Make HeraldRule implement PhabricatorPolicyInterface

Summary: Ref T603. Ref T2769. Herald currently interacts with policies in a bad way; specifically, I can create a rule which emails me for everything, and thus learn about objects I can't otherwise see. This shouldn't be possible, so I'm going to reduce personal rules to have only the viewer's scope. For global rules, I think I'm always going to let any user edit them, but make who the rule acts as part of the configuration. There will be an option to make a rule omnipotent, but only admins (or some other special subset of users) will be able to select it. Transactions/subscriptions will provide a check against users editing global rules in ways that are bad. Test Plan: Next diffs. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T603, T2769 Differential Revision: https://secure.phabricator.com/D6649
2024-09-20 01:08:50 +02:00 · 2013-08-02 06:21:43 -07:00 · 2013-08-02 06:21:43 -07:00 · 8eed5b1f14
commit 8eed5b1f14
parent 2820fdc89b
2 changed files with 42 additions and 2 deletions
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@ -2624,7 +2624,11 @@ phutil_register_library_map(array(
    'HeraldNewController' => 'HeraldController',
    'HeraldPHIDTypeRule' => 'PhabricatorPHIDType',
    'HeraldRecursiveConditionsException' => 'Exception',
-    'HeraldRule' => 'HeraldDAO',
+    'HeraldRule' =>
+    array(
+      0 => 'HeraldDAO',
+      1 => 'PhabricatorPolicyInterface',
+    ),
    'HeraldRuleController' => 'HeraldController',
    'HeraldRuleEdit' => 'HeraldDAO',
    'HeraldRuleEditHistoryController' => 'HeraldController',
--- a/src/applications/herald/storage/HeraldRule.php
+++ b/src/applications/herald/storage/HeraldRule.php
@ -1,6 +1,7 @@
 <?php

-final class HeraldRule extends HeraldDAO {
+final class HeraldRule extends HeraldDAO
+  implements PhabricatorPolicyInterface {

  const TABLE_RULE_APPLIED = 'herald_ruleapplied';

@ -232,4 +233,39 @@ final class HeraldRule extends HeraldDAO {
    return $this->invalidOwner;
  }

+  public function isGlobalRule() {
+    return ($this->getRuleType() === HeraldRuleTypeConfig::RULE_TYPE_GLOBAL);
+  }
+
+  public function isPersonalRule() {
+    return ($this->getRuleType() === HeraldRuleTypeConfig::RULE_TYPE_PERSONAL);
+  }
+
+
+/* -(  PhabricatorPolicyInterface  )----------------------------------------- */
+
+
+  public function getCapabilities() {
+    return array(
+      PhabricatorPolicyCapability::CAN_VIEW,
+      PhabricatorPolicyCapability::CAN_EDIT,
+    );
+  }
+
+  public function getPolicy($capability) {
+    if ($this->isGlobalRule()) {
+      return PhabricatorPolicies::POLICY_USER;
+    } else {
+      return PhabricatorPolicies::POLICY_NOONE;
+    }
+  }
+
+  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
+    if ($this->isPersonalRule()) {
+      return ($viewer->getPHID() == $this->getAuthorPHID());
+    } else {
+      return false;
+    }
+  }
+
 }