9481b9eff1
Summary:
Ref T13216. See PHI980. Currently, each application in {nav Applications > X > Configure} has a "Can Configure Application" permission which is hard-coded to "Administrators".
There's no technical reason for this, there just hasn't been a great use case for unlocking it. I think when I originally wrote it our protections against locking yourself out of things weren't that great (i.e., it was easier to set the policy to something that prevented you from editing it after the new policy took effect). Our protections are better now.
The major goal here is to let installs open up Custom Forms for given applications (mostly Maniphest) to more users, but the other options mostly go hand-in-hand with that.
Also, in developer mode, include stack traces for policy exceptions. This makes debugging weird stuff (like the indirect Config application errors here) easier.
Test Plan:
- Granted "Can Configure Application" for Maniphest to all users.
- Edited custom forms as a non-administrator.
- Configured Maniphest as a non-administrator.
- Installed/uninstalled Maniphest as a non-administrator.
- Tried to lock myself out (got an error message).
{F6015721}
Reviewers: amckinley, joshuaspence
Reviewed By: joshuaspence
Subscribers: joshuaspence
Maniphest Tasks: T13216
Differential Revision: https://secure.phabricator.com/D19822
108 lines
2.9 KiB
PHP
108 lines
2.9 KiB
PHP
<?php
|
|
|
|
final class PhabricatorPolicyRequestExceptionHandler
|
|
extends PhabricatorRequestExceptionHandler {
|
|
|
|
public function getRequestExceptionHandlerPriority() {
|
|
return 320000;
|
|
}
|
|
|
|
public function getRequestExceptionHandlerDescription() {
|
|
return pht(
|
|
'Handles policy exceptions which occur when a user tries to '.
|
|
'do something they do not have permission to do.');
|
|
}
|
|
|
|
public function canHandleRequestThrowable(
|
|
AphrontRequest $request,
|
|
$throwable) {
|
|
|
|
if (!$this->isPhabricatorSite($request)) {
|
|
return false;
|
|
}
|
|
|
|
return ($throwable instanceof PhabricatorPolicyException);
|
|
}
|
|
|
|
public function handleRequestThrowable(
|
|
AphrontRequest $request,
|
|
$throwable) {
|
|
|
|
$viewer = $this->getViewer($request);
|
|
|
|
if (!$viewer->isLoggedIn()) {
|
|
// If the user isn't logged in, just give them a login form. This is
|
|
// probably a generally more useful response than a policy dialog that
|
|
// they have to click through to get a login form.
|
|
//
|
|
// Possibly we should add a header here like "you need to login to see
|
|
// the thing you are trying to look at".
|
|
$auth_app_class = 'PhabricatorAuthApplication';
|
|
$auth_app = PhabricatorApplication::getByClass($auth_app_class);
|
|
|
|
return id(new PhabricatorAuthStartController())
|
|
->setRequest($request)
|
|
->setCurrentApplication($auth_app)
|
|
->handleRequest($request);
|
|
}
|
|
|
|
$content = array(
|
|
phutil_tag(
|
|
'div',
|
|
array(
|
|
'class' => 'aphront-policy-rejection',
|
|
),
|
|
$throwable->getRejection()),
|
|
);
|
|
|
|
$list = null;
|
|
if ($throwable->getCapabilityName()) {
|
|
$list = $throwable->getMoreInfo();
|
|
foreach ($list as $key => $item) {
|
|
$list[$key] = $item;
|
|
}
|
|
|
|
$content[] = phutil_tag(
|
|
'div',
|
|
array(
|
|
'class' => 'aphront-capability-details',
|
|
),
|
|
pht(
|
|
'Users with the "%s" capability:',
|
|
$throwable->getCapabilityName()));
|
|
|
|
}
|
|
|
|
$dialog = id(new AphrontDialogView())
|
|
->setTitle($throwable->getTitle())
|
|
->setClass('aphront-access-dialog')
|
|
->setUser($viewer)
|
|
->appendChild($content);
|
|
|
|
if ($list) {
|
|
$dialog->appendList($list);
|
|
}
|
|
|
|
// If the install is in developer mode, include a stack trace for the
|
|
// exception. When debugging things, it isn't always obvious where a
|
|
// policy exception came from and this can make it easier to hunt down
|
|
// bugs or improve ambiguous/confusing messaging.
|
|
|
|
$is_developer = PhabricatorEnv::getEnvConfig('phabricator.developer-mode');
|
|
if ($is_developer) {
|
|
$dialog->appendChild(
|
|
id(new AphrontStackTraceView())
|
|
->setTrace($throwable->getTrace()));
|
|
}
|
|
|
|
if ($request->isAjax()) {
|
|
$dialog->addCancelButton('/', pht('Close'));
|
|
} else {
|
|
$dialog->addCancelButton('/', pht('OK'));
|
|
}
|
|
|
|
return $dialog;
|
|
}
|
|
|
|
}
|