mirror of
https://we.phorge.it/source/phorge.git
synced 2025-02-09 05:18:29 +01:00
Make projects policy-aware
Summary: We managed to move enough Owners stuff aside to make this reasonable; make projects implement the policy interface and projectquery use cursor-based paging. Test Plan: - Grepped for ProjectQuery callsites. - Created an audit comment. - Used `project.query` to query projects. - Loaded homepage. - Viewed Maniphest task list, grouped by project. - Viewed project list. - Created / edited project. - Browsed Owners. Reviewers: vrana, btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D3200
This commit is contained in:
epriestley
parent
fd3ba9841b
commit
330b0a3d4b
9 changed files with 41 additions and 6 deletions
|
|
@ -1949,7 +1949,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorProjectProfile' => 'PhabricatorProjectDAO',
|
'PhabricatorProjectProfile' => 'PhabricatorProjectDAO',
|
||||||
'PhabricatorProjectProfileController' => 'PhabricatorProjectController',
|
'PhabricatorProjectProfileController' => 'PhabricatorProjectController',
|
||||||
'PhabricatorProjectProfileEditController' => 'PhabricatorProjectController',
|
'PhabricatorProjectProfileEditController' => 'PhabricatorProjectController',
|
||||||
'PhabricatorProjectQuery' => 'PhabricatorOffsetPagedQuery',
|
'PhabricatorProjectQuery' => 'PhabricatorCursorPagedPolicyQuery',
|
||||||
'PhabricatorProjectTransaction' => 'PhabricatorProjectDAO',
|
'PhabricatorProjectTransaction' => 'PhabricatorProjectDAO',
|
||||||
'PhabricatorProjectTransactionType' => 'PhabricatorProjectConstants',
|
'PhabricatorProjectTransactionType' => 'PhabricatorProjectConstants',
|
||||||
'PhabricatorProjectUpdateController' => 'PhabricatorProjectController',
|
'PhabricatorProjectUpdateController' => 'PhabricatorProjectController',
|
||||||
|
|
|
||||||
|
|
@ -323,6 +323,10 @@ final class PhabricatorAuditCommentEditor {
|
||||||
|
|
||||||
// The user can audit on behalf of all projects they are a member of.
|
// The user can audit on behalf of all projects they are a member of.
|
||||||
$query = new PhabricatorProjectQuery();
|
$query = new PhabricatorProjectQuery();
|
||||||
|
|
||||||
|
// TODO: As above.
|
||||||
|
$query->setViewer($user);
|
||||||
|
|
||||||
$query->withMemberPHIDs(array($user->getPHID()));
|
$query->withMemberPHIDs(array($user->getPHID()));
|
||||||
$projects = $query->execute();
|
$projects = $query->execute();
|
||||||
foreach ($projects as $project) {
|
foreach ($projects as $project) {
|
||||||
|
|
|
||||||
|
|
@ -58,6 +58,7 @@ final class ConduitAPI_project_query_Method extends ConduitAPI_project_Method {
|
||||||
|
|
||||||
protected function execute(ConduitAPIRequest $request) {
|
protected function execute(ConduitAPIRequest $request) {
|
||||||
$query = new PhabricatorProjectQuery();
|
$query = new PhabricatorProjectQuery();
|
||||||
|
$query->setViewer($request->getUser());
|
||||||
$query->needMembers(true);
|
$query->needMembers(true);
|
||||||
|
|
||||||
$ids = $request->getValue('ids');
|
$ids = $request->getValue('ids');
|
||||||
|
|
|
||||||
|
|
@ -40,6 +40,7 @@ final class PhabricatorDirectoryMainController
|
||||||
case 'home':
|
case 'home':
|
||||||
case 'feed':
|
case 'feed':
|
||||||
$project_query = new PhabricatorProjectQuery();
|
$project_query = new PhabricatorProjectQuery();
|
||||||
|
$project_query->setViewer($user);
|
||||||
$project_query->withMemberPHIDs(array($user->getPHID()));
|
$project_query->withMemberPHIDs(array($user->getPHID()));
|
||||||
$projects = $project_query->execute();
|
$projects = $project_query->execute();
|
||||||
break;
|
break;
|
||||||
|
|
|
||||||
|
|
@ -690,6 +690,7 @@ final class ManiphestTaskListController extends ManiphestController {
|
||||||
|
|
||||||
if ($this->view == 'projecttriage' || $this->view == 'projectall') {
|
if ($this->view == 'projecttriage' || $this->view == 'projectall') {
|
||||||
$project_query = new PhabricatorProjectQuery();
|
$project_query = new PhabricatorProjectQuery();
|
||||||
|
$project_query->setViewer($user);
|
||||||
$project_query->withMemberPHIDs($user_phids);
|
$project_query->withMemberPHIDs($user_phids);
|
||||||
$projects = $project_query->execute();
|
$projects = $project_query->execute();
|
||||||
$project_phids = mpull($projects, 'getPHID');
|
$project_phids = mpull($projects, 'getPHID');
|
||||||
|
|
|
||||||
|
|
@ -65,6 +65,7 @@ final class PhabricatorOwnersPackageQuery
|
||||||
$base_phids = $this->ownerPHIDs;
|
$base_phids = $this->ownerPHIDs;
|
||||||
|
|
||||||
$query = new PhabricatorProjectQuery();
|
$query = new PhabricatorProjectQuery();
|
||||||
|
$query->setViewer($this->getViewer());
|
||||||
$query->withMemberPHIDs($base_phids);
|
$query->withMemberPHIDs($base_phids);
|
||||||
$projects = $query->execute();
|
$projects = $query->execute();
|
||||||
$project_phids = mpull($projects, 'getPHID');
|
$project_phids = mpull($projects, 'getPHID');
|
||||||
|
|
|
||||||
|
|
@ -45,6 +45,7 @@ final class PhabricatorProjectListController
|
||||||
$pager->setOffset($request->getInt('page'));
|
$pager->setOffset($request->getInt('page'));
|
||||||
|
|
||||||
$query = new PhabricatorProjectQuery();
|
$query = new PhabricatorProjectQuery();
|
||||||
|
$query->setViewer($request->getUser());
|
||||||
$query->setOffset($pager->getOffset());
|
$query->setOffset($pager->getOffset());
|
||||||
$query->setLimit($pager->getPageSize() + 1);
|
$query->setLimit($pager->getPageSize() + 1);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,7 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
final class PhabricatorProjectQuery extends PhabricatorOffsetPagedQuery {
|
final class PhabricatorProjectQuery extends PhabricatorCursorPagedPolicyQuery {
|
||||||
|
|
||||||
private $ids;
|
private $ids;
|
||||||
private $phids;
|
private $phids;
|
||||||
|
|
@ -56,7 +56,15 @@ final class PhabricatorProjectQuery extends PhabricatorOffsetPagedQuery {
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function execute() {
|
protected function getPagingColumn() {
|
||||||
|
return 'name';
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function getPagingValue($result) {
|
||||||
|
return $result->getName();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function loadPage() {
|
||||||
$table = new PhabricatorProject();
|
$table = new PhabricatorProject();
|
||||||
$conn_r = $table->establishConnection('r');
|
$conn_r = $table->establishConnection('r');
|
||||||
|
|
||||||
|
|
@ -73,13 +81,14 @@ final class PhabricatorProjectQuery extends PhabricatorOffsetPagedQuery {
|
||||||
$projects = $table->loadAllFromArray($data);
|
$projects = $table->loadAllFromArray($data);
|
||||||
|
|
||||||
if ($projects && $this->needMembers) {
|
if ($projects && $this->needMembers) {
|
||||||
|
$etype = PhabricatorEdgeConfig::TYPE_PROJ_MEMBER;
|
||||||
$members = id(new PhabricatorEdgeQuery())
|
$members = id(new PhabricatorEdgeQuery())
|
||||||
->withSourcePHIDs(mpull($projects, 'getPHID'))
|
->withSourcePHIDs(mpull($projects, 'getPHID'))
|
||||||
->withTypes(array(PhabricatorEdgeConfig::TYPE_PROJ_MEMBER))
|
->withEdgeTypes(array($etype))
|
||||||
->execute();
|
->execute();
|
||||||
foreach ($projects as $project) {
|
foreach ($projects as $project) {
|
||||||
$phid = $project->getPHID();
|
$phid = $project->getPHID();
|
||||||
$project->attachMemberPHIDs(array_keys($members[$phid]));
|
$project->attachMemberPHIDs(array_keys($members[$phid][$etype]));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -135,6 +144,8 @@ final class PhabricatorProjectQuery extends PhabricatorOffsetPagedQuery {
|
||||||
$this->memberPHIDs);
|
$this->memberPHIDs);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$where[] = $this->buildPagingClause($conn_r);
|
||||||
|
|
||||||
return $this->formatWhereClause($where);
|
return $this->formatWhereClause($where);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,8 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
final class PhabricatorProject extends PhabricatorProjectDAO {
|
final class PhabricatorProject extends PhabricatorProjectDAO
|
||||||
|
implements PhabricatorPolicyInterface {
|
||||||
|
|
||||||
protected $name;
|
protected $name;
|
||||||
protected $phid;
|
protected $phid;
|
||||||
|
|
@ -28,6 +29,20 @@ final class PhabricatorProject extends PhabricatorProjectDAO {
|
||||||
private $subprojectsNeedUpdate;
|
private $subprojectsNeedUpdate;
|
||||||
private $memberPHIDs;
|
private $memberPHIDs;
|
||||||
|
|
||||||
|
public function getCapabilities() {
|
||||||
|
return array(
|
||||||
|
PhabricatorPolicyCapability::CAN_VIEW,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getPolicy($capability) {
|
||||||
|
return PhabricatorPolicies::POLICY_USER;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
public function getConfiguration() {
|
public function getConfiguration() {
|
||||||
return array(
|
return array(
|
||||||
self::CONFIG_AUX_PHID => true,
|
self::CONFIG_AUX_PHID => true,
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue