revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-23 15:22:41 +01:00
Code Issues Releases Wiki Activity

Move Herald application capabilities to newer infrastructure

Browse source 
Summary: Ref T603. Use the new hotness.

Test Plan: Edited Herald in Applications, tried to create rules / global rules without capabilities, got reasonable error messages.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7263
This commit is contained in:
epriestley 2013-10-09 13:44:41 -07:00
parent 82a061b485
commit 7a97a71e20
10 changed files with 66 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/__phutil_library_map__.php
View file

@ -625,6 +625,8 @@ phutil_register_library_map(array(
'HeraldAction' => 'applications/herald/storage/HeraldAction.php', 'HeraldAction' => 'applications/herald/storage/HeraldAction.php',
'HeraldAdapter' => 'applications/herald/adapter/HeraldAdapter.php', 'HeraldAdapter' => 'applications/herald/adapter/HeraldAdapter.php',
'HeraldApplyTranscript' => 'applications/herald/storage/transcript/HeraldApplyTranscript.php', 'HeraldApplyTranscript' => 'applications/herald/storage/transcript/HeraldApplyTranscript.php',
'HeraldCapabilityCreateRules' => 'applications/herald/capability/HeraldCapabilityCreateRules.php',
'HeraldCapabilityManageGlobalRules' => 'applications/herald/capability/HeraldCapabilityManageGlobalRules.php',
'HeraldCommitAdapter' => 'applications/herald/adapter/HeraldCommitAdapter.php', 'HeraldCommitAdapter' => 'applications/herald/adapter/HeraldCommitAdapter.php',
'HeraldCondition' => 'applications/herald/storage/HeraldCondition.php', 'HeraldCondition' => 'applications/herald/storage/HeraldCondition.php',
'HeraldConditionTranscript' => 'applications/herald/storage/transcript/HeraldConditionTranscript.php', 'HeraldConditionTranscript' => 'applications/herald/storage/transcript/HeraldConditionTranscript.php',
@ -2723,6 +2725,8 @@ phutil_register_library_map(array(
'HarbormasterScratchTable' => 'HarbormasterDAO', 'HarbormasterScratchTable' => 'HarbormasterDAO',
'HeraldAction' => 'HeraldDAO', 'HeraldAction' => 'HeraldDAO',
'HeraldApplyTranscript' => 'HeraldDAO', 'HeraldApplyTranscript' => 'HeraldDAO',
'HeraldCapabilityCreateRules' => 'PhabricatorPolicyCapability',
'HeraldCapabilityManageGlobalRules' => 'PhabricatorPolicyCapability',
'HeraldCommitAdapter' => 'HeraldAdapter', 'HeraldCommitAdapter' => 'HeraldAdapter',
'HeraldCondition' => 'HeraldDAO', 'HeraldCondition' => 'HeraldDAO',
'HeraldController' => 'PhabricatorController', 'HeraldController' => 'PhabricatorController',

19
src/applications/base/PhabricatorApplication.php
View file

@ -400,21 +400,26 @@ abstract class PhabricatorApplication
private function getCustomCapabilitySpecification($capability) { private function getCustomCapabilitySpecification($capability) {
$custom = $this->getCustomCapabilities(); $custom = $this->getCustomCapabilities();
if (empty($custom[$capability])) { if (!isset($custom[$capability])) {
throw new Exception("Unknown capability '{$capability}'!"); throw new Exception("Unknown capability '{$capability}'!");
} }
return $custom[$capability]; return $custom[$capability];
} }
public function getCapabilityLabel($capability) { public function getCapabilityLabel($capability) {
$map = array( switch ($capability) {
PhabricatorPolicyCapability::CAN_VIEW => pht('Can Use Application'), case PhabricatorPolicyCapability::CAN_VIEW:
PhabricatorPolicyCapability::CAN_EDIT => pht('Can Configure Application'), return pht('Can Use Application');
); case PhabricatorPolicyCapability::CAN_EDIT:
return pht('Can Configure Application');
}
$map += ipull($this->getCustomCapabilities(), 'label'); $capobj = PhabricatorPolicyCapability::getCapabilityByKey($capability);
if ($capobj) {
return $capobj->getCapabilityName();
}
return idx($map, $capability); return null;
} }
public function isCapabilityEditable($capability) { public function isCapabilityEditable($capability) {

9
src/applications/herald/application/PhabricatorApplicationHerald.php
View file

@ -2,9 +2,6 @@
final class PhabricatorApplicationHerald extends PhabricatorApplication { final class PhabricatorApplicationHerald extends PhabricatorApplication {
const CAN_CREATE_RULE = 'herald.create';
const CAN_CREATE_GLOBAL_RULE = 'herald.global';
public function getBaseURI() { public function getBaseURI() {
return '/herald/'; return '/herald/';
} }
@ -54,11 +51,9 @@ final class PhabricatorApplicationHerald extends PhabricatorApplication {
protected function getCustomCapabilities() { protected function getCustomCapabilities() {
return array( return array(
self::CAN_CREATE_RULE => array( HeraldCapabilityCreateRules::CAPABILITY => array(
'label' => pht('Can Create Rules'),
), ),
self::CAN_CREATE_GLOBAL_RULE => array( HeraldCapabilityManageGlobalRules::CAPABILITY => array(
'label' => pht('Can Create Global Rules'),
'caption' => pht('Global rules can bypass access controls.'), 'caption' => pht('Global rules can bypass access controls.'),
'default' => PhabricatorPolicies::POLICY_ADMIN, 'default' => PhabricatorPolicies::POLICY_ADMIN,
), ),

