mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-30 02:32:42 +01:00
Followup from D11358#106424 and make policy.locked fully work
Summary: Fast commit. Also forgot to make the config override the existing policy. I *think* this is the right spot and we're good? Ref T6947. Test Plan: viewed the application settings page for people application and saw the correct overrode setting. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6947 Differential Revision: https://secure.phabricator.com/D11373
This commit is contained in:
parent
463d094f96
commit
32edb7e2bb
3 changed files with 8 additions and 3 deletions
|
@ -454,6 +454,11 @@ abstract class PhabricatorApplication implements PhabricatorPolicyInterface {
|
|||
return null;
|
||||
}
|
||||
|
||||
$policy_locked = PhabricatorEnv::getEnvConfig('policy.locked');
|
||||
if (isset($policy_locked[$capability])) {
|
||||
return $policy_locked[$capability];
|
||||
}
|
||||
|
||||
return idx($policy, $capability);
|
||||
}
|
||||
|
||||
|
|
|
@ -115,11 +115,10 @@ final class PhabricatorApplicationEditController
|
|||
->setUser($user);
|
||||
|
||||
$locked_policies = PhabricatorEnv::getEnvConfig('policy.locked');
|
||||
$locked_map = array_fill_keys($locked_policies, true);
|
||||
foreach ($application->getCapabilities() as $capability) {
|
||||
$label = $application->getCapabilityLabel($capability);
|
||||
$can_edit = $application->isCapabilityEditable($capability);
|
||||
$locked = idx($locked_map, $capability);
|
||||
$locked = idx($locked_policies, $capability);
|
||||
$caption = $application->getCapabilityCaption($capability);
|
||||
|
||||
if (!$can_edit || $locked) {
|
||||
|
@ -132,7 +131,7 @@ final class PhabricatorApplicationEditController
|
|||
$form->appendChild(
|
||||
id(new AphrontFormPolicyControl())
|
||||
->setUser($user)
|
||||
->setDisabled(idx($locked_map, $capability))
|
||||
->setDisabled($locked)
|
||||
->setCapability($capability)
|
||||
->setPolicyObject($application)
|
||||
->setPolicies($policies)
|
||||
|
|
|
@ -46,6 +46,7 @@ final class PhabricatorPolicyConfigOptions
|
|||
"available, and the most open policy is 'All Users' (which means ".
|
||||
"users must have accounts and be logged in to view things).")),
|
||||
$this->newOption('policy.locked', $policy_locked_type, array())
|
||||
->setLocked(true)
|
||||
->setSummary(pht(
|
||||
'Lock specific application policies so they can not be edited.'))
|
||||
->setDescription(pht(
|
||||
|
|
Loading…
Reference in a new issue