mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-22 05:20:56 +01:00
Prevent "Manage" profile menu items from being hidden
Summary: Ref T10054. Prevent users from removing this item and locking themselves out of the system unless they can guess the URI. Test Plan: Tried to disable "Manage", wasn't permitted to. Reviewers: chad Reviewed By: chad Maniphest Tasks: T10054 Differential Revision: https://secure.phabricator.com/D15113
This commit is contained in:
parent
e7195628d5
commit
c11c7f2900
6 changed files with 42 additions and 3 deletions
|
@ -13,6 +13,11 @@ final class PhabricatorPeopleManageProfilePanel
|
||||||
return pht('Manage');
|
return pht('Manage');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function canHidePanel(
|
||||||
|
PhabricatorProfilePanelConfiguration $config) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
public function getDisplayName(
|
public function getDisplayName(
|
||||||
PhabricatorProfilePanelConfiguration $config) {
|
PhabricatorProfilePanelConfiguration $config) {
|
||||||
$name = $config->getPanelProperty('name');
|
$name = $config->getPanelProperty('name');
|
||||||
|
|
|
@ -13,6 +13,11 @@ final class PhabricatorProjectManageProfilePanel
|
||||||
return pht('Manage');
|
return pht('Manage');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function canHidePanel(
|
||||||
|
PhabricatorProfilePanelConfiguration $config) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
public function canMakeDefault(
|
public function canMakeDefault(
|
||||||
PhabricatorProfilePanelConfiguration $config) {
|
PhabricatorProfilePanelConfiguration $config) {
|
||||||
return true;
|
return true;
|
||||||
|
|
|
@ -600,10 +600,13 @@ abstract class PhabricatorProfilePanelEngine extends Phobject {
|
||||||
$hide_text = pht('Delete');
|
$hide_text = pht('Delete');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$can_disable = $panel->canHidePanel();
|
||||||
|
|
||||||
$item->addAction(
|
$item->addAction(
|
||||||
id(new PHUIListItemView())
|
id(new PHUIListItemView())
|
||||||
->setHref($hide_uri)
|
->setHref($hide_uri)
|
||||||
->setWorkflow(true)
|
->setWorkflow(true)
|
||||||
|
->setDisabled(!$can_disable)
|
||||||
->setName($hide_text)
|
->setName($hide_text)
|
||||||
->setIcon($hide_icon));
|
->setIcon($hide_icon));
|
||||||
}
|
}
|
||||||
|
@ -761,6 +764,14 @@ abstract class PhabricatorProfilePanelEngine extends Phobject {
|
||||||
$configuration,
|
$configuration,
|
||||||
PhabricatorPolicyCapability::CAN_EDIT);
|
PhabricatorPolicyCapability::CAN_EDIT);
|
||||||
|
|
||||||
|
if (!$configuration->canHidePanel()) {
|
||||||
|
return $controller->newDialog()
|
||||||
|
->setTitle(pht('Mandatory Panel'))
|
||||||
|
->appendParagraph(
|
||||||
|
pht('This panel is very important, and can not be disabled.'))
|
||||||
|
->addCancelButton($this->getConfigureURI());
|
||||||
|
}
|
||||||
|
|
||||||
if ($configuration->getBuiltinKey() === null) {
|
if ($configuration->getBuiltinKey() === null) {
|
||||||
$new_value = null;
|
$new_value = null;
|
||||||
|
|
||||||
|
|
|
@ -30,6 +30,11 @@ abstract class PhabricatorProfilePanel extends Phobject {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function canHidePanel(
|
||||||
|
PhabricatorProfilePanelConfiguration $config) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
public function canMakeDefault(
|
public function canMakeDefault(
|
||||||
PhabricatorProfilePanelConfiguration $config) {
|
PhabricatorProfilePanelConfiguration $config) {
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -105,6 +105,10 @@ final class PhabricatorProfilePanelConfiguration
|
||||||
return $this->getPanel()->canMakeDefault($this);
|
return $this->getPanel()->canMakeDefault($this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function canHidePanel() {
|
||||||
|
return $this->getPanel()->canHidePanel($this);
|
||||||
|
}
|
||||||
|
|
||||||
public function getSortKey() {
|
public function getSortKey() {
|
||||||
$order = $this->getPanelOrder();
|
$order = $this->getPanelOrder();
|
||||||
if ($order === null) {
|
if ($order === null) {
|
||||||
|
@ -120,6 +124,9 @@ final class PhabricatorProfilePanelConfiguration
|
||||||
}
|
}
|
||||||
|
|
||||||
public function isDisabled() {
|
public function isDisabled() {
|
||||||
|
if (!$this->canHidePanel()) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
return ($this->getVisibility() === self::VISIBILITY_DISABLED);
|
return ($this->getVisibility() === self::VISIBILITY_DISABLED);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -40,9 +40,10 @@ You can only edit an object's menu if you can edit the object. For example, you
|
||||||
must have permission to edit a project in order to reconfigure the menu for the
|
must have permission to edit a project in order to reconfigure the menu for the
|
||||||
project.
|
project.
|
||||||
|
|
||||||
To edit a menu, click {nav icon="pencil", name="Edit Menu"}. This brings you to
|
To edit a menu, click {nav icon="cogs", name="Manage"} in the menu, then click
|
||||||
the menu configuration interface which allows you to add and remove items,
|
{nav icon="th-list", name="Edit Menu"}. This brings you to the menu
|
||||||
reorder the menu, edit existing items, and choose a default item.
|
configuration interface which allows you to add and remove items, reorder the
|
||||||
|
menu, edit existing items, and choose a default item.
|
||||||
|
|
||||||
Menus are comprised of a list of items. Some of the items are builtin
|
Menus are comprised of a list of items. Some of the items are builtin
|
||||||
(for example, projects have builtin "Profile", "Workboard" and "Members"
|
(for example, projects have builtin "Profile", "Workboard" and "Members"
|
||||||
|
@ -95,6 +96,11 @@ Builtin items can not be deleted and have a
|
||||||
not delete them. You an re-enable a disabled item with the
|
not delete them. You an re-enable a disabled item with the
|
||||||
{nav icon="plus', name="Enable"} action.
|
{nav icon="plus', name="Enable"} action.
|
||||||
|
|
||||||
|
A few items can not be hidden or deleted. For example, the
|
||||||
|
{nav icon="cogs", name="Manage"} item must always be available in the menu
|
||||||
|
because if you hid it by accident there would no longer be a way to access
|
||||||
|
the configuration interface and fix the mistake.
|
||||||
|
|
||||||
Removing or hiding an item does not disable the underlying functionality.
|
Removing or hiding an item does not disable the underlying functionality.
|
||||||
For example, if you hide the "Members" item for a project, that just removes
|
For example, if you hide the "Members" item for a project, that just removes
|
||||||
it from the menu. The project still has members, and users can still navigate
|
it from the menu. The project still has members, and users can still navigate
|
||||||
|
|
Loading…
Reference in a new issue