1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-20 04:20:55 +01:00

Make restricted objects in commit messages work more consistently with the web UI

Summary:
Fixes T11344. In the web UI, if a field like "Subscribers" on an object (like a task) contains values you don't have permission to see, you see tokens for them (like "Restricted Project") but not their names.

Make commit messages work the same way: you see the PHID, and can remove it or leave it there, but can't see the underlying name.

(We have to render an actual PHID rather than just "Restricted Thing" because we have to be able to figure out what edit the user is actually trying to make.)

Test Plan: Interacted with a revision via the CLI that had project reviewers I couldn't see.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11344

Differential Revision: https://secure.phabricator.com/D17124
This commit is contained in:
epriestley 2017-01-01 09:01:52 -08:00
parent 65c1c758ed
commit 3d52f07ee7

View file

@ -149,7 +149,22 @@ final class PhabricatorObjectListQuery extends Phobject {
$missing = array();
foreach ($name_map as $key => $name) {
if (empty($objects[$key])) {
$missing[] = $name;
$missing[$key] = $name;
}
}
$result = array_unique(mpull($objects, 'getPHID'));
// For values which are plain PHIDs of allowed types, let them through
// unchecked. This can happen occur if subscribers or reviewers which the
// revision author does not have permission to see are added by Herald
// rules. Any actual edits will be checked later: users are not allowed
// to add new reviewers they can't see, but they can touch a field which
// contains them.
foreach ($missing as $key => $value) {
if (isset($allowed[phid_get_type($value)])) {
unset($missing[$key]);
$result[$key] = $value;
}
}
@ -181,8 +196,6 @@ final class PhabricatorObjectListQuery extends Phobject {
}
}
$result = array_unique(mpull($objects, 'getPHID'));
if ($suffixes) {
foreach ($result as $key => $phid) {
$result[$key] = array(