prevents users from deleting already deleted/moved phriction documents

Summary: Deps D5198 since it uses a constant from D5198 accidentalbigdiff I sure doubled the size of this file ^^ Could be that I added unserious business. Test Plan: Created a page. Had it open in two browser windows. Deleted in one. This is the second attempt: {F34458} Reviewers: epriestley, btrahan Reviewed By: epriestley CC: aran, Korvin Differential Revision: https://secure.phabricator.com/D5202
2024-09-20 09:18:48 +02:00 · 2013-03-04 08:50:42 -08:00 · 2013-03-04 08:50:42 -08:00 · 6b0138c1ae
commit 6b0138c1ae
parent 0a2a5c7175
1 changed files with 42 additions and 9 deletions
--- a/src/applications/phriction/controller/PhrictionDeleteController.php
+++ b/src/applications/phriction/controller/PhrictionDeleteController.php
@ -21,23 +21,56 @@ final class PhrictionDeleteController extends PhrictionController {
      return new Aphront404Response();
    }

+    $error_view = null;
+    $disallowed_states = array(
+      PhrictionDocumentStatus::STATUS_DELETED, // Stupid
+      PhrictionDocumentStatus::STATUS_MOVED, // Makes no sense
+    );
+    if (in_array($document->getStatus(), $disallowed_states)) {
+      $is_serious =
+        PhabricatorEnv::getEnvConfig('phabricator.serious-business');
+
+      if ($is_serious) {
+        $e_text = pht('An already moved or deleted document can not be '.
+          'deleted');
+      } else {
+        $e_text = pht('I\'m not sure if you got the notice, but you can\'t '.
+          'delete an already deleted or moved document.');
+      }
+
+      $error_view = new AphrontErrorView();
+      $error_view->setSeverity(AphrontErrorView::SEVERITY_ERROR);
+      $error_view->setTitle(pht('Can not delete page'));
+      $error_view->appendChild($e_text);
+
+      $error_view = $error_view->render();
+    }
+
    $document_uri = PhrictionDocument::getSlugURI($document->getSlug());

-    if ($request->isFormPost()) {
+    if (!$error_view && $request->isFormPost()) {
        $editor = id(PhrictionDocumentEditor::newForSlug($document->getSlug()))
          ->setActor($user)
          ->delete();
        return id(new AphrontRedirectResponse())->setURI($document_uri);
    }

-    $dialog = id(new AphrontDialogView())
-      ->setUser($user)
-      ->setTitle(pht('Delete document?'))
-      ->appendChild(
-        pht('Really delete this document? You can recover it later by '.
-        'reverting to a previous version.'))
-      ->addSubmitButton(pht('Delete'))
-      ->addCancelButton($document_uri);
+    if ($error_view) {
+      $dialog = id(new AphrontDialogView())
+        ->setUser($user)
+        ->setTitle(pht('Error!'))
+        ->appendChild($error_view)
+        ->addCancelButton($document_uri);
+    } else {
+      $dialog = id(new AphrontDialogView())
+        ->setUser($user)
+        ->setTitle(pht('Delete document?'))
+        ->appendChild(
+          pht('Really delete this document? You can recover it later by '.
+          'reverting to a previous version.'))
+        ->addSubmitButton(pht('Delete'))
+        ->addCancelButton($document_uri);
+    }

    return id(new AphrontDialogResponse())->setDialog($dialog);
  }