LOCAL: Restrict All users policy for top-level docs

Restrict the creation of a new top-level document if visibility or edition policies are set to "All users". See T4759

LOCAL: Restrict All users policy for top-level docs
Restrict the creation of a new top-level document if visibility or edition policies are set to "All users". See T4759
787875e2 · Ana Rute Mendes · 446c73ce · 787875e2
Commit 787875e2 authored Jul 26, 2018 by Ana Rute Mendes 🌈
Hide whitespace changes
Inline Side-by-side

Showing with 40 additions and 0 deletions

src/applications/phriction/editor/PhrictionTransactionEditor.php ...lications/phriction/editor/PhrictionTransactionEditor.php +40 -0

No files found.
--- a/src/applications/phriction/editor/PhrictionTransactionEditor.php
+++ b/src/applications/phriction/editor/PhrictionTransactionEditor.php
@@ -352,6 +352,12 @@ final class PhrictionTransactionEditor

    $errors = parent::validateTransaction($object, $type, $xactions);

+    $view_policy = '';
+    $edit_policy = '';
+    $space = '';
+    $policy_type = '';
+    $error_type = '';
+
    foreach ($xactions as $xaction) {
      switch ($type) {
        case PhrictionDocumentContentTransaction::TRANSACTIONTYPE:
@@ -422,9 +428,43 @@ final class PhrictionTransactionEditor
          }
          break;

+        case PhabricatorTransactions::TYPE_VIEW_POLICY:
+          $view_policy = $xaction->getNewValue();
+          $policy_type = 'visible to';
+          $error_type = $view_policy;
+          break;
+
+        case PhabricatorTransactions::TYPE_EDIT_POLICY:
+          $edit_policy = $xaction->getNewValue();
+          $policy_type = 'editable by';
+          $error_type = $edit_policy;
+          break;
+
+        case PhabricatorTransactions::TYPE_SPACE:
+          $space = $xaction->getNewValue();
+          break;
      }
    }

+    $slugs = PhabricatorSlug::getAncestry($object->getSlug());
+    // This means it's new and its only parent is the wiki root page '/'
+    if ($this->getIsNewObject() && sizeof($slugs) == 1) {
+      if ($view_policy == PhabricatorPolicies::POLICY_USER ||
+          $edit_policy == PhabricatorPolicies::POLICY_USER ||
+          $space == PhabricatorSpacesNamespaceQuery::getMagicAllUsersSpace()->getPHID()) {
+        $error = new PhabricatorApplicationTransactionValidationError(
+          $error_type,
+          pht('Invalid'),
+          pht(
+            'Top-level documents cannot be created under the policy "All Users" '.
+            'nor be in the "All Users" Space. However, please note that you can '.
+            'modify the policy to "All Users" after the document has been '.
+            'created in case you would like it to be '.$policy_type.' everyone.')
+        );
+        $errors[] = $error;
+      };
+    };
+
    return $errors;
  }