From f5600acb16f02d97945d2b3dfebbf2856958f310 Mon Sep 17 00:00:00 2001 From: epriestley Date: Wed, 17 Dec 2014 17:04:12 -0800 Subject: [PATCH] Don't skip policy checks on ObjectQuery if special capabilities are required Summary: Ref T6741. As an optimization, we omit policy checks on ObjectQuery, but need to retain them if the query requests non-view permissions. This primarily affected Almanac properties. Test Plan: Almanac properties now do full policy checks on ObjectQuery loads. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T6741 Differential Revision: https://secure.phabricator.com/D11005 --- .../phid/query/PhabricatorObjectQuery.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/applications/phid/query/PhabricatorObjectQuery.php b/src/applications/phid/query/PhabricatorObjectQuery.php index 8709cca7c7..ba42a91644 100644 --- a/src/applications/phid/query/PhabricatorObjectQuery.php +++ b/src/applications/phid/query/PhabricatorObjectQuery.php @@ -144,12 +144,18 @@ final class PhabricatorObjectQuery } /** - * This query disables policy filtering because it is performed in the - * subqueries which actually load objects. We don't need to re-filter - * results, since policies have already been applied. + * This query disables policy filtering if the only required capability is + * the view capability. + * + * The view capability is always checked in the subqueries, so we do not need + * to re-filter results. For any other set of required capabilities, we do. */ protected function shouldDisablePolicyFiltering() { - return true; + $view_capability = PhabricatorPolicyCapability::CAN_VIEW; + if ($this->getRequiredCapabilities() === array($view_capability)) { + return true; + } + return false; } public function getQueryApplicationClass() {