mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-02 03:32:42 +01:00
Followup from D11358#106424 and make policy.locked fully work
Summary: Fast commit. Also forgot to make the config override the existing policy. I *think* this is the right spot and we're good? Ref T6947. Test Plan: viewed the application settings page for people application and saw the correct overrode setting. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6947 Differential Revision: https://secure.phabricator.com/D11373
This commit is contained in:
Bob Trahan
parent
463d094f96
commit
32edb7e2bb
3 changed files with 8 additions and 3 deletions
|
|
@ -454,6 +454,11 @@ abstract class PhabricatorApplication implements PhabricatorPolicyInterface {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$policy_locked = PhabricatorEnv::getEnvConfig('policy.locked');
|
||||||
|
if (isset($policy_locked[$capability])) {
|
||||||
|
return $policy_locked[$capability];
|
||||||
|
}
|
||||||
|
|
||||||
return idx($policy, $capability);
|
return idx($policy, $capability);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -115,11 +115,10 @@ final class PhabricatorApplicationEditController
|
||||||
->setUser($user);
|
->setUser($user);
|
||||||
|
|
||||||
$locked_policies = PhabricatorEnv::getEnvConfig('policy.locked');
|
$locked_policies = PhabricatorEnv::getEnvConfig('policy.locked');
|
||||||
$locked_map = array_fill_keys($locked_policies, true);
|
|
||||||
foreach ($application->getCapabilities() as $capability) {
|
foreach ($application->getCapabilities() as $capability) {
|
||||||
$label = $application->getCapabilityLabel($capability);
|
$label = $application->getCapabilityLabel($capability);
|
||||||
$can_edit = $application->isCapabilityEditable($capability);
|
$can_edit = $application->isCapabilityEditable($capability);
|
||||||
$locked = idx($locked_map, $capability);
|
$locked = idx($locked_policies, $capability);
|
||||||
$caption = $application->getCapabilityCaption($capability);
|
$caption = $application->getCapabilityCaption($capability);
|
||||||
|
|
||||||
if (!$can_edit || $locked) {
|
if (!$can_edit || $locked) {
|
||||||
|
|
@ -132,7 +131,7 @@ final class PhabricatorApplicationEditController
|
||||||
$form->appendChild(
|
$form->appendChild(
|
||||||
id(new AphrontFormPolicyControl())
|
id(new AphrontFormPolicyControl())
|
||||||
->setUser($user)
|
->setUser($user)
|
||||||
->setDisabled(idx($locked_map, $capability))
|
->setDisabled($locked)
|
||||||
->setCapability($capability)
|
->setCapability($capability)
|
||||||
->setPolicyObject($application)
|
->setPolicyObject($application)
|
||||||
->setPolicies($policies)
|
->setPolicies($policies)
|
||||||
|
|
|
||||||
|
|
@ -46,6 +46,7 @@ final class PhabricatorPolicyConfigOptions
|
||||||
"available, and the most open policy is 'All Users' (which means ".
|
"available, and the most open policy is 'All Users' (which means ".
|
||||||
"users must have accounts and be logged in to view things).")),
|
"users must have accounts and be logged in to view things).")),
|
||||||
$this->newOption('policy.locked', $policy_locked_type, array())
|
$this->newOption('policy.locked', $policy_locked_type, array())
|
||||||
|
->setLocked(true)
|
||||||
->setSummary(pht(
|
->setSummary(pht(
|
||||||
'Lock specific application policies so they can not be edited.'))
|
'Lock specific application policies so they can not be edited.'))
|
||||||
->setDescription(pht(
|
->setDescription(pht(
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue