Commit 3643cd1f authored by Quinn Ebert's avatar Quinn Ebert Committed by Ana Rute Mendes
Browse files

Default Phriction ACL configuration support

This implements an Applications > Phriction configuration option that allows the administrators to specify default view and edit ACL policies for root-level Phriction documents.

Test Plan:
  1. Create a clean test install of Phabricator, login as the admin user
  2. Go to Applications, configure settings for Phriction, set up the ACL you want
  3. Upon creating the first document in Phriction, the ACL chosen by default should be the one you configured in step 2.
parent 20dd5a7a
...@@ -5533,6 +5533,8 @@ phutil_register_library_map(array( ...@@ -5533,6 +5533,8 @@ phutil_register_library_map(array(
'PhrictionCreateConduitAPIMethod' => 'applications/phriction/conduit/PhrictionCreateConduitAPIMethod.php', 'PhrictionCreateConduitAPIMethod' => 'applications/phriction/conduit/PhrictionCreateConduitAPIMethod.php',
'PhrictionDAO' => 'applications/phriction/storage/PhrictionDAO.php', 'PhrictionDAO' => 'applications/phriction/storage/PhrictionDAO.php',
'PhrictionDatasourceEngineExtension' => 'applications/phriction/engineextension/PhrictionDatasourceEngineExtension.php', 'PhrictionDatasourceEngineExtension' => 'applications/phriction/engineextension/PhrictionDatasourceEngineExtension.php',
'PhrictionDefaultEditCapability' => 'applications/phriction/capability/PhrictionDefaultEditCapability.php',
'PhrictionDefaultViewCapability' => 'applications/phriction/capability/PhrictionDefaultViewCapability.php',
'PhrictionDeleteController' => 'applications/phriction/controller/PhrictionDeleteController.php', 'PhrictionDeleteController' => 'applications/phriction/controller/PhrictionDeleteController.php',
'PhrictionDiffController' => 'applications/phriction/controller/PhrictionDiffController.php', 'PhrictionDiffController' => 'applications/phriction/controller/PhrictionDiffController.php',
'PhrictionDocument' => 'applications/phriction/storage/PhrictionDocument.php', 'PhrictionDocument' => 'applications/phriction/storage/PhrictionDocument.php',
...@@ -12363,6 +12365,8 @@ phutil_register_library_map(array( ...@@ -12363,6 +12365,8 @@ phutil_register_library_map(array(
'PhrictionCreateConduitAPIMethod' => 'PhrictionConduitAPIMethod', 'PhrictionCreateConduitAPIMethod' => 'PhrictionConduitAPIMethod',
'PhrictionDAO' => 'PhabricatorLiskDAO', 'PhrictionDAO' => 'PhabricatorLiskDAO',
'PhrictionDatasourceEngineExtension' => 'PhabricatorDatasourceEngineExtension', 'PhrictionDatasourceEngineExtension' => 'PhabricatorDatasourceEngineExtension',
'PhrictionDefaultEditCapability' => 'PhabricatorPolicyCapability',
'PhrictionDefaultViewCapability' => 'PhabricatorPolicyCapability',
'PhrictionDeleteController' => 'PhrictionController', 'PhrictionDeleteController' => 'PhrictionController',
'PhrictionDiffController' => 'PhrictionController', 'PhrictionDiffController' => 'PhrictionController',
'PhrictionDocument' => array( 'PhrictionDocument' => array(
...@@ -74,6 +74,21 @@ final class PhabricatorPhrictionApplication extends PhabricatorApplication { ...@@ -74,6 +74,21 @@ final class PhabricatorPhrictionApplication extends PhabricatorApplication {
return 0.140; return 0.140;
} }
protected function getCustomCapabilities() {
return array(
PhrictionDefaultViewCapability::CAPABILITY => array(
'caption' => pht('Default view policy for newly created root pages.'),
'template' => PhrictionDocumentPHIDType::TYPECONST,
'capability' => PhabricatorPolicyCapability::CAN_VIEW,
),
PhrictionDefaultEditCapability::CAPABILITY => array(
'caption' => pht('Default edit policy for newly created root pages.'),
'template' => PhrictionDocumentPHIDType::TYPECONST,
'capability' => PhabricatorPolicyCapability::CAN_EDIT,
),
);
}
public function getApplicationSearchDocumentTypes() { public function getApplicationSearchDocumentTypes() {
return array( return array(
PhrictionDocumentPHIDType::TYPECONST, PhrictionDocumentPHIDType::TYPECONST,
......
<?php
final class PhrictionDefaultEditCapability
extends PhabricatorPolicyCapability {
const CAPABILITY = 'phriction.default.edit';
public function getCapabilityName() {
return pht('Default Edit Policy');
}
public function shouldAllowPublicPolicySetting() {
return true;
}
}
<?php
final class PhrictionDefaultViewCapability
extends PhabricatorPolicyCapability {
const CAPABILITY = 'phriction.default.view';
public function getCapabilityName() {
return pht('Default View Policy');
}
public function shouldAllowPublicPolicySetting() {
return true;
}
}
...@@ -86,10 +86,17 @@ final class PhrictionDocument extends PhrictionDAO ...@@ -86,10 +86,17 @@ final class PhrictionDocument extends PhrictionDAO
->setEditPolicy($parent_doc->getEditPolicy()) ->setEditPolicy($parent_doc->getEditPolicy())
->setSpacePHID($space_phid); ->setSpacePHID($space_phid);
} else { } else {
$default_view_policy = PhabricatorPolicies::getMostOpenPolicy(); $app = id(new PhabricatorApplicationQuery())
->setViewer($actor)
->withClasses(array('PhabricatorPhrictionApplication'))
->executeOne();
$default_view_policy = $app->getPolicy(
PhrictionDefaultViewCapability::CAPABILITY);
$default_edit_policy = $app->getPolicy(
PhrictionDefaultEditCapability::CAPABILITY);
$document $document
->setViewPolicy($default_view_policy) ->setViewPolicy($default_view_policy)
->setEditPolicy(PhabricatorPolicies::POLICY_USER) ->setEditPolicy($default_edit_policy)
->setSpacePHID($actor->getDefaultSpacePHID()); ->setSpacePHID($actor->getDefaultSpacePHID());
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment