From df23d893f7caaa8d2b358422ce8bab35bff5de3c Mon Sep 17 00:00:00 2001 From: Chad Little Date: Mon, 9 Nov 2015 08:52:44 -0800 Subject: [PATCH] Remove Join Policy from Phame Summary: Drops Join Policy, uses Edit Policy where needed. Allows anyone with Blog Edit permissions to post and edit any post on that blog. Fixes T5371 Test Plan: Draft Post as chad, see post, log in with notchad, edit that post and publish it. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin Maniphest Tasks: T5371 Differential Revision: https://secure.phabricator.com/D14444 --- .../20151108.phame.blog.joinpolicy.sql | 2 ++ .../PhameCreatePostConduitAPIMethod.php | 3 ++- .../blog/PhameBlogEditController.php | 13 ----------- .../blog/PhameBlogViewController.php | 13 ++--------- .../post/PhamePostEditController.php | 2 +- .../post/PhamePostNewController.php | 6 ++--- .../post/PhamePostViewController.php | 2 ++ .../phame/editor/PhameBlogEditor.php | 1 - src/applications/phame/storage/PhameBlog.php | 23 ++----------------- src/applications/phame/storage/PhamePost.php | 13 +++++++---- 10 files changed, 22 insertions(+), 56 deletions(-) create mode 100644 resources/sql/autopatches/20151108.phame.blog.joinpolicy.sql diff --git a/resources/sql/autopatches/20151108.phame.blog.joinpolicy.sql b/resources/sql/autopatches/20151108.phame.blog.joinpolicy.sql new file mode 100644 index 0000000000..54aea48bbf --- /dev/null +++ b/resources/sql/autopatches/20151108.phame.blog.joinpolicy.sql @@ -0,0 +1,2 @@ +ALTER TABLE {$NAMESPACE}_phame.phame_blog + DROP joinPolicy; diff --git a/src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php b/src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php index 425bf17353..1f569d3a3b 100644 --- a/src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php +++ b/src/applications/phame/conduit/PhameCreatePostConduitAPIMethod.php @@ -73,7 +73,8 @@ final class PhameCreatePostConduitAPIMethod extends PhameConduitAPIMethod { ->withPHIDs(array($blog_phid)) ->requireCapabilities( array( - PhabricatorPolicyCapability::CAN_JOIN, + PhabricatorPolicyCapability::CAN_VIEW, + PhabricatorPolicyCapability::CAN_EDIT, )) ->executeOne(); diff --git a/src/applications/phame/controller/blog/PhameBlogEditController.php b/src/applications/phame/controller/blog/PhameBlogEditController.php index b59e5e01a2..0c2bb324dc 100644 --- a/src/applications/phame/controller/blog/PhameBlogEditController.php +++ b/src/applications/phame/controller/blog/PhameBlogEditController.php @@ -49,7 +49,6 @@ final class PhameBlogEditController $skin = $blog->getSkin(); $can_view = $blog->getViewPolicy(); $can_edit = $blog->getEditPolicy(); - $can_join = $blog->getJoinPolicy(); $e_name = true; $e_custom_domain = null; @@ -62,7 +61,6 @@ final class PhameBlogEditController $skin = $request->getStr('skin'); $can_view = $request->getStr('can_view'); $can_edit = $request->getStr('can_edit'); - $can_join = $request->getStr('can_join'); $v_projects = $request->getArr('projects'); $v_cc = $request->getArr('cc'); @@ -85,9 +83,6 @@ final class PhameBlogEditController id(new PhameBlogTransaction()) ->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY) ->setNewValue($can_edit), - id(new PhameBlogTransaction()) - ->setTransactionType(PhabricatorTransactions::TYPE_JOIN_POLICY) - ->setNewValue($can_join), id(new PhameBlogTransaction()) ->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS) ->setNewValue(array('=' => $v_cc)), @@ -170,14 +165,6 @@ final class PhameBlogEditController ->setPolicies($policies) ->setValue($can_edit) ->setName('can_edit')) - ->appendChild( - id(new AphrontFormPolicyControl()) - ->setUser($viewer) - ->setCapability(PhabricatorPolicyCapability::CAN_JOIN) - ->setPolicyObject($blog) - ->setPolicies($policies) - ->setValue($can_join) - ->setName('can_join')) ->appendControl( id(new AphrontFormTokenizerControl()) ->setLabel(pht('Projects')) diff --git a/src/applications/phame/controller/blog/PhameBlogViewController.php