mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-29 10:12:41 +01:00
Update PhortunePaymentMethod for modern policy interfaces
Summary: Depends on D20717. Ref T13366. Make PhortunePaymentMethod use an extended policy interface for consistency with modern approaches. Since Accounts have hard-coded policy behavior (and can't have object policies like "Subscribers") this should have no actual impact on program behavior. This leaves one weird piece in the policy dialog UIs, see T13381. Test Plan: Viewed and edited payment methods as a merchant and account member. Merchants can only view, not edit. Maniphest Tasks: T13366 Differential Revision: https://secure.phabricator.com/D20718
This commit is contained in:
parent
0cc7e8eeb8
commit
c4e0ac4d27
6 changed files with 87 additions and 20 deletions
|
@ -5329,6 +5329,7 @@ phutil_register_library_map(array(
|
|||
'PhortunePaymentMethodDisableController' => 'applications/phortune/controller/payment/PhortunePaymentMethodDisableController.php',
|
||||
'PhortunePaymentMethodEditController' => 'applications/phortune/controller/payment/PhortunePaymentMethodEditController.php',
|
||||
'PhortunePaymentMethodPHIDType' => 'applications/phortune/phid/PhortunePaymentMethodPHIDType.php',
|
||||
'PhortunePaymentMethodPolicyCodex' => 'applications/phortune/codex/PhortunePaymentMethodPolicyCodex.php',
|
||||
'PhortunePaymentMethodQuery' => 'applications/phortune/query/PhortunePaymentMethodQuery.php',
|
||||
'PhortunePaymentProvider' => 'applications/phortune/provider/PhortunePaymentProvider.php',
|
||||
'PhortunePaymentProviderConfig' => 'applications/phortune/storage/PhortunePaymentProviderConfig.php',
|
||||
|
@ -11893,11 +11894,14 @@ phutil_register_library_map(array(
|
|||
'PhortunePaymentMethod' => array(
|
||||
'PhortuneDAO',
|
||||
'PhabricatorPolicyInterface',
|
||||
'PhabricatorExtendedPolicyInterface',
|
||||
'PhabricatorPolicyCodexInterface',
|
||||
),
|
||||
'PhortunePaymentMethodCreateController' => 'PhortuneController',
|
||||
'PhortunePaymentMethodDisableController' => 'PhortuneController',
|
||||
'PhortunePaymentMethodEditController' => 'PhortuneController',
|
||||
'PhortunePaymentMethodPHIDType' => 'PhabricatorPHIDType',
|
||||
'PhortunePaymentMethodPolicyCodex' => 'PhabricatorPolicyCodex',
|
||||
'PhortunePaymentMethodQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
|
||||
'PhortunePaymentProvider' => 'Phobject',
|
||||
'PhortunePaymentProviderConfig' => array(
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
<?php
|
||||
|
||||
final class PhortunePaymentMethodPolicyCodex
|
||||
extends PhabricatorPolicyCodex {
|
||||
|
||||
public function getPolicySpecialRuleDescriptions() {
|
||||
$object = $this->getObject();
|
||||
|
||||
$rules = array();
|
||||
|
||||
$rules[] = $this->newRule()
|
||||
->setCapabilities(
|
||||
array(
|
||||
PhabricatorPolicyCapability::CAN_VIEW,
|
||||
))
|
||||
->setIsActive(true)
|
||||
->setDescription(
|
||||
pht(
|
||||
'Account members may view and edit payment methods.'));
|
||||
|
||||
$rules[] = $this->newRule()
|
||||
->setCapabilities(
|
||||
array(
|
||||
PhabricatorPolicyCapability::CAN_VIEW,
|
||||
))
|
||||
->setIsActive(true)
|
||||
->setDescription(
|
||||
pht(
|
||||
'Merchants you have a relationship with may view associated '.
|
||||
'payment methods.'));
|
||||
|
||||
return $rules;
|
||||
}
|
||||
|
||||
}
|
|
@ -34,7 +34,6 @@ final class PhortuneAccountPaymentMethodsController
|
|||
->setCrumbs($crumbs)
|
||||
->setNavigation($navigation)
|
||||
->appendChild($view);
|
||||
|
||||
}
|
||||
|
||||
private function buildPaymentMethodsSection(PhortuneAccount $account) {
|
||||
|
|
|
@ -53,6 +53,7 @@ final class PhortunePaymentMethodQuery
|
|||
$account = idx($accounts, $method->getAccountPHID());
|
||||
if (!$account) {
|
||||
unset($methods[$key]);
|
||||
$this->didRejectResult($method);
|
||||
continue;
|
||||
}
|
||||
$method->attachAccount($account);
|
||||
|
@ -72,6 +73,7 @@ final class PhortunePaymentMethodQuery
|
|||
$merchant = idx($merchants, $method->getMerchantPHID());
|
||||
if (!$merchant) {
|
||||
unset($methods[$key]);
|
||||
$this->didRejectResult($method);
|
||||
continue;
|
||||
}
|
||||
$method->attachMerchant($merchant);
|
||||
|
@ -91,6 +93,7 @@ final class PhortunePaymentMethodQuery
|
|||
$provider_config = idx($provider_configs, $method->getProviderPHID());
|
||||
if (!$provider_config) {
|
||||
unset($methods[$key]);
|
||||
$this->didRejectResult($method);
|
||||
continue;
|
||||
}
|
||||
$method->attachProviderConfig($provider_config);
|
||||
|
|
|
@ -4,8 +4,12 @@
|
|||
* A payment method is a credit card; it is associated with an account and
|
||||
* charges can be made against it.
|
||||
*/
|
||||
final class PhortunePaymentMethod extends PhortuneDAO
|
||||
implements PhabricatorPolicyInterface {
|
||||
final class PhortunePaymentMethod
|
||||
extends PhortuneDAO
|
||||
implements
|
||||
PhabricatorPolicyInterface,
|
||||
PhabricatorExtendedPolicyInterface,
|
||||
PhabricatorPolicyCodexInterface {
|
||||
|
||||
const STATUS_ACTIVE = 'payment:active';
|
||||
const STATUS_DISABLED = 'payment:disabled';
|
||||
|
@ -148,18 +152,50 @@ final class PhortunePaymentMethod extends PhortuneDAO
|
|||
}
|
||||
|
||||
public function getPolicy($capability) {
|
||||
return $this->getAccount()->getPolicy($capability);
|
||||
return PhabricatorPolicies::getMostOpenPolicy();
|
||||
}
|
||||
|
||||
public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
|
||||
return $this->getAccount()->hasAutomaticCapability(
|
||||
$capability,
|
||||
$viewer);
|
||||
|
||||
// See T13366. If you can edit the merchant associated with this payment
|
||||
// method, you can view the payment method.
|
||||
if ($capability === PhabricatorPolicyCapability::CAN_VIEW) {
|
||||
$any_edit = PhortuneMerchantQuery::canViewersEditMerchants(
|
||||
array($viewer->getPHID()),
|
||||
array($this->getMerchantPHID()));
|
||||
if ($any_edit) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
public function describeAutomaticCapability($capability) {
|
||||
return pht(
|
||||
'Members of an account can always view and edit its payment methods.');
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/* -( PhabricatorExtendedPolicyInterface )--------------------------------- */
|
||||
|
||||
|
||||
public function getExtendedPolicy($capability, PhabricatorUser $viewer) {
|
||||
if ($this->hasAutomaticCapability($capability, $viewer)) {
|
||||
return array();
|
||||
}
|
||||
|
||||
// See T13366. For blanket view and edit permissions on all payment
|
||||
// methods, you must be able to edit the associated account.
|
||||
return array(
|
||||
array(
|
||||
$this->getAccount(),
|
||||
PhabricatorPolicyCapability::CAN_EDIT,
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
/* -( PhabricatorPolicyCodexInterface )------------------------------------ */
|
||||
|
||||
|
||||
public function newPolicyCodex() {
|
||||
return new PhortunePaymentMethodPolicyCodex();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -44,16 +44,6 @@ abstract class PhabricatorPolicyCodex
|
|||
return null;
|
||||
}
|
||||
|
||||
final public function getPolicySpecialRuleForCapability($capability) {
|
||||
foreach ($this->getPolicySpecialRuleDescriptions() as $rule) {
|
||||
if (in_array($capability, $rule->getCapabilities())) {
|
||||
return $rule;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
final protected function newRule() {
|
||||
return new PhabricatorPolicyCodexRuleDescription();
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue