1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-01 11:12:42 +01:00
phorge-phorge/src/applications/paste/controller/PhabricatorPasteEditController.php
Alex Monk a84cd99893 Paste: Add edit policy
Summary: T5549

Test Plan: Set edit policy on paste, check that only users meeting the policy requirements can edit it.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Maniphest Tasks: T5549

Differential Revision: https://secure.phabricator.com/D11097
2014-12-31 08:24:57 -08:00

250 lines
7.6 KiB
PHP

<?php
final class PhabricatorPasteEditController extends PhabricatorPasteController {
private $id;
public function willProcessRequest(array $data) {
$this->id = idx($data, 'id');
}
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
$parent = null;
$parent_id = null;
if (!$this->id) {
$is_create = true;
$paste = PhabricatorPaste::initializeNewPaste($user);
$parent_id = $request->getStr('parent');
if ($parent_id) {
// NOTE: If the Paste is forked from a paste which the user no longer
// has permission to see, we still let them edit it.
$parent = id(new PhabricatorPasteQuery())
->setViewer($user)
->withIDs(array($parent_id))
->needContent(true)
->needRawContent(true)
->execute();
$parent = head($parent);
if ($parent) {
$paste->setParentPHID($parent->getPHID());
$paste->setViewPolicy($parent->getViewPolicy());
}
}
$paste->setAuthorPHID($user->getPHID());
$paste->attachRawContent('');
} else {
$is_create = false;
$paste = id(new PhabricatorPasteQuery())
->setViewer($user)
->requireCapabilities(
array(
PhabricatorPolicyCapability::CAN_VIEW,
PhabricatorPolicyCapability::CAN_EDIT,
))
->withIDs(array($this->id))
->needRawContent(true)
->executeOne();
if (!$paste) {
return new Aphront404Response();
}
}
$text = null;
$e_text = true;
$errors = array();
if ($is_create && $parent) {
$v_title = pht('Fork of %s', $parent->getFullName());
$v_language = $parent->getLanguage();
$v_text = $parent->getRawContent();
} else {
$v_title = $paste->getTitle();
$v_language = $paste->getLanguage();
$v_text = $paste->getRawContent();
}
$v_view_policy = $paste->getViewPolicy();
$v_edit_policy = $paste->getEditPolicy();
if ($is_create) {
$v_projects = array();
} else {
$v_projects = PhabricatorEdgeQuery::loadDestinationPHIDs(
$paste->getPHID(),
PhabricatorProjectObjectHasProjectEdgeType::EDGECONST);
$v_projects = array_reverse($v_projects);
}
if ($request->isFormPost()) {
$xactions = array();
$v_text = $request->getStr('text');
if (!strlen($v_text)) {
$e_text = pht('Required');
$errors[] = pht('The paste may not be blank.');
} else {
$e_text = null;
}
$v_title = $request->getStr('title');
$v_language = $request->getStr('language');
$v_view_policy = $request->getStr('can_view');
$v_edit_policy = $request->getStr('can_edit');
$v_projects = $request->getArr('projects');
// NOTE: The author is the only editor and can always view the paste,
// so it's impossible for them to choose an invalid policy.
if (!$errors) {
if ($is_create || ($v_text !== $paste->getRawContent())) {
$file = PhabricatorPasteEditor::initializeFileForPaste(
$user,
$v_title,
$v_text);
$xactions[] = id(new PhabricatorPasteTransaction())
->setTransactionType(PhabricatorPasteTransaction::TYPE_CONTENT)
->setNewValue($file->getPHID());
}
$xactions[] = id(new PhabricatorPasteTransaction())
->setTransactionType(PhabricatorPasteTransaction::TYPE_TITLE)
->setNewValue($v_title);
$xactions[] = id(new PhabricatorPasteTransaction())
->setTransactionType(PhabricatorPasteTransaction::TYPE_LANGUAGE)
->setNewValue($v_language);
$xactions[] = id(new PhabricatorPasteTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_VIEW_POLICY)
->setNewValue($v_view_policy);
$xactions[] = id(new PhabricatorPasteTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
->setNewValue($v_edit_policy);
$proj_edge_type = PhabricatorProjectObjectHasProjectEdgeType::EDGECONST;
$xactions[] = id(new PhabricatorPasteTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDGE)
->setMetadataValue('edge:type', $proj_edge_type)
->setNewValue(array('=' => array_fuse($v_projects)));
$editor = id(new PhabricatorPasteEditor())
->setActor($user)
->setContentSourceFromRequest($request)
->setContinueOnNoEffect(true);
$xactions = $editor->applyTransactions($paste, $xactions);
return id(new AphrontRedirectResponse())->setURI($paste->getURI());
} else {
// make sure we update policy so its correctly populated to what
// the user chose
$paste->setViewPolicy($v_view_policy);
$paste->setEditPolicy($v_edit_policy);
}
}
$form = new AphrontFormView();
$langs = array(
'' => pht('(Detect From Filename in Title)'),
) + PhabricatorEnv::getEnvConfig('pygments.dropdown-choices');
$form
->setUser($user)
->addHiddenInput('parent', $parent_id)
->appendChild(
id(new AphrontFormTextControl())
->setLabel(pht('Title'))
->setValue($v_title)
->setName('title'))
->appendChild(
id(new AphrontFormSelectControl())
->setLabel(pht('Language'))
->setName('language')
->setValue($v_language)
->setOptions($langs));
$policies = id(new PhabricatorPolicyQuery())
->setViewer($user)
->setObject($paste)
->execute();
$form->appendChild(
id(new AphrontFormPolicyControl())
->setUser($user)
->setCapability(PhabricatorPolicyCapability::CAN_VIEW)
->setPolicyObject($paste)
->setPolicies($policies)
->setName('can_view'));
$form->appendChild(
id(new AphrontFormPolicyControl())
->setUser($user)
->setCapability(PhabricatorPolicyCapability::CAN_EDIT)
->setPolicyObject($paste)
->setPolicies($policies)
->setName('can_edit'));
if ($v_projects) {
$project_handles = $this->loadViewerHandles($v_projects);
} else {
$project_handles = array();
}
$form->appendChild(
id(new AphrontFormTokenizerControl())
->setLabel(pht('Projects'))
->setName('projects')
->setValue($project_handles)
->setDatasource(new PhabricatorProjectDatasource()));
$form
->appendChild(
id(new AphrontFormTextAreaControl())
->setLabel(pht('Text'))
->setError($e_text)
->setValue($v_text)
->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_TALL)
->setCustomClass('PhabricatorMonospaced')
->setName('text'));
$submit = new AphrontFormSubmitControl();
if (!$is_create) {
$submit->addCancelButton($paste->getURI());
$submit->setValue(pht('Save Paste'));
$title = pht('Edit %s', $paste->getFullName());
$short = pht('Edit');
} else {
$submit->setValue(pht('Create Paste'));
$title = pht('Create New Paste');
$short = pht('Create');
}
$form->appendChild($submit);
$form_box = id(new PHUIObjectBoxView())
->setHeaderText($title)
->setFormErrors($errors)
->setForm($form);
$crumbs = $this->buildApplicationCrumbs($this->buildSideNavView());
if (!$is_create) {
$crumbs->addTextCrumb('P'.$paste->getID(), '/P'.$paste->getID());
}
$crumbs->addTextCrumb($short);
return $this->buildApplicationPage(
array(
$crumbs,
$form_box,
),
array(
'title' => $title,
));
}
}