diff --git a/src/applications/people/controller/PhabricatorPeopleEditController.php b/src/applications/people/controller/PhabricatorPeopleEditController.php index 4704dea640..2f01ea6cb5 100644 --- a/src/applications/people/controller/PhabricatorPeopleEditController.php +++ b/src/applications/people/controller/PhabricatorPeopleEditController.php @@ -39,10 +39,6 @@ final class PhabricatorPeopleEditController $nav->addFilter('cert', pht('Conduit Certificate')); $nav->addFilter('profile', pht('View Profile'), '/p/'.$user->getUsername().'/'); - if ($user->getIsSystemAgent()) { - $nav->addLabel(pht('Special')); - $nav->addFilter('picture', pht('Set Account Picture')); - } if (!$user->getID()) { $this->view = 'basic'; @@ -71,9 +67,6 @@ final class PhabricatorPeopleEditController case 'cert': $response = $this->processCertificateRequest($user); break; - case 'picture': - $response = $this->processSetAccountPicture($user); - break; default: return new Aphront404Response(); } @@ -492,128 +485,4 @@ final class PhabricatorPeopleEditController pht('For a detailed explanation of account roles, see %s.', $roles_link)); } - private function processSetAccountPicture(PhabricatorUser $user) { - $request = $this->getRequest(); - $admin = $request->getUser(); - - $profile = $user->loadUserProfile(); - if (!$profile->getID()) { - $profile->setTitle(''); - $profile->setBlurb(''); - } - - - - $supported_formats = PhabricatorFile::getTransformableImageFormats(); - - $e_image = null; - $errors = array(); - - if ($request->isFormPost()) { - $default_image = $request->getExists('default_image'); - - if ($default_image) { - $profile->setProfileImagePHID(null); - $user->setProfileImagePHID(null); - } else if ($request->getFileExists('image')) { - $file = null; - $file = PhabricatorFile::newFromPHPUpload( - $_FILES['image'], - array( - 'authorPHID' => $admin->getPHID(), - )); - - $okay = $file->isTransformableImage(); - - if ($okay) { - $xformer = new PhabricatorImageTransformer(); - - // Generate the large picture for the profile page. - $large_xformed = $xformer->executeProfileTransform( - $file, - $width = 280, - $min_height = 140, - $max_height = 420); - $profile->setProfileImagePHID($large_xformed->getPHID()); - - // Generate the small picture for comments, etc. - $small_xformed = $xformer->executeProfileTransform( - $file, - $width = 50, - $min_height = 50, - $max_height = 50); - $user->setProfileImagePHID($small_xformed->getPHID()); - } else { - $e_image = pht('Not Supported'); - $errors[] = - pht('This server only supports these image formats:'). - ' ' .implode(', ', $supported_formats); - } - } - - if (!$errors) { - $user->save(); - $profile->save(); - $response = id(new AphrontRedirectResponse()) - ->setURI('/people/edit/'.$user->getID().'/picture/'); - return $response; - } - } - - - $error_view = null; - if ($errors) { - $error_view = new AphrontErrorView(); - $error_view->setTitle(pht('Form Errors')); - $error_view->setErrors($errors); - } else { - if ($request->getStr('saved')) { - $error_view = new AphrontErrorView(); - $error_view->setSeverity(AphrontErrorView::SEVERITY_NOTICE); - $error_view->setTitle(pht('Changes Saved')); - $error_view->appendChild( - phutil_tag('p', array(), pht('Your changes have been saved.'))); - $error_view = $error_view->render(); - } - } - - $img_src = $user->loadProfileImageURI(); - - $form = new AphrontFormView(); - $form - ->setUser($admin) - ->setAction($request->getRequestURI()) - ->setEncType('multipart/form-data') - ->appendChild( - id(new AphrontFormMarkupControl()) - ->setLabel(pht('Profile Image')) - ->setValue( - phutil_tag( - 'img', - array( - 'src' => $img_src, - )))) - ->appendChild( - id(new AphrontFormImageControl()) - ->setLabel(pht('Change Image')) - ->setName('image') - ->setError($e_image) - ->setCaption( - pht('Supported formats: %s', implode(', ', $supported_formats)))); - - $form->appendChild( - id(new AphrontFormSubmitControl()) - ->setValue(pht('Save')) - ->addCancelButton('/people/edit/'.$user->getID().'/')); - - $panel = new AphrontPanelView(); - $panel->setHeader(pht('Set Profile Picture')); - $panel->setWidth(AphrontPanelView::WIDTH_FORM); - $panel->setNoBackground(); - $panel->appendChild($form); - - return array($error_view, $panel); - - } - } diff --git a/src/applications/people/controller/PhabricatorPeopleProfileController.php b/src/applications/people/controller/PhabricatorPeopleProfileController.php index a8522b4595..7654d7d3cc 100644 --- a/src/applications/people/controller/PhabricatorPeopleProfileController.php +++ b/src/applications/people/controller/PhabricatorPeopleProfileController.php @@ -42,7 +42,10 @@ final class PhabricatorPeopleProfileController ->setObjectURI($this->getRequest()->getRequestURI()) ->setUser($viewer); - $can_edit = ($user->getPHID() == $viewer->getPHID()); + $can_edit = PhabricatorPolicyFilter::hasCapability( + $viewer, + $user, + PhabricatorPolicyCapability::CAN_EDIT); $actions->addAction( id(new PhabricatorActionView()) diff --git a/src/applications/people/controller/PhabricatorPeopleProfileEditController.php b/src/applications/people/controller/PhabricatorPeopleProfileEditController.php index 5c5ff58912..f8643948c8 100644 --- a/src/applications/people/controller/PhabricatorPeopleProfileEditController.php +++ b/src/applications/people/controller/PhabricatorPeopleProfileEditController.php @@ -36,7 +36,7 @@ final class PhabricatorPeopleProfileEditController $user, PhabricatorCustomField::ROLE_EDIT); $field_list - ->setViewer($user) + ->setViewer($viewer) ->readFieldsFromStorage($user); $validation_exception = null; @@ -76,7 +76,7 @@ final class PhabricatorPeopleProfileEditController ->setValue(pht('Save Profile'))); $form_box = id(new PHUIObjectBoxView()) - ->setHeaderText(pht('Edit Your Profile')) + ->setHeaderText(pht('Edit Profile')) ->setValidationException($validation_exception) ->setForm($form); diff --git a/src/applications/people/controller/PhabricatorPeopleProfilePictureController.php b/src/applications/people/controller/PhabricatorPeopleProfilePictureController.php index 07e12639f0..43921ac9f4 100644 --- a/src/applications/people/controller/PhabricatorPeopleProfilePictureController.php +++ b/src/applications/people/controller/PhabricatorPeopleProfilePictureController.php @@ -155,7 +155,7 @@ final class PhabricatorPeopleProfilePictureController if (PhabricatorEnv::getEnvConfig('security.allow-outbound-http')) { $emails = id(new PhabricatorUserEmail())->loadAllWhere( 'userPHID = %s ORDER BY address', - $viewer->getPHID()); + $user->getPHID()); $futures = array(); foreach ($emails as $email_object) { @@ -262,7 +262,7 @@ final class PhabricatorPeopleProfilePictureController ->setForm($form); $upload_form = id(new AphrontFormView()) - ->setUser($user) + ->setUser($viewer) ->setEncType('multipart/form-data') ->appendChild( id(new AphrontFormFileControl()) diff --git a/src/applications/people/storage/PhabricatorUser.php b/src/applications/people/storage/PhabricatorUser.php index ca55f0cef9..1d3192cb62 100644 --- a/src/applications/people/storage/PhabricatorUser.php +++ b/src/applications/people/storage/PhabricatorUser.php @@ -739,7 +739,11 @@ EOBODY; case PhabricatorPolicyCapability::CAN_VIEW: return PhabricatorPolicies::POLICY_PUBLIC; case PhabricatorPolicyCapability::CAN_EDIT: - return PhabricatorPolicies::POLICY_NOONE; + if ($this->getIsSystemAgent()) { + return PhabricatorPolicies::POLICY_ADMIN; + } else { + return PhabricatorPolicies::POLICY_NOONE; + } } }