mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-29 10:12:41 +01:00
Projects - add "lock membership", which prevents people from leaving
Summary: Fixes T5603. Puts the toggling of locking membership into the editor so we get exceptions and all that. I think the dialogue when you try to leave a project that is locked could be a little better maybe? Right now it just says "You can't leave" and "The membership is locked" more or less; should I surface a link to the policy stuff there too? Test Plan: - made a project, toggled the "lock" setting, observed stickiness and good transactions being made - locked a project and tried to leave as a non-editor - got a dialogue letting me know i couldn't - locked a project and tried to leave as an editor - left successfully Reviewers: epriestley Reviewed By: epriestley Subscribers: epriestley, Korvin Maniphest Tasks: T5603 Differential Revision: https://secure.phabricator.com/D10508
This commit is contained in:
parent
9b63f84ff9
commit
3238f1e091
9 changed files with 106 additions and 6 deletions
2
resources/sql/autopatches/20140917.project.canlock.sql
Normal file
2
resources/sql/autopatches/20140917.project.canlock.sql
Normal file
|
@ -0,0 +1,2 @@
|
|||
ALTER TABLE {$NAMESPACE}_project.project
|
||||
ADD isMembershipLocked TINYINT(1) NOT NULL DEFAULT 0 AFTER joinPolicy;
|
|
@ -2682,6 +2682,7 @@ phutil_register_library_map(array(
|
|||
'PonderVoteEditor' => 'applications/ponder/editor/PonderVoteEditor.php',
|
||||
'PonderVoteSaveController' => 'applications/ponder/controller/PonderVoteSaveController.php',
|
||||
'ProjectBoardTaskCard' => 'applications/project/view/ProjectBoardTaskCard.php',
|
||||
'ProjectCanLockProjectsCapability' => 'applications/project/capability/ProjectCanLockProjectsCapability.php',
|
||||
'ProjectConduitAPIMethod' => 'applications/project/conduit/ProjectConduitAPIMethod.php',
|
||||
'ProjectCreateConduitAPIMethod' => 'applications/project/conduit/ProjectCreateConduitAPIMethod.php',
|
||||
'ProjectCreateProjectsCapability' => 'applications/project/capability/ProjectCreateProjectsCapability.php',
|
||||
|
@ -5722,6 +5723,7 @@ phutil_register_library_map(array(
|
|||
'PonderVote' => 'PonderConstants',
|
||||
'PonderVoteEditor' => 'PhabricatorEditor',
|
||||
'PonderVoteSaveController' => 'PonderController',
|
||||
'ProjectCanLockProjectsCapability' => 'PhabricatorPolicyCapability',
|
||||
'ProjectConduitAPIMethod' => 'ConduitAPIMethod',
|
||||
'ProjectCreateConduitAPIMethod' => 'ProjectConduitAPIMethod',
|
||||
'ProjectCreateProjectsCapability' => 'PhabricatorPolicyCapability',
|
||||
|
|
|
@ -93,6 +93,9 @@ final class PhabricatorProjectApplication extends PhabricatorApplication {
|
|||
protected function getCustomCapabilities() {
|
||||
return array(
|
||||
ProjectCreateProjectsCapability::CAPABILITY => array(),
|
||||
ProjectCanLockProjectsCapability::CAPABILITY => array(
|
||||
'default' => PhabricatorPolicies::POLICY_ADMIN,
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
<?php
|
||||
|
||||
final class ProjectCanLockProjectsCapability
|
||||
extends PhabricatorPolicyCapability {
|
||||
|
||||
const CAPABILITY = 'project.can.lock';
|
||||
|
||||
public function getCapabilityName() {
|
||||
return pht('Can Lock Project Membership');
|
||||
}
|
||||
|
||||
public function describeCapabilityRejection() {
|
||||
return pht('You do not have permission to lock project membership.');
|
||||
}
|
||||
|
||||
}
|
|
@ -49,6 +49,7 @@ final class PhabricatorProjectEditDetailsController
|
|||
$v_slugs = $project_slugs;
|
||||
$v_color = $project->getColor();
|
||||
$v_icon = $project->getIcon();
|
||||
$v_locked = $project->getIsMembershipLocked();
|
||||
|
||||
$validation_exception = null;
|
||||
|
||||
|
@ -63,6 +64,7 @@ final class PhabricatorProjectEditDetailsController
|
|||
$v_join = $request->getStr('can_join');
|
||||
$v_color = $request->getStr('color');
|
||||
$v_icon = $request->getStr('icon');
|
||||
$v_locked = $request->getInt('is_membership_locked', 0);
|
||||
|
||||
$xactions = $field_list->buildFieldTransactionsFromRequest(
|
||||
new PhabricatorProjectTransaction(),
|
||||
|
@ -73,6 +75,7 @@ final class PhabricatorProjectEditDetailsController
|
|||
$type_edit = PhabricatorTransactions::TYPE_EDIT_POLICY;
|
||||
$type_icon = PhabricatorProjectTransaction::TYPE_ICON;
|
||||
$type_color = PhabricatorProjectTransaction::TYPE_COLOR;
|
||||
$type_locked = PhabricatorProjectTransaction::TYPE_LOCKED;
|
||||
|
||||
$xactions[] = id(new PhabricatorProjectTransaction())
|
||||
->setTransactionType($type_name)
|
||||
|
@ -102,6 +105,10 @@ final class PhabricatorProjectEditDetailsController
|
|||
->setTransactionType($type_color)
|
||||
->setNewValue($v_color);
|
||||
|
||||
$xactions[] = id(new PhabricatorProjectTransaction())
|
||||
->setTransactionType($type_locked)
|
||||
->setNewValue($v_locked);
|
||||
|
||||
$editor = id(new PhabricatorProjectTransactionEditor())
|
||||
->setActor($viewer)
|
||||
->setContentSourceFromRequest($request)
|
||||
|
@ -148,6 +155,10 @@ final class PhabricatorProjectEditDetailsController
|
|||
|
||||
$icon_uri = $this->getApplicationURI('icon/'.$project->getID().'/');
|
||||
$icon_display = PhabricatorProjectIcon::renderIconForChooser($v_icon);
|
||||
list($can_lock, $lock_message) = $this->explainApplicationCapability(
|
||||
ProjectCanLockProjectsCapability::CAPABILITY,
|
||||
pht('You can update the Lock Project setting.'),
|
||||
pht('You can not update the Lock Project setting.'));
|
||||
|
||||
$form
|
||||
->appendChild(
|
||||
|
@ -201,6 +212,16 @@ final class PhabricatorProjectEditDetailsController
|
|||
->setPolicyObject($project)
|
||||
->setPolicies($policies)
|
||||
->setCapability(PhabricatorPolicyCapability::CAN_JOIN))
|
||||
->appendChild(
|
||||
id(new AphrontFormCheckboxControl())
|
||||
->setLabel(pht('Lock Project'))
|
||||
->setDisabled(!$can_lock)
|
||||
->addCheckbox(
|
||||
'is_membership_locked',
|
||||
1,
|
||||
pht('Prevent members from leaving this project.'),
|
||||
$v_locked)
|
||||
->setCaption($lock_message))
|
||||
->appendChild(
|
||||
id(new AphrontFormSubmitControl())
|
||||
->addCancelButton($edit_uri)
|
||||
|
|
|
@ -82,12 +82,18 @@ final class PhabricatorProjectUpdateController
|
|||
case 'leave':
|
||||
$dialog = new AphrontDialogView();
|
||||
$dialog->setUser($user);
|
||||
if ($this->userCannotLeave($project)) {
|
||||
$dialog->setTitle(pht('You can not leave this project.'));
|
||||
$body = pht('The membership is locked for this project.');
|
||||
} else {
|
||||
$dialog->setTitle(pht('Really leave project?'));
|
||||
$dialog->appendChild(phutil_tag('p', array(), pht(
|
||||
$body = pht(
|
||||
'Your tremendous contributions to this project will be sorely '.
|
||||
'missed. Are you sure you want to leave?')));
|
||||
$dialog->addCancelButton($project_uri);
|
||||
'missed. Are you sure you want to leave?');
|
||||
$dialog->addSubmitButton(pht('Leave Project'));
|
||||
}
|
||||
$dialog->appendParagraph($body);
|
||||
$dialog->addCancelButton($project_uri);
|
||||
break;
|
||||
default:
|
||||
return new Aphront404Response();
|
||||
|
@ -96,4 +102,18 @@ final class PhabricatorProjectUpdateController
|
|||
return id(new AphrontDialogResponse())->setDialog($dialog);
|
||||
}
|
||||
|
||||
/**
|
||||
* This is enforced in @{class:PhabricatorProjectTransactionEditor}. We use
|
||||
* this logic to render a better form for users hitting this case.
|
||||
*/
|
||||
private function userCannotLeave(PhabricatorProject $project) {
|
||||
$user = $this->getRequest()->getUser();
|
||||
|
||||
return
|
||||
$project->getIsMembershipLocked() &&
|
||||
!PhabricatorPolicyFilter::hasCapability(
|
||||
$user,
|
||||
$project,
|
||||
PhabricatorPolicyCapability::CAN_EDIT);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -25,6 +25,7 @@ final class PhabricatorProjectTransactionEditor
|
|||
$types[] = PhabricatorProjectTransaction::TYPE_IMAGE;
|
||||
$types[] = PhabricatorProjectTransaction::TYPE_ICON;
|
||||
$types[] = PhabricatorProjectTransaction::TYPE_COLOR;
|
||||
$types[] = PhabricatorProjectTransaction::TYPE_LOCKED;
|
||||
|
||||
return $types;
|
||||
}
|
||||
|
@ -49,6 +50,8 @@ final class PhabricatorProjectTransactionEditor
|
|||
return $object->getIcon();
|
||||
case PhabricatorProjectTransaction::TYPE_COLOR:
|
||||
return $object->getColor();
|
||||
case PhabricatorProjectTransaction::TYPE_LOCKED:
|
||||
return (int) $object->getIsMembershipLocked();
|
||||
}
|
||||
|
||||
return parent::getCustomTransactionOldValue($object, $xaction);
|
||||
|
@ -65,6 +68,7 @@ final class PhabricatorProjectTransactionEditor
|
|||
case PhabricatorProjectTransaction::TYPE_IMAGE:
|
||||
case PhabricatorProjectTransaction::TYPE_ICON:
|
||||
case PhabricatorProjectTransaction::TYPE_COLOR:
|
||||
case PhabricatorProjectTransaction::TYPE_LOCKED:
|
||||
return $xaction->getNewValue();
|
||||
}
|
||||
|
||||
|
@ -94,6 +98,9 @@ final class PhabricatorProjectTransactionEditor
|
|||
case PhabricatorProjectTransaction::TYPE_COLOR:
|
||||
$object->setColor($xaction->getNewValue());
|
||||
return;
|
||||
case PhabricatorProjectTransaction::TYPE_LOCKED:
|
||||
$object->setIsMembershipLocked($xaction->getNewValue());
|
||||
return;
|
||||
case PhabricatorTransactions::TYPE_EDGE:
|
||||
return;
|
||||
case PhabricatorTransactions::TYPE_VIEW_POLICY:
|
||||
|
@ -199,6 +206,7 @@ final class PhabricatorProjectTransactionEditor
|
|||
case PhabricatorProjectTransaction::TYPE_IMAGE:
|
||||
case PhabricatorProjectTransaction::TYPE_ICON:
|
||||
case PhabricatorProjectTransaction::TYPE_COLOR:
|
||||
case PhabricatorProjectTransaction::TYPE_LOCKED:
|
||||
return;
|
||||
case PhabricatorTransactions::TYPE_EDGE:
|
||||
$edge_type = $xaction->getMetadataValue('edge:type');
|
||||
|
@ -360,6 +368,7 @@ final class PhabricatorProjectTransactionEditor
|
|||
}
|
||||
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
return $errors;
|
||||
|
@ -381,6 +390,12 @@ final class PhabricatorProjectTransactionEditor
|
|||
$object,
|
||||
PhabricatorPolicyCapability::CAN_EDIT);
|
||||
return;
|
||||
case PhabricatorProjectTransaction::TYPE_LOCKED:
|
||||
PhabricatorPolicyFilter::requireCapability(
|
||||
$this->requireActor(),
|
||||
newv($this->getEditorApplicationClass(), array()),
|
||||
ProjectCanLockProjectsCapability::CAPABILITY);
|
||||
return;
|
||||
case PhabricatorTransactions::TYPE_EDGE:
|
||||
switch ($xaction->getMetadataValue('edge:type')) {
|
||||
case PhabricatorEdgeConfig::TYPE_PROJ_MEMBER:
|
||||
|
@ -402,7 +417,14 @@ final class PhabricatorProjectTransactionEditor
|
|||
$object,
|
||||
PhabricatorPolicyCapability::CAN_JOIN);
|
||||
} else if ($is_leave) {
|
||||
// You don't need any capabilities to leave a project.
|
||||
// You usually don't need any capabilities to leave a project.
|
||||
if ($object->getIsMembershipLocked()) {
|
||||
// you must be able to edit though to leave locked projects
|
||||
PhabricatorPolicyFilter::requireCapability(
|
||||
$this->requireActor(),
|
||||
$object,
|
||||
PhabricatorPolicyCapability::CAN_EDIT);
|
||||
}
|
||||
} else {
|
||||
// You need CAN_EDIT to change members other than yourself.
|
||||
PhabricatorPolicyFilter::requireCapability(
|
||||
|
|
|
@ -20,6 +20,7 @@ final class PhabricatorProject extends PhabricatorProjectDAO
|
|||
protected $viewPolicy;
|
||||
protected $editPolicy;
|
||||
protected $joinPolicy;
|
||||
protected $isMembershipLocked;
|
||||
|
||||
private $memberPHIDs = self::ATTACHABLE;
|
||||
private $watcherPHIDs = self::ATTACHABLE;
|
||||
|
@ -43,6 +44,7 @@ final class PhabricatorProject extends PhabricatorProjectDAO
|
|||
->setViewPolicy(PhabricatorPolicies::POLICY_USER)
|
||||
->setEditPolicy(PhabricatorPolicies::POLICY_USER)
|
||||
->setJoinPolicy(PhabricatorPolicies::POLICY_USER)
|
||||
->setIsMembershipLocked(0)
|
||||
->attachMemberPHIDs(array());
|
||||
}
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ final class PhabricatorProjectTransaction
|
|||
const TYPE_IMAGE = 'project:image';
|
||||
const TYPE_ICON = 'project:icon';
|
||||
const TYPE_COLOR = 'project:color';
|
||||
const TYPE_LOCKED = 'project:locked';
|
||||
|
||||
// NOTE: This is deprecated, members are just a normal edge now.
|
||||
const TYPE_MEMBERS = 'project:members';
|
||||
|
@ -100,6 +101,17 @@ final class PhabricatorProjectTransaction
|
|||
$author_handle,
|
||||
PHUITagView::getShadeName($new));
|
||||
|
||||
case PhabricatorProjectTransaction::TYPE_LOCKED:
|
||||
if ($new) {
|
||||
return pht(
|
||||
'%s locked this project\'s membership.',
|
||||
$author_handle);
|
||||
} else {
|
||||
return pht(
|
||||
'%s unlocked this project\'s membership.',
|
||||
$author_handle);
|
||||
}
|
||||
|
||||
case PhabricatorProjectTransaction::TYPE_SLUGS:
|
||||
$add = array_diff($new, $old);
|
||||
$rem = array_diff($old, $new);
|
||||
|
|
Loading…
Reference in a new issue