public static function initializeNewSSHKey(PhabricatorUser $viewer, PhabricatorSSHPublicKeyInterface $object) { // You must be able to edit an object to create a new key on it. PhabricatorPolicyFilter::requireCapability($viewer, $object, PhabricatorPolicyCapability::CAN_EDIT); $object_phid = $object->getPHID(); return id(new self())->setIsActive(1)->setObjectPHID($object_phid)->attachObject($object); }
public function handleRequest(AphrontRequest $request) { $viewer = $this->getViewer(); // Redirect "/panel/XYZ/" to the viewer's personal settings panel. This // was the primary URI before global settings were introduced and allows // generation of viewer-agnostic URIs for email. $panel = $request->getURIData('panel'); if ($panel) { $panel = phutil_escape_uri($panel); $username = $viewer->getUsername(); $panel_uri = "/user/{$username}/page/{$panel}/"; $panel_uri = $this->getApplicationURI($panel_uri); return id(new AphrontRedirectResponse())->setURI($panel_uri); } $username = $request->getURIData('username'); $builtin = $request->getURIData('builtin'); $key = $request->getURIData('pageKey'); if ($builtin) { $this->builtinKey = $builtin; $preferences = id(new PhabricatorUserPreferencesQuery())->setViewer($viewer)->withBuiltinKeys(array($builtin))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne(); if (!$preferences) { $preferences = id(new PhabricatorUserPreferences())->attachUser(null)->setBuiltinKey($builtin); } } else { $user = id(new PhabricatorPeopleQuery())->setViewer($viewer)->withUsernames(array($username))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne(); if (!$user) { return new Aphront404Response(); } $preferences = PhabricatorUserPreferences::loadUserPreferences($user); $this->user = $user; } if (!$preferences) { return new Aphront404Response(); } PhabricatorPolicyFilter::requireCapability($viewer, $preferences, PhabricatorPolicyCapability::CAN_EDIT); $this->preferences = $preferences; $panels = $this->buildPanels($preferences); $nav = $this->renderSideNav($panels); $key = $nav->selectFilter($key, head($panels)->getPanelKey()); $panel = $panels[$key]->setController($this)->setNavigation($nav); $response = $panel->processRequest($request); if ($response instanceof AphrontResponse || $response instanceof AphrontResponseProducerInterface) { return $response; } $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb($panel->getPanelName()); $title = $panel->getPanelName(); $view = id(new PHUITwoColumnView())->setNavigation($nav)->setMainColumn($response); return $this->newPage()->setTitle($title)->setCrumbs($crumbs)->appendChild($view); }
protected function execute(ConduitAPIRequest $request) { $application = id(new PhabricatorApplicationQuery())->setViewer($request->getUser())->withClasses(array('PhabricatorDiffusionApplication'))->executeOne(); PhabricatorPolicyFilter::requireCapability($request->getUser(), $application, DiffusionCreateRepositoriesCapability::CAPABILITY); // TODO: This has some duplication with (and lacks some of the validation // of) the web workflow; refactor things so they can share more code as this // stabilizes. Specifically, this should move to transactions since they // work properly now. $repository = PhabricatorRepository::initializeNewRepository($request->getUser()); $repository->setName($request->getValue('name')); $callsign = $request->getValue('callsign'); if (!preg_match('/^[A-Z]+\\z/', $callsign)) { throw new ConduitException('ERR-BAD-CALLSIGN'); } $repository->setCallsign($callsign); $local_path = PhabricatorEnv::getEnvConfig('repository.default-local-path'); $local_path = rtrim($local_path, '/'); $local_path = $local_path . '/' . $callsign . '/'; $vcs = $request->getValue('vcs'); $map = array('git' => PhabricatorRepositoryType::REPOSITORY_TYPE_GIT, 'hg' => PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL, 'svn' => PhabricatorRepositoryType::REPOSITORY_TYPE_SVN); if (empty($map[$vcs])) { throw new ConduitException('ERR-UNKNOWN-REPOSITORY-VCS'); } $repository->setVersionControlSystem($map[$vcs]); $repository->setCredentialPHID($request->getValue('credentialPHID')); $remote_uri = $request->getValue('uri'); PhabricatorRepository::assertValidRemoteURI($remote_uri); $details = array('encoding' => $request->getValue('encoding'), 'description' => $request->getValue('description'), 'tracking-enabled' => (bool) $request->getValue('tracking', true), 'remote-uri' => $remote_uri, 'local-path' => $local_path, 'branch-filter' => array_fill_keys($request->getValue('branchFilter', array()), true), 'close-commits-filter' => array_fill_keys($request->getValue('closeCommitsFilter', array()), true), 'pull-frequency' => $request->getValue('pullFrequency'), 'default-branch' => $request->getValue('defaultBranch'), 'herald-disabled' => !$request->getValue('heraldEnabled', true), 'svn-subpath' => $request->getValue('svnSubpath'), 'disable-autoclose' => !$request->getValue('autocloseEnabled', true)); foreach ($details as $key => $value) { $repository->setDetail($key, $value); } try { $repository->save(); } catch (AphrontDuplicateKeyQueryException $ex) { throw new ConduitException('ERR-DUPLICATE'); } return $repository->toDictionary(); }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { parent::requireCapabilities($object, $xaction); switch ($xaction->getTransactionType()) { case ConpherenceTransaction::TYPE_PARTICIPANTS: $old_map = array_fuse($xaction->getOldValue()); $new_map = array_fuse($xaction->getNewValue()); $add = array_keys(array_diff_key($new_map, $old_map)); $rem = array_keys(array_diff_key($old_map, $new_map)); $actor_phid = $this->requireActor()->getPHID(); $is_join = $add === array($actor_phid) && !$rem; $is_leave = $rem === array($actor_phid) && !$add; if ($is_join) { // You need CAN_JOIN to join a room. PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_JOIN); } else { if ($is_leave) { // You don't need any capabilities to leave a conpherence thread. } else { // You need CAN_EDIT to change participants other than yourself. PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); } } break; // This is similar to PhabricatorTransactions::TYPE_COMMENT so // use CAN_VIEW // This is similar to PhabricatorTransactions::TYPE_COMMENT so // use CAN_VIEW case ConpherenceTransaction::TYPE_FILES: PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_VIEW); break; case ConpherenceTransaction::TYPE_TITLE: PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); break; } }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); // NOTE: We can end up here via either "Create Repository", or via // "Import Repository", or via "Edit Remote", or via "Edit Policies". In // the latter two cases, we show only a few of the pages. $repository = null; switch ($this->edit) { case 'remote': case 'policy': $repository = $this->getDiffusionRequest()->getRepository(); // Make sure we have CAN_EDIT. PhabricatorPolicyFilter::requireCapability($viewer, $repository, PhabricatorPolicyCapability::CAN_EDIT); $this->setRepository($repository); $cancel_uri = $this->getRepositoryControllerURI($repository, 'edit/'); break; case 'import': case 'create': $this->requireApplicationCapability(DiffusionCreateRepositoriesCapability::CAPABILITY); $cancel_uri = $this->getApplicationURI('new/'); break; default: throw new Exception('Invalid edit operation!'); } $form = id(new PHUIPagedFormView())->setUser($viewer)->setCancelURI($cancel_uri); switch ($this->edit) { case 'remote': $title = pht('Edit Remote'); $form->addPage('remote-uri', $this->buildRemoteURIPage())->addPage('auth', $this->buildAuthPage()); break; case 'policy': $title = pht('Edit Policies'); $form->addPage('policy', $this->buildPolicyPage()); break; case 'create': $title = pht('Create Repository'); $form->addPage('vcs', $this->buildVCSPage())->addPage('name', $this->buildNamePage())->addPage('policy', $this->buildPolicyPage())->addPage('done', $this->buildDonePage()); break; case 'import': $title = pht('Import Repository'); $form->addPage('vcs', $this->buildVCSPage())->addPage('name', $this->buildNamePage())->addPage('remote-uri', $this->buildRemoteURIPage())->addPage('auth', $this->buildAuthPage())->addPage('policy', $this->buildPolicyPage())->addPage('done', $this->buildDonePage()); break; } if ($request->isFormPost()) { $form->readFromRequest($request); if ($form->isComplete()) { $is_create = $this->edit === 'import' || $this->edit === 'create'; $is_auth = $this->edit == 'import' || $this->edit == 'remote'; $is_policy = $this->edit != 'remote'; $is_init = $this->edit == 'create'; if ($is_create) { $repository = PhabricatorRepository::initializeNewRepository($viewer); } $template = id(new PhabricatorRepositoryTransaction()); $type_name = PhabricatorRepositoryTransaction::TYPE_NAME; $type_vcs = PhabricatorRepositoryTransaction::TYPE_VCS; $type_activate = PhabricatorRepositoryTransaction::TYPE_ACTIVATE; $type_local_path = PhabricatorRepositoryTransaction::TYPE_LOCAL_PATH; $type_remote_uri = PhabricatorRepositoryTransaction::TYPE_REMOTE_URI; $type_hosting = PhabricatorRepositoryTransaction::TYPE_HOSTING; $type_credential = PhabricatorRepositoryTransaction::TYPE_CREDENTIAL; $type_view = PhabricatorTransactions::TYPE_VIEW_POLICY; $type_edit = PhabricatorTransactions::TYPE_EDIT_POLICY; $type_push = PhabricatorRepositoryTransaction::TYPE_PUSH_POLICY; $xactions = array(); // If we're creating a new repository, set all this core stuff. if ($is_create) { $callsign = $form->getPage('name')->getControl('callsign')->getValue(); // We must set this to a unique value to save the repository // initially, and it's immutable, so we don't bother using // transactions to apply this change. $repository->setCallsign($callsign); // Put the repository in "Importing" mode until we finish // parsing it. $repository->setDetail('importing', true); $xactions[] = id(clone $template)->setTransactionType($type_name)->setNewValue($form->getPage('name')->getControl('name')->getValue()); $xactions[] = id(clone $template)->setTransactionType($type_vcs)->setNewValue($form->getPage('vcs')->getControl('vcs')->getValue()); $activate = $form->getPage('done')->getControl('activate')->getValue(); $xactions[] = id(clone $template)->setTransactionType($type_activate)->setNewValue($activate == 'start'); $default_local_path = PhabricatorEnv::getEnvConfig('repository.default-local-path'); $default_local_path = rtrim($default_local_path, '/'); $default_local_path = $default_local_path . '/' . $callsign . '/'; $xactions[] = id(clone $template)->setTransactionType($type_local_path)->setNewValue($default_local_path); } if ($is_init) { $xactions[] = id(clone $template)->setTransactionType($type_hosting)->setNewValue(true); } if ($is_auth) { $xactions[] = id(clone $template)->setTransactionType($type_remote_uri)->setNewValue($form->getPage('remote-uri')->getControl('remoteURI')->getValue()); $xactions[] = id(clone $template)->setTransactionType($type_credential)->setNewValue($form->getPage('auth')->getControl('credential')->getValue()); } if ($is_policy) { $xactions[] = id(clone $template)->setTransactionType($type_view)->setNewValue($form->getPage('policy')->getControl('viewPolicy')->getValue()); $xactions[] = id(clone $template)->setTransactionType($type_edit)->setNewValue($form->getPage('policy')->getControl('editPolicy')->getValue()); if ($is_init || $repository->isHosted()) { $xactions[] = id(clone $template)->setTransactionType($type_push)->setNewValue($form->getPage('policy')->getControl('pushPolicy')->getValue()); } } id(new PhabricatorRepositoryEditor())->setContinueOnNoEffect(true)->setContentSourceFromRequest($request)->setActor($viewer)->applyTransactions($repository, $xactions); $repo_uri = $this->getRepositoryControllerURI($repository, 'edit/'); return id(new AphrontRedirectResponse())->setURI($repo_uri); } } else { $dict = array(); if ($repository) { $dict = array('remoteURI' => $repository->getRemoteURI(), 'credential' => $repository->getCredentialPHID(), 'viewPolicy' => $repository->getViewPolicy(), 'editPolicy' => $repository->getEditPolicy(), 'pushPolicy' => $repository->getPushPolicy()); } $form->readFromObject($dict); } $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb($title); return $this->buildApplicationPage(array($crumbs, $form), array('title' => $title)); }
protected function requireApplicationCapability($capability, PhabricatorUser $viewer) { $application = $this->getApplication(); if (!$application) { return; } PhabricatorPolicyFilter::requireCapability($viewer, $this->getApplication(), $capability); }
public function handleRequest(AphrontRequest $request) { $viewer = $this->getViewer(); $engine_key = $request->getURIData('engineKey'); $this->setEngineKey($engine_key); $type = $request->getURIData('type'); $is_create = $type == 'create'; $engine = id(new PhabricatorEditEngineQuery())->setViewer($viewer)->withEngineKeys(array($engine_key))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne(); if (!$engine) { return id(new Aphront404Response()); } $cancel_uri = "/transactions/editengine/{$engine_key}/"; $reorder_uri = "/transactions/editengine/{$engine_key}/sort/{$type}/"; $query = id(new PhabricatorEditEngineConfigurationQuery())->setViewer($viewer)->withEngineKeys(array($engine->getEngineKey())); if ($is_create) { $query->withIsDefault(true); } else { $query->withIsEdit(true); } $configs = $query->execute(); // Do this check here (instead of in the Query above) to get a proper // policy exception if the user doesn't satisfy foreach ($configs as $config) { PhabricatorPolicyFilter::requireCapability($viewer, $config, PhabricatorPolicyCapability::CAN_EDIT); } if ($is_create) { $configs = msort($configs, 'getCreateSortKey'); } else { $configs = msort($configs, 'getEditSortKey'); } if ($request->isFormPost()) { $form_order = $request->getStrList('formOrder'); // NOTE: This has a side-effect of saving any factory-default forms // to the database. We might want to warn the user better, but this // shouldn't generally be very important or confusing. $configs = mpull($configs, null, 'getIdentifier'); $configs = array_select_keys($configs, $form_order) + $configs; $order = 1; foreach ($configs as $config) { $xactions = array(); if ($is_create) { $xaction_type = PhabricatorEditEngineConfigurationTransaction::TYPE_CREATEORDER; } else { $xaction_type = PhabricatorEditEngineConfigurationTransaction::TYPE_EDITORDER; } $xactions[] = id(new PhabricatorEditEngineConfigurationTransaction())->setTransactionType($xaction_type)->setNewValue($order); $editor = id(new PhabricatorEditEngineConfigurationEditor())->setActor($viewer)->setContentSourceFromRequest($request)->setContinueOnNoEffect(true); $editor->applyTransactions($config, $xactions); $order++; } return id(new AphrontRedirectResponse())->setURI($cancel_uri); } $list_id = celerity_generate_unique_node_id(); $input_id = celerity_generate_unique_node_id(); $list = id(new PHUIObjectItemListView())->setUser($viewer)->setID($list_id)->setFlush(true); $form_order = array(); foreach ($configs as $config) { $name = $config->getName(); $identifier = $config->getIdentifier(); $item = id(new PHUIObjectItemView())->setHeader($name)->setGrippable(true)->addSigil('editengine-form-config')->setMetadata(array('formIdentifier' => $identifier)); $list->addItem($item); $form_order[] = $identifier; } Javelin::initBehavior('editengine-reorder-configs', array('listID' => $list_id, 'inputID' => $input_id, 'reorderURI' => $reorder_uri)); if ($is_create) { $title = pht('Reorder Create Forms'); $button = pht('Save Create Order'); $note_text = pht('Drag and drop fields to change the order in which they appear in ' . 'the application "Create" menu.'); } else { $title = pht('Reorder Edit Forms'); $button = pht('Save Edit Order'); $note_text = pht('Drag and drop fields to change their priority for edits. When a ' . 'user edits an object, they will be shown the first form in this ' . 'list that they have permission to see.'); } $note = id(new PHUIInfoView())->appendChild($note_text)->setSeverity(PHUIInfoView::SEVERITY_NOTICE); $input = phutil_tag('input', array('type' => 'hidden', 'name' => 'formOrder', 'value' => implode(', ', $form_order), 'id' => $input_id)); return $this->newDialog()->setTitle($title)->setWidth(AphrontDialogView::WIDTH_FORM)->appendChild($note)->appendChild($list)->appendChild($input)->addSubmitButton(pht('Save Changes'))->addCancelButton($cancel_uri); }
protected function processDiffusionRequest(AphrontRequest $request) { $viewer = $request->getUser(); $drequest = $this->diffusionRequest; $repository = $drequest->getRepository(); PhabricatorPolicyFilter::requireCapability($viewer, $repository, PhabricatorPolicyCapability::CAN_EDIT); if ($request->getURIData('id')) { $mirror = id(new PhabricatorRepositoryMirrorQuery())->setViewer($viewer)->withIDs(array($request->getURIData('id')))->requireCapabilities(array(PhabricatorPolicyCapability::CAN_VIEW, PhabricatorPolicyCapability::CAN_EDIT))->executeOne(); if (!$mirror) { return new Aphront404Response(); } $is_new = false; } else { $mirror = PhabricatorRepositoryMirror::initializeNewMirror($viewer)->setRepositoryPHID($repository->getPHID())->attachRepository($repository); $is_new = true; } $edit_uri = $this->getRepositoryControllerURI($repository, 'edit/#mirrors'); $v_remote = $mirror->getRemoteURI(); $e_remote = true; $v_credentials = $mirror->getCredentialPHID(); $e_credentials = null; $credentials = id(new PassphraseCredentialQuery())->setViewer($viewer)->withIsDestroyed(false)->execute(); $errors = array(); if ($request->isFormPost()) { $v_remote = $request->getStr('remoteURI'); if (strlen($v_remote)) { try { PhabricatorRepository::assertValidRemoteURI($v_remote); $e_remote = null; } catch (Exception $ex) { $e_remote = pht('Invalid'); $errors[] = $ex->getMessage(); } } else { $e_remote = pht('Required'); $errors[] = pht('You must provide a remote URI.'); } $v_credentials = $request->getStr('credential'); if ($v_credentials) { $phids = mpull($credentials, null, 'getPHID'); if (empty($phids[$v_credentials])) { $e_credentials = pht('Invalid'); $errors[] = pht('You do not have permission to use those credentials.'); } } if (!$errors) { $mirror->setRemoteURI($v_remote)->setCredentialPHID($v_credentials)->save(); return id(new AphrontReloadResponse())->setURI($edit_uri); } } $form_errors = null; if ($errors) { $form_errors = id(new PHUIInfoView())->setErrors($errors); } if ($is_new) { $title = pht('Create Mirror'); $submit = pht('Create Mirror'); } else { $title = pht('Edit Mirror'); $submit = pht('Save Changes'); } $form = id(new PHUIFormLayoutView())->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Remote URI'))->setName('remoteURI')->setValue($v_remote)->setError($e_remote))->appendChild(id(new PassphraseCredentialControl())->setLabel(pht('Credentials'))->setName('credential')->setAllowNull(true)->setValue($v_credentials)->setError($e_credentials)->setOptions($credentials)); $dialog = id(new AphrontDialogView())->setUser($viewer)->setTitle($title)->setWidth(AphrontDialogView::WIDTH_FORM)->appendChild($form_errors)->appendChild($form)->addSubmitButton($submit)->addCancelButton($edit_uri); return id(new AphrontDialogResponse())->setDialog($dialog); }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); $authority = $this->loadMerchantAuthority(); $cart_query = id(new PhortuneCartQuery())->setViewer($viewer)->withIDs(array($this->id))->needPurchases(true); if ($authority) { $cart_query->withMerchantPHIDs(array($authority->getPHID())); } $cart = $cart_query->executeOne(); if (!$cart) { return new Aphront404Response(); } switch ($this->action) { case 'cancel': // You must be able to edit the account to cancel an order. PhabricatorPolicyFilter::requireCapability($viewer, $cart->getAccount(), PhabricatorPolicyCapability::CAN_EDIT); $is_refund = false; break; case 'refund': // You must be able to control the merchant to refund an order. PhabricatorPolicyFilter::requireCapability($viewer, $cart->getMerchant(), PhabricatorPolicyCapability::CAN_EDIT); $is_refund = true; break; default: return new Aphront404Response(); } $cancel_uri = $cart->getDetailURI($authority); $merchant = $cart->getMerchant(); try { if ($is_refund) { $title = pht('Unable to Refund Order'); $cart->assertCanRefundOrder(); } else { $title = pht('Unable to Cancel Order'); $cart->assertCanCancelOrder(); } } catch (Exception $ex) { return $this->newDialog()->setTitle($title)->appendChild($ex->getMessage())->addCancelButton($cancel_uri); } $charges = id(new PhortuneChargeQuery())->setViewer($viewer)->withCartPHIDs(array($cart->getPHID()))->withStatuses(array(PhortuneCharge::STATUS_HOLD, PhortuneCharge::STATUS_CHARGED))->execute(); $amounts = mpull($charges, 'getAmountAsCurrency'); $maximum = PhortuneCurrency::newFromList($amounts); $v_refund = $maximum->formatForDisplay(); $errors = array(); $e_refund = true; if ($request->isFormPost()) { if ($is_refund) { try { $refund = PhortuneCurrency::newFromUserInput($viewer, $request->getStr('refund')); $refund->assertInRange('0.00 USD', $maximum->formatForDisplay()); } catch (Exception $ex) { $errors[] = $ex->getMessage(); $e_refund = pht('Invalid'); } } else { $refund = $maximum; } if (!$errors) { $charges = msort($charges, 'getID'); $charges = array_reverse($charges); if ($charges) { $providers = id(new PhortunePaymentProviderConfigQuery())->setViewer($viewer)->withPHIDs(mpull($charges, 'getProviderPHID'))->execute(); $providers = mpull($providers, null, 'getPHID'); } else { $providers = array(); } foreach ($charges as $charge) { $refundable = $charge->getAmountRefundableAsCurrency(); if (!$refundable->isPositive()) { // This charge is a refund, or has already been fully refunded. continue; } if ($refund->isGreaterThan($refundable)) { $refund_amount = $refundable; } else { $refund_amount = $refund; } $provider_config = idx($providers, $charge->getProviderPHID()); if (!$provider_config) { throw new Exception(pht('Unable to load provider for charge!')); } $provider = $provider_config->buildProvider(); $refund_charge = $cart->willRefundCharge($viewer, $provider, $charge, $refund_amount); $refunded = false; try { $provider->refundCharge($charge, $refund_charge); $refunded = true; } catch (Exception $ex) { phlog($ex); $cart->didFailRefund($charge, $refund_charge); } if ($refunded) { $cart->didRefundCharge($charge, $refund_charge); $refund = $refund->subtract($refund_amount); } if (!$refund->isPositive()) { break; } } if ($refund->isPositive()) { throw new Exception(pht('Unable to refund some charges!')); } // TODO: If every HOLD and CHARGING transaction has been fully refunded // and we're in a HOLD, REVIEW, PURCHASING or CHARGED cart state we // probably need to kick the cart back to READY here (or maybe kill // it if it was in REVIEW)? return id(new AphrontRedirectResponse())->setURI($cancel_uri); } } if ($is_refund) { $title = pht('Refund Order?'); $body = pht('Really refund this order?'); $button = pht('Refund Order'); $cancel_text = pht('Cancel'); $form = id(new AphrontFormView())->setUser($viewer)->appendChild(id(new AphrontFormTextControl())->setName('refund')->setLabel(pht('Amount'))->setError($e_refund)->setValue($v_refund)); $form = $form->buildLayoutView(); } else { $title = pht('Cancel Order?'); $body = pht('Really cancel this order? Any payment will be refunded.'); $button = pht('Cancel Order'); // Don't give the user a "Cancel" button in response to a "Cancel?" // prompt, as it's confusing. $cancel_text = pht('Do Not Cancel Order'); $form = null; } return $this->newDialog()->setTitle($title)->setErrors($errors)->appendChild($body)->appendChild($form)->addSubmitButton($button)->addCancelButton($cancel_uri, $cancel_text); }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { switch ($xaction->getTransactionType()) { case PhabricatorProjectColumnTransaction::TYPE_NAME: case PhabricatorProjectColumnTransaction::TYPE_STATUS: PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); return; } return parent::requireCapabilities($object, $xaction); }
/** * Validate that the edit is permissible, and the actor has permission to * perform it. */ private function validateEdit(PhabricatorApplicationTransaction $xaction, PhabricatorApplicationTransactionComment $comment) { if (!$xaction->getPHID()) { throw new Exception(pht('Transaction must have a PHID before calling %s!', 'applyEdit()')); } $type_comment = PhabricatorTransactions::TYPE_COMMENT; if ($xaction->getTransactionType() == $type_comment) { if ($comment->getPHID()) { throw new Exception(pht('Transaction comment must not yet have a PHID!')); } } if (!$this->getContentSource()) { throw new PhutilInvalidStateException('applyEdit'); } $actor = $this->requireActor(); PhabricatorPolicyFilter::requireCapability($actor, $xaction, PhabricatorPolicyCapability::CAN_VIEW); if ($comment->getIsRemoved() && $actor->getIsAdmin()) { // NOTE: Administrators can remove comments by any user, and don't need // to pass the edit check. } else { PhabricatorPolicyFilter::requireCapability($actor, $xaction, PhabricatorPolicyCapability::CAN_EDIT); } }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { switch ($xaction->getTransactionType()) { case PhabricatorProjectTransaction::TYPE_NAME: case PhabricatorProjectTransaction::TYPE_STATUS: case PhabricatorProjectTransaction::TYPE_IMAGE: case PhabricatorProjectTransaction::TYPE_ICON: case PhabricatorProjectTransaction::TYPE_COLOR: PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); return; case PhabricatorProjectTransaction::TYPE_LOCKED: PhabricatorPolicyFilter::requireCapability($this->requireActor(), newv($this->getEditorApplicationClass(), array()), ProjectCanLockProjectsCapability::CAPABILITY); return; case PhabricatorTransactions::TYPE_EDGE: switch ($xaction->getMetadataValue('edge:type')) { case PhabricatorProjectProjectHasMemberEdgeType::EDGECONST: $old = $xaction->getOldValue(); $new = $xaction->getNewValue(); $add = array_keys(array_diff_key($new, $old)); $rem = array_keys(array_diff_key($old, $new)); $actor_phid = $this->requireActor()->getPHID(); $is_join = $add === array($actor_phid) && !$rem; $is_leave = $rem === array($actor_phid) && !$add; if ($is_join) { // You need CAN_JOIN to join a project. PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_JOIN); } else { if ($is_leave) { // You usually don't need any capabilities to leave a project. if ($object->getIsMembershipLocked()) { // you must be able to edit though to leave locked projects PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); } } else { // You need CAN_EDIT to change members other than yourself. PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); } } return; } break; } return parent::requireCapabilities($object, $xaction); }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); $drequest = $this->diffusionRequest; $repository = $drequest->getRepository(); PhabricatorPolicyFilter::requireCapability($viewer, $repository, PhabricatorPolicyCapability::CAN_EDIT); $is_svn = false; $is_git = false; $is_hg = false; switch ($repository->getVersionControlSystem()) { case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT: $is_git = true; break; case PhabricatorRepositoryType::REPOSITORY_TYPE_SVN: $is_svn = true; break; case PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL: $is_hg = true; break; } $has_branches = $is_git || $is_hg; $has_local = $repository->usesLocalWorkingCopy(); $crumbs = $this->buildApplicationCrumbs($is_main = true); $title = pht('Edit %s', $repository->getName()); $header = id(new PHUIHeaderView())->setHeader($title); if ($repository->isTracked()) { $header->setStatus('fa-check', 'bluegrey', pht('Active')); } else { $header->setStatus('fa-ban', 'dark', pht('Inactive')); } $basic_actions = $this->buildBasicActions($repository); $basic_properties = $this->buildBasicProperties($repository, $basic_actions); $policy_actions = $this->buildPolicyActions($repository); $policy_properties = $this->buildPolicyProperties($repository, $policy_actions); $remote_properties = null; if (!$repository->isHosted()) { $remote_properties = $this->buildRemoteProperties($repository, $this->buildRemoteActions($repository)); } $encoding_actions = $this->buildEncodingActions($repository); $encoding_properties = $this->buildEncodingProperties($repository, $encoding_actions); $hosting_properties = $this->buildHostingProperties($repository, $this->buildHostingActions($repository)); $branches_properties = null; if ($has_branches) { $branches_properties = $this->buildBranchesProperties($repository, $this->buildBranchesActions($repository)); } $subversion_properties = null; if ($is_svn) { $subversion_properties = $this->buildSubversionProperties($repository, $this->buildSubversionActions($repository)); } $local_properties = null; if ($has_local) { $local_properties = $this->buildLocalProperties($repository, $this->buildLocalActions($repository)); } $actions_properties = $this->buildActionsProperties($repository, $this->buildActionsActions($repository)); $xactions = id(new PhabricatorRepositoryTransactionQuery())->setViewer($viewer)->withObjectPHIDs(array($repository->getPHID()))->execute(); $engine = id(new PhabricatorMarkupEngine())->setViewer($viewer); foreach ($xactions as $xaction) { if ($xaction->getComment()) { $engine->addObject($xaction->getComment(), PhabricatorApplicationTransactionComment::MARKUP_FIELD_COMMENT); } } $engine->process(); $xaction_view = id(new PhabricatorApplicationTransactionView())->setUser($viewer)->setObjectPHID($repository->getPHID())->setTransactions($xactions)->setMarkupEngine($engine); $boxes = array(); $boxes[] = id(new PHUIObjectBoxView())->setHeader($header)->addPropertyList($basic_properties); $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Policies'))->addPropertyList($policy_properties); $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Hosting'))->addPropertyList($hosting_properties); if ($repository->canMirror()) { $mirror_actions = $this->buildMirrorActions($repository); $mirror_properties = $this->buildMirrorProperties($repository, $mirror_actions); $mirrors = id(new PhabricatorRepositoryMirrorQuery())->setViewer($viewer)->withRepositoryPHIDs(array($repository->getPHID()))->execute(); $mirror_list = $this->buildMirrorList($repository, $mirrors); $boxes[] = id(new PhabricatorAnchorView())->setAnchorName('mirrors'); $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Mirrors'))->addPropertyList($mirror_properties); $boxes[] = $mirror_list; } if ($remote_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Remote'))->addPropertyList($remote_properties); } if ($local_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Local'))->addPropertyList($local_properties); } $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Text Encoding'))->addPropertyList($encoding_properties); if ($branches_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Branches'))->addPropertyList($branches_properties); } if ($subversion_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Subversion'))->addPropertyList($subversion_properties); } $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Actions'))->addPropertyList($actions_properties); return $this->buildApplicationPage(array($crumbs, $boxes, $xaction_view), array('title' => $title)); }
private function buildPanelHideContent(PhabricatorProfilePanelConfiguration $configuration) { $controller = $this->getController(); $request = $controller->getRequest(); $viewer = $this->getViewer(); PhabricatorPolicyFilter::requireCapability($viewer, $configuration, PhabricatorPolicyCapability::CAN_EDIT); $v_visibility = $configuration->getVisibility(); if ($request->isFormPost()) { $v_visibility = $request->getStr('visibility'); $type_visibility = PhabricatorProfilePanelConfigurationTransaction::TYPE_VISIBILITY; $xactions = array(); $xactions[] = id(new PhabricatorProfilePanelConfigurationTransaction())->setTransactionType($type_visibility)->setNewValue($v_visibility); $editor = id(new PhabricatorProfilePanelEditor())->setContentSourceFromRequest($request)->setActor($viewer)->setContinueOnMissingFields(true)->setContinueOnNoEffect(true)->applyTransactions($configuration, $xactions); return id(new AphrontRedirectResponse())->setURI($this->getConfigureURI()); } $map = PhabricatorProfilePanelConfiguration::getVisibilityNameMap(); $form = id(new AphrontFormView())->setUser($viewer)->appendControl(id(new AphrontFormSelectControl())->setName('visibility')->setLabel(pht('Visibility'))->setValue($v_visibility)->setOptions($map)); return $controller->newDialog()->setTitle(pht('Change Item Visibility'))->appendForm($form)->addCancelButton($this->getConfigureURI())->addSubmitButton(pht('Save Changes')); }
public function assertCanIssueCommand(PhabricatorUser $viewer, $command) { $need_edit = false; switch ($command) { case HarbormasterBuildCommand::COMMAND_RESTART: break; case HarbormasterBuildCommand::COMMAND_PAUSE: case HarbormasterBuildCommand::COMMAND_RESUME: case HarbormasterBuildCommand::COMMAND_ABORT: $need_edit = true; break; default: throw new Exception(pht('Invalid Harbormaster build command "%s".', $command)); } // Issuing these commands requires that you be able to edit the build, to // prevent enemy engineers from sabotaging your builds. See T9614. if ($need_edit) { PhabricatorPolicyFilter::requireCapability($viewer, $this->getBuildPlan(), PhabricatorPolicyCapability::CAN_EDIT); } }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); $cart = id(new PhortuneCartQuery())->setViewer($viewer)->withIDs(array($this->id))->needPurchases(true)->executeOne(); if (!$cart) { return new Aphront404Response(); } $account = $cart->getAccount(); $account_uri = $this->getApplicationURI($account->getID() . '/'); $methods = id(new PhortunePaymentMethodQuery())->setViewer($viewer)->withAccountPHIDs(array($account->getPHID()))->withStatuses(array(PhortunePaymentMethod::STATUS_ACTIVE))->execute(); $e_method = null; $errors = array(); if ($request->isFormPost()) { // Require CAN_EDIT on the cart to actually make purchases. PhabricatorPolicyFilter::requireCapability($viewer, $cart, PhabricatorPolicyCapability::CAN_EDIT); $method_id = $request->getInt('paymentMethodID'); $method = idx($methods, $method_id); if (!$method) { $e_method = pht('Required'); $errors[] = pht('You must choose a payment method.'); } if (!$errors) { $provider = $method->buildPaymentProvider(); $charge = id(new PhortuneCharge())->setAccountPHID($account->getPHID())->setCartPHID($cart->getPHID())->setAuthorPHID($viewer->getPHID())->setPaymentProviderKey($provider->getProviderKey())->setPaymentMethodPHID($method->getPHID())->setAmountInCents($cart->getTotalPriceInCents())->setStatus(PhortuneCharge::STATUS_PENDING); $charge->openTransaction(); $charge->save(); $cart->setStatus(PhortuneCart::STATUS_PURCHASING); $cart->save(); $charge->saveTransaction(); $provider->applyCharge($method, $charge); $cart->setStatus(PhortuneCart::STATUS_PURCHASED); $cart->save(); $view_uri = $this->getApplicationURI('cart/' . $cart->getID() . '/'); return id(new AphrontRedirectResponse())->setURI($view_uri); } } $cart_box = $this->buildCartContents($cart); $cart_box->setFormErrors($errors); $title = pht('Buy Stuff'); if (!$methods) { $method_control = id(new AphrontFormStaticControl())->setLabel(pht('Payment Method'))->setValue(phutil_tag('em', array(), pht('No payment methods configured.'))); } else { $method_control = id(new AphrontFormRadioButtonControl())->setLabel(pht('Payment Method'))->setName('paymentMethodID')->setValue($request->getInt('paymentMethodID')); foreach ($methods as $method) { $method_control->addButton($method->getID(), $method->getFullDisplayName(), $method->getDescription()); } } $method_control->setError($e_method); $payment_method_uri = $this->getApplicationURI($account->getID() . '/card/new/'); $form = id(new AphrontFormView())->setUser($viewer)->appendChild($method_control); $add_providers = PhortunePaymentProvider::getProvidersForAddPaymentMethod(); if ($add_providers) { $new_method = phutil_tag('a', array('class' => 'button grey', 'href' => $payment_method_uri, 'sigil' => 'workflow'), pht('Add New Payment Method')); $form->appendChild(id(new AphrontFormMarkupControl())->setValue($new_method)); } if ($methods || $add_providers) { $form->appendChild(id(new AphrontFormSubmitControl())->setValue(pht('Submit Payment'))->setDisabled(!$methods)); } $provider_form = null; $pay_providers = PhortunePaymentProvider::getProvidersForOneTimePayment(); if ($pay_providers) { $one_time_options = array(); foreach ($pay_providers as $provider) { $one_time_options[] = $provider->renderOneTimePaymentButton($account, $cart, $viewer); } $one_time_options = phutil_tag('div', array('class' => 'phortune-payment-onetime-list'), $one_time_options); $provider_form = new PHUIFormLayoutView(); $provider_form->appendChild(id(new AphrontFormMarkupControl())->setLabel('Pay With')->setValue($one_time_options)); } $payment_box = id(new PHUIObjectBoxView())->setHeaderText(pht('Choose Payment Method'))->appendChild($form)->appendChild($provider_form); $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb($title); return $this->buildApplicationPage(array($crumbs, $cart_box, $payment_box), array('title' => $title)); }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { switch ($xaction->getTransactionType()) { case PhabricatorProjectTransaction::TYPE_NAME: case PhabricatorProjectTransaction::TYPE_STATUS: case PhabricatorProjectTransaction::TYPE_IMAGE: case PhabricatorProjectTransaction::TYPE_ICON: case PhabricatorProjectTransaction::TYPE_COLOR: PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); return; case PhabricatorTransactions::TYPE_EDGE: switch ($xaction->getMetadataValue('edge:type')) { case PhabricatorEdgeConfig::TYPE_PROJ_MEMBER: $old = $xaction->getOldValue(); $new = $xaction->getNewValue(); $add = array_keys(array_diff_key($new, $old)); $rem = array_keys(array_diff_key($old, $new)); $actor_phid = $this->requireActor()->getPHID(); $is_join = $add === array($actor_phid) && !$rem; $is_leave = $rem === array($actor_phid) && !$add; if ($is_join) { // You need CAN_JOIN to join a project. PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_JOIN); } else { if ($is_leave) { // You don't need any capabilities to leave a project. } else { // You need CAN_EDIT to change members other than yourself. PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); } } return; } break; } return parent::requireCapabilities($object, $xaction); }
public function handleRequest(AphrontRequest $request) { $viewer = $request->getViewer(); $id = $request->getURIData('id'); $cart = id(new PhortuneCartQuery())->setViewer($viewer)->withIDs(array($id))->needPurchases(true)->executeOne(); if (!$cart) { return new Aphront404Response(); } $cancel_uri = $cart->getCancelURI(); $merchant = $cart->getMerchant(); switch ($cart->getStatus()) { case PhortuneCart::STATUS_BUILDING: return $this->newDialog()->setTitle(pht('Incomplete Cart'))->appendParagraph(pht('The application that created this cart did not finish putting ' . 'products in it. You can not checkout with an incomplete ' . 'cart.'))->addCancelButton($cancel_uri); case PhortuneCart::STATUS_READY: // This is the expected, normal state for a cart that's ready for // checkout. break; case PhortuneCart::STATUS_CHARGED: case PhortuneCart::STATUS_PURCHASING: case PhortuneCart::STATUS_HOLD: case PhortuneCart::STATUS_REVIEW: case PhortuneCart::STATUS_PURCHASED: // For these states, kick the user to the order page to give them // information and options. return id(new AphrontRedirectResponse())->setURI($cart->getDetailURI()); default: throw new Exception(pht('Unknown cart status "%s"!', $cart->getStatus())); } $account = $cart->getAccount(); $account_uri = $this->getApplicationURI($account->getID() . '/'); $methods = id(new PhortunePaymentMethodQuery())->setViewer($viewer)->withAccountPHIDs(array($account->getPHID()))->withMerchantPHIDs(array($merchant->getPHID()))->withStatuses(array(PhortunePaymentMethod::STATUS_ACTIVE))->execute(); $e_method = null; $errors = array(); if ($request->isFormPost()) { // Require CAN_EDIT on the cart to actually make purchases. PhabricatorPolicyFilter::requireCapability($viewer, $cart, PhabricatorPolicyCapability::CAN_EDIT); $method_id = $request->getInt('paymentMethodID'); $method = idx($methods, $method_id); if (!$method) { $e_method = pht('Required'); $errors[] = pht('You must choose a payment method.'); } if (!$errors) { $provider = $method->buildPaymentProvider(); $charge = $cart->willApplyCharge($viewer, $provider, $method); try { $provider->applyCharge($method, $charge); } catch (Exception $ex) { $cart->didFailCharge($charge); return $this->newDialog()->setTitle(pht('Charge Failed'))->appendParagraph(pht('Unable to make payment: %s', $ex->getMessage()))->addCancelButton($cart->getCheckoutURI(), pht('Continue')); } $cart->didApplyCharge($charge); $done_uri = $cart->getCheckoutURI(); return id(new AphrontRedirectResponse())->setURI($done_uri); } } $cart_table = $this->buildCartContentTable($cart); $cart_box = id(new PHUIObjectBoxView())->setFormErrors($errors)->setHeaderText(pht('Cart Contents'))->setTable($cart_table); $title = $cart->getName(); if (!$methods) { $method_control = id(new AphrontFormStaticControl())->setLabel(pht('Payment Method'))->setValue(phutil_tag('em', array(), pht('No payment methods configured.'))); } else { $method_control = id(new AphrontFormRadioButtonControl())->setLabel(pht('Payment Method'))->setName('paymentMethodID')->setValue($request->getInt('paymentMethodID')); foreach ($methods as $method) { $method_control->addButton($method->getID(), $method->getFullDisplayName(), $method->getDescription()); } } $method_control->setError($e_method); $account_id = $account->getID(); $payment_method_uri = $this->getApplicationURI("{$account_id}/card/new/"); $payment_method_uri = new PhutilURI($payment_method_uri); $payment_method_uri->setQueryParams(array('merchantID' => $merchant->getID(), 'cartID' => $cart->getID())); $form = id(new AphrontFormView())->setUser($viewer)->appendChild($method_control); $add_providers = $this->loadCreatePaymentMethodProvidersForMerchant($merchant); if ($add_providers) { $new_method = javelin_tag('a', array('class' => 'button grey', 'href' => $payment_method_uri), pht('Add New Payment Method')); $form->appendChild(id(new AphrontFormMarkupControl())->setValue($new_method)); } if ($methods || $add_providers) { $submit = id(new AphrontFormSubmitControl())->setValue(pht('Submit Payment'))->setDisabled(!$methods); if ($cart->getCancelURI() !== null) { $submit->addCancelButton($cart->getCancelURI()); } $form->appendChild($submit); } $provider_form = null; $pay_providers = $this->loadOneTimePaymentProvidersForMerchant($merchant); if ($pay_providers) { $one_time_options = array(); foreach ($pay_providers as $provider) { $one_time_options[] = $provider->renderOneTimePaymentButton($account, $cart, $viewer); } $one_time_options = phutil_tag('div', array('class' => 'phortune-payment-onetime-list'), $one_time_options); $provider_form = new PHUIFormLayoutView(); $provider_form->appendChild(id(new AphrontFormMarkupControl())->setLabel(pht('Pay With'))->setValue($one_time_options)); } $payment_box = id(new PHUIObjectBoxView())->setHeaderText(pht('Choose Payment Method'))->appendChild($form)->appendChild($provider_form); $description_box = $this->renderCartDescription($cart); $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb(pht('Checkout')); $crumbs->addTextCrumb($title); return $this->buildApplicationPage(array($crumbs, $cart_box, $description_box, $payment_box), array('title' => $title)); }
protected function processDiffusionRequest(AphrontRequest $request) { $viewer = $request->getUser(); $drequest = $this->diffusionRequest; $repository = $drequest->getRepository(); PhabricatorPolicyFilter::requireCapability($viewer, $repository, PhabricatorPolicyCapability::CAN_EDIT); $is_svn = false; $is_git = false; $is_hg = false; switch ($repository->getVersionControlSystem()) { case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT: $is_git = true; break; case PhabricatorRepositoryType::REPOSITORY_TYPE_SVN: $is_svn = true; break; case PhabricatorRepositoryType::REPOSITORY_TYPE_MERCURIAL: $is_hg = true; break; } $has_branches = $is_git || $is_hg; $has_local = $repository->usesLocalWorkingCopy(); $supports_staging = $repository->supportsStaging(); $supports_automation = $repository->supportsAutomation(); $crumbs = $this->buildApplicationCrumbs($is_main = true); $title = pht('Edit %s', $repository->getName()); $header = id(new PHUIHeaderView())->setHeader($title); if ($repository->isTracked()) { $header->setStatus('fa-check', 'bluegrey', pht('Active')); } else { $header->setStatus('fa-ban', 'dark', pht('Inactive')); } $basic_actions = $this->buildBasicActions($repository); $basic_properties = $this->buildBasicProperties($repository, $basic_actions); $policy_actions = $this->buildPolicyActions($repository); $policy_properties = $this->buildPolicyProperties($repository, $policy_actions); $remote_properties = null; if (!$repository->isHosted()) { $remote_properties = $this->buildRemoteProperties($repository, $this->buildRemoteActions($repository)); } $encoding_actions = $this->buildEncodingActions($repository); $encoding_properties = $this->buildEncodingProperties($repository, $encoding_actions); $symbols_actions = $this->buildSymbolsActions($repository); $symbols_properties = $this->buildSymbolsProperties($repository, $symbols_actions); $hosting_properties = $this->buildHostingProperties($repository, $this->buildHostingActions($repository)); $branches_properties = null; if ($has_branches) { $branches_properties = $this->buildBranchesProperties($repository, $this->buildBranchesActions($repository)); } $subversion_properties = null; if ($is_svn) { $subversion_properties = $this->buildSubversionProperties($repository, $this->buildSubversionActions($repository)); } $storage_properties = null; if ($has_local) { $storage_properties = $this->buildStorageProperties($repository, $this->buildStorageActions($repository)); } $staging_properties = null; if ($supports_staging) { $staging_properties = $this->buildStagingProperties($repository, $this->buildStagingActions($repository)); } $automation_properties = null; if ($supports_automation) { $automation_properties = $this->buildAutomationProperties($repository, $this->buildAutomationActions($repository)); } $actions_properties = $this->buildActionsProperties($repository, $this->buildActionsActions($repository)); $timeline = $this->buildTransactionTimeline($repository, new PhabricatorRepositoryTransactionQuery()); $timeline->setShouldTerminate(true); $boxes = array(); $boxes[] = id(new PHUIObjectBoxView())->setHeader($header)->addPropertyList($basic_properties); $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Policies'))->addPropertyList($policy_properties); $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Hosting'))->addPropertyList($hosting_properties); if ($repository->canMirror()) { $mirror_actions = $this->buildMirrorActions($repository); $mirror_properties = $this->buildMirrorProperties($repository, $mirror_actions); $mirrors = id(new PhabricatorRepositoryMirrorQuery())->setViewer($viewer)->withRepositoryPHIDs(array($repository->getPHID()))->execute(); $mirror_list = $this->buildMirrorList($repository, $mirrors); $boxes[] = id(new PhabricatorAnchorView())->setAnchorName('mirrors'); $mirror_info = array(); if (PhabricatorEnv::getEnvConfig('phabricator.silent')) { $mirror_info[] = pht('Phabricator is running in silent mode, so changes will not ' . 'be pushed to mirrors.'); } $boxes[] = id(new PHUIObjectBoxView())->setFormErrors($mirror_info)->setHeaderText(pht('Mirrors'))->addPropertyList($mirror_properties); $boxes[] = $mirror_list; } if ($remote_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Remote'))->addPropertyList($remote_properties); } if ($storage_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Storage'))->addPropertyList($storage_properties); } if ($staging_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Staging'))->addPropertyList($staging_properties); } if ($automation_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Automation'))->addPropertyList($automation_properties); } $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Text Encoding'))->addPropertyList($encoding_properties); $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Symbols'))->addPropertyList($symbols_properties); if ($branches_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Branches'))->addPropertyList($branches_properties); } if ($subversion_properties) { $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Subversion'))->addPropertyList($subversion_properties); } $boxes[] = id(new PHUIObjectBoxView())->setHeaderText(pht('Actions'))->addPropertyList($actions_properties); return $this->buildApplicationPage(array($crumbs, $boxes, $timeline), array('title' => $title)); }
private function buildPanelDefaultContent(PhabricatorProfilePanelConfiguration $configuration, array $panels) { $controller = $this->getController(); $request = $controller->getRequest(); $viewer = $this->getViewer(); PhabricatorPolicyFilter::requireCapability($viewer, $configuration, PhabricatorPolicyCapability::CAN_EDIT); $done_uri = $this->getConfigureURI(); if (!$configuration->canMakeDefault()) { return $controller->newDialog()->setTitle(pht('Not Defaultable'))->appendParagraph(pht('This item can not be set as the default item. This is usually ' . 'because the item has no page of its own, or links to an ' . 'external page.'))->addCancelButton($done_uri); } if ($configuration->isDefault()) { return $controller->newDialog()->setTitle(pht('Already Default'))->appendParagraph(pht('This item is already set as the default item for this menu.'))->addCancelButton($done_uri); } if ($request->isFormPost()) { $key = $configuration->getID(); if (!$key) { $key = $configuration->getBuiltinKey(); } $this->adjustDefault($key); return id(new AphrontRedirectResponse())->setURI($done_uri); } return $controller->newDialog()->setTitle(pht('Make Default'))->appendParagraph(pht('Set this item as the default for this menu? Users arriving on ' . 'this page will be shown the content of this item by default.'))->addCancelButton($done_uri)->addSubmitButton(pht('Make Default')); }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { parent::requireCapabilities($object, $xaction); $app_capability_map = array(ManiphestTransaction::TYPE_PRIORITY => ManiphestEditPriorityCapability::CAPABILITY, ManiphestTransaction::TYPE_STATUS => ManiphestEditStatusCapability::CAPABILITY, ManiphestTransaction::TYPE_OWNER => ManiphestEditAssignCapability::CAPABILITY, PhabricatorTransactions::TYPE_EDIT_POLICY => ManiphestEditPoliciesCapability::CAPABILITY, PhabricatorTransactions::TYPE_VIEW_POLICY => ManiphestEditPoliciesCapability::CAPABILITY); $transaction_type = $xaction->getTransactionType(); $app_capability = null; if ($transaction_type == PhabricatorTransactions::TYPE_EDGE) { switch ($xaction->getMetadataValue('edge:type')) { case PhabricatorProjectObjectHasProjectEdgeType::EDGECONST: $app_capability = ManiphestEditProjectsCapability::CAPABILITY; break; } } else { $app_capability = idx($app_capability_map, $transaction_type); } if ($app_capability) { $app = id(new PhabricatorApplicationQuery())->setViewer($this->getActor())->withClasses(array('PhabricatorManiphestApplication'))->executeOne(); PhabricatorPolicyFilter::requireCapability($this->getActor(), $app, $app_capability); } }
public function handleRequest(AphrontRequest $request) { $viewer = $request->getViewer(); $id = $request->getURIData('id'); // Just check CAN_VIEW first. Then we'll check if this is an import so // we can raise a better error. $event = id(new PhabricatorCalendarEventQuery())->setViewer($viewer)->withIDs(array($id))->executeOne(); if (!$event) { return new Aphront404Response(); } $response = $this->newImportedEventResponse($event); if ($response) { return $response; } // Now that we've done the import check, check for CAN_EDIT. PhabricatorPolicyFilter::requireCapability($viewer, $event, PhabricatorPolicyCapability::CAN_EDIT); $cancel_uri = $event->getURI(); $is_parent = $event->isParentEvent(); $is_child = $event->isChildEvent(); $is_cancelled = $event->getIsCancelled(); $is_recurring = $event->getIsRecurring(); $validation_exception = null; if ($request->isFormPost()) { $targets = array($event); if ($is_recurring) { $mode = $request->getStr('mode'); $is_future = $mode == 'future'; // We need to fork the event if we're cancelling just the parent, or // are cancelling a child and all future events. $must_fork = $is_child && $is_future || $is_parent && !$is_future; if ($must_fork) { $fork_target = $event->loadForkTarget($viewer); if ($fork_target) { $xactions = array(); $xaction = id(new PhabricatorCalendarEventTransaction())->setTransactionType(PhabricatorCalendarEventForkTransaction::TRANSACTIONTYPE)->setNewValue(true); $editor = id(new PhabricatorCalendarEventEditor())->setActor($viewer)->setContentSourceFromRequest($request)->setContinueOnNoEffect(true)->setContinueOnMissingFields(true); $editor->applyTransactions($fork_target, array($xaction)); } } if ($is_future) { $future = $event->loadFutureEvents($viewer); foreach ($future as $future_event) { $targets[] = $future_event; } } } foreach ($targets as $target) { $xactions = array(); $xaction = id(new PhabricatorCalendarEventTransaction())->setTransactionType(PhabricatorCalendarEventCancelTransaction::TRANSACTIONTYPE)->setNewValue(!$is_cancelled); $editor = id(new PhabricatorCalendarEventEditor())->setActor($viewer)->setContentSourceFromRequest($request)->setContinueOnNoEffect(true)->setContinueOnMissingFields(true); try { $editor->applyTransactions($target, array($xaction)); } catch (PhabricatorApplicationTransactionValidationException $ex) { $validation_exception = $ex; break; } } if (!$validation_exception) { return id(new AphrontRedirectResponse())->setURI($cancel_uri); } } if ($is_cancelled) { $title = pht('Reinstate Event'); if ($is_recurring) { $body = pht('This event is part of a series. Which events do you want to ' . 'reinstate?'); $show_control = true; } else { $body = pht('Reinstate this event?'); $show_control = false; } $submit = pht('Reinstate Event'); } else { $title = pht('Cancel Event'); if ($is_recurring) { $body = pht('This event is part of a series. Which events do you want to ' . 'cancel?'); $show_control = true; } else { $body = pht('Cancel this event?'); $show_control = false; } $submit = pht('Cancel Event'); } $dialog = $this->newDialog()->setTitle($title)->setValidationException($validation_exception)->appendParagraph($body)->addCancelButton($cancel_uri, pht('Back'))->addSubmitButton($submit); if ($show_control) { $form = id(new AphrontFormView())->setViewer($viewer)->appendControl(id(new AphrontFormSelectControl())->setLabel(pht('Cancel Events'))->setName('mode')->setOptions(array('this' => pht('Only This Event'), 'future' => pht('All Future Events')))); $dialog->appendForm($form); } return $dialog; }
public function applyTransactions(array $transactions) { assert_instances_of($transactions, 'PhabricatorProjectTransaction'); if (!$this->user) { throw new Exception('Call setUser() before save()!'); } $user = $this->user; $project = $this->project; $is_new = !$project->getID(); if ($is_new) { $project->setAuthorPHID($user->getPHID()); } foreach ($transactions as $key => $xaction) { $this->setTransactionOldValue($project, $xaction); if (!$this->transactionHasEffect($xaction)) { unset($transactions[$key]); continue; } } if (!$is_new) { // You must be able to view a project in order to edit it in any capacity. PhabricatorPolicyFilter::requireCapability($user, $project, PhabricatorPolicyCapability::CAN_VIEW); $need_edit = false; $need_join = false; foreach ($transactions as $key => $xaction) { if ($this->getTransactionRequiresEditCapability($xaction)) { $need_edit = true; } if ($this->getTransactionRequiresJoinCapability($xaction)) { $need_join = true; } } if ($need_edit) { PhabricatorPolicyFilter::requireCapability($user, $project, PhabricatorPolicyCapability::CAN_EDIT); } if ($need_join) { PhabricatorPolicyFilter::requireCapability($user, $project, PhabricatorPolicyCapability::CAN_JOIN); } } if (!$transactions) { return $this; } foreach ($transactions as $xaction) { $this->applyTransactionEffect($project, $xaction); } try { $project->openTransaction(); $project->save(); $edge_type = PhabricatorEdgeConfig::TYPE_PROJ_MEMBER; $editor = new PhabricatorEdgeEditor(); $editor->setUser($this->user); foreach ($this->remEdges as $phid) { $editor->removeEdge($project->getPHID(), $edge_type, $phid); } foreach ($this->addEdges as $phid) { $editor->addEdge($project->getPHID(), $edge_type, $phid); } $editor->save(); foreach ($transactions as $xaction) { $xaction->setAuthorPHID($user->getPHID()); $xaction->setProjectID($project->getID()); $xaction->save(); } $project->saveTransaction(); foreach ($transactions as $xaction) { $this->publishTransactionStory($project, $xaction); } } catch (AphrontQueryDuplicateKeyException $ex) { // We already validated the slug, but might race. Try again to see if // that's the issue. If it is, we'll throw a more specific exception. If // not, throw the original exception. $this->validateName($project); throw $ex; } // TODO: If we rename a project, we should move its Phriction page. Do // that once Phriction supports document moves. return $this; }
private function requireCreateCapability() { PhabricatorPolicyFilter::requireCapability($this->getViewer(), $this, PhabricatorPolicyCapability::CAN_EDIT); }
public function processRequest() { $request = $this->getRequest(); $viewer = $request->getUser(); $parents = $this->loadParentFragments($this->dblob); if ($parents === null) { return new Aphront404Response(); } $fragment = nonempty(last($parents), null); if ($fragment === null) { return new Aphront404Response(); } PhabricatorPolicyFilter::requireCapability($viewer, $fragment, PhabricatorPolicyCapability::CAN_EDIT); $children = id(new PhragmentFragmentQuery())->setViewer($viewer)->needLatestVersion(true)->withLeadingPath($fragment->getPath() . '/')->execute(); $errors = array(); if ($request->isFormPost()) { $v_name = $request->getStr('name'); if (strlen($v_name) === 0) { $errors[] = pht('You must specify a name.'); } if (strpos($v_name, '/') !== false) { $errors[] = pht('Snapshot names can not contain "/".'); } if (!count($errors)) { $snapshot = null; try { // Create the snapshot. $snapshot = id(new PhragmentSnapshot())->setPrimaryFragmentPHID($fragment->getPHID())->setName($v_name)->save(); } catch (AphrontDuplicateKeyQueryException $e) { $errors[] = pht('A snapshot with this name already exists.'); } if (!count($errors)) { // Add the primary fragment. id(new PhragmentSnapshotChild())->setSnapshotPHID($snapshot->getPHID())->setFragmentPHID($fragment->getPHID())->setFragmentVersionPHID($fragment->getLatestVersionPHID())->save(); // Add all of the child fragments. foreach ($children as $child) { id(new PhragmentSnapshotChild())->setSnapshotPHID($snapshot->getPHID())->setFragmentPHID($child->getPHID())->setFragmentVersionPHID($child->getLatestVersionPHID())->save(); } return id(new AphrontRedirectResponse())->setURI('/phragment/snapshot/view/' . $snapshot->getID()); } } } $fragment_sequence = '-'; if ($fragment->getLatestVersion() !== null) { $fragment_sequence = $fragment->getLatestVersion()->getSequence(); } $rows = array(); $rows[] = phutil_tag('tr', array(), array(phutil_tag('th', array(), pht('Fragment')), phutil_tag('th', array(), pht('Version')))); $rows[] = phutil_tag('tr', array(), array(phutil_tag('td', array(), $fragment->getPath()), phutil_tag('td', array(), $fragment_sequence))); foreach ($children as $child) { $sequence = '-'; if ($child->getLatestVersion() !== null) { $sequence = $child->getLatestVersion()->getSequence(); } $rows[] = phutil_tag('tr', array(), array(phutil_tag('td', array(), $child->getPath()), phutil_tag('td', array(), $sequence))); } $table = phutil_tag('table', array('class' => 'remarkup-table'), $rows); $container = phutil_tag('div', array('class' => 'phabricator-remarkup'), array(phutil_tag('p', array(), pht('The snapshot will contain the following fragments at ' . 'the specified versions: ')), $table)); $form = id(new AphrontFormView())->setUser($viewer)->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Fragment Path'))->setDisabled(true)->setValue('/' . $fragment->getPath()))->appendChild(id(new AphrontFormTextControl())->setLabel(pht('Snapshot Name'))->setName('name'))->appendChild(id(new AphrontFormSubmitControl())->setValue(pht('Create Snapshot'))->addCancelButton($this->getApplicationURI('browse/' . $fragment->getPath())))->appendChild(id(new PHUIFormDividerControl()))->appendInstructions($container); $crumbs = $this->buildApplicationCrumbsWithPath($parents); $crumbs->addTextCrumb(pht('Create Snapshot')); $box = id(new PHUIObjectBoxView())->setHeaderText(pht('Create Snapshot of %s', $fragment->getName()))->setFormErrors($errors)->setForm($form); return $this->buildApplicationPage(array($crumbs, $this->renderConfigurationWarningIfRequired(), $box), array('title' => pht('Create Fragment'))); }
protected function requireApplicationCapability($capability) { PhabricatorPolicyFilter::requireCapability($this->getRequest()->getUser(), $this->getCurrentApplication(), $capability); }
protected function processDiffusionRequest(AphrontRequest $request) { $viewer = $request->getUser(); $this->edit = $request->getURIData('edit'); // NOTE: We can end up here via either "Create Repository", or via // "Import Repository", or via "Edit Remote", or via "Edit Policies". In // the latter two cases, we show only a few of the pages. $repository = null; $service = null; switch ($this->edit) { case 'remote': case 'policy': $repository = $this->getDiffusionRequest()->getRepository(); // Make sure we have CAN_EDIT. PhabricatorPolicyFilter::requireCapability($viewer, $repository, PhabricatorPolicyCapability::CAN_EDIT); $this->setRepository($repository); $cancel_uri = $this->getRepositoryControllerURI($repository, 'edit/'); break; case 'import': case 'create': $this->requireApplicationCapability(DiffusionCreateRepositoriesCapability::CAPABILITY); // Pick a random open service to allocate this repository on, if any // exist. If there are no services, we aren't in cluster mode and // will allocate locally. If there are services but none permit // allocations, we fail. $services = id(new AlmanacServiceQuery())->setViewer(PhabricatorUser::getOmnipotentUser())->withServiceClasses(array('AlmanacClusterRepositoryServiceType'))->execute(); if ($services) { // Filter out services which do not permit new allocations. foreach ($services as $key => $possible_service) { if ($possible_service->getAlmanacPropertyValue('closed')) { unset($services[$key]); } } if (!$services) { throw new Exception(pht('This install is configured in cluster mode, but all ' . 'available repository cluster services are closed to new ' . 'allocations. At least one service must be open to allow ' . 'new allocations to take place.')); } shuffle($services); $service = head($services); } $cancel_uri = $this->getApplicationURI('new/'); break; default: throw new Exception(pht('Invalid edit operation!')); } $form = id(new PHUIPagedFormView())->setUser($viewer)->setCancelURI($cancel_uri); switch ($this->edit) { case 'remote': $title = pht('Edit Remote'); $form->addPage('remote-uri', $this->buildRemoteURIPage())->addPage('auth', $this->buildAuthPage()); break; case 'policy': $title = pht('Edit Policies'); $form->addPage('policy', $this->buildPolicyPage()); break; case 'create': $title = pht('Create Repository'); $form->addPage('vcs', $this->buildVCSPage())->addPage('name', $this->buildNamePage())->addPage('policy', $this->buildPolicyPage())->addPage('done', $this->buildDonePage()); break; case 'import': $title = pht('Import Repository'); $form->addPage('vcs', $this->buildVCSPage())->addPage('name', $this->buildNamePage())->addPage('remote-uri', $this->buildRemoteURIPage())->addPage('auth', $this->buildAuthPage())->addPage('policy', $this->buildPolicyPage())->addPage('done', $this->buildDonePage()); break; } if ($request->isFormPost()) { $form->readFromRequest($request); if ($form->isComplete()) { $is_create = $this->edit === 'import' || $this->edit === 'create'; $is_auth = $this->edit == 'import' || $this->edit == 'remote'; $is_policy = $this->edit != 'remote'; $is_init = $this->edit == 'create'; if ($is_create) { $repository = PhabricatorRepository::initializeNewRepository($viewer); } $template = id(new PhabricatorRepositoryTransaction()); $type_name = PhabricatorRepositoryTransaction::TYPE_NAME; $type_vcs = PhabricatorRepositoryTransaction::TYPE_VCS; $type_activate = PhabricatorRepositoryTransaction::TYPE_ACTIVATE; $type_local_path = PhabricatorRepositoryTransaction::TYPE_LOCAL_PATH; $type_remote_uri = PhabricatorRepositoryTransaction::TYPE_REMOTE_URI; $type_hosting = PhabricatorRepositoryTransaction::TYPE_HOSTING; $type_http = PhabricatorRepositoryTransaction::TYPE_PROTOCOL_HTTP; $type_ssh = PhabricatorRepositoryTransaction::TYPE_PROTOCOL_SSH; $type_credential = PhabricatorRepositoryTransaction::TYPE_CREDENTIAL; $type_view = PhabricatorTransactions::TYPE_VIEW_POLICY; $type_edit = PhabricatorTransactions::TYPE_EDIT_POLICY; $type_space = PhabricatorTransactions::TYPE_SPACE; $type_push = PhabricatorRepositoryTransaction::TYPE_PUSH_POLICY; $type_service = PhabricatorRepositoryTransaction::TYPE_SERVICE; $xactions = array(); // If we're creating a new repository, set all this core stuff. if ($is_create) { $callsign = $form->getPage('name')->getControl('callsign')->getValue(); // We must set this to a unique value to save the repository // initially, and it's immutable, so we don't bother using // transactions to apply this change. $repository->setCallsign($callsign); $xactions[] = id(clone $template)->setTransactionType($type_name)->setNewValue($form->getPage('name')->getControl('name')->getValue()); $xactions[] = id(clone $template)->setTransactionType($type_vcs)->setNewValue($form->getPage('vcs')->getControl('vcs')->getValue()); $activate = $form->getPage('done')->getControl('activate')->getValue(); $xactions[] = id(clone $template)->setTransactionType($type_activate)->setNewValue($activate == 'start'); if ($service) { $xactions[] = id(clone $template)->setTransactionType($type_service)->setNewValue($service->getPHID()); } $default_local_path = PhabricatorEnv::getEnvConfig('repository.default-local-path'); $default_local_path = rtrim($default_local_path, '/'); $default_local_path = $default_local_path . '/' . $callsign . '/'; $xactions[] = id(clone $template)->setTransactionType($type_local_path)->setNewValue($default_local_path); } if ($is_init) { $xactions[] = id(clone $template)->setTransactionType($type_hosting)->setNewValue(true); $vcs = $form->getPage('vcs')->getControl('vcs')->getValue(); if ($vcs != PhabricatorRepositoryType::REPOSITORY_TYPE_SVN) { if (PhabricatorEnv::getEnvConfig('diffusion.allow-http-auth')) { $v_http_mode = PhabricatorRepository::SERVE_READWRITE; } else { $v_http_mode = PhabricatorRepository::SERVE_OFF; } $xactions[] = id(clone $template)->setTransactionType($type_http)->setNewValue($v_http_mode); } if (PhabricatorEnv::getEnvConfig('diffusion.ssh-user')) { $v_ssh_mode = PhabricatorRepository::SERVE_READWRITE; } else { $v_ssh_mode = PhabricatorRepository::SERVE_OFF; } $xactions[] = id(clone $template)->setTransactionType($type_ssh)->setNewValue($v_ssh_mode); } if ($is_auth) { $xactions[] = id(clone $template)->setTransactionType($type_remote_uri)->setNewValue($form->getPage('remote-uri')->getControl('remoteURI')->getValue()); $xactions[] = id(clone $template)->setTransactionType($type_credential)->setNewValue($form->getPage('auth')->getControl('credential')->getValue()); } if ($is_policy) { $policy_page = $form->getPage('policy'); $xactions[] = id(clone $template)->setTransactionType($type_view)->setNewValue($policy_page->getControl('viewPolicy')->getValue()); $xactions[] = id(clone $template)->setTransactionType($type_edit)->setNewValue($policy_page->getControl('editPolicy')->getValue()); if ($is_init || $repository->isHosted()) { $xactions[] = id(clone $template)->setTransactionType($type_push)->setNewValue($policy_page->getControl('pushPolicy')->getValue()); } $xactions[] = id(clone $template)->setTransactionType($type_space)->setNewValue($policy_page->getControl('viewPolicy')->getSpacePHID()); } id(new PhabricatorRepositoryEditor())->setContinueOnNoEffect(true)->setContentSourceFromRequest($request)->setActor($viewer)->applyTransactions($repository, $xactions); $repo_uri = $this->getRepositoryControllerURI($repository, 'edit/'); return id(new AphrontRedirectResponse())->setURI($repo_uri); } } else { $dict = array(); if ($repository) { $dict = array('remoteURI' => $repository->getRemoteURI(), 'credential' => $repository->getCredentialPHID(), 'viewPolicy' => $repository->getViewPolicy(), 'editPolicy' => $repository->getEditPolicy(), 'pushPolicy' => $repository->getPushPolicy(), 'spacePHID' => $repository->getSpacePHID()); } $form->readFromObject($dict); } $crumbs = $this->buildApplicationCrumbs(); $crumbs->addTextCrumb($title); return $this->buildApplicationPage(array($crumbs, $form), array('title' => $title)); }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { if ($this->getIsNewObject()) { return; } $actor = $this->requireActor(); switch ($xaction->getTransactionType()) { case PhabricatorTransactions::TYPE_COMMENT: PhabricatorPolicyFilter::requireCapability($actor, $object, PhabricatorPolicyCapability::CAN_VIEW); break; case PhabricatorTransactions::TYPE_VIEW_POLICY: PhabricatorPolicyFilter::requireCapability($actor, $object, PhabricatorPolicyCapability::CAN_EDIT); break; case PhabricatorTransactions::TYPE_EDIT_POLICY: PhabricatorPolicyFilter::requireCapability($actor, $object, PhabricatorPolicyCapability::CAN_EDIT); break; case PhabricatorTransactions::TYPE_JOIN_POLICY: PhabricatorPolicyFilter::requireCapability($actor, $object, PhabricatorPolicyCapability::CAN_EDIT); break; } }
protected function requireCapabilities(PhabricatorLiskDAO $object, PhabricatorApplicationTransaction $xaction) { switch ($xaction->getTransactionType()) { case PhabricatorRepositoryTransaction::TYPE_ACTIVATE: case PhabricatorRepositoryTransaction::TYPE_NAME: case PhabricatorRepositoryTransaction::TYPE_DESCRIPTION: case PhabricatorRepositoryTransaction::TYPE_ENCODING: case PhabricatorRepositoryTransaction::TYPE_DEFAULT_BRANCH: case PhabricatorRepositoryTransaction::TYPE_TRACK_ONLY: case PhabricatorRepositoryTransaction::TYPE_AUTOCLOSE_ONLY: case PhabricatorRepositoryTransaction::TYPE_UUID: case PhabricatorRepositoryTransaction::TYPE_SVN_SUBPATH: case PhabricatorRepositoryTransaction::TYPE_REMOTE_URI: case PhabricatorRepositoryTransaction::TYPE_SSH_LOGIN: case PhabricatorRepositoryTransaction::TYPE_SSH_KEY: case PhabricatorRepositoryTransaction::TYPE_SSH_KEYFILE: case PhabricatorRepositoryTransaction::TYPE_HTTP_LOGIN: case PhabricatorRepositoryTransaction::TYPE_HTTP_PASS: case PhabricatorRepositoryTransaction::TYPE_LOCAL_PATH: case PhabricatorRepositoryTransaction::TYPE_VCS: case PhabricatorRepositoryTransaction::TYPE_NOTIFY: case PhabricatorRepositoryTransaction::TYPE_AUTOCLOSE: case PhabricatorRepositoryTransaction::TYPE_HOSTING: case PhabricatorRepositoryTransaction::TYPE_PROTOCOL_HTTP: case PhabricatorRepositoryTransaction::TYPE_PROTOCOL_SSH: case PhabricatorRepositoryTransaction::TYPE_PUSH_POLICY: case PhabricatorRepositoryTransaction::TYPE_CREDENTIAL: case PhabricatorRepositoryTransaction::TYPE_DANGEROUS: case PhabricatorRepositoryTransaction::TYPE_SLUG: case PhabricatorRepositoryTransaction::TYPE_SERVICE: case PhabricatorRepositoryTransaction::TYPE_SYMBOLS_SOURCES: case PhabricatorRepositoryTransaction::TYPE_SYMBOLS_LANGUAGE: case PhabricatorRepositoryTransaction::TYPE_STAGING_URI: case PhabricatorRepositoryTransaction::TYPE_AUTOMATION_BLUEPRINTS: PhabricatorPolicyFilter::requireCapability($this->requireActor(), $object, PhabricatorPolicyCapability::CAN_EDIT); break; } }