1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 11:30:55 +01:00

Remove Join Policy from Phame

Summary: Drops Join Policy, uses Edit Policy where needed. Allows anyone with Blog Edit permissions to post and edit any post on that blog. Fixes T5371

Test Plan: Draft Post as chad, see post, log in with notchad, edit that post and publish it.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T5371

Differential Revision: https://secure.phabricator.com/D14444
This commit is contained in:
Chad Little 2015-11-09 08:52:44 -08:00
parent a2f909f0bd
commit df23d893f7
10 changed files with 22 additions and 56 deletions

View file

@ -0,0 +1,2 @@
ALTER TABLE {$NAMESPACE}_phame.phame_blog
DROP joinPolicy;

View file

@ -73,7 +73,8 @@ final class PhameCreatePostConduitAPIMethod extends PhameConduitAPIMethod {
->withPHIDs(array($blog_phid))
->requireCapabilities(
array(
PhabricatorPolicyCapability::CAN_JOIN,
PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT,
))
->executeOne();

View file

@ -49,7 +49,6 @@ final class PhameBlogEditController
$skin = $blog->getSkin();
$can_view = $blog->getViewPolicy();
$can_edit = $blog->getEditPolicy();
$can_join = $blog->getJoinPolicy();
$e_name = true;
$e_custom_domain = null;
@ -62,7 +61,6 @@ final class PhameBlogEditController
$skin = $request->getStr('skin');
$can_view = $request->getStr('can_view');
$can_edit = $request->getStr('can_edit');
$can_join = $request->getStr('can_join');
$v_projects = $request->getArr('projects');
$v_cc = $request->getArr('cc');
@ -85,9 +83,6 @@ final class PhameBlogEditController
id(new PhameBlogTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
->setNewValue($can_edit),
id(new PhameBlogTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_JOIN_POLICY)
->setNewValue($can_join),
id(new PhameBlogTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_SUBSCRIBERS)
->setNewValue(array('=' => $v_cc)),
@ -170,14 +165,6 @@ final class PhameBlogEditController
->setPolicies($policies)
->setValue($can_edit)
->setName('can_edit'))
->appendChild(
id(new AphrontFormPolicyControl())
->setUser($viewer)
->setCapability(PhabricatorPolicyCapability::CAN_JOIN)
->setPolicyObject($blog)
->setPolicies($policies)
->setValue($can_join)
->setName('can_join'))
->appendControl(
id(new AphrontFormTokenizerControl())
->setLabel(pht('Projects'))

View file

@ -100,10 +100,6 @@ final class PhameBlogViewController extends PhameBlogController {
pht('Editable By'),
$descriptions[PhabricatorPolicyCapability::CAN_EDIT]);
$properties->addProperty(
pht('Joinable By'),
$descriptions[PhabricatorPolicyCapability::CAN_JOIN]);
$engine = id(new PhabricatorMarkupEngine())
->setViewer($viewer)
->addObject($blog, PhameBlog::MARKUP_FIELD_DESCRIPTION)
@ -136,18 +132,13 @@ final class PhameBlogViewController extends PhameBlogController {
$blog,
PhabricatorPolicyCapability::CAN_EDIT);
$can_join = PhabricatorPolicyFilter::hasCapability(
$viewer,
$blog,
PhabricatorPolicyCapability::CAN_JOIN);
$actions->addAction(
id(new PhabricatorActionView())
->setIcon('fa-plus')
->setHref($this->getApplicationURI('post/edit/?blog='.$blog->getID()))
->setName(pht('Write Post'))
->setDisabled(!$can_join)
->setWorkflow(!$can_join));
->setDisabled(!$can_edit)
->setWorkflow(!$can_edit));
$actions->addAction(
id(new PhabricatorActionView())

View file

@ -36,7 +36,7 @@ final class PhamePostEditController extends PhamePostController {
->requireCapabilities(
array(
PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_JOIN,
PhabricatorPolicyCapability::CAN_EDIT,
))
->executeOne();
if (!$blog) {

View file

@ -30,7 +30,7 @@ final class PhamePostNewController extends PhamePostController {
->withIDs(array($request->getInt('blog')))
->requireCapabilities(
array(
PhabricatorPolicyCapability::CAN_JOIN,
PhabricatorPolicyCapability::CAN_EDIT,
))
->executeOne();
@ -52,7 +52,7 @@ final class PhamePostNewController extends PhamePostController {
->setViewer($viewer)
->requireCapabilities(
array(
PhabricatorPolicyCapability::CAN_JOIN,
PhabricatorPolicyCapability::CAN_EDIT,
))
->execute();
@ -65,7 +65,7 @@ final class PhamePostNewController extends PhamePostController {
$notification = id(new PHUIInfoView())
->setSeverity(PHUIInfoView::SEVERITY_NODATA)
->appendChild(
pht('You do not have permission to join any blogs. Create a blog '.
pht('You do not have permission to post to any blogs. Create a blog '.
'first, then you can post to it.'));
} else {

