From 3410cbd53ee84ca8ed0b21011ddd78a55d3b7409 Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Wed, 16 Oct 2013 10:36:08 -0700
Subject: [PATCH] Add application and object level policy controls to Countdown

Summary: Ref T603. Give countdowns proper UI-level policy controls, and an application-level default policy. Put policy information in the header.

Test Plan:
  - Adjusted default policy.
  - Created new countdowns.
  - Edited countdowns.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7322
---
 resources/sql/patches/20131015.cpolicy.sql    |  5 ++++
 src/__phutil_library_map__.php                |  2 ++
 .../PhabricatorApplicationCountdown.php       | 11 +++++---
 ...bricatorCountdownCapabilityDefaultView.php | 20 ++++++++++++++
 .../PhabricatorCountdownDeleteController.php  |  5 ----
 .../PhabricatorCountdownEditController.php    | 26 ++++++++++++++-----
 .../PhabricatorCountdownViewController.php    |  5 ++--
 .../storage/PhabricatorCountdown.php          | 24 +++++++++++------
 .../patch/PhabricatorBuiltinPatchList.php     |  4 +++
 9 files changed, 77 insertions(+), 25 deletions(-)
 create mode 100644 resources/sql/patches/20131015.cpolicy.sql
 create mode 100644 src/applications/countdown/capability/PhabricatorCountdownCapabilityDefaultView.php

diff --git a/resources/sql/patches/20131015.cpolicy.sql b/resources/sql/patches/20131015.cpolicy.sql
new file mode 100644
index 0000000000..8f32a55c9a
--- /dev/null
+++ b/resources/sql/patches/20131015.cpolicy.sql
@@ -0,0 +1,5 @@
+ALTER TABLE {$NAMESPACE}_countdown.countdown
+  ADD viewPolicy VARCHAR(64) NOT NULL;
+
+UPDATE {$NAMESPACE}_countdown.countdown
+  SET viewPolicy = 'users' WHERE viewPolicy = '';
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
index 222ad69b4d..4cd0fea73f 100644
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -1068,6 +1068,7 @@ phutil_register_library_map(array(
     'PhabricatorController' => 'applications/base/controller/PhabricatorController.php',
     'PhabricatorCoreConfigOptions' => 'applications/config/option/PhabricatorCoreConfigOptions.php',
     'PhabricatorCountdown' => 'applications/countdown/storage/PhabricatorCountdown.php',
+    'PhabricatorCountdownCapabilityDefaultView' => 'applications/countdown/capability/PhabricatorCountdownCapabilityDefaultView.php',
     'PhabricatorCountdownController' => 'applications/countdown/controller/PhabricatorCountdownController.php',
     'PhabricatorCountdownDAO' => 'applications/countdown/storage/PhabricatorCountdownDAO.php',
     'PhabricatorCountdownDeleteController' => 'applications/countdown/controller/PhabricatorCountdownDeleteController.php',
@@ -3244,6 +3245,7 @@ phutil_register_library_map(array(
       0 => 'PhabricatorCountdownDAO',
       1 => 'PhabricatorPolicyInterface',
     ),
+    'PhabricatorCountdownCapabilityDefaultView' => 'PhabricatorPolicyCapability',
     'PhabricatorCountdownController' => 'PhabricatorController',
     'PhabricatorCountdownDAO' => 'PhabricatorLiskDAO',
     'PhabricatorCountdownDeleteController' => 'PhabricatorCountdownController',
diff --git a/src/applications/countdown/application/PhabricatorApplicationCountdown.php b/src/applications/countdown/application/PhabricatorApplicationCountdown.php
index 405280ca74..ba01b55f57 100644
--- a/src/applications/countdown/application/PhabricatorApplicationCountdown.php
+++ b/src/applications/countdown/application/PhabricatorApplicationCountdown.php
@@ -1,8 +1,5 @@
 <?php
 
-/**
- * @group countdown
- */
 final class PhabricatorApplicationCountdown extends PhabricatorApplication {
 
   public function getBaseURI() {
@@ -50,4 +47,12 @@ final class PhabricatorApplicationCountdown extends PhabricatorApplication {
     );
   }
 
