mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-18 11:30:55 +01:00
Remove Join Policy from Phame
Summary: Drops Join Policy, uses Edit Policy where needed. Allows anyone with Blog Edit permissions to post and edit any post on that blog. Fixes T5371 Test Plan: Draft Post as chad, see post, log in with notchad, edit that post and publish it. Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin Maniphest Tasks: T5371 Differential Revision: https://secure.phabricator.com/D14444
This commit is contained in:
Chad Little
parent
a2f909f0bd
commit
df23d893f7
10 changed files with 22 additions and 56 deletions
|
|
@ -0,0 +1,2 @@
|
||||||
|
ALTER TABLE {$NAMESPACE}_phame.phame_blog
|
||||||
|
DROP joinPolicy;
|
||||||
|
|
@ -73,7 +73,8 @@ final class PhameCreatePostConduitAPIMethod extends PhameConduitAPIMethod {
|
||||||
->withPHIDs(array($blog_phid))
|
->withPHIDs(array($blog_phid))
|
||||||
->requireCapabilities(
|
->requireCapabilities(
|
||||||
array(
|
array(
|
||||||
PhabricatorPolicyCapability::CAN_JOIN,
|
PhabricatorPolicyCapability::CAN_VIEW,
|
||||||
|
PhabricatorPolicyCapability::CAN_EDIT,
|
||||||
))
|
))
|
||||||
->executeOne();
|
->executeOne();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -49,7 +49,6 @@ final class PhameBlogEditController
|
||||||
$skin = $blog->getSkin();
|
$skin = $blog->getSkin();
|
||||||
$can_view = $blog->getViewPolicy();
|
$can_view = $blog->getViewPolicy();
|
||||||
$can_edit = $blog->getEditPolicy();
|
$can_edit = $blog->getEditPolicy();
|
||||||
$can_join = $blog->getJoinPolicy();
|
|
||||||
|
|
||||||
$e_name = true;
|
$e_name = true;
|
||||||
$e_custom_domain = null;
|
$e_custom_domain = null;
|
||||||
|
|
@ -62,7 +61,6 @@ final class PhameBlogEditController
|
||||||
$skin = $request->getStr('skin');
|
$skin = $request->getStr('skin');
|
||||||
$can_view = $request->getStr('can_view');
|
$can_view = $request->getStr('can_view');
|
||||||
$can_edit = $request->getStr('can_edit');
|
$can_edit = $request->getStr('can_edit');
|
||||||
$can_join = $request->getStr('can_join');
|
|
||||||
$v_projects = $request->getArr('projects');
|
$v_projects = $request->getArr('projects');
|
||||||
$v_cc = $request->getArr('cc');
|
$v_cc = $request->getArr('cc');
|
||||||
|
|
||||||
|
|
@ -85,9 +83,6 @@ final class PhameBlogEditController
|
||||||
id(new PhameBlogTransaction())
|
id(new PhameBlogTransaction())
|
||||||
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
|
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
|
||||||
->setNewValue($can_edit),
|
->setNewValue($can_edit),
|
||||||
id(new PhameBlogTransaction())
|
|
||||||
->setTransactionType(PhabricatorTransactions::TYPE_JOIN_POLICY)
|
|
||||||
->setNewValue($can_join),
|
|
||||||
id(new PhameBlogTransaction())
|
id(new PhameBlogTransaction())
|
||||||
->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS)
|
->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS)
|
||||||
->setNewValue(array('=' => $v_cc)),
|
->setNewValue(array('=' => $v_cc)),
|
||||||
|
|
@ -170,14 +165,6 @@ final class PhameBlogEditController
|
||||||
->setPolicies($policies)
|
->setPolicies($policies)
|
||||||
->setValue($can_edit)
|
->setValue($can_edit)
|
||||||
->setName('can_edit'))
|
->setName('can_edit'))
|
||||||
->appendChild(
|
|
||||||
id(new AphrontFormPolicyControl())
|
|
||||||
->setUser($viewer)
|
|
||||||
->setCapability(PhabricatorPolicyCapability::CAN_JOIN)
|
|
||||||
->setPolicyObject($blog)
|
|
||||||
->setPolicies($policies)
|
|
||||||
->setValue($can_join)
|
|
||||||
->setName('can_join'))
|
|
||||||
->appendControl(
|
->appendControl(
|
||||||
id(new AphrontFormTokenizerControl())
|
id(new AphrontFormTokenizerControl())
|
||||||
->setLabel(pht('Projects'))
|
->setLabel(pht('Projects'))
|
||||||
|
|
|
||||||
|
|
@ -100,10 +100,6 @@ final class PhameBlogViewController extends PhameBlogController {
|
||||||
pht('Editable By'),
|
pht('Editable By'),
|
||||||
$descriptions[PhabricatorPolicyCapability::CAN_EDIT]);
|
$descriptions[PhabricatorPolicyCapability::CAN_EDIT]);
|
||||||
|
|
||||||
$properties->addProperty(
|
|
||||||
pht('Joinable By'),
|
|
||||||
$descriptions[PhabricatorPolicyCapability::CAN_JOIN]);
|
|
||||||
|
|
||||||
$engine = id(new PhabricatorMarkupEngine())
|
$engine = id(new PhabricatorMarkupEngine())
|
||||||
->setViewer($viewer)
|
->setViewer($viewer)
|
||||||
->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION)
|
->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION)
|
||||||
|
|
@ -136,18 +132,13 @@ final class PhameBlogViewController extends PhameBlogController {
|
||||||
$blog,
|
$blog,
|
||||||
PhabricatorPolicyCapability::CAN_EDIT);
|
PhabricatorPolicyCapability::CAN_EDIT);
|
||||||
|
|
||||||
$can_join = PhabricatorPolicyFilter::hasCapability(
|
|
||||||
$viewer,
|
|
||||||
$blog,
|
|
||||||
PhabricatorPolicyCapability::CAN_JOIN);
|
|
||||||
|
|
||||||
$actions->addAction(
|
$actions->addAction(
|
||||||
id(new PhabricatorActionView())
|
id(new PhabricatorActionView())
|
||||||
->setIcon('fa-plus')
|
->setIcon('fa-plus')
|
||||||
->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID()))
|
->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID()))
|
||||||
->setName(pht('Write Post'))
|
->setName(pht('Write Post'))
|
||||||
->setDisabled(!$can_join)
|
->setDisabled(!$can_edit)
|
||||||
->setWorkflow(!$can_join));
|
->setWorkflow(!$can_edit));
|
||||||
|
|
||||||
$actions->addAction(
|
$actions->addAction(
|
||||||
id(new PhabricatorActionView())
|
id(new PhabricatorActionView())
|
||||||
|
|
|
||||||
|
|
@ -36,7 +36,7 @@ final class PhamePostEditController extends PhamePostController {
|
||||||
->requireCapabilities(
|
->requireCapabilities(
|
||||||
array(
|
array(
|
||||||
PhabricatorPolicyCapability::CAN_VIEW,
|
PhabricatorPolicyCapability::CAN_VIEW,
|
||||||
PhabricatorPolicyCapability::CAN_JOIN,
|
PhabricatorPolicyCapability::CAN_EDIT,
|
||||||
))
|
))
|
||||||
->executeOne();
|
->executeOne();
|
||||||
if (!$blog) {
|
if (!$blog) {
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,7 @@ final class PhamePostNewController extends PhamePostController {
|
||||||
->withIDs(array($request->getInt('blog')))
|
->withIDs(array($request->getInt('blog')))
|
||||||
->requireCapabilities(
|
->requireCapabilities(
|
||||||
array(
|
array(
|
||||||
PhabricatorPolicyCapability::CAN_JOIN,
|
PhabricatorPolicyCapability::CAN_EDIT,
|
||||||
))
|
))
|
||||||
->executeOne();
|
->executeOne();
|
||||||
|
|
||||||
|
|
@ -52,7 +52,7 @@ final class PhamePostNewController extends PhamePostController {
|
||||||
->setViewer($viewer)
|
->setViewer($viewer)
|
||||||
->requireCapabilities(
|
->requireCapabilities(
|
||||||
array(
|
array(
|
||||||
PhabricatorPolicyCapability::CAN_JOIN,
|
PhabricatorPolicyCapability::CAN_EDIT,
|
||||||
))
|
))
|
||||||
->execute();
|
->execute();
|
||||||
|
|
||||||
|
|
@ -65,7 +65,7 @@ final class PhamePostNewController extends PhamePostController {
|
||||||
$notification = id(new PHUIInfoView())
|
$notification = id(new PHUIInfoView())
|
||||||
->setSeverity(PHUIInfoView::SEVERITY_NODATA)
|
->setSeverity(PHUIInfoView::SEVERITY_NODATA)
|
||||||
->appendChild(
|
->appendChild(
|
||||||
pht('You do not have permission to join any blogs. Create a blog '.
|
pht('You do not have permission to post to any blogs. Create a blog '.
|
||||||
'first, then you can post to it.'));
|
'first, then you can post to it.'));
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -123,6 +123,7 @@ final class PhamePostViewController extends PhamePostController {
|
||||||
id(new PhabricatorActionView())
|
id(new PhabricatorActionView())
|
||||||
->setIcon('fa-eye')
|
->setIcon('fa-eye')
|
||||||
->setHref($this->getApplicationURI('post/publish/'.$id.'/'))
|
->setHref($this->getApplicationURI('post/publish/'.$id.'/'))
|
||||||
|
->setDisabled(!$can_edit)
|
||||||
->setName(pht('Preview / Publish')));
|
->setName(pht('Preview / Publish')));
|
||||||
} else {
|
} else {
|
||||||
$actions->addAction(
|
$actions->addAction(
|
||||||
|
|
@ -130,6 +131,7 @@ final class PhamePostViewController extends PhamePostController {
|
||||||
->setIcon('fa-eye-slash')
|
->setIcon('fa-eye-slash')
|
||||||
->setHref($this->getApplicationURI('post/unpublish/'.$id.'/'))
|
->setHref($this->getApplicationURI('post/unpublish/'.$id.'/'))
|
||||||
->setName(pht('Unpublish'))
|
->setName(pht('Unpublish'))
|
||||||
|
->setDisabled(!$can_edit)
|
||||||
->setWorkflow(true));
|
->setWorkflow(true));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,6 @@ final class PhameBlogEditor
|
||||||
$types[] = PhameBlogTransaction::TYPE_SKIN;
|
$types[] = PhameBlogTransaction::TYPE_SKIN;
|
||||||
$types[] = PhabricatorTransactions::TYPE_VIEW_POLICY;
|
$types[] = PhabricatorTransactions::TYPE_VIEW_POLICY;
|
||||||
$types[] = PhabricatorTransactions::TYPE_EDIT_POLICY;
|
$types[] = PhabricatorTransactions::TYPE_EDIT_POLICY;
|
||||||
$types[] = PhabricatorTransactions::TYPE_JOIN_POLICY;
|
|
||||||
|
|
||||||
return $types;
|
return $types;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,6 @@ final class PhameBlog extends PhameDAO
|
||||||
protected $creatorPHID;
|
protected $creatorPHID;
|
||||||
protected $viewPolicy;
|
protected $viewPolicy;
|
||||||
protected $editPolicy;
|
protected $editPolicy;
|
||||||
protected $joinPolicy;
|
|
||||||
protected $mailKey;
|
protected $mailKey;
|
||||||
|
|
||||||
private static $requestBlog;
|
private static $requestBlog;
|
||||||
|
|
@ -39,7 +38,6 @@ final class PhameBlog extends PhameDAO
|
||||||
|
|
||||||
// T6203/NULLABILITY
|
// T6203/NULLABILITY
|
||||||
// These policies should always be non-null.
|
// These policies should always be non-null.
|
||||||
'joinPolicy' => 'policy?',
|
|
||||||
'editPolicy' => 'policy?',
|
'editPolicy' => 'policy?',
|
||||||
'viewPolicy' => 'policy?',
|
'viewPolicy' => 'policy?',
|
||||||
),
|
),
|
||||||
|
|
@ -73,8 +71,7 @@ final class PhameBlog extends PhameDAO
|
||||||
$blog = id(new PhameBlog())
|
$blog = id(new PhameBlog())
|
||||||
->setCreatorPHID($actor->getPHID())
|
->setCreatorPHID($actor->getPHID())
|
||||||
->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())
|
->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())
|
||||||
->setEditPolicy(PhabricatorPolicies::POLICY_USER)
|
->setEditPolicy(PhabricatorPolicies::POLICY_USER);
|
||||||
->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
|
|
||||||
return $blog;
|
return $blog;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -236,7 +233,6 @@ final class PhameBlog extends PhameDAO
|
||||||
return array(
|
return array(
|
||||||
PhabricatorPolicyCapability::CAN_VIEW,
|
PhabricatorPolicyCapability::CAN_VIEW,
|
||||||
PhabricatorPolicyCapability::CAN_EDIT,
|
PhabricatorPolicyCapability::CAN_EDIT,
|
||||||
PhabricatorPolicyCapability::CAN_JOIN,
|
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -247,14 +243,11 @@ final class PhameBlog extends PhameDAO
|
||||||
return $this->getViewPolicy();
|
return $this->getViewPolicy();
|
||||||
case PhabricatorPolicyCapability::CAN_EDIT:
|
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||||
return $this->getEditPolicy();
|
return $this->getEditPolicy();
|
||||||
case PhabricatorPolicyCapability::CAN_JOIN:
|
|
||||||
return $this->getJoinPolicy();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function hasAutomaticCapability($capability, PhabricatorUser $user) {
|
public function hasAutomaticCapability($capability, PhabricatorUser $user) {
|
||||||
$can_edit = PhabricatorPolicyCapability::CAN_EDIT;
|
$can_edit = PhabricatorPolicyCapability::CAN_EDIT;
|
||||||
$can_join = PhabricatorPolicyCapability::CAN_JOIN;
|
|
||||||
|
|
||||||
switch ($capability) {
|
switch ($capability) {
|
||||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||||
|
|
@ -262,15 +255,6 @@ final class PhameBlog extends PhameDAO
|
||||||
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
|
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_join)) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case PhabricatorPolicyCapability::CAN_JOIN:
|
|
||||||
// Users who can edit a blog can always post to it.
|
|
||||||
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -282,10 +266,7 @@ final class PhameBlog extends PhameDAO
|
||||||
switch ($capability) {
|
switch ($capability) {
|
||||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||||
return pht(
|
return pht(
|
||||||
'Users who can edit or post on a blog can always view it.');
|
'Users who can edit a blog can always view it.');
|
||||||
case PhabricatorPolicyCapability::CAN_JOIN:
|
|
||||||
return pht(
|
|
||||||
'Users who can edit a blog can always post on it.');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
|
|
|
||||||
|
|
@ -198,18 +198,21 @@ final class PhamePost extends PhameDAO
|
||||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||||
if (!$this->isDraft() && $this->getBlog()) {
|
if (!$this->isDraft() && $this->getBlog()) {
|
||||||
return $this->getBlog()->getViewPolicy();
|
return $this->getBlog()->getViewPolicy();
|
||||||
} else {
|
} else if ($this->getBlog()) {
|
||||||
return PhabricatorPolicies::POLICY_NOONE;
|
return $this->getBlog()->getEditPolicy();
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case PhabricatorPolicyCapability::CAN_EDIT:
|
case PhabricatorPolicyCapability::CAN_EDIT:
|
||||||
return PhabricatorPolicies::POLICY_NOONE;
|
if ($this->getBlog()) {
|
||||||
|
return $this->getBlog()->getEditPolicy();
|
||||||
|
} else {
|
||||||
|
return PhabricatorPolicies::POLICY_NOONE;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function hasAutomaticCapability($capability, PhabricatorUser $user) {
|
public function hasAutomaticCapability($capability, PhabricatorUser $user) {
|
||||||
// A blog post's author can always view it, and is the only user allowed
|
// A blog post's author can always view it.
|
||||||
// to edit it.
|
|
||||||
|
|
||||||
switch ($capability) {
|
switch ($capability) {
|
||||||
case PhabricatorPolicyCapability::CAN_VIEW:
|
case PhabricatorPolicyCapability::CAN_VIEW:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue