mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-10 08:52:39 +01:00
Move Herald application capabilities to newer infrastructure
Summary: Ref T603. Use the new hotness. Test Plan: Edited Herald in Applications, tried to create rules / global rules without capabilities, got reasonable error messages. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7263
This commit is contained in:
parent
82a061b485
commit
7a97a71e20
10 changed files with 66 additions and 22 deletions
|
@ -625,6 +625,8 @@ phutil_register_library_map(array(
|
||||||
'HeraldAction' => 'applications/herald/storage/HeraldAction.php',
|
'HeraldAction' => 'applications/herald/storage/HeraldAction.php',
|
||||||
'HeraldAdapter' => 'applications/herald/adapter/HeraldAdapter.php',
|
'HeraldAdapter' => 'applications/herald/adapter/HeraldAdapter.php',
|
||||||
'HeraldApplyTranscript' => 'applications/herald/storage/transcript/HeraldApplyTranscript.php',
|
'HeraldApplyTranscript' => 'applications/herald/storage/transcript/HeraldApplyTranscript.php',
|
||||||
|
'HeraldCapabilityCreateRules' => 'applications/herald/capability/HeraldCapabilityCreateRules.php',
|
||||||
|
'HeraldCapabilityManageGlobalRules' => 'applications/herald/capability/HeraldCapabilityManageGlobalRules.php',
|
||||||
'HeraldCommitAdapter' => 'applications/herald/adapter/HeraldCommitAdapter.php',
|
'HeraldCommitAdapter' => 'applications/herald/adapter/HeraldCommitAdapter.php',
|
||||||
'HeraldCondition' => 'applications/herald/storage/HeraldCondition.php',
|
'HeraldCondition' => 'applications/herald/storage/HeraldCondition.php',
|
||||||
'HeraldConditionTranscript' => 'applications/herald/storage/transcript/HeraldConditionTranscript.php',
|
'HeraldConditionTranscript' => 'applications/herald/storage/transcript/HeraldConditionTranscript.php',
|
||||||
|
@ -2723,6 +2725,8 @@ phutil_register_library_map(array(
|
||||||
'HarbormasterScratchTable' => 'HarbormasterDAO',
|
'HarbormasterScratchTable' => 'HarbormasterDAO',
|
||||||
'HeraldAction' => 'HeraldDAO',
|
'HeraldAction' => 'HeraldDAO',
|
||||||
'HeraldApplyTranscript' => 'HeraldDAO',
|
'HeraldApplyTranscript' => 'HeraldDAO',
|
||||||
|
'HeraldCapabilityCreateRules' => 'PhabricatorPolicyCapability',
|
||||||
|
'HeraldCapabilityManageGlobalRules' => 'PhabricatorPolicyCapability',
|
||||||
'HeraldCommitAdapter' => 'HeraldAdapter',
|
'HeraldCommitAdapter' => 'HeraldAdapter',
|
||||||
'HeraldCondition' => 'HeraldDAO',
|
'HeraldCondition' => 'HeraldDAO',
|
||||||
'HeraldController' => 'PhabricatorController',
|
'HeraldController' => 'PhabricatorController',
|
||||||
|
|
|
@ -400,21 +400,26 @@ abstract class PhabricatorApplication
|
||||||
|
|
||||||
private function getCustomCapabilitySpecification($capability) {
|
private function getCustomCapabilitySpecification($capability) {
|
||||||
$custom = $this->getCustomCapabilities();
|
$custom = $this->getCustomCapabilities();
|
||||||
if (empty($custom[$capability])) {
|
if (!isset($custom[$capability])) {
|
||||||
throw new Exception("Unknown capability '{$capability}'!");
|
throw new Exception("Unknown capability '{$capability}'!");
|
||||||
}
|
}
|
||||||
return $custom[$capability];
|
return $custom[$capability];
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getCapabilityLabel($capability) {
|
public function getCapabilityLabel($capability) {
|
||||||
$map = array(
|
switch ($capability) {
|
||||||
PhabricatorPolicyCapability::CAN_VIEW => pht('Can Use Application'),
|
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||||
PhabricatorPolicyCapability::CAN_EDIT => pht('Can Configure Application'),
|
return pht('Can Use Application');
|
||||||
);
|
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||||
|
return pht('Can Configure Application');
|
||||||
|
}
|
||||||
|
|
||||||
$map += ipull($this->getCustomCapabilities(), 'label');
|
$capobj = PhabricatorPolicyCapability::getCapabilityByKey($capability);
|
||||||
|
if ($capobj) {
|
||||||
|
return $capobj->getCapabilityName();
|
||||||
|
}
|
||||||
|
|
||||||
return idx($map, $capability);
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function isCapabilityEditable($capability) {
|
public function isCapabilityEditable($capability) {
|
||||||
|
|
|
@ -2,9 +2,6 @@
|
||||||
|
|
||||||
final class PhabricatorApplicationHerald extends PhabricatorApplication {
|
final class PhabricatorApplicationHerald extends PhabricatorApplication {
|
||||||
|
|
||||||
const CAN_CREATE_RULE = 'herald.create';
|
|
||||||
const CAN_CREATE_GLOBAL_RULE = 'herald.global';
|
|
||||||
|
|
||||||
public function getBaseURI() {
|
public function getBaseURI() {
|
||||||
return '/herald/';
|
return '/herald/';
|
||||||
}
|
}
|
||||||
|
@ -54,11 +51,9 @@ final class PhabricatorApplicationHerald extends PhabricatorApplication {
|
||||||
|
|
||||||
protected function getCustomCapabilities() {
|
protected function getCustomCapabilities() {
|
||||||
return array(
|
return array(
|
||||||
self::CAN_CREATE_RULE => array(
|
HeraldCapabilityCreateRules::CAPABILITY => array(
|
||||||
'label' => pht('Can Create Rules'),
|
|
||||||
),
|
),
|
||||||
self::CAN_CREATE_GLOBAL_RULE => array(
|
HeraldCapabilityManageGlobalRules::CAPABILITY => array(
|
||||||
'label' => pht('Can Create Global Rules'),
|
|
||||||
'caption' => pht('Global rules can bypass access controls.'),
|
'caption' => pht('Global rules can bypass access controls.'),
|
||||||
'default' => PhabricatorPolicies::POLICY_ADMIN,
|
'default' => PhabricatorPolicies::POLICY_ADMIN,
|
||||||
),
|
),
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
final class HeraldCapabilityCreateRules
|
||||||
|
extends PhabricatorPolicyCapability {
|
||||||
|
|
||||||
|
const CAPABILITY = 'herald.create';
|
||||||
|
|
||||||
|
public function getCapabilityKey() {
|
||||||
|
return self::CAPABILITY;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getCapabilityName() {
|
||||||
|
return pht('Can Create Rules');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function describeCapabilityRejection() {
|
||||||
|
return pht('You do not have permission to create new Herald rules.');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,20 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
final class HeraldCapabilityManageGlobalRules
|
||||||
|
extends PhabricatorPolicyCapability {
|
||||||
|
|
||||||
|
const CAPABILITY = 'herald.global';
|
||||||
|
|
||||||
|
public function getCapabilityKey() {
|
||||||
|
return self::CAPABILITY;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getCapabilityName() {
|
||||||
|
return pht('Can Manage Global Rules');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function describeCapabilityRejection() {
|
||||||
|
return pht('You do not have permission to manage global Herald rules.');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -24,7 +24,7 @@ abstract class HeraldController extends PhabricatorController {
|
||||||
$crumbs = parent::buildApplicationCrumbs();
|
$crumbs = parent::buildApplicationCrumbs();
|
||||||
|
|
||||||
$can_create = $this->hasApplicationCapability(
|
$can_create = $this->hasApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_RULE);
|
HeraldCapabilityCreateRules::CAPABILITY);
|
||||||
|
|
||||||
$crumbs->addAction(
|
$crumbs->addAction(
|
||||||
id(new PHUIListItemView())
|
id(new PHUIListItemView())
|
||||||
|
|
|
@ -30,7 +30,7 @@ final class HeraldDisableController extends HeraldController {
|
||||||
|
|
||||||
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
|
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
|
||||||
$this->requireApplicationCapability(
|
$this->requireApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE);
|
HeraldCapabilityManageGlobalRules::CAPABILITY);
|
||||||
}
|
}
|
||||||
|
|
||||||
$view_uri = $this->getApplicationURI("rule/{$id}/");
|
$view_uri = $this->getApplicationURI("rule/{$id}/");
|
||||||
|
|
|
@ -15,10 +15,10 @@ final class HeraldNewController extends HeraldController {
|
||||||
$user = $request->getUser();
|
$user = $request->getUser();
|
||||||
|
|
||||||
$this->requireApplicationCapability(
|
$this->requireApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_RULE);
|
HeraldCapabilityCreateRules::CAPABILITY);
|
||||||
|
|
||||||
$can_global = $this->hasApplicationCapability(
|
$can_global = $this->hasApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE);
|
HeraldCapabilityManageGlobalRules::CAPABILITY);
|
||||||
|
|
||||||
$content_type_map = HeraldAdapter::getEnabledAdapterMap($user);
|
$content_type_map = HeraldAdapter::getEnabledAdapterMap($user);
|
||||||
if (empty($content_type_map[$this->contentType])) {
|
if (empty($content_type_map[$this->contentType])) {
|
||||||
|
@ -39,7 +39,7 @@ final class HeraldNewController extends HeraldController {
|
||||||
|
|
||||||
if (!$can_global) {
|
if (!$can_global) {
|
||||||
$global_link = $this->explainApplicationCapability(
|
$global_link = $this->explainApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE,
|
HeraldCapabilityManageGlobalRules::CAPABILITY,
|
||||||
pht('You do not have permission to create or manage global rules.'));
|
pht('You do not have permission to create or manage global rules.'));
|
||||||
} else {
|
} else {
|
||||||
$global_link = null;
|
$global_link = null;
|
||||||
|
|
|
@ -49,12 +49,12 @@ final class HeraldRuleController extends HeraldController {
|
||||||
$cancel_uri = $this->getApplicationURI();
|
$cancel_uri = $this->getApplicationURI();
|
||||||
|
|
||||||
$this->requireApplicationCapability(
|
$this->requireApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_RULE);
|
HeraldCapabilityCreateRules::CAPABILITY);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
|
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
|
||||||
$this->requireApplicationCapability(
|
$this->requireApplicationCapability(
|
||||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE);
|
HeraldCapabilityManageGlobalRules::CAPABILITY);
|
||||||
}
|
}
|
||||||
|
|
||||||
$adapter = HeraldAdapter::getAdapterForContentType($rule->getContentType());
|
$adapter = HeraldAdapter::getAdapterForContentType($rule->getContentType());
|
||||||
|
|
|
@ -205,7 +205,7 @@ final class HeraldRule extends HeraldDAO
|
||||||
case PhabricatorPolicyCapability::CAN_EDIT:
|
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||||
$app = 'PhabricatorApplicationHerald';
|
$app = 'PhabricatorApplicationHerald';
|
||||||
$herald = PhabricatorApplication::getByClass($app);
|
$herald = PhabricatorApplication::getByClass($app);
|
||||||
$global = PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE;
|
$global = HeraldCapabilityManageGlobalRules::CAPABILITY;
|
||||||
return $herald->getPolicy($global);
|
return $herald->getPolicy($global);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in a new issue