1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-30 02:32:42 +01:00

Followup from D11358#106424 and make policy.locked fully work

Summary: Fast commit. Also forgot to make the config override the existing policy. I *think* this is the right spot and we're good? Ref T6947.

Test Plan: viewed the application settings page for people application and saw the correct overrode setting.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6947

Differential Revision: https://secure.phabricator.com/D11373
This commit is contained in:
Bob Trahan 2015-01-13 12:03:11 -08:00
parent 463d094f96
commit 32edb7e2bb
3 changed files with 8 additions and 3 deletions

View file

@ -454,6 +454,11 @@ abstract class PhabricatorApplication implements PhabricatorPolicyInterface {
return null;
}
$policy_locked = PhabricatorEnv::getEnvConfig('policy.locked');
if (isset($policy_locked[$capability])) {
return $policy_locked[$capability];
}
return idx($policy, $capability);
}

View file

@ -115,11 +115,10 @@ final class PhabricatorApplicationEditController
->setUser($user);
$locked_policies = PhabricatorEnv::getEnvConfig('policy.locked');
$locked_map = array_fill_keys($locked_policies, true);
foreach ($application->getCapabilities() as $capability) {
$label = $application->getCapabilityLabel($capability);
$can_edit = $application->isCapabilityEditable($capability);
$locked = idx($locked_map, $capability);
$locked = idx($locked_policies, $capability);
$caption = $application->getCapabilityCaption($capability);
if (!$can_edit || $locked) {
@ -132,7 +131,7 @@ final class PhabricatorApplicationEditController
$form->appendChild(
id(new AphrontFormPolicyControl())
->setUser($user)
->setDisabled(idx($locked_map, $capability))
->setDisabled($locked)
->setCapability($capability)
->setPolicyObject($application)
->setPolicies($policies)

View file

@ -46,6 +46,7 @@ final class PhabricatorPolicyConfigOptions
"available, and the most open policy is 'All Users' (which means ".
"users must have accounts and be logged in to view things).")),
$this->newOption('policy.locked', $policy_locked_type, array())
->setLocked(true)
->setSummary(pht(
'Lock specific application policies so they can not be edited.'))
->setDescription(pht(