Add PhabricatorOwnersPackageQuery

Summary: This is a step toward unearthing Project queries enough that I can make them policy-aware. Right now, some ProjectQuery callsites do not have reasonable access to the viewer. In particular, Owners packages need to issue Project queries because we allow projects to own packages and resolve project members inside of some package queries. Currently, we have a very unmodern approach to querying packages, with a large number of one-off static load methods: PhabricatorOwnersPackage::loadAffectedPackages() PhabricatorOwnersPackage::loadOwningPackages() PhabricatorOwnersPackage::loadPackagesForPaths() PhabricatorOwnersOwner::loadAllForPackages() PhabricatorOwnersOwner::loadAffiliatedUserPHIDs() PhabricatorOwnersOwner::loadAffiliatedPackages() ConduitAPI_owners_query_Method::queryAll() ConduitAPI_owners_query_Method::queryByOwner() ConduitAPI_owners_query_Method::queryByAffiliatedUser() ConduitAPI_owners_query_Method::queryByPath() We should replace `PhabricatorOwnersOwner` with an Edge and move all of these calls to a Query class. I'm going to try to do as little of this work as I can for now since I'm much more interested in getting a functional policy implementation into other applications, but ProjectQuery needs to be policy-aware before I can do that and I need to dig some at least some of the callsites out enough that I can get a viewer in there without making the code worse than it is. This adds a PhabricatorOwnersPackageQuery class and removes one callsite of one of those static methods. I also intend to dissolve the two separate concepts of an "owner" (direct owner) and an "affiliated user" (indirect owner via project membership) since I think we're always fine with "affiliated users" owners. Test Plan: Loaded home page / audit tool, which use the modified path. Ran queries manually via script. Made sure results included directly owned packages and packages owned through project membership. Reviewers: vrana, btrahan, meitros Reviewed By: btrahan CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D3193
2024-11-10 08:52:39 +01:00 · 2012-08-08 12:25:11 -07:00 · 2012-08-08 12:25:11 -07:00 · 8cdd801515
commit 8cdd801515
parent ab92242e00
4 changed files with 119 additions and 14 deletions
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@ -865,6 +865,7 @@ phutil_register_library_map(array(
    'PhabricatorOwnersListController' => 'applications/owners/controller/PhabricatorOwnersListController.php',
    'PhabricatorOwnersOwner' => 'applications/owners/storage/PhabricatorOwnersOwner.php',
    'PhabricatorOwnersPackage' => 'applications/owners/storage/PhabricatorOwnersPackage.php',
+    'PhabricatorOwnersPackageQuery' => 'applications/owners/query/PhabricatorOwnersPackageQuery.php',
    'PhabricatorOwnersPath' => 'applications/owners/storage/PhabricatorOwnersPath.php',
    'PhabricatorPHID' => 'applications/phid/storage/PhabricatorPHID.php',
    'PhabricatorPHIDConstants' => 'applications/phid/PhabricatorPHIDConstants.php',
@ -1904,7 +1905,12 @@ phutil_register_library_map(array(
    'PhabricatorOwnersEditController' => 'PhabricatorOwnersController',
    'PhabricatorOwnersListController' => 'PhabricatorOwnersController',
    'PhabricatorOwnersOwner' => 'PhabricatorOwnersDAO',
-    'PhabricatorOwnersPackage' => 'PhabricatorOwnersDAO',
+    'PhabricatorOwnersPackage' =>
+    array(
+      0 => 'PhabricatorOwnersDAO',
+      1 => 'PhabricatorPolicyInterface',
+    ),
+    'PhabricatorOwnersPackageQuery' => 'PhabricatorCursorPagedPolicyQuery',
    'PhabricatorOwnersPath' => 'PhabricatorOwnersDAO',
    'PhabricatorPHIDController' => 'PhabricatorController',
    'PhabricatorPHIDLookupController' => 'PhabricatorPHIDController',
@ -1928,7 +1934,7 @@ phutil_register_library_map(array(
    'PhabricatorPolicies' => 'PhabricatorPolicyConstants',
    'PhabricatorPolicyCapability' => 'PhabricatorPolicyConstants',
    'PhabricatorPolicyException' => 'Exception',
-    'PhabricatorPolicyQuery' => 'PhabricatorQuery',
+    'PhabricatorPolicyQuery' => 'PhabricatorOffsetPagedQuery',
    'PhabricatorPolicyTestCase' => 'PhabricatorTestCase',
    'PhabricatorPolicyTestObject' => 'PhabricatorPolicyInterface',
    'PhabricatorPolicyTestQuery' => 'PhabricatorPolicyQuery',
--- a/src/applications/audit/editor/PhabricatorAuditCommentEditor.php
+++ b/src/applications/audit/editor/PhabricatorAuditCommentEditor.php
@ -305,20 +305,20 @@ final class PhabricatorAuditCommentEditor {
  public static function loadAuditPHIDsForUser(PhabricatorUser $user) {
    $phids = array();

+    // TODO: This method doesn't really use the right viewer, but in practice we
+    // never issue this query of this type on behalf of another user and are
+    // unlikely to do so in the future. This entire method should be refactored
+    // into a Query class, however, and then we should use a proper viewer.
+
    // The user can audit on their own behalf.
    $phids[$user->getPHID()] = true;

-    // The user can audit on behalf of all packages they own.
-    $owned_packages = PhabricatorOwnersOwner::loadAffiliatedPackages(
-      $user->getPHID());
-
-    if ($owned_packages) {
-      $packages = id(new PhabricatorOwnersPackage())->loadAllWhere(
-        'id IN (%Ld)',
-        mpull($owned_packages, 'getPackageID'));
-      foreach (mpull($packages, 'getPHID') as $phid) {
-        $phids[$phid] = true;
-      }
+    $owned_packages = id(new PhabricatorOwnersPackageQuery())
+      ->setViewer($user)
+      ->withOwnerPHIDs(array($user->getPHID()))
+      ->execute();
+    foreach ($owned_packages as $package) {
+      $phids[$package->getPHID()] = true;
    }

    // The user can audit on behalf of all projects they are a member of.
--- a/src/applications/owners/query/PhabricatorOwnersPackageQuery.php
+++ b/src/applications/owners/query/PhabricatorOwnersPackageQuery.php
@ -0,0 +1,84 @@
+<?php
+
+/*
+ * Copyright 2012 Facebook, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+final class PhabricatorOwnersPackageQuery
+  extends PhabricatorCursorPagedPolicyQuery {
+
+  private $ownerPHIDs;
+
+  /**
+   * Owners are direct owners, and members of owning projects.
+   */
+  public function withOwnerPHIDs(array $phids) {
+    $this->ownerPHIDs = $phids;
+    return $this;
+  }
+
+  protected function loadPage() {
+    $table = new PhabricatorOwnersPackage();
+    $conn_r = $table->establishConnection('r');
+
+    $data = queryfx_all(
+      $conn_r,
+      'SELECT p.* FROM %T p %Q %Q %Q %Q',
+      $table->getTableName(),
+      $this->buildJoinClause($conn_r),
+      $this->buildWhereClause($conn_r),
+      $this->buildOrderClause($conn_r),
+      $this->buildLimitClause($conn_r));
+
+    return $table->loadAllFromArray($data);
+  }
+
+  private function buildJoinClause(AphrontDatabaseConnection $conn_r) {
+    $joins = array();
+
+    if ($this->ownerPHIDs) {
+      $joins[] = qsprintf(
+        $conn_r,
+        'JOIN %T o ON o.packageID = p.id',
+        id(new PhabricatorOwnersOwner())->getTableName());
+    }
+
+    return implode('', $joins);
+  }
+
+  private function buildWhereClause(AphrontDatabaseConnection $conn_r) {
+    $where = array();
+
+    if ($this->ownerPHIDs) {
+      $base_phids = $this->ownerPHIDs;
+
+      $query = new PhabricatorProjectQuery();
+      $query->withMemberPHIDs($base_phids);
+      $projects = $query->execute();
+      $project_phids = mpull($projects, 'getPHID');
+
+      $all_phids = array_merge($base_phids, $project_phids);
+
+      $where[] = qsprintf(
+        $conn_r,
+        'o.userPHID IN (%Ls)',
+        $all_phids);
+    }
+
+    $where[] = $this->buildPagingClause($conn_r);
+    return $this->formatWhereClause($where);
+  }
+
+}
--- a/src/applications/owners/storage/PhabricatorOwnersPackage.php
+++ b/src/applications/owners/storage/PhabricatorOwnersPackage.php
@ -16,7 +16,8 @@
 * limitations under the License.
 */

-final class PhabricatorOwnersPackage extends PhabricatorOwnersDAO {
+final class PhabricatorOwnersPackage extends PhabricatorOwnersDAO
+  implements PhabricatorPolicyInterface {

  protected $phid;
  protected $name;
@ -31,6 +32,20 @@ final class PhabricatorOwnersPackage extends PhabricatorOwnersDAO {
  private $oldPrimaryOwnerPHID;
  private $oldAuditingEnabled;

+  public function getCapabilities() {
+    return array(
+      PhabricatorPolicyCapability::CAN_VIEW,
+    );
+  }
+
+  public function getPolicy($capability) {
+    return PhabricatorPolicies::POLICY_USER;
+  }
+
+  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
+    return false;
+  }
+
  public function getConfiguration() {
    return array(
      // This information is better available from the history table.