Allow administrators to edit System Agent information from the agent's profile

Summary:
Ref T4065. Currently, we have this super copy/pasted "edit profile picture" UI for system agents.

Instead, give administrators direct access from profiles, so they can use the same code pages do.

Test Plan: Edited my profile picture and profile details. Edited an agent's. Was unable to edit a non-agent user.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4065

Differential Revision: https://secure.phabricator.com/D8664

src/applications/people/controller/PhabricatorPeopleEditController.php

@@ -39,10 +39,6 @@ final class PhabricatorPeopleEditController
     $nav->addFilter('cert', pht('Conduit Certificate'));
     $nav->addFilter('profile',
       pht('View Profile'), '/p/'.$user->getUsername().'/');
-    if ($user->getIsSystemAgent()) {
-      $nav->addLabel(pht('Special'));
-      $nav->addFilter('picture', pht('Set Account Picture'));
-    }
 
     if (!$user->getID()) {
       $this->view = 'basic';
@@ -71,9 +67,6 @@ final class PhabricatorPeopleEditController
       case 'cert':
         $response = $this->processCertificateRequest($user);
         break;
-      case 'picture':
-        $response = $this->processSetAccountPicture($user);
-        break;
       default:
         return new Aphront404Response();
     }
@@ -492,128 +485,4 @@ final class PhabricatorPeopleEditController
       pht('For a detailed explanation of account roles, see %s.', $roles_link));
   }
 
-  private function processSetAccountPicture(PhabricatorUser $user) {
-    $request = $this->getRequest();
-    $admin = $request->getUser();
-
-    $profile = $user->loadUserProfile();
-    if (!$profile->getID()) {
-      $profile->setTitle('');
-      $profile->setBlurb('');
-    }
-
-
-
-    $supported_formats = PhabricatorFile::getTransformableImageFormats();
-
-    $e_image = null;
-    $errors = array();
-
-    if ($request->isFormPost()) {
-      $default_image = $request->getExists('default_image');
-
-      if ($default_image) {
-        $profile->setProfileImagePHID(null);
-        $user->setProfileImagePHID(null);
-      } else if ($request->getFileExists('image')) {
-        $file = null;
-        $file = PhabricatorFile::newFromPHPUpload(
-          $_FILES['image'],
-          array(
-            'authorPHID' => $admin->getPHID(),
-          ));
-
-        $okay = $file->isTransformableImage();
-
-        if ($okay) {
-          $xformer = new PhabricatorImageTransformer();
-
-          // Generate the large picture for the profile page.
-          $large_xformed = $xformer->executeProfileTransform(
-            $file,
-            $width = 280,
-            $min_height = 140,
-            $max_height = 420);
-          $profile->setProfileImagePHID($large_xformed->getPHID());
-
-          // Generate the small picture for comments, etc.
-          $small_xformed = $xformer->executeProfileTransform(
-            $file,
-            $width = 50,
-            $min_height = 50,
-            $max_height = 50);
-          $user->setProfileImagePHID($small_xformed->getPHID());
-        } else {
-          $e_image = pht('Not Supported');
-          $errors[] =
-            pht('This server only supports these image formats:').
-              ' ' .implode(', ', $supported_formats);
-        }
-      }
-
-     if (!$errors) {
-       $user->save();
-       $profile->save();
-        $response = id(new AphrontRedirectResponse())
-          ->setURI('/people/edit/'.$user->getID().'/picture/');
-        return $response;
-      }
-    }
-
-
-    $error_view = null;
-    if ($errors) {
-      $error_view = new AphrontErrorView();
-      $error_view->setTitle(pht('Form Errors'));
-      $error_view->setErrors($errors);
-    } else {
-      if ($request->getStr('saved')) {
-        $error_view = new AphrontErrorView();
-        $error_view->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
-        $error_view->setTitle(pht('Changes Saved'));
-        $error_view->appendChild(
-          phutil_tag('p', array(), pht('Your changes have been saved.')));
-        $error_view = $error_view->render();
-      }
-    }
-
-    $img_src = $user->loadProfileImageURI();
-
-    $form = new AphrontFormView();
-    $form
-      ->setUser($admin)
-      ->setAction($request->getRequestURI())
-      ->setEncType('multipart/form-data')
-      ->appendChild(
-        id(new AphrontFormMarkupControl())
-          ->setLabel(pht('Profile Image'))
-          ->setValue(
-            phutil_tag(
-              'img',
-              array(
-                'src' => $img_src,
-              ))))
-      ->appendChild(
-        id(new AphrontFormImageControl())
-          ->setLabel(pht('Change Image'))
-          ->setName('image')
-          ->setError($e_image)
-          ->setCaption(
-            pht('Supported formats: %s', implode(', ', $supported_formats))));
-
-      $form->appendChild(
-      id(new AphrontFormSubmitControl())
-        ->setValue(pht('Save'))
-        ->addCancelButton('/people/edit/'.$user->getID().'/'));
-
-    $panel = new AphrontPanelView();
-    $panel->setHeader(pht('Set Profile Picture'));
-    $panel->setWidth(AphrontPanelView::WIDTH_FORM);
-    $panel->setNoBackground();
-    $panel->appendChild($form);
-
-    return array($error_view, $panel);
-
-  }
-
 }

src/applications/people/controller/PhabricatorPeopleProfileController.php

@@ -42,7 +42,10 @@ final class PhabricatorPeopleProfileController
       ->setObjectURI($this->getRequest()->getRequestURI())
       ->setUser($viewer);
 
-    $can_edit = ($user->getPHID() == $viewer->getPHID());
+    $can_edit = PhabricatorPolicyFilter::hasCapability(
+      $viewer,
+      $user,
+      PhabricatorPolicyCapability::CAN_EDIT);
 
     $actions->addAction(
       id(new PhabricatorActionView())

src/applications/people/controller/PhabricatorPeopleProfileEditController.php

@@ -36,7 +36,7 @@ final class PhabricatorPeopleProfileEditController
       $user,
       PhabricatorCustomField::ROLE_EDIT);
     $field_list
-      ->setViewer($user)
+      ->setViewer($viewer)
       ->readFieldsFromStorage($user);
 
     $validation_exception = null;
@@ -76,7 +76,7 @@ final class PhabricatorPeopleProfileEditController
           ->setValue(pht('Save Profile')));
 
     $form_box = id(new PHUIObjectBoxView())
-      ->setHeaderText(pht('Edit Your Profile'))
+      ->setHeaderText(pht('Edit Profile'))
       ->setValidationException($validation_exception)
       ->setForm($form);
 

src/applications/people/controller/PhabricatorPeopleProfilePictureController.php

@@ -155,7 +155,7 @@ final class PhabricatorPeopleProfilePictureController
     if (PhabricatorEnv::getEnvConfig('security.allow-outbound-http')) {
       $emails = id(new PhabricatorUserEmail())->loadAllWhere(
         'userPHID = %s ORDER BY address',
-        $viewer->getPHID());
+        $user->getPHID());
 
       $futures = array();
       foreach ($emails as $email_object) {
@@ -262,7 +262,7 @@ final class PhabricatorPeopleProfilePictureController
       ->setForm($form);
 
     $upload_form = id(new AphrontFormView())
-      ->setUser($user)
+      ->setUser($viewer)
       ->setEncType('multipart/form-data')
       ->appendChild(
         id(new AphrontFormFileControl())

src/applications/people/storage/PhabricatorUser.php

@@ -739,9 +739,13 @@ EOBODY;
       case PhabricatorPolicyCapability::CAN_VIEW:
         return PhabricatorPolicies::POLICY_PUBLIC;
       case PhabricatorPolicyCapability::CAN_EDIT:
+        if ($this->getIsSystemAgent()) {
+          return PhabricatorPolicies::POLICY_ADMIN;
+        } else {
           return PhabricatorPolicies::POLICY_NOONE;
         }
     }
+  }
 
   public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
     return $this->getPHID() && ($viewer->getPHID() === $this->getPHID());