mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-29 18:22:41 +01:00
Make "Can Interact" and logged-out users interact more gracefully
Summary: Fixes T12378. Two minor issues here: - CAN_INTERACT on tasks uses "USER", but should just use the view policy, which may be more permissive ("PUBLIC"). - CAN_INTERACT is currently prevented from being "PUBLIC" by additional safeguards. Define an explicit capability object for the permission which returns `true` from `shouldAllowPublicPolicySetting()`. Test Plan: - Viewed an unlocked task as a logged-out user, saw "login to comment" instead of "locked". - Viewed a locked task as a logged-out user, saw "locked". Reviewers: chad Reviewed By: chad Maniphest Tasks: T12378 Differential Revision: https://secure.phabricator.com/D17485
This commit is contained in:
parent
4c7d464f8b
commit
d0c648dfa5
3 changed files with 23 additions and 1 deletions
|
@ -3445,6 +3445,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorPolicyAwareQuery' => 'infrastructure/query/policy/PhabricatorPolicyAwareQuery.php',
|
'PhabricatorPolicyAwareQuery' => 'infrastructure/query/policy/PhabricatorPolicyAwareQuery.php',
|
||||||
'PhabricatorPolicyAwareTestQuery' => 'applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php',
|
'PhabricatorPolicyAwareTestQuery' => 'applications/policy/__tests__/PhabricatorPolicyAwareTestQuery.php',
|
||||||
'PhabricatorPolicyCanEditCapability' => 'applications/policy/capability/PhabricatorPolicyCanEditCapability.php',
|
'PhabricatorPolicyCanEditCapability' => 'applications/policy/capability/PhabricatorPolicyCanEditCapability.php',
|
||||||
|
'PhabricatorPolicyCanInteractCapability' => 'applications/policy/capability/PhabricatorPolicyCanInteractCapability.php',
|
||||||
'PhabricatorPolicyCanJoinCapability' => 'applications/policy/capability/PhabricatorPolicyCanJoinCapability.php',
|
'PhabricatorPolicyCanJoinCapability' => 'applications/policy/capability/PhabricatorPolicyCanJoinCapability.php',
|
||||||
'PhabricatorPolicyCanViewCapability' => 'applications/policy/capability/PhabricatorPolicyCanViewCapability.php',
|
'PhabricatorPolicyCanViewCapability' => 'applications/policy/capability/PhabricatorPolicyCanViewCapability.php',
|
||||||
'PhabricatorPolicyCapability' => 'applications/policy/capability/PhabricatorPolicyCapability.php',
|
'PhabricatorPolicyCapability' => 'applications/policy/capability/PhabricatorPolicyCapability.php',
|
||||||
|
@ -8654,6 +8655,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorPolicyAwareQuery' => 'PhabricatorOffsetPagedQuery',
|
'PhabricatorPolicyAwareQuery' => 'PhabricatorOffsetPagedQuery',
|
||||||
'PhabricatorPolicyAwareTestQuery' => 'PhabricatorPolicyAwareQuery',
|
'PhabricatorPolicyAwareTestQuery' => 'PhabricatorPolicyAwareQuery',
|
||||||
'PhabricatorPolicyCanEditCapability' => 'PhabricatorPolicyCapability',
|
'PhabricatorPolicyCanEditCapability' => 'PhabricatorPolicyCapability',
|
||||||
|
'PhabricatorPolicyCanInteractCapability' => 'PhabricatorPolicyCapability',
|
||||||
'PhabricatorPolicyCanJoinCapability' => 'PhabricatorPolicyCapability',
|
'PhabricatorPolicyCanJoinCapability' => 'PhabricatorPolicyCapability',
|
||||||
'PhabricatorPolicyCanViewCapability' => 'PhabricatorPolicyCapability',
|
'PhabricatorPolicyCanViewCapability' => 'PhabricatorPolicyCapability',
|
||||||
'PhabricatorPolicyCapability' => 'Phobject',
|
'PhabricatorPolicyCapability' => 'Phobject',
|
||||||
|
|
|
@ -361,7 +361,7 @@ final class ManiphestTask extends ManiphestDAO
|
||||||
if ($this->isLocked()) {
|
if ($this->isLocked()) {
|
||||||
return PhabricatorPolicies::POLICY_NOONE;
|
return PhabricatorPolicies::POLICY_NOONE;
|
||||||
} else {
|
} else {
|
||||||
return PhabricatorPolicies::POLICY_USER;
|
return $this->getViewPolicy();
|
||||||
}
|
}
|
||||||
case PhabricatorPolicyCapability::CAN_EDIT:
|
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||||
return $this->getEditPolicy();
|
return $this->getEditPolicy();
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
final class PhabricatorPolicyCanInteractCapability
|
||||||
|
extends PhabricatorPolicyCapability {
|
||||||
|
|
||||||
|
const CAPABILITY = self::CAN_INTERACT;
|
||||||
|
|
||||||
|
public function getCapabilityName() {
|
||||||
|
return pht('Can Interact');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function describeCapabilityRejection() {
|
||||||
|
return pht('You do not have permission to interact with this object.');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function shouldAllowPublicPolicySetting() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in a new issue