mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-18 19:40:55 +01:00
Make policy violation dialog more flexible
Summary: Ref T8424. When users are rejected because they can't see the space an object is in, this isn't really a capability rejection. Don't require a capability when rejecting objects. This mostly simplifies upcoming changes. Test Plan: - Viewed a capability exception dialog, it looked the same as always. - (After additional changes, viewed a space exception dialog.) Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T8424 Differential Revision: https://secure.phabricator.com/D13155
This commit is contained in:
parent
763b63a0fb
commit
e595478f1d
2 changed files with 46 additions and 35 deletions
|
@ -164,14 +164,6 @@ class AphrontDefaultApplicationConfiguration
|
||||||
return $login_controller->handleRequest($request);
|
return $login_controller->handleRequest($request);
|
||||||
}
|
}
|
||||||
|
|
||||||
$list = $ex->getMoreInfo();
|
|
||||||
foreach ($list as $key => $item) {
|
|
||||||
$list[$key] = phutil_tag('li', array(), $item);
|
|
||||||
}
|
|
||||||
if ($list) {
|
|
||||||
$list = phutil_tag('ul', array(), $list);
|
|
||||||
}
|
|
||||||
|
|
||||||
$content = array(
|
$content = array(
|
||||||
phutil_tag(
|
phutil_tag(
|
||||||
'div',
|
'div',
|
||||||
|
@ -179,17 +171,28 @@ class AphrontDefaultApplicationConfiguration
|
||||||
'class' => 'aphront-policy-rejection',
|
'class' => 'aphront-policy-rejection',
|
||||||
),
|
),
|
||||||
$ex->getRejection()),
|
$ex->getRejection()),
|
||||||
phutil_tag(
|
);
|
||||||
|
|
||||||
|
if ($ex->getCapabilityName()) {
|
||||||
|
$list = $ex->getMoreInfo();
|
||||||
|
foreach ($list as $key => $item) {
|
||||||
|
$list[$key] = phutil_tag('li', array(), $item);
|
||||||
|
}
|
||||||
|
if ($list) {
|
||||||
|
$list = phutil_tag('ul', array(), $list);
|
||||||
|
}
|
||||||
|
|
||||||
|
$content[] = phutil_tag(
|
||||||
'div',
|
'div',
|
||||||
array(
|
array(
|
||||||
'class' => 'aphront-capability-details',
|
'class' => 'aphront-capability-details',
|
||||||
),
|
),
|
||||||
pht('Users with the "%s" capability:', $ex->getCapabilityName())),
|
pht('Users with the "%s" capability:', $ex->getCapabilityName()));
|
||||||
$list,
|
|
||||||
);
|
|
||||||
|
|
||||||
$dialog = new AphrontDialogView();
|
$content[] = $list;
|
||||||
$dialog
|
}
|
||||||
|
|
||||||
|
$dialog = id(new AphrontDialogView())
|
||||||
->setTitle($ex->getTitle())
|
->setTitle($ex->getTitle())
|
||||||
->setClass('aphront-access-dialog')
|
->setClass('aphront-access-dialog')
|
||||||
->setUser($user)
|
->setUser($user)
|
||||||
|
|
|
@ -547,35 +547,17 @@ final class PhabricatorPolicyFilter {
|
||||||
|
|
||||||
$details = array_filter(array_merge(array($more), (array)$exceptions));
|
$details = array_filter(array_merge(array($more), (array)$exceptions));
|
||||||
|
|
||||||
// NOTE: Not every type of policy object has a real PHID; just load an
|
$access_denied = $this->renderAccessDenied($object);
|
||||||
// empty handle if a real PHID isn't available.
|
|
||||||
$phid = nonempty($object->getPHID(), PhabricatorPHIDConstants::PHID_VOID);
|
|
||||||
|
|
||||||
$handle = id(new PhabricatorHandleQuery())
|
|
||||||
->setViewer($this->viewer)
|
|
||||||
->withPHIDs(array($phid))
|
|
||||||
->executeOne();
|
|
||||||
|
|
||||||
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
|
|
||||||
if ($is_serious) {
|
|
||||||
$title = pht(
|
|
||||||
'Access Denied: %s',
|
|
||||||
$handle->getObjectName());
|
|
||||||
} else {
|
|
||||||
$title = pht(
|
|
||||||
'You Shall Not Pass: %s',
|
|
||||||
$handle->getObjectName());
|
|
||||||
}
|
|
||||||
|
|
||||||
$full_message = pht(
|
$full_message = pht(
|
||||||
'[%s] (%s) %s // %s',
|
'[%s] (%s) %s // %s',
|
||||||
$title,
|
$access_denied,
|
||||||
$capability_name,
|
$capability_name,
|
||||||
$rejection,
|
$rejection,
|
||||||
implode(' ', $details));
|
implode(' ', $details));
|
||||||
|
|
||||||
$exception = id(new PhabricatorPolicyException($full_message))
|
$exception = id(new PhabricatorPolicyException($full_message))
|
||||||
->setTitle($title)
|
->setTitle($access_denied)
|
||||||
->setRejection($rejection)
|
->setRejection($rejection)
|
||||||
->setCapabilityName($capability_name)
|
->setCapabilityName($capability_name)
|
||||||
->setMoreInfo($details);
|
->setMoreInfo($details);
|
||||||
|
@ -668,4 +650,30 @@ final class PhabricatorPolicyFilter {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function renderAccessDenied(PhabricatorPolicyInterface $object) {
|
||||||
|
// NOTE: Not every type of policy object has a real PHID; just load an
|
||||||
|
// empty handle if a real PHID isn't available.
|
||||||
|
$phid = nonempty($object->getPHID(), PhabricatorPHIDConstants::PHID_VOID);
|
||||||
|
|
||||||
|
$handle = id(new PhabricatorHandleQuery())
|
||||||
|
->setViewer($this->viewer)
|
||||||
|
->withPHIDs(array($phid))
|
||||||
|
->executeOne();
|
||||||
|
|
||||||
|
$object_name = $handle->getObjectName();
|
||||||
|
|
||||||
|
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
|
||||||
|
if ($is_serious) {
|
||||||
|
$access_denied = pht(
|
||||||
|
'Access Denied: %s',
|
||||||
|
$object_name);
|
||||||
|
} else {
|
||||||
|
$access_denied = pht(
|
||||||
|
'You Shall Not Pass: %s',
|
||||||
|
$object_name);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $access_denied;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue