Commit 50084152 authored by Ana Rute Mendes's avatar Ana Rute Mendes 🌈

LOCAL/POLICY: set sysadmin requests policies

Set sysadmin resquests policies according to confidentiality
chosen by the user.
parent 787875e2
......@@ -365,6 +365,8 @@ final class ManiphestTransactionEditor
PhabricatorLiskDAO $object,
array $xactions) {
$this->setContinueOnNoEffect(true);
$actor = $this->getActor();
$actor_phid = $actor->getPHID();
......@@ -433,40 +435,106 @@ final class ManiphestTransactionEditor
// CCU: If this is a purchasing type, then try to assign the task to the
// assignee, if empty. It's not overlay pleasant code, since we need
// to iterate the transactions, rather than interrogate an object.
if ($this->getIsNewObject() && !$any_assign) {
$subtype = null;
$approver = null;
$purchasing_project = null;
foreach ($xactions as $xaction) {
switch ($xaction->getTransactionType()) {
case PhabricatorTransactions::TYPE_SUBTYPE:
$subtype = $xaction->getNewValue();
break;
case PhabricatorTransactions::TYPE_CUSTOMFIELD:
if ($xaction->getMetadataValue('customfield:key') == 'std:maniphest:purchasing:approver') {
foreach ($xaction->getRequiredHandlePHIDs() as $p) {
if (!empty($p)) {
$approver = $p;
break;
}
}
$subtype = null;
$approver = null;
$purchasing_project = null;
$confidential = false;
$changed_confidentiality = false;
foreach ($xactions as $xaction) {
switch ($xaction->getTransactionType()) {
case PhabricatorTransactions::TYPE_SUBTYPE:
$subtype = $xaction->getNewValue();
break;
case PhabricatorTransactions::TYPE_CUSTOMFIELD:
if ($xaction->getMetadataValue('customfield:key') == 'std:maniphest:purchasing:approver') {
foreach ($xaction->getRequiredHandlePHIDs() as $p) {
if (!empty($p)) {
$approver = $p;
break;
}
}
}
if ($xaction->getMetadataValue('customfield:key') == 'std:maniphest:purchasing:project') {
foreach ($xaction->getRequiredHandlePHIDs() as $p) {
if (!empty($p)) {
$purchasing_project = $p;
break;
}
}
if ($xaction->getMetadataValue('customfield:key') == 'std:maniphest:purchasing:project') {
foreach ($xaction->getRequiredHandlePHIDs() as $p) {
if (!empty($p)) {
$purchasing_project = $p;
break;
}
break;
}
}
if ($xaction->getMetadataValue('customfield:key') == 'std:maniphest:sysadmin:confidential-request') {
if ($xaction->getNewValue() != $xaction->getOldValue()) {
$changed_confidentiality = true;
}
if ($xaction->getNewValue() == 'Yes' || $xaction->getNewValue() == 'Dunno') {
$confidential = true;
}
}
break;
}
}
if (!$this->getIsNewObject()) {
$subtype = $object->getSubtype();
};
// We want to change policies only if the confidentiality dropdown was
// changed or if it's a new request.
if ($subtype == 'sysadmin' &&
($changed_confidentiality || $this->getIsNewObject())) {
if ($confidential) {
$sysadmin_project = id(new PhabricatorProjectQuery())
->setViewer($actor)
->withSlugs(array('sysadmin'))
->executeOne();
$confidential_policy = id(new PhabricatorPolicy())
->setRules(
array(
array(
'action' => PhabricatorPolicy::ACTION_ALLOW,
'rule' => 'PhabricatorUsersPolicyRule',
'value' => array($actor_phid),
),
array(
'action' => PhabricatorPolicy::ACTION_ALLOW,
'rule' => 'PhabricatorProjectsPolicyRule',
'value' => array($sysadmin_project->getPHID()),
),
array(
'action' => PhabricatorPolicy::ACTION_ALLOW,
'rule' => 'PhabricatorSubscriptionsSubscribersPolicyRule',
'value' => array($object->getPHID()),
),
))
->save();
$results[] = id(new ManiphestTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_VIEW_POLICY)
->setNewValue($confidential_policy->getPHID());
$results[] = id(new ManiphestTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
->setNewValue($confidential_policy->getPHID());
} else {
$results[] = id(new ManiphestTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_VIEW_POLICY)
->setNewValue(PhabricatorPolicies::POLICY_USER);
$results[] = id(new ManiphestTransaction())
->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
->setNewValue(PhabricatorPolicies::POLICY_USER);
}
}
// CCU: If this is a purchasing type, then try to assign the task to the
// assignee, if empty. It's not overlay pleasant code, since we need
// to iterate the transactions, rather than interrogate an object.
if ($this->getIsNewObject() && !$any_assign) {
if ($subtype == 'purchasing') {
if ($approver == null && $purchasing_project !== null) {
$p_proj = id(new PhabricatorProjectQuery())
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment