mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-25 16:22:43 +01:00
Add storage for custom policies
Summary: Ref T603. Allows custom policies to be saved. No integration with policy controls yet. Test Plan: mysql> select * from policy where id = 3\G *************************** 1. row *************************** id: 3 phid: PHID-PLCY-e4v2fnbyuibi4supl5tn rules: [{"action":"allow","rule":"PhabricatorPolicyRuleAdministrators","value":null},{"action":"allow","rule":"PhabricatorPolicyRuleProjects","value":["PHID-PROJ-cwovm5gn2ilubjehcdgd"]},{"action":"allow","rule":"PhabricatorPolicyRuleLunarPhase","value":"new"}] defaultAction: deny dateCreated: 1381437466 dateModified: 1381437466 1 row in set (0.00 sec) Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7282
This commit is contained in:
epriestley
parent
db71bf6128
commit
5899ae08b3
8 changed files with 138 additions and 25 deletions
9
resources/sql/patches/20131010.pstorage.sql
Normal file
9
resources/sql/patches/20131010.pstorage.sql
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
CREATE TABLE {$NAMESPACE}_policy.policy (
|
||||
id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
|
||||
phid VARCHAR(64) NOT NULL COLLATE utf8_bin,
|
||||
rules LONGTEXT NOT NULL COLLATE utf8_bin,
|
||||
defaultAction VARCHAR(32) NOT NULL COLLATE utf8_bin,
|
||||
dateCreated INT UNSIGNED NOT NULL,
|
||||
dateModified INT UNSIGNED NOT NULL,
|
||||
UNIQUE KEY (phid)
|
||||
) ENGINE=InnoDB, COLLATE utf8_general_ci;
|
||||
|
|
@ -1472,7 +1472,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPhrequentConfigOptions' => 'applications/phrequent/config/PhabricatorPhrequentConfigOptions.php',
|
||||
'PhabricatorPhrictionConfigOptions' => 'applications/phriction/config/PhabricatorPhrictionConfigOptions.php',
|
||||
'PhabricatorPolicies' => 'applications/policy/constants/PhabricatorPolicies.php',
|
||||
'PhabricatorPolicy' => 'applications/policy/filter/PhabricatorPolicy.php',
|
||||
'PhabricatorPolicy' => 'applications/policy/storage/PhabricatorPolicy.php',
|
||||
'PhabricatorPolicyAwareQuery' => 'infrastructure/query/policy/PhabricatorPolicyAwareQuery.php',
|
||||
'PhabricatorPolicyAwareTestQuery' => 'applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php',
|
||||
'PhabricatorPolicyCapability' => 'applications/policy/capability/PhabricatorPolicyCapability.php',
|
||||
|
|
@ -1482,6 +1482,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyConfigOptions' => 'applications/policy/config/PhabricatorPolicyConfigOptions.php',
|
||||
'PhabricatorPolicyConstants' => 'applications/policy/constants/PhabricatorPolicyConstants.php',
|
||||
'PhabricatorPolicyController' => 'applications/policy/controller/PhabricatorPolicyController.php',
|
||||
'PhabricatorPolicyDAO' => 'applications/policy/storage/PhabricatorPolicyDAO.php',
|
||||
'PhabricatorPolicyDataTestCase' => 'applications/policy/__tests__/PhabricatorPolicyDataTestCase.php',
|
||||
'PhabricatorPolicyEditController' => 'applications/policy/controller/PhabricatorPolicyEditController.php',
|
||||
'PhabricatorPolicyException' => 'applications/policy/exception/PhabricatorPolicyException.php',
|
||||
|
|
@ -1491,6 +1492,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyManagementShowWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementShowWorkflow.php',
