1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-23 07:12:41 +01:00
phorge-phorge/webroot/rsrc
epriestley b1b1ff83f2 Allow applications to define new policy capabilities
Summary:
Ref T603. I want to let applications define new capabilities (like "can manage global rules" in Herald) and get full support for them, including reasonable error strings in the UI.

Currently, this is difficult for a couple of reasons. Partly this is just a code organization issue, which is easy to fix. The bigger thing is that we have a bunch of strings which depend on both the policy and capability, like: "You must be an administrator to view this object." "Administrator" is the policy, and "view" is the capability.

That means every new capability has to add a string for each policy, and every new policy (should we introduce any) needs to add a string for each capability. And we can't do any piecemeal "You must be a {$role} to {$action} this object" becuase it's impossible to translate.

Instead, make all the strings depend on //only// the policy, //only// the capability, or //only// the object type. This makes the dialogs read a little more strangely, but I think it's still pretty easy to understand, and it makes adding new stuff way way easier.

Also provide more context, and more useful exception messages.

Test Plan:
  - See screenshots.
  - Also triggered a policy exception and verified it was dramatically more useful than it used to be.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: chad, aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7260
2013-10-07 13:28:58 -07:00
..
css Allow applications to define new policy capabilities 2013-10-07 13:28:58 -07:00
externals Remove spurious "+x" from files that shouldn't have it 2013-10-05 05:18:17 -07:00
image Fix retina ObjectHeader status icons 2013-10-07 08:47:40 -07:00
js Allow Herald rules to add reviewers 2013-10-05 14:10:51 -07:00
swf Remove spurious "+x" from files that shouldn't have it 2013-10-05 05:18:17 -07:00