mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-24 21:48:21 +01:00
Don't require edit capability on the Favorites application to edit personal menu items
Summary: Ref T11096. Currently, editing ProfileMenuItemConfigurations always requires that you can edit the corresponding object. This is correct for global items (for example: you can't change the global menu for a project unless you can edit the project) but not for personal items. For personal items, only require that the user can edit the `customPHID` object. Today, this is always their own profile. Test Plan: As a non-admin, edited personal menu items. Reviewers: chad Reviewed By: chad Maniphest Tasks: T11096 Differential Revision: https://secure.phabricator.com/D17228
This commit is contained in:
parent
269dd81f91
commit
b0dfd42eef
2 changed files with 25 additions and 4 deletions
|
@ -557,10 +557,16 @@ abstract class PhabricatorProfileMenuEngine extends Phobject {
|
||||||
$first_item->willBuildNavigationItems($group);
|
$first_item->willBuildNavigationItems($group);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Users only need to be able to edit the object which this menu appears
|
||||||
|
// on if they're editing global menu items. For example, users do not need
|
||||||
|
// to be able to edit the Favorites application to add new items to the
|
||||||
|
// Favorites menu.
|
||||||
|
if (!$this->getCustomPHID()) {
|
||||||
PhabricatorPolicyFilter::requireCapability(
|
PhabricatorPolicyFilter::requireCapability(
|
||||||
$viewer,
|
$viewer,
|
||||||
$object,
|
$object,
|
||||||
PhabricatorPolicyCapability::CAN_EDIT);
|
PhabricatorPolicyCapability::CAN_EDIT);
|
||||||
|
}
|
||||||
|
|
||||||
$list_id = celerity_generate_unique_node_id();
|
$list_id = celerity_generate_unique_node_id();
|
||||||
|
|
||||||
|
|
|
@ -189,6 +189,21 @@ final class PhabricatorProfileMenuItemConfiguration
|
||||||
|
|
||||||
|
|
||||||
public function getExtendedPolicy($capability, PhabricatorUser $viewer) {
|
public function getExtendedPolicy($capability, PhabricatorUser $viewer) {
|
||||||
|
// If this is an item with a custom PHID (like a personal menu item),
|
||||||
|
// we only require that the user can edit the corresponding custom
|
||||||
|
// object (usually their own user profile), not the object that the
|
||||||
|
// menu appears on (which may be an Application like Favorites or Home).
|
||||||
|
if ($capability == PhabricatorPolicyCapability::CAN_EDIT) {
|
||||||
|
if ($this->getCustomPHID()) {
|
||||||
|
return array(
|
||||||
|
array(
|
||||||
|
$this->getCustomPHID(),
|
||||||
|
$capability,
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
array(
|
array(
|
||||||
$this->getProfileObject(),
|
$this->getProfileObject(),
|
||||||
|
|
Loading…
Add table
Reference in a new issue