PHP PhabricatorPolicies类代码示例

 public function getPolicy($capability)
 {
     // These objects are low-level and only accessed through the storage
     // engine, so policies are mostly just in place to let us use the common
     // query infrastructure.
     return PhabricatorPolicies::getMostOpenPolicy();
 }

 public function getPolicy($capability)
 {
     switch ($capability) {
         case PhabricatorPolicyCapability::CAN_VIEW:
             return PhabricatorPolicies::getMostOpenPolicy();
     }
 }

 public static function initializeNewDocument(PhabricatorUser $actor, $slug)
 {
     $document = new PhrictionDocument();
     $document->setSlug($slug);
     $content = new PhrictionContent();
     $content->setSlug($slug);
     $default_title = PhabricatorSlug::getDefaultTitle($slug);
     $content->setTitle($default_title);
     $document->attachContent($content);
     $parent_doc = null;
     $ancestral_slugs = PhabricatorSlug::getAncestry($slug);
     if ($ancestral_slugs) {
         $parent = end($ancestral_slugs);
         $parent_doc = id(new PhrictionDocumentQuery())->setViewer($actor)->withSlugs(array($parent))->executeOne();
     }
     if ($parent_doc) {
         $document->setViewPolicy($parent_doc->getViewPolicy());
         $document->setEditPolicy($parent_doc->getEditPolicy());
     } else {
         $default_view_policy = PhabricatorPolicies::getMostOpenPolicy();
         $document->setViewPolicy($default_view_policy);
         $document->setEditPolicy(PhabricatorPolicies::POLICY_USER);
     }
     return $document;
 }

 public function testFileVisibility()
 {
     $engine = new PhabricatorTestStorageEngine();
     $data = Filesystem::readRandomCharacters(64);
     $author = $this->generateNewTestUser();
     $viewer = $this->generateNewTestUser();
     $users = array($author, $viewer);
     $params = array('name' => 'test.dat', 'viewPolicy' => PhabricatorPolicies::POLICY_NOONE, 'authorPHID' => $author->getPHID(), 'storageEngines' => array($engine));
     $file = PhabricatorFile::newFromFileData($data, $params);
     $filter = new PhabricatorPolicyFilter();
     // Test bare file policies.
     $this->assertEqual(array(true, false), $this->canViewFile($users, $file), pht('File Visibility'));
     // Create an object and test object policies.
     $object = ManiphestTask::initializeNewTask($author);
     $object->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy());
     $object->save();
     $this->assertTrue($filter->hasCapability($author, $object, PhabricatorPolicyCapability::CAN_VIEW), pht('Object Visible to Author'));
     $this->assertTrue($filter->hasCapability($viewer, $object, PhabricatorPolicyCapability::CAN_VIEW), pht('Object Visible to Others'));
     // Attach the file to the object and test that the association opens a
     // policy exception for the non-author viewer.
     $file->attachToObject($object->getPHID());
     // Test the attached file's visibility.
     $this->assertEqual(array(true, true), $this->canViewFile($users, $file), pht('Attached File Visibility'));
     // Create a "thumbnail" of the original file.
     $params = array('name' => 'test.thumb.dat', 'viewPolicy' => PhabricatorPolicies::POLICY_NOONE, 'storageEngines' => array($engine));
     $xform = PhabricatorFile::newFromFileData($data, $params);
     id(new PhabricatorTransformedFile())->setOriginalPHID($file->getPHID())->setTransform('test-thumb')->setTransformedPHID($xform->getPHID())->save();
     // Test the thumbnail's visibility.
     $this->assertEqual(array(true, true), $this->canViewFile($users, $xform), pht('Attached Thumbnail Visibility'));
     // Detach the object and make sure it affects the thumbnail.
     $file->detachFromObject($object->getPHID());
     // Test the detached thumbnail's visibility.
     $this->assertEqual(array(true, false), $this->canViewFile($users, $xform), pht('Detached Thumbnail Visibility'));
 }

 public function getPolicy($capability)
 {
     switch ($capability) {
         case PhabricatorPolicyCapability::CAN_VIEW:
             return PhabricatorPolicies::getMostOpenPolicy();
         case PhabricatorPolicyCapability::CAN_EDIT:
             return $this->getUserPHID();
     }
 }

 public function render()
 {
     $viewer = $this->getUser();
     if (!$viewer->isLoggedIn()) {
         return null;
     }
     $instructions_id = celerity_generate_unique_node_id();
     require_celerity_resource('global-drag-and-drop-css');
     Javelin::initBehavior('global-drag-and-drop', array('ifSupported' => $this->showIfSupportedID, 'instructions' => $instructions_id, 'uploadURI' => '/file/dropupload/', 'browseURI' => '/file/query/authored/', 'viewPolicy' => PhabricatorPolicies::getMostOpenPolicy()));
     return phutil_tag('div', array('id' => $instructions_id, 'class' => 'phabricator-global-upload-instructions', 'style' => 'display: none;'), pht("⇪ Drop Files to Upload"));
 }

 public function getPolicy($capability)
 {
     $policy = PhabricatorPolicies::POLICY_NOONE;
     switch ($capability) {
         case PhabricatorPolicyCapability::CAN_VIEW:
             // Since it's impossible to perform any meaningful computations with
             // time if a user can't view some of it, visibility on tracked time is
             // unrestricted. If we eventually lock it down, it should be per-user.
             // (This doesn't mean that users can see tracked objects.)
             return PhabricatorPolicies::getMostOpenPolicy();
     }
     return $policy;
 }

 public static function initializeNewCalendarEvent(PhabricatorUser $actor, $mode)
 {
     $app = id(new PhabricatorApplicationQuery())->setViewer($actor)->withClasses(array('PhabricatorCalendarApplication'))->executeOne();
     $view_policy = null;
     $is_recurring = 0;
     if ($mode == 'public') {
         $view_policy = PhabricatorPolicies::getMostOpenPolicy();
     }
     if ($mode == 'recurring') {
         $is_recurring = true;
     }
     return id(new PhabricatorCalendarEvent())->setUserPHID($actor->getPHID())->setIsCancelled(0)->setIsAllDay(0)->setIsRecurring($is_recurring)->setIcon(self::DEFAULT_ICON)->setViewPolicy($view_policy)->setEditPolicy($actor->getPHID())->setSpacePHID($actor->getDefaultSpacePHID())->attachInvitees(array())->applyViewerTimezone($actor);
 }

 protected function execute(ConduitAPIRequest $request)
 {
     $data = $request->getValue('data_base64');
     $name = $request->getValue('name');
     $can_cdn = $request->getValue('canCDN');
     $view_policy = $request->getValue('viewPolicy');
     $user = $request->getUser();
     $data = base64_decode($data, $strict = true);
     if (!$view_policy) {
         $view_policy = PhabricatorPolicies::getMostOpenPolicy();
     }
     $file = PhabricatorFile::newFromFileData($data, array('name' => $name, 'authorPHID' => $user->getPHID(), 'viewPolicy' => $view_policy, 'canCDN' => $can_cdn, 'isExplicitUpload' => true));
     return $file->getPHID();
 }

 public function validateOption(PhabricatorConfigOption $option, $value)
 {
     if (phid_get_type($value) != PhabricatorFileFilePHIDType::TYPECONST) {
         throw new Exception(pht('%s is not a valid file PHID.', $value));
     }
     $file = id(new PhabricatorFileQuery())->setViewer(PhabricatorUser::getOmnipotentUser())->withPHIDs(array($value))->executeOne();
     if (!$file) {
         throw new Exception(pht('%s is not a valid file PHID.', $value));
     }
     $most_open_policy = PhabricatorPolicies::getMostOpenPolicy();
     if ($file->getViewPolicy() != $most_open_policy) {
         throw new Exception(pht('Specified file %s has policy "%s" but should have policy "%s".', $value, $file->getViewPolicy(), $most_open_policy));
     }
     if (!$file->isViewableImage()) {
         throw new Exception(pht('Specified file %s is not a viewable image.', $value));
     }
 }

 public function execute(HarbormasterBuild $build, HarbormasterBuildTarget $build_target)
 {
     $settings = $this->getSettings();
     $variables = $build_target->getVariables();
     $path = $this->mergeVariables('vsprintf', $settings['path'], $variables);
     $artifact = $build->loadArtifact($settings['artifact']);
     $file = $artifact->loadPhabricatorFile();
     $fragment = id(new PhragmentFragmentQuery())->setViewer(PhabricatorUser::getOmnipotentUser())->withPaths(array($path))->executeOne();
     if ($fragment === null) {
         PhragmentFragment::createFromFile(PhabricatorUser::getOmnipotentUser(), $file, $path, PhabricatorPolicies::getMostOpenPolicy(), PhabricatorPolicies::POLICY_USER);
     } else {
         if ($file->getMimeType() === 'application/zip') {
             $fragment->updateFromZIP(PhabricatorUser::getOmnipotentUser(), $file);
         } else {
             $fragment->updateFromFile(PhabricatorUser::getOmnipotentUser(), $file);
         }
     }
 }

 protected function getBook()
 {
     if (!$this->book) {
         $book_name = $this->getConfig('name');
         $book = id(new DivinerLiveBook())->loadOneWhere('name = %s', $book_name);
         if (!$book) {
             $book = id(new DivinerLiveBook())->setName($book_name)->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())->setEditPolicy(PhabricatorPolicies::POLICY_ADMIN)->save();
         }
         $conn_w = $book->establishConnection('w');
         $conn_w->openTransaction();
         $book->setRepositoryPHID($this->getRepositoryPHID())->setConfigurationData($this->getConfigurationData())->save();
         // TODO: This is gross. Without this, the repository won't be updated for
         // atoms which have already been published.
         queryfx($conn_w, 'UPDATE %T SET repositoryPHID = %s WHERE bookPHID = %s', id(new DivinerLiveSymbol())->getTableName(), $this->getRepositoryPHID(), $book->getPHID());
         $conn_w->saveTransaction();
         $this->book = $book;
         id(new PhabricatorSearchIndexer())->queueDocumentForIndexing($book->getPHID());
     }
     return $this->book;
 }

 public function getPolicy($capability)
 {
     switch ($capability) {
         case PhabricatorPolicyCapability::CAN_VIEW:
             return PhabricatorPolicies::getMostOpenPolicy();
         case PhabricatorPolicyCapability::CAN_EDIT:
             // NOTE: In practice, this policy is always limited by the "Mangage
             // Build Plans" policy.
             if ($this->isAutoplan()) {
                 return PhabricatorPolicies::POLICY_NOONE;
             }
             return PhabricatorPolicies::getMostOpenPolicy();
     }
 }

 public static function initializeNewPhurlURL(PhabricatorUser $actor)
 {
     $app = id(new PhabricatorApplicationQuery())->setViewer($actor)->withClasses(array('PhabricatorPhurlApplication'))->executeOne();
     return id(new PhabricatorPhurlURL())->setAuthorPHID($actor->getPHID())->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())->setEditPolicy($actor->getPHID())->setSpacePHID($actor->getDefaultSpacePHID());
 }

 public static function initializeNewBlog(PhabricatorUser $actor)
 {
     $blog = id(new PhameBlog())->setCreatorPHID($actor->getPHID())->setViewPolicy(PhabricatorPolicies::getMostOpenPolicy())->setEditPolicy(PhabricatorPolicies::POLICY_USER)->setJoinPolicy(PhabricatorPolicies::POLICY_USER);
     return $blog;
 }