|
||||
'PhabricatorPolicyManagementUnlockWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementUnlockWorkflow.php',
|
||||
'PhabricatorPolicyManagementWorkflow' => 'applications/policy/management/PhabricatorPolicyManagementWorkflow.php',
|
||||
'PhabricatorPolicyPHIDTypePolicy' => 'applications/policy/phid/PhabricatorPolicyPHIDTypePolicy.php',
|
||||
'PhabricatorPolicyQuery' => 'applications/policy/query/PhabricatorPolicyQuery.php',
|
||||
'PhabricatorPolicyRule' => 'applications/policy/rule/PhabricatorPolicyRule.php',
|
||||
'PhabricatorPolicyRuleAdministrators' => 'applications/policy/rule/PhabricatorPolicyRuleAdministrators.php',
|
||||
|
|
@ -3670,6 +3672,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPhrequentConfigOptions' => 'PhabricatorApplicationConfigOptions',
|
||||
'PhabricatorPhrictionConfigOptions' => 'PhabricatorApplicationConfigOptions',
|
||||
'PhabricatorPolicies' => 'PhabricatorPolicyConstants',
|
||||
'PhabricatorPolicy' => 'PhabricatorPolicyDAO',
|
||||
'PhabricatorPolicyAwareQuery' => 'PhabricatorOffsetPagedQuery',
|
||||
'PhabricatorPolicyAwareTestQuery' => 'PhabricatorPolicyAwareQuery',
|
||||
'PhabricatorPolicyCapability' => 'Phobject',
|
||||
|
|
@ -3678,6 +3681,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyCapabilityCanView' => 'PhabricatorPolicyCapability',
|
||||
'PhabricatorPolicyConfigOptions' => 'PhabricatorApplicationConfigOptions',
|
||||
'PhabricatorPolicyController' => 'PhabricatorController',
|
||||
'PhabricatorPolicyDAO' => 'PhabricatorLiskDAO',
|
||||
'PhabricatorPolicyDataTestCase' => 'PhabricatorTestCase',
|
||||
'PhabricatorPolicyEditController' => 'PhabricatorPolicyController',
|
||||
'PhabricatorPolicyException' => 'Exception',
|
||||
|
|
@ -3685,6 +3689,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorPolicyManagementShowWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
||||
'PhabricatorPolicyManagementUnlockWorkflow' => 'PhabricatorPolicyManagementWorkflow',
|
||||
'PhabricatorPolicyManagementWorkflow' => 'PhutilArgumentWorkflow',
|
||||
'PhabricatorPolicyPHIDTypePolicy' => 'PhabricatorPHIDType',
|
||||
'PhabricatorPolicyQuery' => 'PhabricatorQuery',
|
||||
'PhabricatorPolicyRuleAdministrators' => 'PhabricatorPolicyRule',
|
||||
'PhabricatorPolicyRuleLunarPhase' => 'PhabricatorPolicyRule',
|
||||
|
|
|
|||
|
|
@ -7,6 +7,8 @@ final class PhabricatorPolicyEditController
|
|||
$request = $this->getRequest();
|
||||
$viewer = $request->getUser();
|
||||
|
||||
$policy = new PhabricatorPolicy();
|
||||
|
||||
$root_id = celerity_generate_unique_node_id();
|
||||
|
||||
$action_options = array(
|
||||
|
|
@ -53,7 +55,6 @@ final class PhabricatorPolicyEditController
|
|||
$rule_obj = $rules[$rule_class];
|
||||
|
||||
$value = $rule_obj->getValueForStorage(idx($rule, 'value'));
|
||||
$value = $rule_obj->getValueForDisplay($viewer, $value);
|
||||
|
||||
$rule_data[] = array(
|
||||
'action' => $action,
|
||||
|
|
@ -62,7 +63,13 @@ final class PhabricatorPolicyEditController
|
|||
);
|
||||
}
|
||||
|
||||
$default_value = $request->getStr('default');
|
||||
$policy->setRules($rule_data);
|
||||
$policy->setDefaultAction($request->getStr('default'));
|
||||
$policy->save();
|
||||
|
||||
// TODO: Integrate with policy editors.