+  public function getCustomCapabilities() {
+    return array(
+      PhabricatorCountdownCapabilityDefaultView::CAPABILITY => array(
+        'caption' => pht('Default view policy for new countdowns.'),
+      ),
+    );
+  }
+
 }
diff --git a/src/applications/countdown/capability/PhabricatorCountdownCapabilityDefaultView.php b/src/applications/countdown/capability/PhabricatorCountdownCapabilityDefaultView.php
new file mode 100644
index 0000000000..ddd44359d4
--- /dev/null
+++ b/src/applications/countdown/capability/PhabricatorCountdownCapabilityDefaultView.php
@@ -0,0 +1,20 @@
+<?php
+
+final class PhabricatorCountdownCapabilityDefaultView
+  extends PhabricatorPolicyCapability {
+
+  const CAPABILITY = 'countdown.default.view';
+
+  public function getCapabilityKey() {
+    return self::CAPABILITY;
+  }
+
+  public function getCapabilityName() {
+    return pht('Default View Policy');
+  }
+
+  public function shouldAllowPublicPolicySetting() {
+    return true;
+  }
+
+}
diff --git a/src/applications/countdown/controller/PhabricatorCountdownDeleteController.php b/src/applications/countdown/controller/PhabricatorCountdownDeleteController.php
index 1e22ce4f00..e241aac4f1 100644
--- a/src/applications/countdown/controller/PhabricatorCountdownDeleteController.php
+++ b/src/applications/countdown/controller/PhabricatorCountdownDeleteController.php
@@ -31,11 +31,6 @@ final class PhabricatorCountdownDeleteController
       return new Aphront404Response();
     }
 
-    if (($countdown->getAuthorPHID() !== $user->getPHID())
-        && $user->getIsAdmin() === false) {
-      return new Aphront403Response();
-    }
-
     if ($request->isFormPost()) {
       $countdown->delete();
       return id(new AphrontRedirectResponse())
diff --git a/src/applications/countdown/controller/PhabricatorCountdownEditController.php b/src/applications/countdown/controller/PhabricatorCountdownEditController.php
index ebc5a92594..18d7b0bdff 100644
--- a/src/applications/countdown/controller/PhabricatorCountdownEditController.php
+++ b/src/applications/countdown/controller/PhabricatorCountdownEditController.php
@@ -27,24 +27,23 @@ final class PhabricatorCountdownEditController
             PhabricatorPolicyCapability::CAN_EDIT,
           ))
         ->executeOne();
-
-      // If no countdown is found
       if (!$countdown) {
         return new Aphront404Response();
       }
     } else {
       $page_title = pht('Create Countdown');
-      $countdown = new PhabricatorCountdown();
-      $countdown->setEpoch(time());
+      $countdown = PhabricatorCountdown::initializeNewCountdown($user);
     }
 
     $error_view = null;
-    $e_text = null;
+    $e_text = true;
+    $e_epoch = null;
 
     if ($request->isFormPost()) {
       $errors = array();
       $title = $request->getStr('title');
       $epoch = $request->getStr('epoch');
+      $view_policy = $request->getStr('viewPolicy');
 
       $e_text = null;
       if (!strlen($title)) {
@@ -68,7 +67,7 @@ final class PhabricatorCountdownEditController
       if (!count($errors)) {
         $countdown->setTitle($title);
         $countdown->setEpoch($timestamp);
-        $countdown->setAuthorPHID($user->getPHID());
+        $countdown->setViewPolicy($view_policy);
         $countdown->save();
         return id(new AphrontRedirectResponse())
           ->setURI('/countdown/'.$countdown->getID().'/');
@@ -106,6 +105,10 @@ final class PhabricatorCountdownEditController
       $submit_label = pht('Create Countdown');
     }
 
+    $policies = id(new PhabricatorPolicyQuery())
+      ->setViewer($user)
+      ->setObject($countdown)
+      ->execute();
 
     $form = id(new AphrontFormView())
       ->setUser($user)
@@ -114,15 +117,24 @@ final class PhabricatorCountdownEditController
         id(new AphrontFormTextControl())
           ->setLabel(pht('Title'))
           ->setValue($countdown->getTitle())
-          ->setName('title'))
+          ->setName('title')
+          ->setError($e_text))
       ->appendChild(
         id(new AphrontFormTextControl())
           ->setLabel(pht('End Date'))
           ->setValue($display_epoch)
           ->setName('epoch')
+          ->setError($e_epoch)
           ->setCaption(pht('Examples: '.
             '2011-12-25 or 3 hours or '.
             'June 8 2011, 5 PM.')))
+      ->appendChild(
+        id(new AphrontFormPolicyControl())
+          ->setUser($user)
+          ->setName('viewPolicy')
+          ->setPolicyObject($countdown)
+          ->setPolicies($policies)
+          ->setCapability(PhabricatorPolicyCapability::CAN_VIEW))
       ->appendChild(
         id(new AphrontFormSubmitControl())
           ->addCancelButton($cancel_uri)
diff --git a/src/applications/countdown/controller/PhabricatorCountdownViewController.php b/src/applications/countdown/controller/PhabricatorCountdownViewController.php
index 1e39760fc9..1522b42513 100644
--- a/src/applications/countdown/controller/PhabricatorCountdownViewController.php
+++ b/src/applications/countdown/controller/PhabricatorCountdownViewController.php
@@ -22,7 +22,6 @@ final class PhabricatorCountdownViewController
       ->setViewer($user)
       ->withIDs(array($this->id))
       ->executeOne();
-
     if (!$countdown) {
       return new Aphront404Response();
     }
@@ -42,7 +41,9 @@ final class PhabricatorCountdownViewController
           ->setName("C{$id}"));
 
     $header = id(new PHUIHeaderView())
-      ->setHeader($title);
+      ->setHeader($title)
+      ->setUser($user)
+      ->setPolicyObject($countdown);
 
     $actions = $this->buildActionListView($countdown);
     $properties = $this->buildPropertyListView($countdown, $actions);
diff --git a/src/applications/countdown/storage/PhabricatorCountdown.php b/src/applications/countdown/storage/PhabricatorCountdown.php
index 19a9227bca..b69a9d50c9 100644
--- a/src/applications/countdown/storage/PhabricatorCountdown.php
+++ b/src/applications/countdown/storage/PhabricatorCountdown.php
@@ -1,8 +1,5 @@
 <?php
 
-/**
- * @group countdown
- */
 final class PhabricatorCountdown
   extends PhabricatorCountdownDAO
   implements PhabricatorPolicyInterface {
@@ -10,7 +7,22 @@ final class PhabricatorCountdown
   protected $title;
   protected $authorPHID;
   protected $epoch;
-  // protected $viewPolicy; //commented out till we have it on countdown table
+  protected $viewPolicy;
+
+  public static function initializeNewCountdown(PhabricatorUser $actor) {
+    $app = id(new PhabricatorApplicationQuery())
+      ->setViewer($actor)
+      ->withClasses(array('PhabricatorApplicationCountdown'))
+      ->executeOne();
+
+    $view_policy = $app->getPolicy(
+      PhabricatorCountdownCapabilityDefaultView::CAPABILITY);
+
+    return id(new PhabricatorCountdown())
+      ->setAuthorPHID($actor->getPHID())
+      ->setViewPolicy($view_policy)
+      ->setEpoch(PhabricatorTime::getNow());
+  }
 
   public function getConfiguration() {
     return array(
@@ -23,10 +35,6 @@ final class PhabricatorCountdown
       PhabricatorCountdownPHIDTypeCountdown::TYPECONST);
   }
 
-  public function getViewPolicy() {
-    return PhabricatorPolicies::POLICY_USER;
-  }
-
 
 /* -(  PhabricatorPolicyInterface  )----------------------------------------- */
 
diff --git a/src/infrastructure/storage/patch/PhabricatorBuiltinPatchList.php b/src/infrastructure/storage/patch/PhabricatorBuiltinPatchList.php
index 8ee3959726..c233b3a105 100644
--- a/src/infrastructure/storage/patch/PhabricatorBuiltinPatchList.php
+++ b/src/infrastructure/storage/patch/PhabricatorBuiltinPatchList.php
@@ -1672,6 +1672,10 @@ final class PhabricatorBuiltinPatchList extends PhabricatorSQLPatchList {
         'type' => 'sql',
         'name' => $this->getPatchPath('20131010.pstorage.sql'),
       ),
+      '20131015.cpolicy.sql' => array(
+        'type' => 'sql',
+        'name' => $this->getPatchPath('20131015.cpolicy.sql'),
+      ),
     );
   }
 }