mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-20 20:40:56 +01:00
Use extended policies in Differential diffs
Summary: Fixes T9648. Diffs currently use `return $this->getRevision()->getViewPolicy();` to inherit their revision's view policy. After the introduction of object policies, this is wrong for policies like "Subscribers", because it means "Subscribers to this object, the diff". Since Diffs have no subscribers, this always fails. Instead, use extended policies so that the object policy evaluates in the context of the correct object (the revision). Test Plan: - Create a revision. - Subscribe `alice` to it. - Set view policy to "Subscribers". - View revision as `alice`. - Before patch: nonsense fatal about missing diff because of policy error. - After patch: `alice` can see the revision. Reviewers: chad Reviewed By: chad Maniphest Tasks: T9648 Differential Revision: https://secure.phabricator.com/D17123
This commit is contained in:
parent
81e2a1cf6b
commit
65c1c758ed
3 changed files with 27 additions and 5 deletions
|
@ -5058,6 +5058,7 @@ phutil_register_library_map(array(
|
|||
'DifferentialDiff' => array(
|
||||
'DifferentialDAO',
|
||||
'PhabricatorPolicyInterface',
|
||||
'PhabricatorExtendedPolicyInterface',
|
||||
'HarbormasterBuildableInterface',
|
||||
'HarbormasterCircleCIBuildableInterface',
|
||||
'PhabricatorApplicationTransactionInterface',
|
||||
|
|
|
@ -16,18 +16,17 @@ final class DifferentialRevisionViewController extends DifferentialController {
|
|||
|
||||
$revision = id(new DifferentialRevisionQuery())
|
||||
->withIDs(array($this->revisionID))
|
||||
->setViewer($request->getUser())
|
||||
->setViewer($viewer)
|
||||
->needRelationships(true)
|
||||
->needReviewerStatus(true)
|
||||
->needReviewerAuthority(true)
|
||||
->executeOne();
|
||||
|
||||
if (!$revision) {
|
||||
return new Aphront404Response();
|
||||
}
|
||||
|
||||
$diffs = id(new DifferentialDiffQuery())
|
||||
->setViewer($request->getUser())
|
||||
->setViewer($viewer)
|
||||
->withRevisionIDs(array($this->revisionID))
|
||||
->execute();
|
||||
$diffs = array_reverse($diffs, $preserve_keys = true);
|
||||
|
|
|
@ -4,6 +4,7 @@ final class DifferentialDiff
|
|||
extends DifferentialDAO
|
||||
implements
|
||||
PhabricatorPolicyInterface,
|
||||
PhabricatorExtendedPolicyInterface,
|
||||
HarbormasterBuildableInterface,
|
||||
HarbormasterCircleCIBuildableInterface,
|
||||
PhabricatorApplicationTransactionInterface,
|
||||
|
@ -429,7 +430,7 @@ final class DifferentialDiff
|
|||
|
||||
public function getPolicy($capability) {
|
||||
if ($this->hasRevision()) {
|
||||
return $this->getRevision()->getPolicy($capability);
|
||||
return PhabricatorPolicies::getMostOpenPolicy();
|
||||
}
|
||||
|
||||
return $this->viewPolicy;
|
||||
|
@ -440,7 +441,7 @@ final class DifferentialDiff
|
|||
return $this->getRevision()->hasAutomaticCapability($capability, $viewer);
|
||||
}
|
||||
|
||||
return ($this->getAuthorPHID() == $viewer->getPhid());
|
||||
return ($this->getAuthorPHID() == $viewer->getPHID());
|
||||
}
|
||||
|
||||
public function describeAutomaticCapability($capability) {
|
||||
|
@ -448,10 +449,31 @@ final class DifferentialDiff
|
|||
return pht(
|
||||
'This diff is attached to a revision, and inherits its policies.');
|
||||
}
|
||||
|
||||
return pht('The author of a diff can see it.');
|
||||
}
|
||||
|
||||
|
||||
/* -( PhabricatorExtendedPolicyInterface )--------------------------------- */
|
||||
|
||||
|
||||
public function getExtendedPolicy($capability, PhabricatorUser $viewer) {
|
||||
$extended = array();
|
||||
|
||||
switch ($capability) {
|
||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||
if ($this->hasRevision()) {
|
||||
$extended[] = array(
|
||||
$this->getRevision(),
|
||||
PhabricatorPolicyCapability::CAN_VIEW,
|
||||
);
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
return $extended;
|
||||
}
|
||||
|
||||
|
||||
/* -( HarbormasterBuildableInterface )------------------------------------- */
|
||||
|
||||
|
|
Loading…
Reference in a new issue