|
||||
$id = $policy->getID();
|
||||
throw new Exception("OK, saved policy {$id}!");
|
||||
} else {
|
||||
$rule_data = array(
|
||||
$default_rule,
|
||||
|
|
@ -76,7 +83,6 @@ final class PhabricatorPolicyEditController
|
|||
'name' => 'default',
|
||||
));
|
||||
|
||||
|
||||
$form = id(new PHUIFormLayoutView())
|
||||
->appendChild(
|
||||
javelin_tag(
|
||||
|
|
|
|||
|
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorPolicyPHIDTypePolicy
|
||||
extends PhabricatorPHIDType {
|
||||
|
||||
const TYPECONST = 'PLCY';
|
||||
|
||||
public function getTypeConstant() {
|
||||
return self::TYPECONST;
|
||||
}
|
||||
|
||||
public function getTypeName() {
|
||||
return pht('Policy');
|
||||
}
|
||||
|
||||
public function newObject() {
|
||||
return new PhabricatorPolicy();
|
||||
}
|
||||
|
||||
public function loadObjects(
|
||||
PhabricatorObjectQuery $query,
|
||||
array $phids) {
|
||||
|
||||
return id(new PhabricatorPolicyQuery())
|
||||
->setViewer($query->getViewer())
|
||||
->setParentQuery($query)
|
||||
->withPHIDs($phids)
|
||||
->execute();
|
||||
}
|
||||
|
||||
public function loadHandles(
|
||||
PhabricatorHandleQuery $query,
|
||||
array $handles,
|
||||
array $objects) {
|
||||
|
||||
foreach ($handles as $phid => $handle) {
|
||||
$policy = $objects[$phid];
|
||||
|
||||
$handle->setName($policy->getName());
|
||||
$handle->setURI($policy->getHref());
|
||||
}
|
||||
}
|
||||
|
||||
public function canLoadNamedObject($name) {
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -4,6 +4,7 @@ final class PhabricatorPolicyQuery extends PhabricatorQuery {
|
|||
|
||||
private $viewer;
|
||||
private $object;
|
||||
private $phids;
|
||||
|
||||
public function setViewer(PhabricatorUser $viewer) {
|
||||
$this->viewer = $viewer;
|
||||
|
|
@ -15,6 +16,11 @@ final class PhabricatorPolicyQuery extends PhabricatorQuery {
|
|||
return $this;
|
||||
}
|
||||
|
||||
public function withPHIDs(array $phids) {
|
||||
$this->phids = $phids;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public static function loadPolicies(
|
||||
PhabricatorUser $viewer,
|
||||
PhabricatorPolicyInterface $object) {
|
||||
|
|
@ -68,9 +74,6 @@ final class PhabricatorPolicyQuery extends PhabricatorQuery {
|
|||
if (!$this->viewer) {
|
||||
throw new Exception('Call setViewer() before execute()!');
|
||||
}
|
||||
if (!$this->object) {
|
||||
throw new Exception('Call setObject() before execute()!');
|
||||
}
|
||||
|
||||
$results = $this->getGlobalPolicies();
|
||||
|
||||
|
|
@ -93,13 +96,15 @@ final class PhabricatorPolicyQuery extends PhabricatorQuery {
|
|||
$results = mpull($results, null, 'getPHID');
|
||||
|
||||
$other_policies = array();
|
||||
$capabilities = $this->object->getCapabilities();
|
||||
foreach ($capabilities as $capability) {
|
||||
$policy = $this->object->getPolicy($capability);
|
||||
if (!$policy) {
|
||||
continue;
|
||||
if ($this->object) {
|
||||
$capabilities = $this->object->getCapabilities();
|
||||
foreach ($capabilities as $capability) {
|
||||
$policy = $this->object->getPolicy($capability);
|
||||
if (!$policy) {
|
||||
continue;
|
||||
}
|
||||
$other_policies[$policy] = $policy;
|
||||
}
|
||||
$other_policies[$policy] = $policy;
|
||||
}
|
||||
|
||||
// If this install doesn't have "Public" enabled, remove it as an option
|
||||
|
|
@ -127,6 +132,15 @@ final class PhabricatorPolicyQuery extends PhabricatorQuery {
|
|||
|
||||
$results = msort($results, 'getSortKey');
|
||||
|
||||
if ($this->phids) {
|
||||
$phids = array_fuse($this->phids);
|
||||
foreach ($results as $key => $result) {
|
||||
if (empty($phids[$result->getPHID()])) {
|
||||
unset($results[$key]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $results;
|
||||
}
|
||||
|
||||
|
|
@ -160,7 +174,8 @@ final class PhabricatorPolicyQuery extends PhabricatorQuery {
|
|||
$results[$constant] = id(new PhabricatorPolicy())
|
||||
->setType(PhabricatorPolicyType::TYPE_GLOBAL)
|
||||
->setPHID($constant)
|
||||
->setName(self::getGlobalPolicyName($constant));
|
||||
->setName(self::getGlobalPolicyName($constant))
|
||||
->makeEphemeral();
|
||||
}
|
||||
|
||||
return $results;
|
||||
|
|
|
|||
|
|
@ -1,13 +1,33 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorPolicy {
|
||||
final class PhabricatorPolicy
|
||||
extends PhabricatorPolicyDAO {
|
||||
|
||||
const ACTION_ACCEPT = 'accept';
|
||||
const ACTION_DENY = 'deny';
|
||||
|
||||
private $phid;
|
||||
private $name;
|
||||
private $type;
|
||||
private $href;
|
||||
private $icon;
|
||||
|
||||
protected $rules = array();
|
||||
protected $defaultAction = self::ACTION_DENY;
|
||||
|
||||
public function getConfiguration() {
|
||||
return array(
|
||||
self::CONFIG_AUX_PHID => true,
|
||||
self::CONFIG_SERIALIZATION => array(
|
||||
'rules' => self::SERIALIZATION_JSON,
|
||||
),
|
||||
) + parent::getConfiguration();
|
||||
}
|
||||
|
||||
public function generatePHID() {
|
||||
return PhabricatorPHID::generateNewPHID(
|
||||
PhabricatorPolicyPHIDTypePolicy::TYPECONST);
|
||||
}
|
||||
|
||||
public static function newFromPolicyAndHandle(
|
||||
$policy_identifier,
|
||||
PhabricatorObjectHandle $handle = null) {
|
||||
|
|
@ -48,6 +68,8 @@ final class PhabricatorPolicy {
|
|||
break;
|
||||
}
|
||||
|
||||
$policy->makeEphemeral();
|
||||
|
||||
return $policy;
|
||||
}
|
||||
|
||||
|
|
@ -69,15 +91,6 @@ final class PhabricatorPolicy {
|
|||
return $this->name;
|
||||
}
|
||||
|
||||
public function setPHID($phid) {
|
||||
$this->phid = $phid;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getPHID() {
|
||||
return $this->phid;
|
||||
}
|
||||
|
||||
public function setHref($href) {
|
||||
$this->href = $href;
|
||||
return $this;
|
||||
9
src/applications/policy/storage/PhabricatorPolicyDAO.php
Normal file
9
src/applications/policy/storage/PhabricatorPolicyDAO.php
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
<?php
|
||||
|
||||
abstract class PhabricatorPolicyDAO extends PhabricatorLiskDAO {
|
||||
|
||||
public function getApplicationName() {
|
||||
return 'policy';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -204,6 +204,10 @@ final class PhabricatorBuiltinPatchList extends PhabricatorSQLPatchList {
|
|||
'type' => 'db',
|
||||
'name' => 'legalpad',
|
||||
),
|
||||
'db.policy' => array(
|
||||
'type' => 'db',
|
||||
'name' => 'policy',
|
||||
),
|
||||
'0000.legacy.sql' => array(
|
||||
'type' => 'sql',
|
||||
'name' => $this->getPatchPath('0000.legacy.sql'),
|
||||
|
|
@ -1664,6 +1668,10 @@ final class PhabricatorBuiltinPatchList extends PhabricatorSQLPatchList {
|
|||
'type' => 'sql',
|
||||
'name' => $this->getPatchPath('20131006.hdisable.sql'),
|
||||
),
|
||||
'20131010.pstorage.sql' => array(
|
||||
'type' => 'sql',
|
||||
'name' => $this->getPatchPath('20131010.pstorage.sql'),
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue