Make "public" pastes meaningfully visible to logged-out users

Summary:
  - Introduce `shouldAllowPublic()`, indicating that logged-out users are OK in a controller if the install is configured to permit public policies.
  - Make Paste views and lists allow public users.
  - Make UI do sensible things with respect to disabling links, etc.
  - Improve behavior of "you need to login" with respect to policy exceptions and Ajax requests.

Test Plan: Looked at "public" paste, saw all unavailable UI disabled, clicked it, got appropraite prompts.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D3502

src/applications/base/controller/PhabricatorController.php

@@ -21,6 +21,14 @@ abstract class PhabricatorController extends AphrontController {
   private $handles;
 
   public function shouldRequireLogin() {
+
+    // If this install is configured to allow public resources and the
+    // controller works in public mode, allow the request through.
+    $is_public_allowed = PhabricatorEnv::getEnvConfig('policy.allow-public');
+    if ($is_public_allowed && $this->shouldAllowPublic()) {
+      return false;
+    }
+
     return true;
   }
 
@@ -32,6 +40,10 @@ abstract class PhabricatorController extends AphrontController {
     return true;
   }
 
+  public function shouldAllowPublic() {
+    return false;
+  }
+
   public function shouldRequireEmailVerification() {
     $need_verify = PhabricatorUserEmail::isEmailVerificationRequired();
     $need_login = $this->shouldRequireLogin();