revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-02-02 18:08:26 +01:00
Code Issues Releases Wiki Activity

Make HeraldRuleQuery policy-aware

Browse source 
Summary: Ref T2769. dem policy checks

Test Plan: Loaded `/herald/`; loaded rule editor.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2769

Differential Revision: https://secure.phabricator.com/D6650
This commit is contained in:
epriestley 2013-08-02 06:38:17 -07:00
parent 8eed5b1f14
commit ceb7f830a4
4 changed files with 15 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/__phutil_library_map__.php
View file

@ -2634,7 +2634,7 @@ phutil_register_library_map(array(
'HeraldRuleEditHistoryController' => 'HeraldController', 'HeraldRuleEditHistoryController' => 'HeraldController',
'HeraldRuleEditHistoryView' => 'AphrontView', 'HeraldRuleEditHistoryView' => 'AphrontView',
'HeraldRuleListView' => 'AphrontView', 'HeraldRuleListView' => 'AphrontView',
'HeraldRuleQuery' => 'PhabricatorOffsetPagedQuery', 'HeraldRuleQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
'HeraldTestConsoleController' => 'HeraldController', 'HeraldTestConsoleController' => 'HeraldController',
'HeraldTranscript' => 'HeraldDAO', 'HeraldTranscript' => 'HeraldDAO',
'HeraldTranscriptController' => 'HeraldController', 'HeraldTranscriptController' => 'HeraldController',

3
src/applications/herald/controller/HeraldHomeController.php
View file

@ -26,7 +26,8 @@ final class HeraldHomeController extends HeraldController {
return id(new AphrontRedirectResponse())->setURI($uri); return id(new AphrontRedirectResponse())->setURI($uri);
} }
$query = new HeraldRuleQuery(); $query = id(new HeraldRuleQuery())
->setViewer($user);
$content_type_map = HeraldContentTypeConfig::getContentTypeMap(); $content_type_map = HeraldContentTypeConfig::getContentTypeMap();
if (empty($content_type_map[$this->contentType])) { if (empty($content_type_map[$this->contentType])) {

4
src/applications/herald/controller/HeraldRuleController.php
View file

@ -540,8 +540,11 @@ final class HeraldRuleController extends HeraldController {
* allows one rule to depend upon the success or failure of another rule. * allows one rule to depend upon the success or failure of another rule.
*/ */
private function loadRulesThisRuleMayDependUpon(HeraldRule $rule) { private function loadRulesThisRuleMayDependUpon(HeraldRule $rule) {
$viewer = $this->getRequest()->getUser();
// Any rule can depend on a global rule. // Any rule can depend on a global rule.
$all_rules = id(new HeraldRuleQuery()) $all_rules = id(new HeraldRuleQuery())
->setViewer($viewer)
->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_GLOBAL)) ->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_GLOBAL))
->withContentTypes(array($rule->getContentType())) ->withContentTypes(array($rule->getContentType()))
->execute(); ->execute();
@ -549,6 +552,7 @@ final class HeraldRuleController extends HeraldController {
if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_PERSONAL) { if ($rule->getRuleType() == HeraldRuleTypeConfig::RULE_TYPE_PERSONAL) {
// Personal rules may depend upon your other personal rules. // Personal rules may depend upon your other personal rules.
$all_rules += id(new HeraldRuleQuery()) $all_rules += id(new HeraldRuleQuery())
->setViewer($viewer)
->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_PERSONAL)) ->withRuleTypes(array(HeraldRuleTypeConfig::RULE_TYPE_PERSONAL))
->withContentTypes(array($rule->getContentType())) ->withContentTypes(array($rule->getContentType()))
->withAuthorPHIDs(array($rule->getAuthorPHID())) ->withAuthorPHIDs(array($rule->getAuthorPHID()))

33
src/applications/herald/query/HeraldRuleQuery.php
View file

@ -1,6 +1,7 @@
<?php <?php
final class HeraldRuleQuery extends PhabricatorOffsetPagedQuery { final class HeraldRuleQuery
extends PhabricatorCursorPagedPolicyAwareQuery {
private $ids; private $ids;
private $phids; private $phids;
@ -8,18 +9,6 @@ final class HeraldRuleQuery extends PhabricatorOffsetPagedQuery {
private $ruleTypes; private $ruleTypes;
private $contentTypes; private $contentTypes;
// TODO: Remove when this becomes policy-aware.
private $viewer;
public function setViewer($viewer) {
$this->viewer = $viewer;
return $this;
}
public function getViewer() {
return $this->viewer;
}
public function withIDs(array $ids) { public function withIDs(array $ids) {
$this->ids = $ids; $this->ids = $ids;
return $this; return $this;
@ -45,21 +34,17 @@ final class HeraldRuleQuery extends PhabricatorOffsetPagedQuery {
return $this; return $this;
} }
public function execute() { public function loadPage() {
$table = new HeraldRule(); $table = new HeraldRule();
$conn_r = $table->establishConnection('r'); $conn_r = $table->establishConnection('r');
$where = $this->buildWhereClause($conn_r);
$order = $this->buildOrderClause($conn_r);
$limit = $this->buildLimitClause($conn_r);
$data = queryfx_all( $data = queryfx_all(
$conn_r, $conn_r,
'SELECT rule.* FROM %T rule %Q %Q %Q', 'SELECT rule.* FROM %T rule %Q %Q %Q',
$table->getTableName(), $table->getTableName(),
$where, $this->buildWhereClause($conn_r),
$order, $this->buildOrderClause($conn_r),
$limit); $this->buildLimitClause($conn_r));
return $table->loadAllFromArray($data); return $table->loadAllFromArray($data);
} }
@ -102,11 +87,9 @@ final class HeraldRuleQuery extends PhabricatorOffsetPagedQuery {
$this->contentTypes); $this->contentTypes);
} }
$where[] = $this->buildPagingClause($conn_r);
return $this->formatWhereClause($where); return $this->formatWhereClause($where);
} }
private function buildOrderClause($conn_r) {
return 'ORDER BY id DESC';
}
} }