Policy - lock down DiffusionSymbolQuery repo-loading code

Summary: Ref T7094.

Test Plan: couldn't really test this - how does one get symbols going nowadays given they are acanist project based?

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7094

Differential Revision: https://secure.phabricator.com/D11584

src/applications/diffusion/conduit/DiffusionFindSymbolsConduitAPIMethod.php

@@ -37,7 +37,8 @@ final class DiffusionFindSymbolsConduitAPIMethod
     $language = $request->getValue('language');
     $type = $request->getValue('type');
 
-    $query = new DiffusionSymbolQuery();
+    $query = id(new DiffusionSymbolQuery())
+      ->setViewer($request->getUser());
     if ($name !== null) {
       $query->setName($name);
     }

src/applications/diffusion/controller/DiffusionSymbolController.php

@@ -8,8 +8,9 @@ final class DiffusionSymbolController extends DiffusionController {
     $user = $request->getUser();
     $this->name = $request->getURIData('name');
 
-    $query = new DiffusionSymbolQuery();
-    $query->setName($this->name);
+    $query = id(new DiffusionSymbolQuery())
+      ->setViewer($user)
+      ->setName($this->name);
 
     if ($request->getStr('context') !== null) {
       $query->setContext($request->getStr('context'));

src/applications/diffusion/query/DiffusionSymbolQuery.php

@@ -11,6 +11,7 @@
  */
 final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery {
 
+  private $viewer;
   private $context;
   private $namePrefix;
   private $name;
@@ -26,6 +27,20 @@ final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery {
 
 /* -(  Configuring the Query  )---------------------------------------------- */
 
+  /**
+   * @task config
+   */
+  public function setViewer(PhabricatorUser $viewer) {
+    $this->viewer = $viewer;
+    return $this;
+  }
+
+  /**
+   * @task config
+   */
+  public function getViewer() {
+    return $this->viewer;
+  }
 
   /**
    * @task config
@@ -263,10 +278,10 @@ final class DiffusionSymbolQuery extends PhabricatorOffsetPagedQuery {
     $repo_ids = array_filter($repo_ids);
 
     if ($repo_ids) {
-      // TODO: (T603) Provide a viewer here.
-      $repos = id(new PhabricatorRepository())->loadAllWhere(
-        'id IN (%Ld)',
-        $repo_ids);
+      $repos = id(new PhabricatorRepositoryQuery())
+        ->setViewer($this->getViewer())
+        ->withIDs($repo_ids)
+        ->execute();
     } else {
       $repos = array();
     }

src/applications/diffusion/typeahead/DiffusionSymbolDatasource.php

@@ -19,6 +19,7 @@ final class DiffusionSymbolDatasource
 
     if (strlen($raw_query)) {
       $symbols = id(new DiffusionSymbolQuery())
+        ->setViewer($viewer)
         ->setNamePrefix($raw_query)
         ->setLimit(15)
         ->needArcanistProjects(true)