ final class ConpherenceThreadQuery return $this; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationConpherence'; + } + } diff --git a/src/applications/countdown/phid/PhabricatorCountdownPHIDTypeCountdown.php b/src/applications/countdown/phid/PhabricatorCountdownPHIDTypeCountdown.php index c816a1054d..ef60213d36 100644 --- a/src/applications/countdown/phid/PhabricatorCountdownPHIDTypeCountdown.php +++ b/src/applications/countdown/phid/PhabricatorCountdownPHIDTypeCountdown.php @@ -16,15 +16,12 @@ final class PhabricatorCountdownPHIDTypeCountdown extends PhabricatorPHIDType { return new PhabricatorCountdown(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorCountdownQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/countdown/query/PhabricatorCountdownQuery.php b/src/applications/countdown/query/PhabricatorCountdownQuery.php index dc3de9c760..6d82fe268b 100644 --- a/src/applications/countdown/query/PhabricatorCountdownQuery.php +++ b/src/applications/countdown/query/PhabricatorCountdownQuery.php @@ -85,4 +85,8 @@ final class PhabricatorCountdownQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationCountdown'; + } + } diff --git a/src/applications/daemon/query/PhabricatorDaemonLogQuery.php b/src/applications/daemon/query/PhabricatorDaemonLogQuery.php index 448c6f8927..656edd7bdc 100644 --- a/src/applications/daemon/query/PhabricatorDaemonLogQuery.php +++ b/src/applications/daemon/query/PhabricatorDaemonLogQuery.php @@ -142,4 +142,8 @@ final class PhabricatorDaemonLogQuery } } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDaemons'; + } + } diff --git a/src/applications/differential/phid/DifferentialPHIDTypeRevision.php b/src/applications/differential/phid/DifferentialPHIDTypeRevision.php index 414afc7d0d..f13bd6770f 100644 --- a/src/applications/differential/phid/DifferentialPHIDTypeRevision.php +++ b/src/applications/differential/phid/DifferentialPHIDTypeRevision.php @@ -16,15 +16,12 @@ final class DifferentialPHIDTypeRevision extends PhabricatorPHIDType { return new DifferentialRevision(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new DifferentialRevisionQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/differential/query/DifferentialDiffQuery.php b/src/applications/differential/query/DifferentialDiffQuery.php index a608a5421e..ec3265caa2 100644 --- a/src/applications/differential/query/DifferentialDiffQuery.php +++ b/src/applications/differential/query/DifferentialDiffQuery.php @@ -137,4 +137,8 @@ final class DifferentialDiffQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDifferential'; + } + } diff --git a/src/applications/differential/query/DifferentialRevisionQuery.php b/src/applications/differential/query/DifferentialRevisionQuery.php index 556ec6a83c..e124801d11 100644 --- a/src/applications/differential/query/DifferentialRevisionQuery.php +++ b/src/applications/differential/query/DifferentialRevisionQuery.php @@ -1189,7 +1189,8 @@ final class DifferentialRevisionQuery ) + array_fuse($project_authority); } - - + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDifferential'; + } } diff --git a/src/applications/diffusion/query/DiffusionCommitQuery.php b/src/applications/diffusion/query/DiffusionCommitQuery.php index 36e5a711ea..3522b6e7fa 100644 --- a/src/applications/diffusion/query/DiffusionCommitQuery.php +++ b/src/applications/diffusion/query/DiffusionCommitQuery.php @@ -250,4 +250,8 @@ final class DiffusionCommitQuery } } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDiffusion'; + } + } diff --git a/src/applications/diviner/phid/DivinerPHIDTypeAtom.php b/src/applications/diviner/phid/DivinerPHIDTypeAtom.php index a563ec45c6..6a057c0741 100644 --- a/src/applications/diviner/phid/DivinerPHIDTypeAtom.php +++ b/src/applications/diviner/phid/DivinerPHIDTypeAtom.php @@ -16,15 +16,12 @@ final class DivinerPHIDTypeAtom extends PhabricatorPHIDType { return new DivinerLiveSymbol(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new DivinerAtomQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/diviner/phid/DivinerPHIDTypeBook.php b/src/applications/diviner/phid/DivinerPHIDTypeBook.php index 2d80555371..3bd965ee78 100644 --- a/src/applications/diviner/phid/DivinerPHIDTypeBook.php +++ b/src/applications/diviner/phid/DivinerPHIDTypeBook.php @@ -16,15 +16,12 @@ final class DivinerPHIDTypeBook extends PhabricatorPHIDType { return new DivinerLiveBook(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new DivinerBookQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/diviner/query/DivinerAtomQuery.php b/src/applications/diviner/query/DivinerAtomQuery.php index 662bc834d8..45986b7674 100644 --- a/src/applications/diviner/query/DivinerAtomQuery.php +++ b/src/applications/diviner/query/DivinerAtomQuery.php @@ -405,4 +405,8 @@ final class DivinerAtomQuery } } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDiviner'; + } + } diff --git a/src/applications/diviner/query/DivinerBookQuery.php b/src/applications/diviner/query/DivinerBookQuery.php index af6fe1d717..062bc524ca 100644 --- a/src/applications/diviner/query/DivinerBookQuery.php +++ b/src/applications/diviner/query/DivinerBookQuery.php @@ -66,4 +66,9 @@ final class DivinerBookQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDiviner'; + } + } diff --git a/src/applications/doorkeeper/query/DoorkeeperExternalObjectQuery.php b/src/applications/doorkeeper/query/DoorkeeperExternalObjectQuery.php index 0246fdf210..9c410b99b6 100644 --- a/src/applications/doorkeeper/query/DoorkeeperExternalObjectQuery.php +++ b/src/applications/doorkeeper/query/DoorkeeperExternalObjectQuery.php @@ -52,4 +52,8 @@ final class DoorkeeperExternalObjectQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDoorkeeper'; + } + } diff --git a/src/applications/feed/query/PhabricatorFeedQuery.php b/src/applications/feed/query/PhabricatorFeedQuery.php index 44a677faa1..2d324f2dcc 100644 --- a/src/applications/feed/query/PhabricatorFeedQuery.php +++ b/src/applications/feed/query/PhabricatorFeedQuery.php @@ -104,4 +104,9 @@ final class PhabricatorFeedQuery return $item['chronologicalKey']; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationFeed'; + } + } diff --git a/src/applications/files/phid/PhabricatorFilePHIDTypeFile.php b/src/applications/files/phid/PhabricatorFilePHIDTypeFile.php index 50586bee78..1f6fe80df6 100644 --- a/src/applications/files/phid/PhabricatorFilePHIDTypeFile.php +++ b/src/applications/files/phid/PhabricatorFilePHIDTypeFile.php @@ -16,15 +16,12 @@ final class PhabricatorFilePHIDTypeFile extends PhabricatorPHIDType { return new PhabricatorFile(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorFileQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/files/query/PhabricatorFileQuery.php b/src/applications/files/query/PhabricatorFileQuery.php index 28393b4502..854f49411e 100644 --- a/src/applications/files/query/PhabricatorFileQuery.php +++ b/src/applications/files/query/PhabricatorFileQuery.php @@ -235,4 +235,9 @@ final class PhabricatorFileQuery return 'f.id'; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationFiles'; + } + } diff --git a/src/applications/flag/query/PhabricatorFlagQuery.php b/src/applications/flag/query/PhabricatorFlagQuery.php index 58b1bc4609..c31e4a02c7 100644 --- a/src/applications/flag/query/PhabricatorFlagQuery.php +++ b/src/applications/flag/query/PhabricatorFlagQuery.php @@ -160,4 +160,9 @@ final class PhabricatorFlagQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationFlags'; + } + } diff --git a/src/applications/herald/phid/HeraldPHIDTypeRule.php b/src/applications/herald/phid/HeraldPHIDTypeRule.php index 1c408cbb46..a3022d3c0f 100644 --- a/src/applications/herald/phid/HeraldPHIDTypeRule.php +++ b/src/applications/herald/phid/HeraldPHIDTypeRule.php @@ -16,15 +16,12 @@ final class HeraldPHIDTypeRule extends PhabricatorPHIDType { return new HeraldRule(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new HeraldRuleQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/herald/query/HeraldRuleQuery.php b/src/applications/herald/query/HeraldRuleQuery.php index 374bcc0c29..e9d3d05d5f 100644 --- a/src/applications/herald/query/HeraldRuleQuery.php +++ b/src/applications/herald/query/HeraldRuleQuery.php @@ -229,4 +229,9 @@ final class HeraldRuleQuery } } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationHerald'; + } + } diff --git a/src/applications/herald/query/HeraldTranscriptQuery.php b/src/applications/herald/query/HeraldTranscriptQuery.php index 8399218c61..258b2ea898 100644 --- a/src/applications/herald/query/HeraldTranscriptQuery.php +++ b/src/applications/herald/query/HeraldTranscriptQuery.php @@ -94,5 +94,8 @@ final class HeraldTranscriptQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationHerald'; + } } diff --git a/src/applications/legalpad/phid/PhabricatorLegalpadPHIDTypeDocument.php b/src/applications/legalpad/phid/PhabricatorLegalpadPHIDTypeDocument.php index d1e1fcc8cc..ad76e1f334 100644 --- a/src/applications/legalpad/phid/PhabricatorLegalpadPHIDTypeDocument.php +++ b/src/applications/legalpad/phid/PhabricatorLegalpadPHIDTypeDocument.php @@ -19,16 +19,13 @@ final class PhabricatorLegalpadPHIDTypeDocument extends PhabricatorPHIDType { return new LegalpadDocument(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new LegalpadDocumentQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) ->withPHIDs($phids) - ->needDocumentBodies(true) - ->execute(); + ->needDocumentBodies(true); } public function loadHandles( diff --git a/src/applications/legalpad/query/LegalpadDocumentQuery.php b/src/applications/legalpad/query/LegalpadDocumentQuery.php index ccca424de9..22db1808b0 100644 --- a/src/applications/legalpad/query/LegalpadDocumentQuery.php +++ b/src/applications/legalpad/query/LegalpadDocumentQuery.php @@ -181,5 +181,8 @@ final class LegalpadDocumentQuery return $documents; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationLegalpad'; + } } diff --git a/src/applications/macro/phid/PhabricatorMacroPHIDTypeMacro.php b/src/applications/macro/phid/PhabricatorMacroPHIDTypeMacro.php index bc9b7a8d61..b5fbc351b7 100644 --- a/src/applications/macro/phid/PhabricatorMacroPHIDTypeMacro.php +++ b/src/applications/macro/phid/PhabricatorMacroPHIDTypeMacro.php @@ -16,15 +16,12 @@ final class PhabricatorMacroPHIDTypeMacro extends PhabricatorPHIDType { return new PhabricatorFileImageMacro(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorMacroQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/macro/query/PhabricatorMacroQuery.php b/src/applications/macro/query/PhabricatorMacroQuery.php index da7dbd7b83..6ebfb50f9c 100644 --- a/src/applications/macro/query/PhabricatorMacroQuery.php +++ b/src/applications/macro/query/PhabricatorMacroQuery.php @@ -216,4 +216,8 @@ final class PhabricatorMacroQuery return 'm.id'; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationMacro'; + } + } diff --git a/src/applications/mailinglists/phid/PhabricatorMailingListPHIDTypeList.php b/src/applications/mailinglists/phid/PhabricatorMailingListPHIDTypeList.php index eee01d277a..ccd14ae2e8 100644 --- a/src/applications/mailinglists/phid/PhabricatorMailingListPHIDTypeList.php +++ b/src/applications/mailinglists/phid/PhabricatorMailingListPHIDTypeList.php @@ -16,15 +16,12 @@ final class PhabricatorMailingListPHIDTypeList extends PhabricatorPHIDType { return new PhabricatorMetaMTAMailingList(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorMailingListQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/mailinglists/query/PhabricatorMailingListQuery.php b/src/applications/mailinglists/query/PhabricatorMailingListQuery.php index a7f98a4aa9..77551d3984 100644 --- a/src/applications/mailinglists/query/PhabricatorMailingListQuery.php +++ b/src/applications/mailinglists/query/PhabricatorMailingListQuery.php @@ -53,4 +53,8 @@ final class PhabricatorMailingListQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationMailingLists'; + } + } diff --git a/src/applications/maniphest/phid/ManiphestPHIDTypeTask.php b/src/applications/maniphest/phid/ManiphestPHIDTypeTask.php index dd076bc511..2af8135438 100644 --- a/src/applications/maniphest/phid/ManiphestPHIDTypeTask.php +++ b/src/applications/maniphest/phid/ManiphestPHIDTypeTask.php @@ -16,15 +16,12 @@ final class ManiphestPHIDTypeTask extends PhabricatorPHIDType { return new ManiphestTask(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new ManiphestTaskQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/maniphest/query/ManiphestTaskQuery.php b/src/applications/maniphest/query/ManiphestTaskQuery.php index ccda6c0122..82aebd05fb 100644 --- a/src/applications/maniphest/query/ManiphestTaskQuery.php +++ b/src/applications/maniphest/query/ManiphestTaskQuery.php @@ -886,4 +886,9 @@ final class ManiphestTaskQuery return 'task.phid'; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationManiphest'; + } + } diff --git a/src/applications/meta/phid/PhabricatorApplicationPHIDTypeApplication.php b/src/applications/meta/phid/PhabricatorApplicationPHIDTypeApplication.php index 6554bd717c..718557266f 100644 --- a/src/applications/meta/phid/PhabricatorApplicationPHIDTypeApplication.php +++ b/src/applications/meta/phid/PhabricatorApplicationPHIDTypeApplication.php @@ -17,15 +17,12 @@ final class PhabricatorApplicationPHIDTypeApplication return null; } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorApplicationQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/meta/query/PhabricatorApplicationQuery.php b/src/applications/meta/query/PhabricatorApplicationQuery.php index 30106cd1f2..ca14d6954a 100644 --- a/src/applications/meta/query/PhabricatorApplicationQuery.php +++ b/src/applications/meta/query/PhabricatorApplicationQuery.php @@ -132,4 +132,13 @@ final class PhabricatorApplicationQuery return $apps; } + + public function getQueryApplicationClass() { + // NOTE: Although this belongs to the "Applications" application, trying + // to filter its results just leaves us recursing indefinitely. Users + // always have access to applications regardless of other policy settings + // anyway. + return null; + } + } diff --git a/src/applications/notification/PhabricatorNotificationQuery.php b/src/applications/notification/PhabricatorNotificationQuery.php index 736990e08e..731d9dca73 100644 --- a/src/applications/notification/PhabricatorNotificationQuery.php +++ b/src/applications/notification/PhabricatorNotificationQuery.php @@ -111,4 +111,10 @@ final class PhabricatorNotificationQuery return $item->getChronologicalKey(); } + + public function getQueryApplicationClass() { + // TODO: No actual "Notification" app yet, but there probably should be. + return null; + } + } diff --git a/src/applications/owners/phid/PhabricatorOwnersPHIDTypePackage.php b/src/applications/owners/phid/PhabricatorOwnersPHIDTypePackage.php index af7976aad0..b82b47a9ea 100644 --- a/src/applications/owners/phid/PhabricatorOwnersPHIDTypePackage.php +++ b/src/applications/owners/phid/PhabricatorOwnersPHIDTypePackage.php @@ -16,15 +16,12 @@ final class PhabricatorOwnersPHIDTypePackage extends PhabricatorPHIDType { return new PhabricatorOwnersPackage(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorOwnersPackageQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/owners/query/PhabricatorOwnersPackageQuery.php b/src/applications/owners/query/PhabricatorOwnersPackageQuery.php index 68b0dfe0ed..90996c9f04 100644 --- a/src/applications/owners/query/PhabricatorOwnersPackageQuery.php +++ b/src/applications/owners/query/PhabricatorOwnersPackageQuery.php @@ -79,4 +79,9 @@ final class PhabricatorOwnersPackageQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationOwners'; + } + } diff --git a/src/applications/paste/phid/PhabricatorPastePHIDTypePaste.php b/src/applications/paste/phid/PhabricatorPastePHIDTypePaste.php index 024cdd9f16..5e3ef4fd81 100644 --- a/src/applications/paste/phid/PhabricatorPastePHIDTypePaste.php +++ b/src/applications/paste/phid/PhabricatorPastePHIDTypePaste.php @@ -16,15 +16,12 @@ final class PhabricatorPastePHIDTypePaste extends PhabricatorPHIDType { return new PhabricatorPaste(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorPasteQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/paste/query/PhabricatorPasteQuery.php b/src/applications/paste/query/PhabricatorPasteQuery.php index aeea224205..c4db19e1ff 100644 --- a/src/applications/paste/query/PhabricatorPasteQuery.php +++ b/src/applications/paste/query/PhabricatorPasteQuery.php @@ -249,4 +249,9 @@ final class PhabricatorPasteQuery } } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPaste'; + } + } diff --git a/src/applications/people/phid/PhabricatorPeoplePHIDTypeExternal.php b/src/applications/people/phid/PhabricatorPeoplePHIDTypeExternal.php index b3c0044e60..d4e8241c19 100644 --- a/src/applications/people/phid/PhabricatorPeoplePHIDTypeExternal.php +++ b/src/applications/people/phid/PhabricatorPeoplePHIDTypeExternal.php @@ -16,15 +16,12 @@ final class PhabricatorPeoplePHIDTypeExternal extends PhabricatorPHIDType { return new PhabricatorExternalAccount(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorExternalAccountQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/people/phid/PhabricatorPeoplePHIDTypeUser.php b/src/applications/people/phid/PhabricatorPeoplePHIDTypeUser.php index 4cf6e21f30..a0bce6ea47 100644 --- a/src/applications/people/phid/PhabricatorPeoplePHIDTypeUser.php +++ b/src/applications/people/phid/PhabricatorPeoplePHIDTypeUser.php @@ -16,17 +16,14 @@ final class PhabricatorPeoplePHIDTypeUser extends PhabricatorPHIDType { return new PhabricatorUser(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorPeopleQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) ->withPHIDs($phids) ->needProfileImage(true) - ->needStatus(true) - ->execute(); + ->needStatus(true); } public function loadHandles( diff --git a/src/applications/people/query/PhabricatorPeopleQuery.php b/src/applications/people/query/PhabricatorPeopleQuery.php index 39613c5011..f2c0b312bd 100644 --- a/src/applications/people/query/PhabricatorPeopleQuery.php +++ b/src/applications/people/query/PhabricatorPeopleQuery.php @@ -282,4 +282,8 @@ final class PhabricatorPeopleQuery return 'user.phid'; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPeople'; + } + } diff --git a/src/applications/phame/phid/PhabricatorPhamePHIDTypeBlog.php b/src/applications/phame/phid/PhabricatorPhamePHIDTypeBlog.php index fe24e757b5..bf20c112e0 100644 --- a/src/applications/phame/phid/PhabricatorPhamePHIDTypeBlog.php +++ b/src/applications/phame/phid/PhabricatorPhamePHIDTypeBlog.php @@ -19,15 +19,12 @@ final class PhabricatorPhamePHIDTypeBlog extends PhabricatorPHIDType { return new PhameBlog(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhameBlogQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/phame/phid/PhabricatorPhamePHIDTypePost.php b/src/applications/phame/phid/PhabricatorPhamePHIDTypePost.php index 790b1084f6..32ecbc231c 100644 --- a/src/applications/phame/phid/PhabricatorPhamePHIDTypePost.php +++ b/src/applications/phame/phid/PhabricatorPhamePHIDTypePost.php @@ -19,15 +19,12 @@ final class PhabricatorPhamePHIDTypePost extends PhabricatorPHIDType { return new PhamePost(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhamePostQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/phame/query/PhameBlogQuery.php b/src/applications/phame/query/PhameBlogQuery.php index 022e694275..eb253de6f5 100644 --- a/src/applications/phame/query/PhameBlogQuery.php +++ b/src/applications/phame/query/PhameBlogQuery.php @@ -75,4 +75,9 @@ final class PhameBlogQuery extends PhabricatorCursorPagedPolicyAwareQuery { return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + // TODO: Can we set this without breaking public blogs? + return null; + } + } diff --git a/src/applications/phame/query/PhamePostQuery.php b/src/applications/phame/query/PhamePostQuery.php index 6356f54bec..94430990d4 100644 --- a/src/applications/phame/query/PhamePostQuery.php +++ b/src/applications/phame/query/PhamePostQuery.php @@ -141,4 +141,9 @@ final class PhamePostQuery extends PhabricatorCursorPagedPolicyAwareQuery { return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + // TODO: Does setting this break public blogs? + return null; + } + } diff --git a/src/applications/phid/query/PhabricatorHandleQuery.php b/src/applications/phid/query/PhabricatorHandleQuery.php index 5e089b1ed1..c3e923c0a7 100644 --- a/src/applications/phid/query/PhabricatorHandleQuery.php +++ b/src/applications/phid/query/PhabricatorHandleQuery.php @@ -67,4 +67,8 @@ final class PhabricatorHandleQuery return $results; } + public function getQueryApplicationClass() { + return null; + } + } diff --git a/src/applications/phid/query/PhabricatorObjectQuery.php b/src/applications/phid/query/PhabricatorObjectQuery.php index a6ffa02e7e..a786d4f72d 100644 --- a/src/applications/phid/query/PhabricatorObjectQuery.php +++ b/src/applications/phid/query/PhabricatorObjectQuery.php @@ -152,4 +152,8 @@ final class PhabricatorObjectQuery return true; } + public function getQueryApplicationClass() { + return null; + } + } diff --git a/src/applications/phid/type/PhabricatorPHIDType.php b/src/applications/phid/type/PhabricatorPHIDType.php index 47e1351922..6ee4c4e8ec 100644 --- a/src/applications/phid/type/PhabricatorPHIDType.php +++ b/src/applications/phid/type/PhabricatorPHIDType.php @@ -9,11 +9,54 @@ abstract class PhabricatorPHIDType { return null; } - abstract public function loadObjects( + /** + * Build a @{class:PhabricatorPolicyAwareQuery} to load objects of this type + * by PHID. + * + * If you can not build a single query which satisfies this requirement, you + * can provide a dummy implementation for this method and overload + * @{method:loadObjects} instead. + * + * @param PhabricatorObjectQuery Query being executed. + * @param list PHIDs to load. + * @return PhabricatorPolicyAwareQuery Query object which loads the + * specified PHIDs when executed. + */ + abstract protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids); + /** + * Load objects of this type, by PHID. For most PHID types, it is only + * necessary to implement @{method:buildQueryForObjects} to get object + * loading to work. + * + * @param PhabricatorObjectQuery Query being executed. + * @param list PHIDs to load. + * @return list Corresponding objects. + */ + public function loadObjects( + PhabricatorObjectQuery $query, + array $phids) { + + $object_query = $this->buildQueryForObjects($query, $phids) + ->setViewer($query->getViewer()) + ->setParentQuery($query); + + // If the user doesn't have permission to use the application at all, + // just mark all the PHIDs as filtered. This primarily makes these + // objects show up as "Restricted" instead of "Unknown" when loaded as + // handles, which is technically true. + if (!$object_query->canViewerUseQueryApplication()) { + $object_query->addPolicyFilteredPHIDs(array_fuse($phids)); + return array(); + } + + return $object_query->execute(); + } + + /** * Populate provided handles with application-specific data, like titles and * URIs. @@ -38,7 +81,7 @@ abstract class PhabricatorPHIDType { * @param PhabricatorHandleQuery Issuing query object. * @param list Handles to populate with data. * @param list Objects for these PHIDs loaded by - * @{method:loadObjects()}. + * @{method:buildQueryForObjects()}. * @return void */ abstract public function loadHandles( diff --git a/src/applications/phlux/phid/PhluxPHIDTypeVariable.php b/src/applications/phlux/phid/PhluxPHIDTypeVariable.php index e6dc1a5f66..5be0c23778 100644 --- a/src/applications/phlux/phid/PhluxPHIDTypeVariable.php +++ b/src/applications/phlux/phid/PhluxPHIDTypeVariable.php @@ -16,15 +16,12 @@ final class PhluxPHIDTypeVariable extends PhabricatorPHIDType { return new PhluxVariable(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhluxVariableQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/phlux/query/PhluxVariableQuery.php b/src/applications/phlux/query/PhluxVariableQuery.php index 89e61b87a0..3b9dbeb17e 100644 --- a/src/applications/phlux/query/PhluxVariableQuery.php +++ b/src/applications/phlux/query/PhluxVariableQuery.php @@ -65,4 +65,8 @@ final class PhluxVariableQuery return true; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPhlux'; + } + } diff --git a/src/applications/pholio/phid/PholioPHIDTypeImage.php b/src/applications/pholio/phid/PholioPHIDTypeImage.php index 87c5dadf48..54b806cc21 100644 --- a/src/applications/pholio/phid/PholioPHIDTypeImage.php +++ b/src/applications/pholio/phid/PholioPHIDTypeImage.php @@ -16,15 +16,12 @@ final class PholioPHIDTypeImage extends PhabricatorPHIDType { return new PholioImage(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PholioImageQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/pholio/phid/PholioPHIDTypeMock.php b/src/applications/pholio/phid/PholioPHIDTypeMock.php index ced9f5e9cf..abfd36d2db 100644 --- a/src/applications/pholio/phid/PholioPHIDTypeMock.php +++ b/src/applications/pholio/phid/PholioPHIDTypeMock.php @@ -16,15 +16,12 @@ final class PholioPHIDTypeMock extends PhabricatorPHIDType { return new PholioMock(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PholioMockQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/pholio/query/PholioImageQuery.php b/src/applications/pholio/query/PholioImageQuery.php index 71bdd3ab0e..4ade82e975 100644 --- a/src/applications/pholio/query/PholioImageQuery.php +++ b/src/applications/pholio/query/PholioImageQuery.php @@ -161,4 +161,8 @@ final class PholioImageQuery return $images; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPholio'; + } + } diff --git a/src/applications/pholio/query/PholioMockQuery.php b/src/applications/pholio/query/PholioMockQuery.php index f08c9e4633..3b9a40fa9a 100644 --- a/src/applications/pholio/query/PholioMockQuery.php +++ b/src/applications/pholio/query/PholioMockQuery.php @@ -161,4 +161,8 @@ final class PholioMockQuery } } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPholio'; + } + } diff --git a/src/applications/phortune/query/PhortuneAccountQuery.php b/src/applications/phortune/query/PhortuneAccountQuery.php index ca48f78767..6feb7aace3 100644 --- a/src/applications/phortune/query/PhortuneAccountQuery.php +++ b/src/applications/phortune/query/PhortuneAccountQuery.php @@ -95,4 +95,9 @@ final class PhortuneAccountQuery return implode(' ', $joins); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPhortune'; + } + } diff --git a/src/applications/phortune/query/PhortunePaymentMethodQuery.php b/src/applications/phortune/query/PhortunePaymentMethodQuery.php index 552845bfaa..7623af9e1a 100644 --- a/src/applications/phortune/query/PhortunePaymentMethodQuery.php +++ b/src/applications/phortune/query/PhortunePaymentMethodQuery.php @@ -110,4 +110,9 @@ final class PhortunePaymentMethodQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPhortune'; + } + } diff --git a/src/applications/phortune/query/PhortuneProductQuery.php b/src/applications/phortune/query/PhortuneProductQuery.php index e87518c019..28c17ce2cf 100644 --- a/src/applications/phortune/query/PhortuneProductQuery.php +++ b/src/applications/phortune/query/PhortuneProductQuery.php @@ -53,4 +53,8 @@ final class PhortuneProductQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPhortune'; + } + } diff --git a/src/applications/phrequent/query/PhrequentUserTimeQuery.php b/src/applications/phrequent/query/PhrequentUserTimeQuery.php index dedcce86d0..190be7652b 100644 --- a/src/applications/phrequent/query/PhrequentUserTimeQuery.php +++ b/src/applications/phrequent/query/PhrequentUserTimeQuery.php @@ -302,4 +302,9 @@ final class PhrequentUserTimeQuery return $sum_ended['N'] + $sum_not_ended['N']; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPhrequent'; + } + } diff --git a/src/applications/phriction/phid/PhrictionPHIDTypeDocument.php b/src/applications/phriction/phid/PhrictionPHIDTypeDocument.php index 554457bba0..e0ebcd92a2 100644 --- a/src/applications/phriction/phid/PhrictionPHIDTypeDocument.php +++ b/src/applications/phriction/phid/PhrictionPHIDTypeDocument.php @@ -16,15 +16,12 @@ final class PhrictionPHIDTypeDocument extends PhabricatorPHIDType { return new PhrictionDocument(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhrictionDocumentQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/phriction/query/PhrictionDocumentQuery.php b/src/applications/phriction/query/PhrictionDocumentQuery.php index a45d701ed5..5f2b3b1b6f 100644 --- a/src/applications/phriction/query/PhrictionDocumentQuery.php +++ b/src/applications/phriction/query/PhrictionDocumentQuery.php @@ -185,4 +185,9 @@ final class PhrictionDocumentQuery } } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPhriction'; + } + } diff --git a/src/applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php b/src/applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php index 9ff1e98ec6..dc6fc09f35 100644 --- a/src/applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php +++ b/src/applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php @@ -33,4 +33,8 @@ final class PhabricatorPolicyAwareTestQuery $this->offset += count($page); } + public function getQueryApplicationClass() { + return null; + } + } diff --git a/src/applications/policy/__tests__/PhabricatorPolicyTestCase.php b/src/applications/policy/__tests__/PhabricatorPolicyTestCase.php index b8b0236b52..6dcbc6a78d 100644 --- a/src/applications/policy/__tests__/PhabricatorPolicyTestCase.php +++ b/src/applications/policy/__tests__/PhabricatorPolicyTestCase.php @@ -210,6 +210,22 @@ final class PhabricatorPolicyTestCase extends PhabricatorTestCase { count($query->execute())); } + public function testAllQueriesBelongToActualApplications() { + $queries = id(new PhutilSymbolLoader()) + ->setAncestorClass('PhabricatorPolicyAwareQuery') + ->loadObjects(); + + foreach ($queries as $qclass => $query) { + $class = $query->getQueryApplicationClass(); + if (!$class) { + continue; + } + $this->assertEqual( + true, + class_exists($class), + "Application class '{$class}' for query '{$qclass}'"); + } + } /** * Test an object for visibility across multiple user specifications. diff --git a/src/applications/policy/phid/PhabricatorPolicyPHIDTypePolicy.php b/src/applications/policy/phid/PhabricatorPolicyPHIDTypePolicy.php index 27f693d8a8..8941de2e5b 100644 --- a/src/applications/policy/phid/PhabricatorPolicyPHIDTypePolicy.php +++ b/src/applications/policy/phid/PhabricatorPolicyPHIDTypePolicy.php @@ -17,15 +17,12 @@ final class PhabricatorPolicyPHIDTypePolicy return new PhabricatorPolicy(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorPolicyQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/policy/query/PhabricatorPolicyQuery.php b/src/applications/policy/query/PhabricatorPolicyQuery.php index 9a078abf3e..246741786d 100644 --- a/src/applications/policy/query/PhabricatorPolicyQuery.php +++ b/src/applications/policy/query/PhabricatorPolicyQuery.php @@ -223,5 +223,10 @@ final class PhabricatorPolicyQuery return true; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPolicy'; + } + } diff --git a/src/applications/ponder/phid/PonderPHIDTypeAnswer.php b/src/applications/ponder/phid/PonderPHIDTypeAnswer.php index ebe9c40fb6..be6b4d6779 100644 --- a/src/applications/ponder/phid/PonderPHIDTypeAnswer.php +++ b/src/applications/ponder/phid/PonderPHIDTypeAnswer.php @@ -16,15 +16,12 @@ final class PonderPHIDTypeAnswer extends PhabricatorPHIDType { return new PonderAnswer(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PonderAnswerQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/ponder/phid/PonderPHIDTypeQuestion.php b/src/applications/ponder/phid/PonderPHIDTypeQuestion.php index 23f59095a7..2f42e91371 100644 --- a/src/applications/ponder/phid/PonderPHIDTypeQuestion.php +++ b/src/applications/ponder/phid/PonderPHIDTypeQuestion.php @@ -16,15 +16,12 @@ final class PonderPHIDTypeQuestion extends PhabricatorPHIDType { return new PonderQuestion(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PonderQuestionQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/ponder/query/PonderAnswerQuery.php b/src/applications/ponder/query/PonderAnswerQuery.php index 66e532c6b6..df6e679b5a 100644 --- a/src/applications/ponder/query/PonderAnswerQuery.php +++ b/src/applications/ponder/query/PonderAnswerQuery.php @@ -123,4 +123,9 @@ final class PonderAnswerQuery return true; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPonder'; + } + } diff --git a/src/applications/ponder/query/PonderQuestionQuery.php b/src/applications/ponder/query/PonderQuestionQuery.php index e297fe06bb..eeec6b8071 100644 --- a/src/applications/ponder/query/PonderQuestionQuery.php +++ b/src/applications/ponder/query/PonderQuestionQuery.php @@ -194,4 +194,9 @@ final class PonderQuestionQuery return implode(' ', $joins); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationPonder'; + } + } diff --git a/src/applications/project/phid/PhabricatorProjectPHIDTypeProject.php b/src/applications/project/phid/PhabricatorProjectPHIDTypeProject.php index 5b7bbbe936..97a81b1d0c 100644 --- a/src/applications/project/phid/PhabricatorProjectPHIDTypeProject.php +++ b/src/applications/project/phid/PhabricatorProjectPHIDTypeProject.php @@ -16,15 +16,12 @@ final class PhabricatorProjectPHIDTypeProject extends PhabricatorPHIDType { return new PhabricatorProject(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorProjectQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/project/query/PhabricatorProjectQuery.php b/src/applications/project/query/PhabricatorProjectQuery.php index 70bfa9d573..00025668c0 100644 --- a/src/applications/project/query/PhabricatorProjectQuery.php +++ b/src/applications/project/query/PhabricatorProjectQuery.php @@ -260,4 +260,9 @@ final class PhabricatorProjectQuery return implode(' ', $joins); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationProject'; + } + } diff --git a/src/applications/releeph/phid/ReleephPHIDTypeBranch.php b/src/applications/releeph/phid/ReleephPHIDTypeBranch.php index 7106dfc9a1..3511a67c69 100644 --- a/src/applications/releeph/phid/ReleephPHIDTypeBranch.php +++ b/src/applications/releeph/phid/ReleephPHIDTypeBranch.php @@ -16,15 +16,12 @@ final class ReleephPHIDTypeBranch extends PhabricatorPHIDType { return new ReleephBranch(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new ReleephBranchQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/releeph/phid/ReleephPHIDTypeProject.php b/src/applications/releeph/phid/ReleephPHIDTypeProject.php index f127b75849..e15994bf83 100644 --- a/src/applications/releeph/phid/ReleephPHIDTypeProject.php +++ b/src/applications/releeph/phid/ReleephPHIDTypeProject.php @@ -16,15 +16,12 @@ final class ReleephPHIDTypeProject extends PhabricatorPHIDType { return new ReleephProject(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new ReleephProjectQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/releeph/phid/ReleephPHIDTypeRequest.php b/src/applications/releeph/phid/ReleephPHIDTypeRequest.php index a3529a612c..506585fce0 100644 --- a/src/applications/releeph/phid/ReleephPHIDTypeRequest.php +++ b/src/applications/releeph/phid/ReleephPHIDTypeRequest.php @@ -16,15 +16,12 @@ final class ReleephPHIDTypeRequest extends PhabricatorPHIDType { return new ReleephRequest(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new ReleephRequestQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/releeph/query/ReleephBranchQuery.php b/src/applications/releeph/query/ReleephBranchQuery.php index c1ab888fea..5a0bf40d06 100644 --- a/src/applications/releeph/query/ReleephBranchQuery.php +++ b/src/applications/releeph/query/ReleephBranchQuery.php @@ -129,4 +129,9 @@ final class ReleephBranchQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationReleeph'; + } + } diff --git a/src/applications/releeph/query/ReleephProjectQuery.php b/src/applications/releeph/query/ReleephProjectQuery.php index 5a1b09bf4a..2823633499 100644 --- a/src/applications/releeph/query/ReleephProjectQuery.php +++ b/src/applications/releeph/query/ReleephProjectQuery.php @@ -127,4 +127,8 @@ final class ReleephProjectQuery } } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationReleeph'; + } + } diff --git a/src/applications/releeph/query/ReleephRequestQuery.php b/src/applications/releeph/query/ReleephRequestQuery.php index 560f7898fc..b4a9985341 100644 --- a/src/applications/releeph/query/ReleephRequestQuery.php +++ b/src/applications/releeph/query/ReleephRequestQuery.php @@ -232,4 +232,9 @@ final class ReleephRequestQuery } } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationReleeph'; + } + } diff --git a/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeArcanistProject.php b/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeArcanistProject.php index 49f24131a8..e66191fc96 100644 --- a/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeArcanistProject.php +++ b/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeArcanistProject.php @@ -20,15 +20,12 @@ final class PhabricatorRepositoryPHIDTypeArcanistProject return new PhabricatorRepositoryArcanistProject(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorRepositoryArcanistProjectQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeCommit.php b/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeCommit.php index 34f4c4be57..31aab86e95 100644 --- a/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeCommit.php +++ b/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeCommit.php @@ -16,15 +16,12 @@ final class PhabricatorRepositoryPHIDTypeCommit extends PhabricatorPHIDType { return new PhabricatorRepositoryCommit(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new DiffusionCommitQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeRepository.php b/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeRepository.php index 70e4c8bf48..1e1cf8f888 100644 --- a/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeRepository.php +++ b/src/applications/repository/phid/PhabricatorRepositoryPHIDTypeRepository.php @@ -17,15 +17,12 @@ final class PhabricatorRepositoryPHIDTypeRepository return new PhabricatorRepository(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorRepositoryQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/repository/query/PhabricatorRepositoryArcanistProjectQuery.php b/src/applications/repository/query/PhabricatorRepositoryArcanistProjectQuery.php index 9e34bda100..13f4cf1820 100644 --- a/src/applications/repository/query/PhabricatorRepositoryArcanistProjectQuery.php +++ b/src/applications/repository/query/PhabricatorRepositoryArcanistProjectQuery.php @@ -81,4 +81,10 @@ final class PhabricatorRepositoryArcanistProjectQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + // TODO: Diffusion? Differential? + return null; + } + } diff --git a/src/applications/repository/query/PhabricatorRepositoryQuery.php b/src/applications/repository/query/PhabricatorRepositoryQuery.php index 92c374de42..92d8b95adf 100644 --- a/src/applications/repository/query/PhabricatorRepositoryQuery.php +++ b/src/applications/repository/query/PhabricatorRepositoryQuery.php @@ -317,4 +317,9 @@ final class PhabricatorRepositoryQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationDiffusion'; + } + } diff --git a/src/applications/search/query/PhabricatorNamedQueryQuery.php b/src/applications/search/query/PhabricatorNamedQueryQuery.php index 84f9a5eaa8..dccd228a32 100644 --- a/src/applications/search/query/PhabricatorNamedQueryQuery.php +++ b/src/applications/search/query/PhabricatorNamedQueryQuery.php @@ -81,4 +81,10 @@ final class PhabricatorNamedQueryQuery return $this->formatWhereClause($where); } + + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationSearch'; + } + } diff --git a/src/applications/search/query/PhabricatorSavedQueryQuery.php b/src/applications/search/query/PhabricatorSavedQueryQuery.php index 929da82a24..70773908a8 100644 --- a/src/applications/search/query/PhabricatorSavedQueryQuery.php +++ b/src/applications/search/query/PhabricatorSavedQueryQuery.php @@ -65,4 +65,10 @@ final class PhabricatorSavedQueryQuery return $this->formatWhereClause($where); } + + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationSearch'; + } + } diff --git a/src/applications/slowvote/phid/PhabricatorSlowvotePHIDTypePoll.php b/src/applications/slowvote/phid/PhabricatorSlowvotePHIDTypePoll.php index 7f40a8a7ac..36ad531375 100644 --- a/src/applications/slowvote/phid/PhabricatorSlowvotePHIDTypePoll.php +++ b/src/applications/slowvote/phid/PhabricatorSlowvotePHIDTypePoll.php @@ -16,15 +16,12 @@ final class PhabricatorSlowvotePHIDTypePoll extends PhabricatorPHIDType { return new PhabricatorSlowvotePoll(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorSlowvoteQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/slowvote/query/PhabricatorSlowvoteQuery.php b/src/applications/slowvote/query/PhabricatorSlowvoteQuery.php index 28963a44bc..8b4677c557 100644 --- a/src/applications/slowvote/query/PhabricatorSlowvoteQuery.php +++ b/src/applications/slowvote/query/PhabricatorSlowvoteQuery.php @@ -168,4 +168,9 @@ final class PhabricatorSlowvoteQuery return 'p.id'; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationSlowvote'; + } + } diff --git a/src/applications/tokens/phid/PhabricatorTokenPHIDTypeToken.php b/src/applications/tokens/phid/PhabricatorTokenPHIDTypeToken.php index 7d0a1f69a6..c641a1efbd 100644 --- a/src/applications/tokens/phid/PhabricatorTokenPHIDTypeToken.php +++ b/src/applications/tokens/phid/PhabricatorTokenPHIDTypeToken.php @@ -16,15 +16,12 @@ final class PhabricatorTokenPHIDTypeToken extends PhabricatorPHIDType { return new PhabricatorToken(); } - public function loadObjects( + protected function buildQueryForObjects( PhabricatorObjectQuery $query, array $phids) { return id(new PhabricatorTokenQuery()) - ->setViewer($query->getViewer()) - ->setParentQuery($query) - ->withPHIDs($phids) - ->execute(); + ->withPHIDs($phids); } public function loadHandles( diff --git a/src/applications/tokens/query/PhabricatorTokenGivenQuery.php b/src/applications/tokens/query/PhabricatorTokenGivenQuery.php index 27a2c959dd..ea835f47cc 100644 --- a/src/applications/tokens/query/PhabricatorTokenGivenQuery.php +++ b/src/applications/tokens/query/PhabricatorTokenGivenQuery.php @@ -89,4 +89,8 @@ final class PhabricatorTokenGivenQuery return $results; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationTokens'; + } + } diff --git a/src/applications/tokens/query/PhabricatorTokenQuery.php b/src/applications/tokens/query/PhabricatorTokenQuery.php index c4bf4a975b..1fa5d347a8 100644 --- a/src/applications/tokens/query/PhabricatorTokenQuery.php +++ b/src/applications/tokens/query/PhabricatorTokenQuery.php @@ -61,4 +61,9 @@ final class PhabricatorTokenQuery return $tokens; } + + public function getQueryApplicationClass() { + return 'PhabricatorApplicationTokens'; + } + } diff --git a/src/applications/tokens/query/PhabricatorTokenReceiverQuery.php b/src/applications/tokens/query/PhabricatorTokenReceiverQuery.php index bfa784fa41..6485416eb2 100644 --- a/src/applications/tokens/query/PhabricatorTokenReceiverQuery.php +++ b/src/applications/tokens/query/PhabricatorTokenReceiverQuery.php @@ -34,4 +34,8 @@ final class PhabricatorTokenReceiverQuery return $this->tokenCounts; } + public function getQueryApplicationClass() { + return 'PhabricatorApplicationTokens'; + } + } diff --git a/src/applications/transactions/phid/PhabricatorApplicationTransactionPHIDTypeTransaction.php b/src/applications/transactions/phid/PhabricatorApplicationTransactionPHIDTypeTransaction.php index d818dad226..97841ba04f 100644 --- a/src/applications/transactions/phid/PhabricatorApplicationTransactionPHIDTypeTransaction.php +++ b/src/applications/transactions/phid/PhabricatorApplicationTransactionPHIDTypeTransaction.php @@ -20,6 +20,12 @@ final class PhabricatorApplicationTransactionPHIDTypeTransaction return null; } + protected function buildQueryForObjects( + PhabricatorObjectQuery $object_query, + array $phids) { + throw new Exception(); + } + public function loadObjects( PhabricatorObjectQuery $object_query, array $phids) { @@ -55,11 +61,17 @@ final class PhabricatorApplicationTransactionPHIDTypeTransaction continue; } - $xactions = id(clone $query) + $xaction_query = id(clone $query) ->setViewer($object_query->getViewer()) ->setParentQuery($object_query) - ->withPHIDs($subtype_phids) - ->execute(); + ->withPHIDs($subtype_phids); + + if (!$xaction_query->canViewerUseQueryApplication()) { + $object_query->addPolicyFilteredPHIDs(array_fuse($subtype_phids)); + continue; + } + + $xactions = $xaction_query->execute(); $results += mpull($xactions, null, 'getPHID'); } diff --git a/src/applications/transactions/query/PhabricatorApplicationTransactionCommentQuery.php b/src/applications/transactions/query/PhabricatorApplicationTransactionCommentQuery.php index 6cb16c7e50..038fadb9cb 100644 --- a/src/applications/transactions/query/PhabricatorApplicationTransactionCommentQuery.php +++ b/src/applications/transactions/query/PhabricatorApplicationTransactionCommentQuery.php @@ -59,4 +59,10 @@ final class PhabricatorApplicationTransactionCommentQuery return $this->formatWhereClause($where); } + public function getQueryApplicationClass() { + // TODO: Figure out the app via the template? + return null; + } + + } diff --git a/src/applications/transactions/query/PhabricatorApplicationTransactionQuery.php b/src/applications/transactions/query/PhabricatorApplicationTransactionQuery.php index 00523cffe4..1ef212d7e5 100644 --- a/src/applications/transactions/query/PhabricatorApplicationTransactionQuery.php +++ b/src/applications/transactions/query/PhabricatorApplicationTransactionQuery.php @@ -160,4 +160,10 @@ abstract class PhabricatorApplicationTransactionQuery return $this->formatWhereClause($where); } + + public function getQueryApplicationClass() { + // TODO: Sort this out? + return null; + } + } diff --git a/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php b/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php index 20b45df42d..55c6edc277 100644 --- a/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php +++ b/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php @@ -35,6 +35,7 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery { private $capabilities; private $workspace = array(); private $policyFilteredPHIDs = array(); + private $canUseApplication; /* -( Query Configuration )------------------------------------------------ */ @@ -213,9 +214,13 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery { $this->rawResultLimit = 0; } - try { - $page = $this->loadPage(); - } catch (PhabricatorEmptyQueryException $ex) { + if ($this->canViewerUseQueryApplication()) { + try { + $page = $this->loadPage(); + } catch (PhabricatorEmptyQueryException $ex) { + $page = array(); + } + } else { $page = array(); } @@ -317,7 +322,7 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery { PhabricatorPolicyCapability::CAN_VIEW); } - protected function addPolicyFilteredPHIDs(array $phids) { + public function addPolicyFilteredPHIDs(array $phids) { $this->policyFilteredPHIDs += $phids; if ($this->getParentQuery()) { $this->getParentQuery()->addPolicyFilteredPHIDs($phids); @@ -581,4 +586,43 @@ abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery { return false; } + + /** + * If this query belongs to an application, return the application class name + * here. This will prevent the query from returning results if the viewer can + * not access the application. + * + * If this query does not belong to an application, return `null`. + * + * @return string|null Application class name. + */ + abstract public function getQueryApplicationClass(); + + + /** + * Determine if the viewer has permission to use this query's application. + * For queries which aren't part of an application, this method always returns + * true. + * + * @return bool True if the viewer has application-level permission to + * execute the query. + */ + public function canViewerUseQueryApplication() { + if ($this->canUseApplication === null) { + $class = $this->getQueryApplicationClass(); + if (!$class) { + $this->canUseApplication = true; + } else { + $result = id(new PhabricatorApplicationQuery()) + ->setViewer($this->getViewer()) + ->withClasses(array($class)) + ->execute(); + + $this->canUseApplication = (bool)$result; + } + } + + return $this->canUseApplication; + } + }