1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 22:10:55 +01:00

Improve behavior of "owner" transaction in "maniphest.edit" endpoint

Summary:
Fixes T10117.

  - I accidentally broke setting `null` to unassign tasks at some point when I added richer validation.
  - Raise a better error if the user passes junk.

Test Plan:
  - Unassigned a task via API and web UI.
  - Reassigned a task via API and web UI.
  - Tried to do an invalid assign via API, got a sensible error.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10117

Differential Revision: https://secure.phabricator.com/D14992
This commit is contained in:
epriestley 2016-01-11 03:24:03 -08:00
parent b848ab87b3
commit add8333b98
6 changed files with 85 additions and 1 deletions

View file

@ -249,6 +249,7 @@ phutil_register_library_map(array(
'ConduitStringParameterType' => 'applications/conduit/parametertype/ConduitStringParameterType.php', 'ConduitStringParameterType' => 'applications/conduit/parametertype/ConduitStringParameterType.php',
'ConduitTokenGarbageCollector' => 'applications/conduit/garbagecollector/ConduitTokenGarbageCollector.php', 'ConduitTokenGarbageCollector' => 'applications/conduit/garbagecollector/ConduitTokenGarbageCollector.php',
'ConduitUserListParameterType' => 'applications/conduit/parametertype/ConduitUserListParameterType.php', 'ConduitUserListParameterType' => 'applications/conduit/parametertype/ConduitUserListParameterType.php',
'ConduitUserParameterType' => 'applications/conduit/parametertype/ConduitUserParameterType.php',
'ConduitWildParameterType' => 'applications/conduit/parametertype/ConduitWildParameterType.php', 'ConduitWildParameterType' => 'applications/conduit/parametertype/ConduitWildParameterType.php',
'ConpherenceColumnViewController' => 'applications/conpherence/controller/ConpherenceColumnViewController.php', 'ConpherenceColumnViewController' => 'applications/conpherence/controller/ConpherenceColumnViewController.php',
'ConpherenceConduitAPIMethod' => 'applications/conpherence/conduit/ConpherenceConduitAPIMethod.php', 'ConpherenceConduitAPIMethod' => 'applications/conpherence/conduit/ConpherenceConduitAPIMethod.php',
@ -4184,6 +4185,7 @@ phutil_register_library_map(array(
'ConduitStringParameterType' => 'ConduitParameterType', 'ConduitStringParameterType' => 'ConduitParameterType',
'ConduitTokenGarbageCollector' => 'PhabricatorGarbageCollector', 'ConduitTokenGarbageCollector' => 'PhabricatorGarbageCollector',
'ConduitUserListParameterType' => 'ConduitListParameterType', 'ConduitUserListParameterType' => 'ConduitListParameterType',
'ConduitUserParameterType' => 'ConduitParameterType',
'ConduitWildParameterType' => 'ConduitListParameterType', 'ConduitWildParameterType' => 'ConduitListParameterType',
'ConpherenceColumnViewController' => 'ConpherenceController', 'ConpherenceColumnViewController' => 'ConpherenceController',
'ConpherenceConduitAPIMethod' => 'ConduitAPIMethod', 'ConpherenceConduitAPIMethod' => 'ConduitAPIMethod',

View file

@ -0,0 +1,47 @@
<?php
final class ConduitUserParameterType
extends ConduitParameterType {
protected function getParameterValue(array $request, $key) {
$value = parent::getParameterValue($request, $key);
if ($value === null) {
return null;
}
if (!is_string($value)) {
$this->raiseValidationException(
$request,
$key,
pht('Expected PHID or null, got something else.'));
}
$user_phids = id(new PhabricatorUserPHIDResolver())
->setViewer($this->getViewer())
->resolvePHIDs(array($value));
return nonempty(head($user_phids), null);
}
protected function getParameterTypeName() {
return 'phid|string|null';
}
protected function getParameterFormatDescriptions() {
return array(
pht('User PHID.'),
pht('Username.'),
pht('Literal null.'),
);
}
protected function getParameterExamples() {
return array(
'"PHID-USER-1111"',
'"alincoln"',
'null',
);
}
}

View file

@ -829,6 +829,33 @@ final class ManiphestTransactionEditor
last($with_effect)); last($with_effect));
} }
break; break;
case ManiphestTransaction::TYPE_OWNER:
foreach ($xactions as $xaction) {
$old = $xaction->getOldValue();
$new = $xaction->getNewValue();
if (!strlen($new)) {
continue;
}
if ($new === $old) {
continue;
}
$assignee_list = id(new PhabricatorPeopleQuery())
->setViewer($this->getActor())
->withPHIDs(array($new))
->execute();
if (!$assignee_list) {
$errors[] = new PhabricatorApplicationTransactionValidationError(
$type,
pht('Invalid'),
pht(
'User "%s" is not a valid user.',
$new),
$xaction);
}
}
break;
} }
return $errors; return $errors;

View file

@ -1632,6 +1632,7 @@ abstract class PhabricatorEditEngine
array $types, array $types,
PhabricatorApplicationTransaction $template) { PhabricatorApplicationTransaction $template) {
$viewer = $request->getUser();
$transactions_key = 'transactions'; $transactions_key = 'transactions';
$xactions = $request->getValue($transactions_key); $xactions = $request->getValue($transactions_key);
@ -1688,6 +1689,8 @@ abstract class PhabricatorEditEngine
// use usernames in list<user> fields, for example. // use usernames in list<user> fields, for example.
$parameter_type = $type->getConduitParameterType(); $parameter_type = $type->getConduitParameterType();
$parameter_type->setViewer($viewer);
try { try {
$xaction['value'] = $parameter_type->getValue($xaction, 'value'); $xaction['value'] = $parameter_type->getValue($xaction, 'value');
} catch (Exception $ex) { } catch (Exception $ex) {

View file

@ -100,6 +100,7 @@ abstract class PhabricatorPHIDListEditField
$type = new PhabricatorDatasourceEditType(); $type = new PhabricatorDatasourceEditType();
$type->setIsSingleValue($this->getIsSingleValue()); $type->setIsSingleValue($this->getIsSingleValue());
$type->setConduitParameterType($this->newConduitParameterType());
return $type; return $type;
} }

View file

@ -12,7 +12,11 @@ final class PhabricatorUsersEditField
} }
protected function newConduitParameterType() { protected function newConduitParameterType() {
if ($this->getIsSingleValue()) {
return new ConduitUserParameterType();
} else {
return new ConduitUserListParameterType(); return new ConduitUserListParameterType();
} }
}
} }