View file

@ -123,6 +123,7 @@ final class PhamePostViewController extends PhamePostController {
id(new PhabricatorActionView())
->setIcon('fa-eye')
->setHref($this->getApplicationURI('post/publish/'.$id.'/'))
->setDisabled(!$can_edit)
->setName(pht('Preview / Publish')));
} else {
$actions->addAction(
@ -130,6 +131,7 @@ final class PhamePostViewController extends PhamePostController {
->setIcon('fa-eye-slash')
->setHref($this->getApplicationURI('post/unpublish/'.$id.'/'))
->setName(pht('Unpublish'))
->setDisabled(!$can_edit)
->setWorkflow(true));
}

View file

@ -20,7 +20,6 @@ final class PhameBlogEditor
$types[] = PhameBlogTransaction::TYPE_SKIN;
$types[] = PhabricatorTransactions::TYPE_VIEW_POLICY;
$types[] = PhabricatorTransactions::TYPE_EDIT_POLICY;
$types[] = PhabricatorTransactions::TYPE_JOIN_POLICY;
return $types;
}

View file

@ -20,7 +20,6 @@ final class PhameBlog extends PhameDAO
protected $creatorPHID;
protected $viewPolicy;
protected $editPolicy;
protected $joinPolicy;
protected $mailKey;
private static $requestBlog;
@ -39,7 +38,6 @@ final class PhameBlog extends PhameDAO
// T6203/NULLABILITY
// These policies should always be non-null.
'joinPolicy' => 'policy?',
'editPolicy' => 'policy?',
'viewPolicy' => 'policy?',
),
@ -73,8 +71,7 @@ final class PhameBlog extends PhameDAO
$blog = id(new PhameBlog())
->setCreatorPHID($actor->getPHID())
->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())
->setEditPolicy(PhabricatorPolicies::POLICY_USER)
->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
->setEditPolicy(PhabricatorPolicies::POLICY_USER);
return $blog;
}
@ -236,7 +233,6 @@ final class PhameBlog extends PhameDAO
return array(
PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT,
PhabricatorPolicyCapability::CAN_JOIN,
);
}
@ -247,14 +243,11 @@ final class PhameBlog extends PhameDAO
return $this->getViewPolicy();
case PhabricatorPolicyCapability::CAN_EDIT:
return $this->getEditPolicy();
case PhabricatorPolicyCapability::CAN_JOIN:
return $this->getJoinPolicy();
}
}
public function hasAutomaticCapability($capability, PhabricatorUser $user) {
$can_edit = PhabricatorPolicyCapability::CAN_EDIT;
$can_join = PhabricatorPolicyCapability::CAN_JOIN;
switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW:
@ -262,15 +255,6 @@ final class PhameBlog extends PhameDAO
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
return true;
}
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_join)) {
return true;
}
break;
case PhabricatorPolicyCapability::CAN_JOIN:
// Users who can edit a blog can always post to it.
if (PhabricatorPolicyFilter::hasCapability($user, $this, $can_edit)) {
return true;
}
break;
}
@ -282,10 +266,7 @@ final class PhameBlog extends PhameDAO
switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW:
return pht(
'Users who can edit or post on a blog can always view it.');
case PhabricatorPolicyCapability::CAN_JOIN:
return pht(
'Users who can edit a blog can always post on it.');
'Users who can edit a blog can always view it.');
}
return null;

View file

@ -198,18 +198,21 @@ final class PhamePost extends PhameDAO
case PhabricatorPolicyCapability::CAN_VIEW:
if (!$this->isDraft() && $this->getBlog()) {
return $this->getBlog()->getViewPolicy();
} else {
return PhabricatorPolicies::POLICY_NOONE;
} else if ($this->getBlog()) {
return $this->getBlog()->getEditPolicy();
}
break;
case PhabricatorPolicyCapability::CAN_EDIT:
return PhabricatorPolicies::POLICY_NOONE;
if ($this->getBlog()) {
return $this->getBlog()->getEditPolicy();
} else {
return PhabricatorPolicies::POLICY_NOONE;
}
}
}
public function hasAutomaticCapability($capability, PhabricatorUser $user) {
// A blog post's author can always view it, and is the only user allowed
// to edit it.
// A blog post's author can always view it.
switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW: