From c818e6e15908f6f1975e64594e35d48610c56c85 Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Mon, 11 Nov 2013 16:05:19 -0800
Subject: [PATCH] Remove `differential.anonymous-access`

Summary:
Fixes T3034. This is obsoleted by modern policies.

This was written by a Facebook intern and is rarely used -- the Hive install might be the only use in the wild. It has never really worked correctly.

Test Plan: `grep`; browsed Differential.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3034

Differential Revision: https://secure.phabricator.com/D7568
---
 .../check/PhabricatorSetupCheckExtraConfig.php       |  3 +++
 .../ConduitAPI_differential_getdiff_Method.php       |  8 ++++----
 .../config/PhabricatorDifferentialConfigOptions.php  | 12 ------------
 .../DifferentialChangesetViewController.php          |  8 --------
 .../controller/DifferentialController.php            |  4 ----
 .../DifferentialRevisionListController.php           |  7 -------
 .../DifferentialRevisionViewController.php           |  7 -------
 7 files changed, 7 insertions(+), 42 deletions(-)

diff --git a/src/applications/config/check/PhabricatorSetupCheckExtraConfig.php b/src/applications/config/check/PhabricatorSetupCheckExtraConfig.php
index ed76ab1997..0cb174e888 100644
--- a/src/applications/config/check/PhabricatorSetupCheckExtraConfig.php
+++ b/src/applications/config/check/PhabricatorSetupCheckExtraConfig.php
@@ -164,6 +164,9 @@ final class PhabricatorSetupCheckExtraConfig extends PhabricatorSetupCheck {
       'differential.custom-remarkup-block-rules' => $markup_reason,
       'auth.sshkeys.enabled' => pht(
         'SSH keys are now actually useful, so they are always enabled.'),
+      'differential.anonymous-access' => pht(
+        'Phabricator now has meaningful global access controls. See '.
+        '`policy.allow-public`.'),
     );
 
     return $ancient_config;
diff --git a/src/applications/differential/conduit/ConduitAPI_differential_getdiff_Method.php b/src/applications/differential/conduit/ConduitAPI_differential_getdiff_Method.php
index 2c864a43ab..dd5d6e495f 100644
--- a/src/applications/differential/conduit/ConduitAPI_differential_getdiff_Method.php
+++ b/src/applications/differential/conduit/ConduitAPI_differential_getdiff_Method.php
@@ -6,6 +6,10 @@
 final class ConduitAPI_differential_getdiff_Method
   extends ConduitAPIMethod {
 
+  public function shouldAllowPublic() {
+    return true;
+  }
+
   public function getMethodStatus() {
     return self::METHOD_STATUS_DEPRECATED;
   }
@@ -38,10 +42,6 @@ final class ConduitAPI_differential_getdiff_Method
     );
   }
 
-  public function shouldRequireAuthentication() {
-    return !PhabricatorEnv::getEnvConfig('differential.anonymous-access');
-  }
-
   protected function execute(ConduitAPIRequest $request) {
     $diff_id = $request->getValue('diff_id');
 
diff --git a/src/applications/differential/config/PhabricatorDifferentialConfigOptions.php b/src/applications/differential/config/PhabricatorDifferentialConfigOptions.php
index 6f86a907c3..0066d40271 100644
--- a/src/applications/differential/config/PhabricatorDifferentialConfigOptions.php
+++ b/src/applications/differential/config/PhabricatorDifferentialConfigOptions.php
@@ -96,18 +96,6 @@ final class PhabricatorDifferentialConfigOptions
             'sketchy and implies the revision may not actually be receiving '.
             'thorough review. You can enable "!accept" by setting this '.
             'option to true.')),
-      $this->newOption('differential.anonymous-access', 'bool', false)
-        ->setBoolOptions(
-          array(
-            pht('Allow guests to view revisions'),
-            pht('Require authentication to view revisions'),
-          ))
-        ->setSummary(pht('Anonymous access to Differential revisions.'))
-        ->setDescription(
-          pht(
-            "If you set this to true, users won't need to login to view ".
-            "Differential revisions. Anonymous users will have read-only ".
-            "access and won't be able to interact with the revisions.")),
       $this->newOption('differential.generated-paths', 'list<regex>', array())
         ->setSummary(pht("File regexps to treat as automatically generated."))
         ->setDescription(
diff --git a/src/applications/differential/controller/DifferentialChangesetViewController.php b/src/applications/differential/controller/DifferentialChangesetViewController.php
index a99ad41268..b952c7dee4 100644
--- a/src/applications/differential/controller/DifferentialChangesetViewController.php
+++ b/src/applications/differential/controller/DifferentialChangesetViewController.php
@@ -2,14 +2,6 @@
 
 final class DifferentialChangesetViewController extends DifferentialController {
 
-  public function shouldRequireLogin() {
-    if ($this->allowsAnonymousAccess()) {
-      return false;
-    }
-
-    return parent::shouldRequireLogin();
-  }
-
   public function shouldAllowPublic() {
     return true;
   }
diff --git a/src/applications/differential/controller/DifferentialController.php b/src/applications/differential/controller/DifferentialController.php
index f61722d078..c6a27020bc 100644
--- a/src/applications/differential/controller/DifferentialController.php
+++ b/src/applications/differential/controller/DifferentialController.php
@@ -2,10 +2,6 @@
 
 abstract class DifferentialController extends PhabricatorController {
 
-  protected function allowsAnonymousAccess() {
-    return PhabricatorEnv::getEnvConfig('differential.anonymous-access');
-  }
-
   public function buildApplicationCrumbs() {
     $crumbs = parent::buildApplicationCrumbs();
 
diff --git a/src/applications/differential/controller/DifferentialRevisionListController.php b/src/applications/differential/controller/DifferentialRevisionListController.php
index 8322f5615b..39cc2a605b 100644
--- a/src/applications/differential/controller/DifferentialRevisionListController.php
+++ b/src/applications/differential/controller/DifferentialRevisionListController.php
@@ -5,13 +5,6 @@ final class DifferentialRevisionListController extends DifferentialController
 
   private $queryKey;
 
-  public function shouldRequireLogin() {
-    if ($this->allowsAnonymousAccess()) {
-      return false;
-    }
-    return parent::shouldRequireLogin();
-  }
-
   public function shouldAllowPublic() {
     return true;
   }
diff --git a/src/applications/differential/controller/DifferentialRevisionViewController.php b/src/applications/differential/controller/DifferentialRevisionViewController.php
index ee0e13f6eb..460d24f529 100644
--- a/src/applications/differential/controller/DifferentialRevisionViewController.php
+++ b/src/applications/differential/controller/DifferentialRevisionViewController.php
@@ -4,13 +4,6 @@ final class DifferentialRevisionViewController extends DifferentialController {
 
   private $revisionID;
 
-  public function shouldRequireLogin() {
-    if ($this->allowsAnonymousAccess()) {
-      return false;
-    }
-    return parent::shouldRequireLogin();
-  }
-
   public function shouldAllowPublic() {
     return true;
   }