Allow repository policies to be edited

Summary: Ref T603. Allows permitted users to set view and edit policies for repositories. So far the repository list, repository detail, repository edit, and browse interfaces respect these settings. Most other interfaces will respect stricter settings, but "Public" won't work. Lots of rough edges in the integration still. None of this makes policies any looser than they were already without explicit user intervention, so I just put a warning about it in the UI. Test Plan: Set a repository to public and browsed it. Verified I could not access non-public repositories. Reviewers: btrahan Reviewed By: btrahan CC: aran, davidressman Maniphest Tasks: T603 Differential Revision: https://secure.phabricator.com/D7061
2013-09-23 12:53:41 -07:00
parent 173adec527
commit d63789e4b2
8 changed files with 179 additions and 2 deletions
--- a/src/applications/diffusion/controller/DiffusionRepositoryEditController.php
+++ b/src/applications/diffusion/controller/DiffusionRepositoryEditController.php
@@ -33,6 +33,12 @@ final class DiffusionRepositoryEditController extends DiffusionController {
    $content[] = $this->buildBasicActions($repository);
    $content[] = $this->buildBasicProperties($repository);

+    $content[] = id(new PHUIHeaderView())
+      ->setHeader(pht('Policies'));
+
+    $content[] = $this->buildPolicyActions($repository);
+    $content[] = $this->buildPolicyProperties($repository);
+
    $content[] = id(new PHUIHeaderView())
      ->setHeader(pht('Text Encoding'));

@@ -164,6 +170,7 @@ final class DiffusionRepositoryEditController extends DiffusionController {
      ->setName(pht('Edit Text Encoding'))
      ->setHref(
        $this->getRepositoryControllerURI($repository, 'edit/encoding/'))
+      ->setWorkflow(!$can_edit)
      ->setDisabled(!$can_edit);
    $view->addAction($edit);

@@ -186,6 +193,50 @@ final class DiffusionRepositoryEditController extends DiffusionController {
    return $view;
  }

+  private function buildPolicyActions(PhabricatorRepository $repository) {
+    $viewer = $this->getRequest()->getUser();

+    $view = id(new PhabricatorActionListView())
+      ->setObjectURI($this->getRequest()->getRequestURI())
+      ->setUser($viewer);
+
+    $can_edit = PhabricatorPolicyFilter::hasCapability(
+      $viewer,
+      $repository,
+      PhabricatorPolicyCapability::CAN_EDIT);
+
+    $edit = id(new PhabricatorActionView())
+      ->setIcon('edit')
+      ->setName(pht('Edit Policies'))
+      ->setHref(
+        $this->getRepositoryControllerURI($repository, 'edit/policy/'))
+      ->setWorkflow(!$can_edit)
+      ->setDisabled(!$can_edit);
+    $view->addAction($edit);
+
+    return $view;
+  }
+
+  private function buildPolicyProperties(PhabricatorRepository $repository) {
+    $viewer = $this->getRequest()->getUser();
+
+    $view = id(new PhabricatorPropertyListView())
+      ->setUser($viewer);
+
+    $descriptions = PhabricatorPolicyQuery::renderPolicyDescriptions(
+      $viewer,
+      $repository);
+
+    $view->addProperty(
+      pht('Visible To'),
+      $descriptions[PhabricatorPolicyCapability::CAN_VIEW]);
+
+    $view->addProperty(
+      pht('Editable By'),
+      $descriptions[PhabricatorPolicyCapability::CAN_EDIT]);
+
+
+    return $view;
+  }

 }