From 8eed5b1f1449a96496e6190ceef3479912a5b33d Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Fri, 2 Aug 2013 06:21:43 -0700
Subject: [PATCH] Make HeraldRule implement PhabricatorPolicyInterface

Summary:
Ref T603. Ref T2769. Herald currently interacts with policies in a bad way; specifically, I can create a rule which emails me for everything, and thus learn about objects I can't otherwise see.

This shouldn't be possible, so I'm going to reduce personal rules to have only the viewer's scope.

For global rules, I think I'm always going to let any user edit them, but make who the rule acts as part of the configuration. There will be an option to make a rule omnipotent, but only admins (or some other special subset of users) will be able to select it.

Transactions/subscriptions will provide a check against users editing global rules in ways that are bad.

Test Plan: Next diffs.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603, T2769

Differential Revision: https://secure.phabricator.com/D6649
---
 src/__phutil_library_map__.php                |  6 ++-
 .../herald/storage/HeraldRule.php             | 38 ++++++++++++++++++-
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
index 55329a3aaf..d03128da7c 100644
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -2624,7 +2624,11 @@ phutil_register_library_map(array(
     'HeraldNewController' => 'HeraldController',
     'HeraldPHIDTypeRule' => 'PhabricatorPHIDType',
     'HeraldRecursiveConditionsException' => 'Exception',
-    'HeraldRule' => 'HeraldDAO',
+    'HeraldRule' =>
+    array(
+      0 => 'HeraldDAO',
+      1 => 'PhabricatorPolicyInterface',
+    ),
     'HeraldRuleController' => 'HeraldController',
     'HeraldRuleEdit' => 'HeraldDAO',
     'HeraldRuleEditHistoryController' => 'HeraldController',
diff --git a/src/applications/herald/storage/HeraldRule.php b/src/applications/herald/storage/HeraldRule.php
index 8a1e018c94..8b326b20cc 100644
--- a/src/applications/herald/storage/HeraldRule.php
+++ b/src/applications/herald/storage/HeraldRule.php
@@ -1,6 +1,7 @@
 <?php
 
-final class HeraldRule extends HeraldDAO {
+final class HeraldRule extends HeraldDAO
+  implements PhabricatorPolicyInterface {
 
   const TABLE_RULE_APPLIED = 'herald_ruleapplied';
 
@@ -232,4 +233,39 @@ final class HeraldRule extends HeraldDAO {
     return $this->invalidOwner;
   }
 
+  public function isGlobalRule() {
+    return ($this->getRuleType() === HeraldRuleTypeConfig::RULE_TYPE_GLOBAL);
+  }
+
+  public function isPersonalRule() {
+    return ($this->getRuleType() === HeraldRuleTypeConfig::RULE_TYPE_PERSONAL);
+  }
+
+
+/* -(  PhabricatorPolicyInterface  )----------------------------------------- */
+
+
+  public function getCapabilities() {
+    return array(
+      PhabricatorPolicyCapability::CAN_VIEW,
+      PhabricatorPolicyCapability::CAN_EDIT,
+    );
+  }
+
+  public function getPolicy($capability) {
+    if ($this->isGlobalRule()) {
+      return PhabricatorPolicies::POLICY_USER;
+    } else {
+      return PhabricatorPolicies::POLICY_NOONE;
+    }
+  }
+
+  public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
+    if ($this->isPersonalRule()) {
+      return ($viewer->getPHID() == $this->getAuthorPHID());
+    } else {
+      return false;
+    }
+  }
+
 }