revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
Code Issues Releases Wiki Activity

Prevent awarding/revoking tokens when a task is locked

Browse source 
Summary: Ref T12335. Allows you to lock tasks to keep your precious tokens.

Test Plan:
  - Awarded tokens to an unlocked task.
  - Locked the task.
  - Could no longer award/rescind tokens.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12335

Differential Revision: https://secure.phabricator.com/D17461
This commit is contained in:
epriestley 2017-03-04 08:05:42 -08:00
parent d5baf2fe37
commit 9ccef52d6c
2 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/applications/tokens/controller/PhabricatorTokenGiveController.php
View file

@ -14,6 +14,24 @@ final class PhabricatorTokenGiveController extends PhabricatorTokenController {
return new Aphront404Response(); return new Aphront404Response();
} }
$object = id(new PhabricatorObjectQuery())
->setViewer($viewer)
->withPHIDs(array($phid))
->executeOne();
if (!($object instanceof PhabricatorTokenReceiverInterface)) {
return new Aphront400Response();
}
if (!PhabricatorPolicyFilter::canInteract($viewer, $object)) {
$lock = PhabricatorEditEngineLock::newForObject($viewer, $object);
$dialog = $this->newDialog()
->addCancelButton($handle->getURI());
return $lock->willBlockUserInteractionWithDialog($dialog);
}
$current = id(new PhabricatorTokenGivenQuery()) $current = id(new PhabricatorTokenGivenQuery())
->setViewer($viewer) ->setViewer($viewer)
->withAuthorPHIDs(array($viewer->getPHID())) ->withAuthorPHIDs(array($viewer->getPHID()))

9
src/applications/tokens/event/PhabricatorTokenUIEventListener.php
View file

@ -37,6 +37,8 @@ final class PhabricatorTokenUIEventListener
return null; return null;
} }
$can_interact = PhabricatorPolicyFilter::canInteract($user, $object);
$current = id(new PhabricatorTokenGivenQuery()) $current = id(new PhabricatorTokenGivenQuery())
->setViewer($user) ->setViewer($user)
->withAuthorPHIDs(array($user->getPHID())) ->withAuthorPHIDs(array($user->getPHID()))
@ -48,14 +50,17 @@ final class PhabricatorTokenUIEventListener
->setWorkflow(true) ->setWorkflow(true)
->setHref('/token/give/'.$object->getPHID().'/') ->setHref('/token/give/'.$object->getPHID().'/')
->setName(pht('Award Token')) ->setName(pht('Award Token'))
->setIcon('fa-trophy'); ->setIcon('fa-trophy')
->setDisabled(!$can_interact);
} else { } else {
$token_action = id(new PhabricatorActionView()) $token_action = id(new PhabricatorActionView())
->setWorkflow(true) ->setWorkflow(true)
->setHref('/token/give/'.$object->getPHID().'/') ->setHref('/token/give/'.$object->getPHID().'/')
->setName(pht('Rescind Token')) ->setName(pht('Rescind Token'))
->setIcon('fa-trophy'); ->setIcon('fa-trophy')
->setDisabled(!$can_interact);
} }
if (!$user->isLoggedIn()) { if (!$user->isLoggedIn()) {
$token_action->setDisabled(true); $token_action->setDisabled(true);
} }