20
src/applications/herald/capability/HeraldCapabilityCreateRules.php Normal file
View file

@ -0,0 +1,20 @@
<?php
final class HeraldCapabilityCreateRules
extends PhabricatorPolicyCapability {
const CAPABILITY = 'herald.create';
public function getCapabilityKey() {
return self::CAPABILITY;
}
public function getCapabilityName() {
return pht('Can Create Rules');
}
public function describeCapabilityRejection() {
return pht('You do not have permission to create new Herald rules.');
}
}

20
src/applications/herald/capability/HeraldCapabilityManageGlobalRules.php Normal file
View file

@ -0,0 +1,20 @@
<?php
final class HeraldCapabilityManageGlobalRules
extends PhabricatorPolicyCapability {
const CAPABILITY = 'herald.global';
public function getCapabilityKey() {
return self::CAPABILITY;
}
public function getCapabilityName() {
return pht('Can Manage Global Rules');
}
public function describeCapabilityRejection() {
return pht('You do not have permission to manage global Herald rules.');
}
}

2
src/applications/herald/controller/HeraldController.php
View file

@ -24,7 +24,7 @@ abstract class HeraldController extends PhabricatorController {
$crumbs = parent::buildApplicationCrumbs(); $crumbs = parent::buildApplicationCrumbs();
$can_create = $this->hasApplicationCapability( $can_create = $this->hasApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_RULE); HeraldCapabilityCreateRules::CAPABILITY);
$crumbs->addAction( $crumbs->addAction(
id(new PHUIListItemView()) id(new PHUIListItemView())

2
src/applications/herald/controller/HeraldDisableController.php
View file

@ -30,7 +30,7 @@ final class HeraldDisableController extends HeraldController {
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) { if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
$this->requireApplicationCapability( $this->requireApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE); HeraldCapabilityManageGlobalRules::CAPABILITY);
} }
$view_uri = $this->getApplicationURI("rule/{$id}/"); $view_uri = $this->getApplicationURI("rule/{$id}/");

6
src/applications/herald/controller/HeraldNewController.php
View file

@ -15,10 +15,10 @@ final class HeraldNewController extends HeraldController {
$user = $request->getUser(); $user = $request->getUser();
$this->requireApplicationCapability( $this->requireApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_RULE); HeraldCapabilityCreateRules::CAPABILITY);
$can_global = $this->hasApplicationCapability( $can_global = $this->hasApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE); HeraldCapabilityManageGlobalRules::CAPABILITY);
$content_type_map = HeraldAdapter::getEnabledAdapterMap($user); $content_type_map = HeraldAdapter::getEnabledAdapterMap($user);
if (empty($content_type_map[$this->contentType])) { if (empty($content_type_map[$this->contentType])) {
@ -39,7 +39,7 @@ final class HeraldNewController extends HeraldController {
if (!$can_global) { if (!$can_global) {
$global_link = $this->explainApplicationCapability( $global_link = $this->explainApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE, HeraldCapabilityManageGlobalRules::CAPABILITY,
pht('You do not have permission to create or manage global rules.')); pht('You do not have permission to create or manage global rules.'));
} else { } else {
$global_link = null; $global_link = null;

4
src/applications/herald/controller/HeraldRuleController.php
View file

@ -49,12 +49,12 @@ final class HeraldRuleController extends HeraldController {
$cancel_uri = $this->getApplicationURI(); $cancel_uri = $this->getApplicationURI();
$this->requireApplicationCapability( $this->requireApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_RULE); HeraldCapabilityCreateRules::CAPABILITY);
} }
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) { if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
$this->requireApplicationCapability( $this->requireApplicationCapability(
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE); HeraldCapabilityManageGlobalRules::CAPABILITY);
} }
$adapter = HeraldAdapter::getAdapterForContentType($rule->getContentType()); $adapter = HeraldAdapter::getAdapterForContentType($rule->getContentType());

2
src/applications/herald/storage/HeraldRule.php
View file

@ -205,7 +205,7 @@ final class HeraldRule extends HeraldDAO
case PhabricatorPolicyCapability::CAN_EDIT: case PhabricatorPolicyCapability::CAN_EDIT:
$app = 'PhabricatorApplicationHerald'; $app = 'PhabricatorApplicationHerald';
$herald = PhabricatorApplication::getByClass($app); $herald = PhabricatorApplication::getByClass($app);
$global = PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE; $global = HeraldCapabilityManageGlobalRules::CAPABILITY;
return $herald->getPolicy($global); return $herald->getPolicy($global);
} }
} else { } else {