Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Paste
P61154
T363337
Active
Public
Actions
Authored by
Aklapper
on Apr 24 2024, 1:48 PM.
Edit Paste
Archive Paste
View Raw File
Subscribe
Mute Notifications
Award Token
Flag For Later
Tags
None
Referenced Files
F48453478: T363337
Apr 24 2024, 1:48 PM
2024-04-24 13:48:37 (UTC+0)
Subscribers
None
diff --git a/src/applications/maniphest/editor/ManiphestEditEngine.php b/src/applications/maniphest/editor/ManiphestEditEngine.php
index 46877168e7..ed83650e1b 100644
--- a/src/applications/maniphest/editor/ManiphestEditEngine.php
+++ b/src/applications/maniphest/editor/ManiphestEditEngine.php
@@ -145,6 +145,38 @@ EODOCS
$column_map = $this->getColumnMap($object);
+// WMF BEGIN: Only show Edit Priority when user is member of a trusted project
+ $can_edit_priority = false;
+ $viewer = $this->getViewer();
+ $viewer_phid = $viewer->getPHID();
+
+ // ["Trusted-Contributors", "WMF-NDA", "acl*sre-team", "acl*security"];
+ $trusted_project_phids =
+ ['PHID-PROJ-rte2hubdntrhiwyoau6n', 'PHID-PROJ-ibxm3v6ithf3jpqpqhl7',
+ 'PHID-PROJ-fqb3bhereyljcqrsbju7', 'PHID-PROJ-koo4qqdng27q7r65x3cw'];
+ // PhabricatorProjectQuery does not seem to `&&` for withPHIDs and
+ // withMemberPHIDs for a nice shortcut, so loop on `isUserMember()` later
+ $trusted_projects = id(new PhabricatorProjectQuery())
+ ->setViewer($viewer)
+ ->withPHIDs($trusted_project_phids)
+ ->execute();
+ if (count($trusted_projects) !== 4) {
+ phlog('WMF Error: Not all projects for checking Edit Priority ' .
+ 'rights exist. Please correct the PHIDs in the code.');
+ }
+ if ($trusted_projects) {
+ foreach ($trusted_projects as $proj) {
+ if ($proj instanceof PhabricatorProject &&
+ $proj->isUserMember($viewer_phid)) {
+ $can_edit_priority = true;
+ break;
+ }
+ }
+ } else { // allow to edit priority if no $trusted_projects found AT ALL
+ $can_edit_priority = true;
+ }
+// WMF END: Only show Edit Priority when user is member of a trusted project
+
$fields = array(
id(new PhabricatorHandlesEditField())
->setKey('parent')
@@ -225,6 +257,7 @@ EODOCS
->setIsCopyable(true)
->setValue($object->getPriorityKeyword())
->setOptions($priority_map)
+ ->setIsHidden(!$can_edit_priority)
->setOptionAliases($alias_map)
->setCommentActionLabel(pht('Change Priority')),
);
Event Timeline
Aklapper
created this paste.
Apr 24 2024, 1:48 PM
2024-04-24 13:48:37 (UTC+0)
Aklapper
mentioned this in
T363337: Explore restricting editing task priority to Trusted-Contributors/staff/etc
.
Log In to Comment