From 34b8e7eda7b6edddcf736dcd8f28dc9027391679 Mon Sep 17 00:00:00 2001 From: dklawren Date: Fri, 2 Mar 2018 15:20:43 -0500 Subject: Bug 1402494 - BMO Integration User is a full administrative user on Phabricator --- extensions/PhabBugz/lib/Policy.pm | 5 ++++- extensions/PhabBugz/lib/Project.pm | 12 ++++++------ extensions/PhabBugz/lib/Util.pm | 32 ++++++++++++++++++++++---------- 3 files changed, 32 insertions(+), 17 deletions(-) (limited to 'extensions/PhabBugz/lib') diff --git a/extensions/PhabBugz/lib/Policy.pm b/extensions/PhabBugz/lib/Policy.pm index 23f04b354..8162ac52c 100644 --- a/extensions/PhabBugz/lib/Policy.pm +++ b/extensions/PhabBugz/lib/Policy.pm @@ -117,7 +117,10 @@ sub create { }; } else { - push @{ $data->{policy} }, { action => 'allow', value => 'admin' }; + my $secure_revision = Bugzilla::Extension::PhabBugz::Project->new_from_query({ + name => 'secure-revision' + }); + push @{ $data->{policy} }, { action => 'allow', value => $secure_revision->phid }; } my $result = request('policy.create', $data); diff --git a/extensions/PhabBugz/lib/Project.pm b/extensions/PhabBugz/lib/Project.pm index fd09cbecf..b0babc58b 100644 --- a/extensions/PhabBugz/lib/Project.pm +++ b/extensions/PhabBugz/lib/Project.pm @@ -93,9 +93,9 @@ sub BUILDARGS { # "dateCreated": 1500403964, # "dateModified": 1505248862, # "policy": { -# "view": "admin", -# "edit": "admin", -# "join": "admin" +# "view": "secure-revision", +# "edit": "secure-revision", +# "join": "secure-revision" # }, # "description": "BMO Security Group for core-security" # }, @@ -138,9 +138,9 @@ sub create { $name || ThrowCodeError( 'param_required', { param => 'name' } ); my $description = $params->{description} || 'Need description'; - my $view_policy = $params->{view_policy} || 'admin'; - my $edit_policy = $params->{edit_policy} || 'admin'; - my $join_policy = $params->{join_policy} || 'admin'; + my $view_policy = $params->{view_policy}; + my $edit_policy = $params->{edit_policy}; + my $join_policy = $params->{join_policy}; my $data = { transactions => [ diff --git a/extensions/PhabBugz/lib/Util.pm b/extensions/PhabBugz/lib/Util.pm index 5658ac9d8..6c51df98c 100644 --- a/extensions/PhabBugz/lib/Util.pm +++ b/extensions/PhabBugz/lib/Util.pm @@ -167,10 +167,13 @@ sub create_private_revision_policy { ); } else { + my $secure_revision = Bugzilla::Extension::PhabBugz::Project->new_from_query({ + name => 'secure-revision' + }); push(@{ $data->{policy} }, { action => 'allow', - value => 'admin', + value => $secure_revision->phid, } ); } @@ -198,15 +201,20 @@ sub make_revision_public { sub make_revision_private { my ($revision_phid) = @_; + + my $secure_revision = Bugzilla::Extension::PhabBugz::Project->new_from_query({ + name => 'secure-revision' + }); + return request('differential.revision.edit', { transactions => [ { type => "view", - value => "admin" + value => $secure_revision->phid }, { type => "edit", - value => "admin" + value => $secure_revision->phid } ], objectIdentifier => $revision_phid @@ -298,15 +306,19 @@ sub get_project_phid { sub create_project { my ($project, $description, $members) = @_; + my $secure_revision = Bugzilla::Extension::PhabBugz::Project->new_from_query({ + name => 'secure-revision' + }); + my $data = { transactions => [ - { type => 'name', value => $project }, - { type => 'description', value => $description }, - { type => 'edit', value => 'admin' }, - { type => 'join', value => 'admin' }, - { type => 'view', value => 'admin' }, - { type => 'icon', value => 'group' }, - { type => 'color', value => 'red' } + { type => 'name', value => $project }, + { type => 'description', value => $description }, + { type => 'edit', value => $secure_revision->phid }. + { type => 'join', value => $secure_revision->phid }, + { type => 'view', value => $secure_revision->phid }, + { type => 'icon', value => 'group' }, + { type => 'color', value => 'red' } ] }; -- cgit v1.2.3-24-g4f1b