Let everyone view Herald rules

Summary: Ref T9410. This changes the view policy for all Herald rules to the most public policy ("All Users" for private installs, "Public" for public installs). See T11428 for discussion of this change in greater detail. In practice, this is //approximately// how things work today anyway, since you can almost always see almost all of this information in transcripts. I believe this narrower view policy is helpful in zero cases and slightly confusing or harmful in a number of reasonable cases. Test Plan: Viewed personal, object and global rules as users who could and could not edit the rules. Reviewers: chad Reviewed By: chad Maniphest Tasks: T9410 Differential Revision: https://secure.phabricator.com/D16382
2024-11-18 21:02:41 +01:00 · 2016-08-09 18:01:29 -07:00 · 2016-08-09 18:01:29 -07:00 · 78ea6641a2
commit 78ea6641a2
parent f032146591
2 changed files with 25 additions and 20 deletions
--- a/src/applications/herald/controller/HeraldRuleViewController.php
+++ b/src/applications/herald/controller/HeraldRuleViewController.php
@ -2,6 +2,10 @@

 final class HeraldRuleViewController extends HeraldController {

+  public function shouldAllowPublic() {
+    return true;
+  }
+
  public function handleRequest(AphrontRequest $request) {
    $viewer = $request->getViewer();
    $id = $request->getURIData('id');
--- a/src/applications/herald/storage/HeraldRule.php
+++ b/src/applications/herald/storage/HeraldRule.php
@ -288,39 +288,40 @@ final class HeraldRule extends HeraldDAO
  }

  public function getPolicy($capability) {
+    if ($capability == PhabricatorPolicyCapability::CAN_VIEW) {
+      return PhabricatorPolicies::getMostOpenPolicy();
+    }
+
    if ($this->isGlobalRule()) {
-      switch ($capability) {
-        case PhabricatorPolicyCapability::CAN_VIEW:
-          return PhabricatorPolicies::POLICY_USER;
-        case PhabricatorPolicyCapability::CAN_EDIT:
-          $app = 'PhabricatorHeraldApplication';
-          $herald = PhabricatorApplication::getByClass($app);
-          $global = HeraldManageGlobalRulesCapability::CAPABILITY;
-          return $herald->getPolicy($global);
-      }
+      $app = 'PhabricatorHeraldApplication';
+      $herald = PhabricatorApplication::getByClass($app);
+      $global = HeraldManageGlobalRulesCapability::CAPABILITY;
+      return $herald->getPolicy($global);
    } else if ($this->isObjectRule()) {
      return $this->getTriggerObject()->getPolicy($capability);
    } else {
-      return PhabricatorPolicies::POLICY_NOONE;
+      return $this->getAuthorPHID();
    }
  }

  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
-    if ($this->isPersonalRule()) {
-      return ($viewer->getPHID() == $this->getAuthorPHID());
-    } else {
-      return false;
-    }
+    return false;
  }

  public function describeAutomaticCapability($capability) {
-    if ($this->isPersonalRule()) {
-      return pht("A personal rule's owner can always view and edit it.");
-    } else if ($this->isObjectRule()) {
-      return pht('Object rules inherit the policies of their objects.');
+    if ($capability == PhabricatorPolicyCapability::CAN_VIEW) {
+      return null;
    }

-    return null;
+    if ($this->isGlobalRule()) {
+      return pht(
+        'Global Herald rules can be edited by users with the "Can Manage '.
+        'Global Rules" Herald application permission.');
+    } else if ($this->isObjectRule()) {
+      return pht('Object rules inherit the edit policies of their objects.');
+    } else {
+      return pht('A personal rule can only be edited by its owner.');
+    }
  }