mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-27 01:02:42 +01:00
Move Herald application capabilities to newer infrastructure
Summary: Ref T603. Use the new hotness. Test Plan: Edited Herald in Applications, tried to create rules / global rules without capabilities, got reasonable error messages. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7263
This commit is contained in:
parent
82a061b485
commit
7a97a71e20
10 changed files with 66 additions and 22 deletions
|
@ -625,6 +625,8 @@ phutil_register_library_map(array(
|
|||
'HeraldAction' => 'applications/herald/storage/HeraldAction.php',
|
||||
'HeraldAdapter' => 'applications/herald/adapter/HeraldAdapter.php',
|
||||
'HeraldApplyTranscript' => 'applications/herald/storage/transcript/HeraldApplyTranscript.php',
|
||||
'HeraldCapabilityCreateRules' => 'applications/herald/capability/HeraldCapabilityCreateRules.php',
|
||||
'HeraldCapabilityManageGlobalRules' => 'applications/herald/capability/HeraldCapabilityManageGlobalRules.php',
|
||||
'HeraldCommitAdapter' => 'applications/herald/adapter/HeraldCommitAdapter.php',
|
||||
'HeraldCondition' => 'applications/herald/storage/HeraldCondition.php',
|
||||
'HeraldConditionTranscript' => 'applications/herald/storage/transcript/HeraldConditionTranscript.php',
|
||||
|
@ -2723,6 +2725,8 @@ phutil_register_library_map(array(
|
|||
'HarbormasterScratchTable' => 'HarbormasterDAO',
|
||||
'HeraldAction' => 'HeraldDAO',
|
||||
'HeraldApplyTranscript' => 'HeraldDAO',
|
||||
'HeraldCapabilityCreateRules' => 'PhabricatorPolicyCapability',
|
||||
'HeraldCapabilityManageGlobalRules' => 'PhabricatorPolicyCapability',
|
||||
'HeraldCommitAdapter' => 'HeraldAdapter',
|
||||
'HeraldCondition' => 'HeraldDAO',
|
||||
'HeraldController' => 'PhabricatorController',
|
||||
|
|
|
@ -400,21 +400,26 @@ abstract class PhabricatorApplication
|
|||
|
||||
private function getCustomCapabilitySpecification($capability) {
|
||||
$custom = $this->getCustomCapabilities();
|
||||
if (empty($custom[$capability])) {
|
||||
if (!isset($custom[$capability])) {
|
||||
throw new Exception("Unknown capability '{$capability}'!");
|
||||
}
|
||||
return $custom[$capability];
|
||||
}
|
||||
|
||||
public function getCapabilityLabel($capability) {
|
||||
$map = array(
|
||||
PhabricatorPolicyCapability::CAN_VIEW => pht('Can Use Application'),
|
||||
PhabricatorPolicyCapability::CAN_EDIT => pht('Can Configure Application'),
|
||||
);
|
||||
switch ($capability) {
|
||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||
return pht('Can Use Application');
|
||||
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||
return pht('Can Configure Application');
|
||||
}
|
||||
|
||||
$map += ipull($this->getCustomCapabilities(), 'label');
|
||||
$capobj = PhabricatorPolicyCapability::getCapabilityByKey($capability);
|
||||
if ($capobj) {
|
||||
return $capobj->getCapabilityName();
|
||||
}
|
||||
|
||||
return idx($map, $capability);
|
||||
return null;
|
||||
}
|
||||
|
||||
public function isCapabilityEditable($capability) {
|
||||
|
|
|
@ -2,9 +2,6 @@
|
|||
|
||||
final class PhabricatorApplicationHerald extends PhabricatorApplication {
|
||||
|
||||
const CAN_CREATE_RULE = 'herald.create';
|
||||
const CAN_CREATE_GLOBAL_RULE = 'herald.global';
|
||||
|
||||
public function getBaseURI() {
|
||||
return '/herald/';
|
||||
}
|
||||
|
@ -54,11 +51,9 @@ final class PhabricatorApplicationHerald extends PhabricatorApplication {
|
|||
|
||||
protected function getCustomCapabilities() {
|
||||
return array(
|
||||
self::CAN_CREATE_RULE => array(
|
||||
'label' => pht('Can Create Rules'),
|
||||
HeraldCapabilityCreateRules::CAPABILITY => array(
|
||||
),
|
||||
self::CAN_CREATE_GLOBAL_RULE => array(
|
||||
'label' => pht('Can Create Global Rules'),
|
||||
HeraldCapabilityManageGlobalRules::CAPABILITY => array(
|
||||
'caption' => pht('Global rules can bypass access controls.'),
|
||||
'default' => PhabricatorPolicies::POLICY_ADMIN,
|
||||
),
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
<?php
|
||||
|
||||
final class HeraldCapabilityCreateRules
|
||||
extends PhabricatorPolicyCapability {
|
||||
|
||||
const CAPABILITY = 'herald.create';
|
||||
|
||||
public function getCapabilityKey() {
|
||||
return self::CAPABILITY;
|
||||
}
|
||||
|
||||
public function getCapabilityName() {
|
||||
return pht('Can Create Rules');
|
||||
}
|
||||
|
||||
public function describeCapabilityRejection() {
|
||||
return pht('You do not have permission to create new Herald rules.');
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
<?php
|
||||
|
||||
final class HeraldCapabilityManageGlobalRules
|
||||
extends PhabricatorPolicyCapability {
|
||||
|
||||
const CAPABILITY = 'herald.global';
|
||||
|
||||
public function getCapabilityKey() {
|
||||
return self::CAPABILITY;
|
||||
}
|
||||
|
||||
public function getCapabilityName() {
|
||||
return pht('Can Manage Global Rules');
|
||||
}
|
||||
|
||||
public function describeCapabilityRejection() {
|
||||
return pht('You do not have permission to manage global Herald rules.');
|
||||
}
|
||||
|
||||
}
|
|
@ -24,7 +24,7 @@ abstract class HeraldController extends PhabricatorController {
|
|||
$crumbs = parent::buildApplicationCrumbs();
|
||||
|
||||
$can_create = $this->hasApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_RULE);
|
||||
HeraldCapabilityCreateRules::CAPABILITY);
|
||||
|
||||
$crumbs->addAction(
|
||||
id(new PHUIListItemView())
|
||||
|
|
|
@ -30,7 +30,7 @@ final class HeraldDisableController extends HeraldController {
|
|||
|
||||
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
|
||||
$this->requireApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE);
|
||||
HeraldCapabilityManageGlobalRules::CAPABILITY);
|
||||
}
|
||||
|
||||
$view_uri = $this->getApplicationURI("rule/{$id}/");
|
||||
|
|
|
@ -15,10 +15,10 @@ final class HeraldNewController extends HeraldController {
|
|||
$user = $request->getUser();
|
||||
|
||||
$this->requireApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_RULE);
|
||||
HeraldCapabilityCreateRules::CAPABILITY);
|
||||
|
||||
$can_global = $this->hasApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE);
|
||||
HeraldCapabilityManageGlobalRules::CAPABILITY);
|
||||
|
||||
$content_type_map = HeraldAdapter::getEnabledAdapterMap($user);
|
||||
if (empty($content_type_map[$this->contentType])) {
|
||||
|
@ -39,7 +39,7 @@ final class HeraldNewController extends HeraldController {
|
|||
|
||||
if (!$can_global) {
|
||||
$global_link = $this->explainApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE,
|
||||
HeraldCapabilityManageGlobalRules::CAPABILITY,
|
||||
pht('You do not have permission to create or manage global rules.'));
|
||||
} else {
|
||||
$global_link = null;
|
||||
|
|
|
@ -49,12 +49,12 @@ final class HeraldRuleController extends HeraldController {
|
|||
$cancel_uri = $this->getApplicationURI();
|
||||
|
||||
$this->requireApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_RULE);
|
||||
HeraldCapabilityCreateRules::CAPABILITY);
|
||||
}
|
||||
|
||||
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_GLOBAL) {
|
||||
$this->requireApplicationCapability(
|
||||
PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE);
|
||||
HeraldCapabilityManageGlobalRules::CAPABILITY);
|
||||
}
|
||||
|
||||
$adapter = HeraldAdapter::getAdapterForContentType($rule->getContentType());
|
||||
|
|
|
@ -205,7 +205,7 @@ final class HeraldRule extends HeraldDAO
|
|||
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||
$app = 'PhabricatorApplicationHerald';
|
||||
$herald = PhabricatorApplication::getByClass($app);
|
||||
$global = PhabricatorApplicationHerald::CAN_CREATE_GLOBAL_RULE;
|
||||
$global = HeraldCapabilityManageGlobalRules::CAPABILITY;
|
||||
return $herald->getPolicy($global);
|
||||
}
|
||||
} else {
|
||||
|
|
Loading…
Reference in a new issue