b/src/applications/phame/controller/blog/PhameBlogViewController.php index 03dfc8c1c6..249bd5506a 100644 --- a/src/applications/phame/controller/blog/PhameBlogViewController.php +++ b/src/applications/phame/controller/blog/PhameBlogViewController.php @@ -100,10 +100,6 @@ final class PhameBlogViewController extends PhameBlogController { pht('Editable By'), $descriptions[PhabricatorPolicyCapability::CAN_EDIT]); - $properties->addProperty( - pht('Joinable By'), - $descriptions[PhabricatorPolicyCapability::CAN_JOIN]); - $engine = id(new PhabricatorMarkupEngine()) ->setViewer($viewer) ->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION) @@ -136,18 +132,13 @@ final class PhameBlogViewController extends PhameBlogController { $blog, PhabricatorPolicyCapability::CAN_EDIT); - $can_join = PhabricatorPolicyFilter::hasCapability( - $viewer, - $blog, - PhabricatorPolicyCapability::CAN_JOIN); - $actions->addAction( id(new PhabricatorActionView()) ->setIcon('fa-plus') ->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID())) ->setName(pht('Write Post')) - ->setDisabled(!$can_join) - ->setWorkflow(!$can_join)); + ->setDisabled(!$can_edit) + ->setWorkflow(!$can_edit)); $actions->addAction( id(new PhabricatorActionView()) diff --git a/src/applications/phame/controller/post/PhamePostEditController.php b/src/applications/phame/controller/post/PhamePostEditController.php index 99e6df390e..55ce9e176f 100644 --- a/src/applications/phame/controller/post/PhamePostEditController.php +++ b/src/applications/phame/controller/post/PhamePostEditController.php @@ -36,7 +36,7 @@ final class PhamePostEditController extends PhamePostController { ->requireCapabilities( array( PhabricatorPolicyCapability::CAN_VIEW, - PhabricatorPolicyCapability::CAN_JOIN, + PhabricatorPolicyCapability::CAN_EDIT, )) ->executeOne(); if (!$blog) { diff --git a/src/applications/phame/controller/post/PhamePostNewController.php b/src/applications/phame/controller/post/PhamePostNewController.php index 7098401749..8dd2e0d3c7 100644 --- a/src/applications/phame/controller/post/PhamePostNewController.php +++ b/src/applications/phame/controller/post/PhamePostNewController.php @@ -30,7 +30,7 @@ final class PhamePostNewController extends PhamePostController { ->withIDs(array($request->getInt('blog'))) ->requireCapabilities( array( - PhabricatorPolicyCapability::CAN_JOIN, + PhabricatorPolicyCapability::CAN_EDIT, )) ->executeOne(); @@ -52,7 +52,7 @@ final class PhamePostNewController extends PhamePostController { ->setViewer($viewer) ->requireCapabilities( array( - PhabricatorPolicyCapability::CAN_JOIN, + PhabricatorPolicyCapability::CAN_EDIT, )) ->execute(); @@ -65,7 +65,7 @@ final class PhamePostNewController extends PhamePostController { $notification = id(new PHUIInfoView()) ->setSeverity(PHUIInfoView::SEVERITY_NODATA) ->appendChild( - pht('You do not have permission to join any blogs. Create a blog '. + pht('You do not have permission to post to any blogs. Create a blog '. 'first, then you can post to it.')); } else { diff --git a/src/applications/phame/controller/post/PhamePostViewController.php b/src/applications/phame/controller/post/PhamePostViewController.php index 3afdf5401d..ca48af1036 100644 --- a/src/applications/phame/controller/post/PhamePostViewController.php +++ b/src/applications/phame/controller/post/PhamePostViewController.php @@ -123,6 +123,7 @@ final class PhamePostViewController extends PhamePostController { id(new PhabricatorActionView()) ->setIcon('fa-eye') ->setHref($this->getApplicationURI('post/publish/'.$id.'/')) + ->setDisabled(!$can_edit) ->setName(pht('Preview / Publish'))); } else { $actions->addAction( @@ -130,6 +131,7 @@ final class PhamePostViewController extends PhamePostController { ->setIcon('fa-eye-slash') ->setHref($this->getApplicationURI('post/unpublish/'.$id.'/')) ->setName(pht('Unpublish')) + ->setDisabled(!$can_edit) ->setWorkflow(true)); } diff --git a/src/applications/phame/editor/PhameBlogEditor.php b/src/applications/phame/editor/PhameBlogEditor.php index 7c793aff63..712c4ddd5b 100644 --- a/src/applications/phame/editor/PhameBlogEditor.php +++ b/src/applications/phame/editor/PhameBlogEditor.php @@ -20,7 +20,6 @@ final class PhameBlogEditor $types[] = PhameBlogTransaction::TYPE_SKIN; $types[] = PhabricatorTransactions::TYPE_VIEW_POLICY; $types[] = PhabricatorTransactions::TYPE_EDIT_POLICY; - $types[] = PhabricatorTransactions::TYPE_JOIN_POLICY; return $types; } diff --git a/src/applications/phame/storage/PhameBlog.php b/src/applications/phame/storage/PhameBlog.php index fa9828e5f2..3082592a93 100644 --- a/src/applications/phame/storage/PhameBlog.php +++ b/src/applications/phame/storage/PhameBlog.php @@ -20,7 +20,6 @@ final class PhameBlog extends PhameDAO protected $creatorPHID; protected $viewPolicy; protected $editPolicy; - protected $joinPolicy; protected $mailKey; private static $requestBlog; @@ -39,7 +38,6 @@ final class PhameBlog extends PhameDAO // T6203/NULLABILITY // These policies should always be non-null. - 'joinPolicy' => 'policy?', 'editPolicy' => 'policy?', 'viewPolicy' => 'policy?', ), @@ -73,8 +71,7 @@ final class PhameBlog extends PhameDAO $blog = id(new PhameBlog()) ->setCreatorPHID($actor->getPHID()) ->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy()) - ->setEditPolicy(PhabricatorPolicies::POLICY_USER) - ->setJoinPolicy(PhabricatorPolicies::POLICY_USER); + ->setEditPolicy(PhabricatorPolicies::POLICY_USER); return $blog; } @@ -236,7 +233,6 @@ final class PhameBlog extends PhameDAO return array( PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT, - PhabricatorPolicyCapability::CAN_JOIN, ); } @@ -247,14 +243,11 @@ final class PhameBlog extends PhameDAO return $this->getViewPolicy(); case PhabricatorPolicyCapability::CAN_EDIT: return $this->getEditPolicy(); - case PhabricatorPolicyCapability::CAN_JOIN: - return $this->getJoinPolicy(); } } public function hasAutomaticCapability($capability, PhabricatorUser $user) { $can_edit = PhabricatorPolicyCapability::CAN_EDIT; - $can_join = PhabricatorPolicyCapability::CAN_JOIN; switch ($capability) { case PhabricatorPolicyCapability::CAN_VIEW: @@ -262,15 +255,6 @@ final class PhameBlog extends PhameDAO if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) { return true; } - if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_join)) { - return true; - } - break; - case PhabricatorPolicyCapability::CAN_JOIN: - // Users who can edit a blog can always post to it. - if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) { - return true; - } break; } @@ -282,10 +266,7 @@ final class PhameBlog extends PhameDAO switch ($capability) { case PhabricatorPolicyCapability::CAN_VIEW: return pht( - 'Users who can edit or post on a blog can always view it.'); - case PhabricatorPolicyCapability::CAN_JOIN: - return pht( - 'Users who can edit a blog can always post on it.'); + 'Users who can edit a blog can always view it.'); } return null; diff --git a/src/applications/phame/storage/PhamePost.php b/src/applications/phame/storage/PhamePost.php index ef39d20544..76681f2f57 100644 --- a/src/applications/phame/storage/PhamePost.php +++ b/src/applications/phame/storage/PhamePost.php @@ -198,18 +198,21 @@ final class PhamePost extends PhameDAO case PhabricatorPolicyCapability::CAN_VIEW: if (!$this->isDraft() && $this->getBlog()) { return $this->getBlog()->getViewPolicy(); - } else { - return PhabricatorPolicies::POLICY_NOONE; + } else if ($this->getBlog()) { + return $this->getBlog()->getEditPolicy(); } break; case PhabricatorPolicyCapability::CAN_EDIT: - return PhabricatorPolicies::POLICY_NOONE; + if ($this->getBlog()) { + return $this->getBlog()->getEditPolicy(); + } else { + return PhabricatorPolicies::POLICY_NOONE; + } } } public function hasAutomaticCapability($capability, PhabricatorUser $user) { - // A blog post's author can always view it, and is the only user allowed - // to edit it. + // A blog post's author can always view it. switch ($capability) { case PhabricatorPolicyCapability::CAN_VIEW: