1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 11:30:55 +01:00

Remove Join Policy from Phame

Summary: Drops Join Policy, uses Edit Policy where needed. Allows anyone with Blog Edit permissions to post and edit any post on that blog. Fixes T5371

Test Plan: Draft Post as chad, see post, log in with notchad, edit that post and publish it.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5371

Differential Revision: https://secure.phabricator.com/D14444
This commit is contained in:
Chad Little 2015-11-09 08:52:44 -08:00
parent a2f909f0bd
commit df23d893f7
10 changed files with 22 additions and 56 deletions

View file

@ -0,0 +1,2 @@
ALTER TABLE {$NAMESPACE}_phame.phame_blog
DROP joinPolicy;

View file

@ -73,7 +73,8 @@ final class PhameCreatePostConduitAPIMethod extends PhameConduitAPIMethod {
->withPHIDs(array($blog_phid)) ->withPHIDs(array($blog_phid))
->requireCapabilities( ->requireCapabilities(
array( array(
PhabricatorPolicyCapability::CAN_JOIN, PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT,
)) ))
->executeOne(); ->executeOne();

View file

@ -49,7 +49,6 @@ final class PhameBlogEditController
$skin = $blog->getSkin(); $skin = $blog->getSkin();
$can_view = $blog->getViewPolicy(); $can_view = $blog->getViewPolicy();
$can_edit = $blog->getEditPolicy(); $can_edit = $blog->getEditPolicy();
$can_join = $blog->getJoinPolicy();
$e_name = true; $e_name = true;
$e_custom_domain = null; $e_custom_domain = null;
@ -62,7 +61,6 @@ final class PhameBlogEditController
$skin = $request->getStr('skin'); $skin = $request->getStr('skin');
$can_view = $request->getStr('can_view'); $can_view = $request->getStr('can_view');
$can_edit = $request->getStr('can_edit'); $can_edit = $request->getStr('can_edit');
$can_join = $request->getStr('can_join');
$v_projects = $request->getArr('projects'); $v_projects = $request->getArr('projects');
$v_cc = $request->getArr('cc'); $v_cc = $request->getArr('cc');
@ -85,9 +83,6 @@ final class PhameBlogEditController
id(new PhameBlogTransaction()) id(new PhameBlogTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY) ->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
->setNewValue($can_edit), ->setNewValue($can_edit),
id(new PhameBlogTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_JOIN_POLICY)
->setNewValue($can_join),
id(new PhameBlogTransaction()) id(new PhameBlogTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS) ->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS)
->setNewValue(array('=' => $v_cc)), ->setNewValue(array('=' => $v_cc)),
@ -170,14 +165,6 @@ final class PhameBlogEditController
->setPolicies($policies) ->setPolicies($policies)
->setValue($can_edit) ->setValue($can_edit)
->setName('can_edit')) ->setName('can_edit'))
->appendChild(
id(new AphrontFormPolicyControl())
->setUser($viewer)
->setCapability(PhabricatorPolicyCapability::CAN_JOIN)
->setPolicyObject($blog)
->setPolicies($policies)
->setValue($can_join)
->setName('can_join'))
->appendControl( ->appendControl(
id(new AphrontFormTokenizerControl()) id(new AphrontFormTokenizerControl())
->setLabel(pht('Projects')) ->setLabel(pht('Projects'))

View file

@ -100,10 +100,6 @@ final class PhameBlogViewController extends PhameBlogController {
pht('Editable By'), pht('Editable By'),
$descriptions[PhabricatorPolicyCapability::CAN_EDIT]); $descriptions[PhabricatorPolicyCapability::CAN_EDIT]);
$properties->addProperty(
pht('Joinable By'),
$descriptions[PhabricatorPolicyCapability::CAN_JOIN]);
$engine = id(new PhabricatorMarkupEngine()) $engine = id(new PhabricatorMarkupEngine())
->setViewer($viewer) ->setViewer($viewer)
->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION) ->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION)
@ -136,18 +132,13 @@ final class PhameBlogViewController extends PhameBlogController {
$blog, $blog,
PhabricatorPolicyCapability::CAN_EDIT); PhabricatorPolicyCapability::CAN_EDIT);
$can_join = PhabricatorPolicyFilter::hasCapability(
$viewer,
$blog,
PhabricatorPolicyCapability::CAN_JOIN);
$actions->addAction( $actions->addAction(
id(new PhabricatorActionView()) id(new PhabricatorActionView())
->setIcon('fa-plus') ->setIcon('fa-plus')
->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID())) ->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID()))
->setName(pht('Write Post')) ->setName(pht('Write Post'))
->setDisabled(!$can_join) ->setDisabled(!$can_edit)
->setWorkflow(!$can_join)); ->setWorkflow(!$can_edit));
$actions->addAction( $actions->addAction(
id(new PhabricatorActionView()) id(new PhabricatorActionView())

View file

@ -36,7 +36,7 @@ final class PhamePostEditController extends PhamePostController {
->requireCapabilities( ->requireCapabilities(
array( array(
PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_JOIN, PhabricatorPolicyCapability::CAN_EDIT,
)) ))
->executeOne(); ->executeOne();
if (!$blog) { if (!$blog) {

View file

@ -30,7 +30,7 @@ final class PhamePostNewController extends PhamePostController {
->withIDs(array($request->getInt('blog'))) ->withIDs(array($request->getInt('blog')))
->requireCapabilities( ->requireCapabilities(
array( array(
PhabricatorPolicyCapability::CAN_JOIN, PhabricatorPolicyCapability::CAN_EDIT,
)) ))
->executeOne(); ->executeOne();
@ -52,7 +52,7 @@ final class PhamePostNewController extends PhamePostController {
->setViewer($viewer) ->setViewer($viewer)
->requireCapabilities( ->requireCapabilities(
array( array(
PhabricatorPolicyCapability::CAN_JOIN, PhabricatorPolicyCapability::CAN_EDIT,
)) ))
->execute(); ->execute();
@ -65,7 +65,7 @@ final class PhamePostNewController extends PhamePostController {
$notification = id(new PHUIInfoView()) $notification = id(new PHUIInfoView())
->setSeverity(PHUIInfoView::SEVERITY_NODATA) ->setSeverity(PHUIInfoView::SEVERITY_NODATA)
->appendChild( ->appendChild(
pht('You do not have permission to join any blogs. Create a blog '. pht('You do not have permission to post to any blogs. Create a blog '.
'first, then you can post to it.')); 'first, then you can post to it.'));
} else { } else {

View file

@ -123,6 +123,7 @@ final class PhamePostViewController extends PhamePostController {
id(new PhabricatorActionView()) id(new PhabricatorActionView())
->setIcon('fa-eye') ->setIcon('fa-eye')
->setHref($this->getApplicationURI('post/publish/'.$id.'/')) ->setHref($this->getApplicationURI('post/publish/'.$id.'/'))
->setDisabled(!$can_edit)
->setName(pht('Preview / Publish'))); ->setName(pht('Preview / Publish')));
} else { } else {
$actions->addAction( $actions->addAction(
@ -130,6 +131,7 @@ final class PhamePostViewController extends PhamePostController {
->setIcon('fa-eye-slash') ->setIcon('fa-eye-slash')
->setHref($this->getApplicationURI('post/unpublish/'.$id.'/')) ->setHref($this->getApplicationURI('post/unpublish/'.$id.'/'))
->setName(pht('Unpublish')) ->setName(pht('Unpublish'))
->setDisabled(!$can_edit)
->setWorkflow(true)); ->setWorkflow(true));
} }

View file

@ -20,7 +20,6 @@ final class PhameBlogEditor
$types[] = PhameBlogTransaction::TYPE_SKIN; $types[] = PhameBlogTransaction::TYPE_SKIN;
$types[] = PhabricatorTransactions::TYPE_VIEW_POLICY; $types[] = PhabricatorTransactions::TYPE_VIEW_POLICY;
$types[] = PhabricatorTransactions::TYPE_EDIT_POLICY; $types[] = PhabricatorTransactions::TYPE_EDIT_POLICY;
$types[] = PhabricatorTransactions::TYPE_JOIN_POLICY;
return $types; return $types;
} }

View file

@ -20,7 +20,6 @@ final class PhameBlog extends PhameDAO
protected $creatorPHID; protected $creatorPHID;
protected $viewPolicy; protected $viewPolicy;
protected $editPolicy; protected $editPolicy;
protected $joinPolicy;
protected $mailKey; protected $mailKey;
private static $requestBlog; private static $requestBlog;
@ -39,7 +38,6 @@ final class PhameBlog extends PhameDAO
// T6203/NULLABILITY // T6203/NULLABILITY
// These policies should always be non-null. // These policies should always be non-null.
'joinPolicy' => 'policy?',
'editPolicy' => 'policy?', 'editPolicy' => 'policy?',
'viewPolicy' => 'policy?', 'viewPolicy' => 'policy?',
), ),
@ -73,8 +71,7 @@ final class PhameBlog extends PhameDAO
$blog = id(new PhameBlog()) $blog = id(new PhameBlog())
->setCreatorPHID($actor->getPHID()) ->setCreatorPHID($actor->getPHID())
->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy()) ->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())
->setEditPolicy(PhabricatorPolicies::POLICY_USER) ->setEditPolicy(PhabricatorPolicies::POLICY_USER);
->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
return $blog; return $blog;
} }
@ -236,7 +233,6 @@ final class PhameBlog extends PhameDAO
return array( return array(
PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT, PhabricatorPolicyCapability::CAN_EDIT,
PhabricatorPolicyCapability::CAN_JOIN,
); );
} }
@ -247,14 +243,11 @@ final class PhameBlog extends PhameDAO
return $this->getViewPolicy(); return $this->getViewPolicy();
case PhabricatorPolicyCapability::CAN_EDIT: case PhabricatorPolicyCapability::CAN_EDIT:
return $this->getEditPolicy(); return $this->getEditPolicy();
case PhabricatorPolicyCapability::CAN_JOIN:
return $this->getJoinPolicy();
} }
} }
public function hasAutomaticCapability($capability, PhabricatorUser $user) { public function hasAutomaticCapability($capability, PhabricatorUser $user) {
$can_edit = PhabricatorPolicyCapability::CAN_EDIT; $can_edit = PhabricatorPolicyCapability::CAN_EDIT;
$can_join = PhabricatorPolicyCapability::CAN_JOIN;
switch ($capability) { switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW: case PhabricatorPolicyCapability::CAN_VIEW:
@ -262,15 +255,6 @@ final class PhameBlog extends PhameDAO
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) { if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
return true; return true;
} }
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_join)) {
return true;
}
break;
case PhabricatorPolicyCapability::CAN_JOIN:
// Users who can edit a blog can always post to it.
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
return true;
}
break; break;
} }
@ -282,10 +266,7 @@ final class PhameBlog extends PhameDAO
switch ($capability) { switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW: case PhabricatorPolicyCapability::CAN_VIEW:
return pht( return pht(
'Users who can edit or post on a blog can always view it.'); 'Users who can edit a blog can always view it.');
case PhabricatorPolicyCapability::CAN_JOIN:
return pht(
'Users who can edit a blog can always post on it.');
} }
return null; return null;

View file

@ -198,18 +198,21 @@ final class PhamePost extends PhameDAO
case PhabricatorPolicyCapability::CAN_VIEW: case PhabricatorPolicyCapability::CAN_VIEW:
if (!$this->isDraft() && $this->getBlog()) { if (!$this->isDraft() && $this->getBlog()) {
return $this->getBlog()->getViewPolicy(); return $this->getBlog()->getViewPolicy();
} else { } else if ($this->getBlog()) {
return PhabricatorPolicies::POLICY_NOONE; return $this->getBlog()->getEditPolicy();
} }
break; break;
case PhabricatorPolicyCapability::CAN_EDIT: case PhabricatorPolicyCapability::CAN_EDIT:
if ($this->getBlog()) {
return $this->getBlog()->getEditPolicy();
} else {
return PhabricatorPolicies::POLICY_NOONE; return PhabricatorPolicies::POLICY_NOONE;
} }
} }
}
public function hasAutomaticCapability($capability, PhabricatorUser $user) { public function hasAutomaticCapability($capability, PhabricatorUser $user) {
// A blog post's author can always view it, and is the only user allowed // A blog post's author can always view it.
// to edit it.
switch ($capability) { switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW: case PhabricatorPolicyCapability::CAN_VIEW: