revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
Code Issues Releases Wiki Activity

Restrict PhortuneMerchant creation at EditEngine level

Browse source 
Summary: Ref T12685. Checks merchant capabilities at the edit engine level

Test Plan: Test with and without admin level permissions. Get restricted access if I cheat. Still able to create with admin.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12685

Differential Revision: https://secure.phabricator.com/D17852
This commit is contained in:
Chad Little 2017-05-08 15:25:36 -07:00
parent c505876d61
commit 32af1d9a9f
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/applications/phortune/editor/PhortuneMerchantEditEngine.php
View file

@ -65,6 +65,11 @@ final class PhortuneMerchantEditEngine
return false;
}
protected function getCreateNewObjectPolicy() {
return $this->getApplication()->getPolicy(
PhortuneMerchantCapability::CAPABILITY);
}
protected function buildCustomEditFields($object) {
$viewer = $this->getViewer();