mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-18 10:41:08 +01:00
Implement "USER" policy
Summary: I thought I'd already implemented this, but hadn't. Implement a "USER" policy -- a USER phid means only that user has the capability. Test Plan: Looked at macros as a user other than the comment owner. Reviewers: btrahan, vrana Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D4155
This commit is contained in:
parent
03a1148480
commit
a6aa8f746f
1 changed files with 12 additions and 3 deletions
|
@ -205,6 +205,12 @@ final class PhabricatorPolicyFilter {
|
|||
} else {
|
||||
$this->rejectObject($object, $policy, $capability);
|
||||
}
|
||||
} else if ($type == PhabricatorPHIDConstants::PHID_TYPE_USER) {
|
||||
if ($viewer->getPHID() == $policy) {
|
||||
return true;
|
||||
} else {
|
||||
$this->rejectObject($object, $policy, $capability);
|
||||
}
|
||||
} else {
|
||||
throw new Exception("Object has unknown policy '{$policy}'!");
|
||||
}
|
||||
|
@ -253,13 +259,16 @@ final class PhabricatorPolicyFilter {
|
|||
$who = "No one can {$verb} this object.";
|
||||
break;
|
||||
default:
|
||||
$handle = PhabricatorObjectHandleData::loadOneHandle(
|
||||
$policy,
|
||||
$this->viewer);
|
||||
|
||||
$type = phid_get_type($policy);
|
||||
if ($type == PhabricatorPHIDConstants::PHID_TYPE_PROJ) {
|
||||
$handle = PhabricatorObjectHandleData::loadOneHandle(
|
||||
$policy,
|
||||
$this->viewer);
|
||||
$who = "To {$verb} this object, you must be a member of project ".
|
||||
"'".$handle->getFullName()."'.";
|
||||
} else if ($type == PhabricatorPHIDConstants::PHID_TYPE_USER) {
|
||||
$who = "Only '".$handle->getFullName()."' can {$verb} this object.";
|
||||
} else {
|
||||
$who = "It is unclear who can {$verb} this object.";
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue