From 78ea6641a20470d8e68152f340133673d2506c9e Mon Sep 17 00:00:00 2001 From: epriestley Date: Tue, 9 Aug 2016 18:01:29 -0700 Subject: [PATCH] Let everyone view Herald rules Summary: Ref T9410. This changes the view policy for all Herald rules to the most public policy ("All Users" for private installs, "Public" for public installs). See T11428 for discussion of this change in greater detail. In practice, this is //approximately// how things work today anyway, since you can almost always see almost all of this information in transcripts. I believe this narrower view policy is helpful in zero cases and slightly confusing or harmful in a number of reasonable cases. Test Plan: Viewed personal, object and global rules as users who could and could not edit the rules. Reviewers: chad Reviewed By: chad Maniphest Tasks: T9410 Differential Revision: https://secure.phabricator.com/D16382 --- .../controller/HeraldRuleViewController.php | 4 ++ .../herald/storage/HeraldRule.php | 41 ++++++++++--------- 2 files changed, 25 insertions(+), 20 deletions(-) diff --git a/src/applications/herald/controller/HeraldRuleViewController.php b/src/applications/herald/controller/HeraldRuleViewController.php index 818eb7560f..9e696c23c4 100644 --- a/src/applications/herald/controller/HeraldRuleViewController.php +++ b/src/applications/herald/controller/HeraldRuleViewController.php @@ -2,6 +2,10 @@ final class HeraldRuleViewController extends HeraldController { + public function shouldAllowPublic() { + return true; + } + public function handleRequest(AphrontRequest $request) { $viewer = $request->getViewer(); $id = $request->getURIData('id'); diff --git a/src/applications/herald/storage/HeraldRule.php b/src/applications/herald/storage/HeraldRule.php index 19f9b95507..cf00e046b7 100644 --- a/src/applications/herald/storage/HeraldRule.php +++ b/src/applications/herald/storage/HeraldRule.php @@ -288,39 +288,40 @@ final class HeraldRule extends HeraldDAO } public function getPolicy($capability) { + if ($capability == PhabricatorPolicyCapability::CAN_VIEW) { + return PhabricatorPolicies::getMostOpenPolicy(); + } + if ($this->isGlobalRule()) { - switch ($capability) { - case PhabricatorPolicyCapability::CAN_VIEW: - return PhabricatorPolicies::POLICY_USER; - case PhabricatorPolicyCapability::CAN_EDIT: - $app = 'PhabricatorHeraldApplication'; - $herald = PhabricatorApplication::getByClass($app); - $global = HeraldManageGlobalRulesCapability::CAPABILITY; - return $herald->getPolicy($global); - } + $app = 'PhabricatorHeraldApplication'; + $herald = PhabricatorApplication::getByClass($app); + $global = HeraldManageGlobalRulesCapability::CAPABILITY; + return $herald->getPolicy($global); } else if ($this->isObjectRule()) { return $this->getTriggerObject()->getPolicy($capability); } else { - return PhabricatorPolicies::POLICY_NOONE; + return $this->getAuthorPHID(); } } public function hasAutomaticCapability($capability, PhabricatorUser $viewer) { - if ($this->isPersonalRule()) { - return ($viewer->getPHID() == $this->getAuthorPHID()); - } else { - return false; - } + return false; } public function describeAutomaticCapability($capability) { - if ($this->isPersonalRule()) { - return pht("A personal rule's owner can always view and edit it."); - } else if ($this->isObjectRule()) { - return pht('Object rules inherit the policies of their objects.'); + if ($capability == PhabricatorPolicyCapability::CAN_VIEW) { + return null; } - return null; + if ($this->isGlobalRule()) { + return pht( + 'Global Herald rules can be edited by users with the "Can Manage '. + 'Global Rules" Herald application permission.'); + } else if ($this->isObjectRule()) { + return pht('Object rules inherit the edit policies of their objects.'); + } else { + return pht('A personal rule can only be edited by its owner.'); + } }