revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
Code Issues Releases Wiki Activity

Allow applications to test if a user could edit a certain field by clicking "Edit Thing"

Browse source 
Summary: See D15432. There, we can use this test to check if the user //could// reassign the task by using "Edit Form" or the stacked actions, so any dedicated "claim" element is consistent with the other permissions.

Test Plan:
  - Added a `var_dump($can_reassign)` after the call.
  - Saw `true`.
  - Edited the edit form, locked and disabled "Assigned To".
  - Saw `false`.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15433
This commit is contained in:
epriestley 2016-03-08 04:42:58 -08:00
parent d653b125b5
commit 8a7c963908
2 changed files with 69 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
src/applications/maniphest/controller/ManiphestTaskDetailController.php
View file

@ -26,6 +26,10 @@ final class ManiphestTaskDetailController extends ManiphestController {
->setViewer($viewer) ->setViewer($viewer)
->readFieldsFromStorage($task); ->readFieldsFromStorage($task);
$edit_engine = id(new ManiphestEditEngine())
->setViewer($viewer)
->setTargetObject($task);
$e_commit = ManiphestTaskHasCommitEdgeType::EDGECONST; $e_commit = ManiphestTaskHasCommitEdgeType::EDGECONST;
$e_dep_on = ManiphestTaskDependsOnTaskEdgeType::EDGECONST; $e_dep_on = ManiphestTaskDependsOnTaskEdgeType::EDGECONST;
$e_dep_by = ManiphestTaskDependedOnByTaskEdgeType::EDGECONST; $e_dep_by = ManiphestTaskDependedOnByTaskEdgeType::EDGECONST;
@ -73,12 +77,11 @@ final class ManiphestTaskDetailController extends ManiphestController {
$header = $this->buildHeaderView($task); $header = $this->buildHeaderView($task);
$details = $this->buildPropertyView($task, $field_list, $edges, $handles); $details = $this->buildPropertyView($task, $field_list, $edges, $handles);
$description = $this->buildDescriptionView($task, $engine); $description = $this->buildDescriptionView($task, $engine);
$curtain = $this->buildCurtain($task); $curtain = $this->buildCurtain($task, $edit_engine);
$title = pht('%s %s', $monogram, $task->getTitle()); $title = pht('%s %s', $monogram, $task->getTitle());
$comment_view = id(new ManiphestEditEngine()) $comment_view = $edit_engine
->setViewer($viewer)
->buildEditEngineCommentView($task); ->buildEditEngineCommentView($task);
$timeline->setQuoteRef($monogram); $timeline->setQuoteRef($monogram);
@ -146,7 +149,9 @@ final class ManiphestTaskDetailController extends ManiphestController {
} }
private function buildCurtain(ManiphestTask $task) { private function buildCurtain(
ManiphestTask $task,
PhabricatorEditEngine $edit_engine) {
$viewer = $this->getViewer(); $viewer = $this->getViewer();
$id = $task->getID(); $id = $task->getID();
@ -176,11 +181,12 @@ final class ManiphestTaskDetailController extends ManiphestController {
->setDisabled(!$can_edit) ->setDisabled(!$can_edit)
->setWorkflow(true)); ->setWorkflow(true));
$edit_config = id(new ManiphestEditEngine()) $edit_config = $edit_engine->loadDefaultEditConfiguration();
->setViewer($viewer)
->loadDefaultEditConfiguration();
$can_create = (bool)$edit_config; $can_create = (bool)$edit_config;
$can_reassign = $edit_engine->hasEditAccessToTransaction(
ManiphestTransaction::TYPE_OWNER);
if ($can_create) { if ($can_create) {
$form_key = $edit_config->getIdentifier(); $form_key = $edit_config->getIdentifier();
$edit_uri = id(new PhutilURI("/task/edit/form/{$form_key}/")) $edit_uri = id(new PhutilURI("/task/edit/form/{$form_key}/"))

56
src/applications/transactions/editengine/PhabricatorEditEngine.php
View file

@ -821,7 +821,7 @@ abstract class PhabricatorEditEngine
} }
private function buildCrumbs($object, $final = false) { private function buildCrumbs($object, $final = false) {
$controller = $this->getcontroller(); $controller = $this->getController();
$crumbs = $controller->buildApplicationCrumbsForEditEngine(); $crumbs = $controller->buildApplicationCrumbsForEditEngine();
if ($this->getIsCreate()) { if ($this->getIsCreate()) {
@ -1179,6 +1179,60 @@ abstract class PhabricatorEditEngine
return $actions; return $actions;
} }
/**
* Test if the viewer could apply a certain type of change by using the
* normal "Edit" form.
*
* This method returns `true` if the user has access to an edit form and
* that edit form has a field which applied the specified transaction type,
* and that field is visible and editable for the user.
*
* For example, you can use it to test if a user is able to reassign tasks
* or not, prior to rendering dedicated UI for task reassingment.
*
* Note that this method does NOT test if the user can actually edit the
* current object, just if they have access to the related field.
*
* @param const Transaction type to test for.
* @return bool True if the user could "Edit" to apply the transaction type.
*/
final public function hasEditAccessToTransaction($xaction_type) {
$viewer = $this->getViewer();
$config = $this->loadDefaultEditConfiguration();
if (!$config) {
return false;
}
$object = $this->getTargetObject();
if (!$object) {
$object = $this->newEditableObject();
}
$fields = $this->buildEditFields($object);
$field = null;
foreach ($fields as $form_field) {
$field_xaction_type = $form_field->getTransactionType();
if ($field_xaction_type === $xaction_type) {
$field = $form_field;
break;
}
}
if (!$field) {
return false;
}
if (!$field->shouldReadValueFromSubmit()) {
return false;
}
return true;
}
final public function addActionToCrumbs(PHUICrumbsView $crumbs) { final public function addActionToCrumbs(PHUICrumbsView $crumbs) {
$viewer = $this->getViewer(); $viewer = $this->getViewer();