Phriction - if you can't edit x/y don't allow creating x/y/z

Summary: ...how do you lock down entire areas otherwise? Fixes T6496. Test Plan: used user 1 to create x/y that user 2 can't edit. tried to create x/y/z as user 2 and got a big ole error dialogue. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin, epriestley Maniphest Tasks: T6496 Differential Revision: https://secure.phabricator.com/D10819
2024-11-27 09:12:41 +01:00 · 2014-11-08 18:12:21 -08:00 · 2014-11-08 18:12:21 -08:00 · 6f971a0fc4
commit 6f971a0fc4
parent b655699a6c
1 changed files with 52 additions and 0 deletions
--- a/src/applications/phriction/editor/PhrictionTransactionEditor.php
+++ b/src/applications/phriction/editor/PhrictionTransactionEditor.php
@ -587,6 +587,58 @@ final class PhrictionTransactionEditor
    }
    return $error;
  }
+  protected function requireCapabilities(
+    PhabricatorLiskDAO $object,
+    PhabricatorApplicationTransaction $xaction) {
+
+    /*
+     * New objects have a special case. If a user can't see
+     *   x/y
+     * then definitely don't let them make some
+     *   x/y/z
+     * We need to load the direct parent to handle this case.
+     */
+    if ($this->getIsNewObject()) {
+      $actor = $this->requireActor();
+      $parent_doc = null;
+      $ancestral_slugs = PhabricatorSlug::getAncestry($object->getSlug());
+      // No ancestral slugs is "/"; the first person gets to play with "/".
+      if ($ancestral_slugs) {
+        $parent = end($ancestral_slugs);
+        $parent_doc = id(new PhrictionDocumentQuery())
+          ->setViewer($actor)
+          ->withSlugs(array($parent))
+          ->executeOne();
+        // If the $actor can't see the $parent_doc then they can't create
+        // the child $object; throw a policy exception.
+        if (!$parent_doc) {
+          id(new PhabricatorPolicyFilter())
+            ->setViewer($actor)
+            ->raisePolicyExceptions(true)
+            ->rejectObject(
+              $object,
+              $object->getEditPolicy(),
+              PhabricatorPolicyCapability::CAN_EDIT);
+        }
+
+        // If the $actor can't edit the $parent_doc then they can't create
+        // the child $object; throw a policy exception.
+        if (!PhabricatorPolicyFilter::hasCapability(
+          $actor,
+          $parent_doc,
+          PhabricatorPolicyCapability::CAN_EDIT)) {
+          id(new PhabricatorPolicyFilter())
+            ->setViewer($actor)
+            ->raisePolicyExceptions(true)
+            ->rejectObject(
+              $object,
+              $object->getEditPolicy(),
+              PhabricatorPolicyCapability::CAN_EDIT);
+        }
+      }
+    }
+    return parent::requireCapabilities($object, $xaction);
+  }

  protected function supportsSearch() {
    return true;