Allow projects to be set as policies

Summary: - Renames `PhabricatorPolicyQuery` to `PhabricatorPolicyAwareQuery` (a query which respects policy settings). - Introduces `PhabricatorPolicyQuery`, which loads available policies (e.g., "member of project X"). - Introduces `PhabricatorPolicy`, which describes a policy. - Allows projects to be set as policies. - Allows Paste policies to be edited. - Covers crazy cases where you make projects depend on themselves or each other because you are a dastardly villan. Test Plan: Set paste and project policies, including crazy policies like A -> B -> A, A -> A, etc. Reviewers: vrana, btrahan Reviewed By: vrana CC: aran Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D3476
2012-09-13 10:15:08 -07:00
parent b39175342d
commit a1df1f2b70
20 changed files with 524 additions and 72 deletions
--- a/src/applications/project/controller/PhabricatorProjectProfileEditController.php
+++ b/src/applications/project/controller/PhabricatorProjectProfileEditController.php
@@ -154,6 +154,11 @@ final class PhabricatorProjectProfileEditController
    $title = 'Edit Project';
    $action = '/project/edit/'.$project->getID().'/';

+    $policies = id(new PhabricatorPolicyQuery())
+      ->setViewer($user)
+      ->setObject($project)
+      ->execute();
+
    $form = new AphrontFormView();
    $form
      ->setID('project-edit-form')
@@ -187,12 +192,14 @@ final class PhabricatorProjectProfileEditController
          ->setName('can_view')
          ->setCaption('Members can always view a project.')
          ->setPolicyObject($project)
+          ->setPolicies($policies)
          ->setCapability(PhabricatorPolicyCapability::CAN_VIEW))
      ->appendChild(
        id(new AphrontFormPolicyControl())
          ->setUser($user)
          ->setName('can_edit')
          ->setPolicyObject($project)
+          ->setPolicies($policies)
          ->setCapability(PhabricatorPolicyCapability::CAN_EDIT))
      ->appendChild(
        id(new AphrontFormPolicyControl())
@@ -201,6 +208,7 @@ final class PhabricatorProjectProfileEditController
          ->setCaption(
            'Users who can edit a project can always join a project.')
          ->setPolicyObject($project)
+          ->setPolicies($policies)
          ->setCapability(PhabricatorPolicyCapability::CAN_JOIN))
      ->appendChild(
        id(new AphrontFormMarkupControl())