revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-09 06:11:01 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/transactions/storage/PhabricatorApplicationTransactionComment.php
epriestley 58f66fea80 Allow users to remove their own comments, and administrators to remove any comment 
Summary:
Fixes T4909. Adds a "remove" link next to the edit link, which permanently hides a comment. Addresses two use cases:

  - Allowing administrators to clean up spam.
  - Allowing users to try to put the genie back in the bottle if they post passwords or sensitive links, etc.

The user who removed the comment is named in the removal text to enforce some level of administrative accountability.

No data is deleted, but there's currently no method to restore these comments. We'll see if we need one.

This is cheating a little bit by storing "removed" as "2" in the isDeleted field. This doesn't seem tooooo bad for now.

Test Plan:
  - Removed some of my comments.
  - As an administrator, removed other users' comments.
  - Failed to view history of a removed comment.
  - Failed to edit a removed comment.
  - Failed to remove a removed comment.
  - Verified feed doesn't show the old comment after comment removal.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: qgil, chad, epriestley

Maniphest Tasks: T4909

Differential Revision: https://secure.phabricator.com/D8945
2014-05-05 10:55:32 -07:00

147 lines
3.6 KiB
PHP
Raw Blame History

<?php
abstract class PhabricatorApplicationTransactionComment
extends PhabricatorLiskDAO
implements
PhabricatorMarkupInterface,
PhabricatorPolicyInterface,
PhabricatorDestructableInterface {
const MARKUP_FIELD_COMMENT = 'markup:comment';
protected $transactionPHID;
protected $commentVersion;
protected $authorPHID;
protected $viewPolicy;
protected $editPolicy;
protected $content;
protected $contentSource;
protected $isDeleted = 0;
abstract public function getApplicationTransactionObject();
public function generatePHID() {
return PhabricatorPHID::generateNewPHID(
PhabricatorPHIDConstants::PHID_TYPE_XCMT);
}
public function getConfiguration() {
return array(
self::CONFIG_AUX_PHID => true,
) + parent::getConfiguration();
}
public function getApplicationName() {
return $this->getApplicationTransactionObject()->getApplicationName();
}
public function getTableName() {
$xaction = $this->getApplicationTransactionObject();
return self::getTableNameFromTransaction($xaction);
}
public static function getTableNameFromTransaction(
PhabricatorApplicationTransaction $xaction) {
return $xaction->getTableName().'_comment';
}
public function setContentSource(PhabricatorContentSource $content_source) {
$this->contentSource = $content_source->serialize();
return $this;
}
public function setContentSourceFromRequest(AphrontRequest $request) {
return $this->setContentSource(
PhabricatorContentSource::newFromRequest($request));
}
public function getContentSource() {
return PhabricatorContentSource::newFromSerialized($this->contentSource);
}
public function getIsRemoved() {
return ($this->getIsDeleted() == 2);
}
public function setIsRemoved($removed) {
if ($removed) {
$this->setIsDeleted(2);
} else {
$this->setIsDeleted(0);
}
return $this;
}
/* -( PhabricatorMarkupInterface )----------------------------------------- */
public function getMarkupFieldKey($field) {
return PhabricatorPHIDConstants::PHID_TYPE_XCMT.':'.$this->getPHID();
}
public function newMarkupEngine($field) {
return PhabricatorMarkupEngine::getEngine();
}
public function getMarkupText($field) {
return $this->getContent();
}
public function didMarkupText($field, $output, PhutilMarkupEngine $engine) {
require_celerity_resource('phabricator-remarkup-css');
return phutil_tag(
'div',
array(
'class' => 'phabricator-remarkup',
),
$output);
}
public function shouldUseMarkupCache($field) {
return (bool)$this->getPHID();
}
/* -( PhabricatorPolicyInterface Implementation )-------------------------- */
public function getCapabilities() {
return array(
PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT,
);
}
public function getPolicy($capability) {
switch ($capability) {
case PhabricatorPolicyCapability::CAN_VIEW:
return $this->getViewPolicy();
case PhabricatorPolicyCapability::CAN_EDIT:
return $this->getEditPolicy();
}
}
public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
return ($viewer->getPHID() == $this->getAuthorPHID());
}
public function describeAutomaticCapability($capability) {
// TODO: (T603) Policies are murky.
return null;
}
/* -( PhabricatorDestructableInterface )----------------------------------- */
public function destroyObjectPermanently(
PhabricatorDestructionEngine $engine) {
$this->openTransaction();
$this->delete();
$this->saveTransaction();
}
}
View git blame Copy permalink