Page MenuHomePhorge

Dashboards: add capability who can create Dashboards
ClosedPublic

Authored by aklapper on Jun 2 2023, 16:16.

Details

Summary

Add a dashboard.create capability to allow limiting dashboard creation (and creation of related panels).
This can reduce spam in open Phorge installations in which anyone can create an account while you still want anyone to be able to view existing dashboards.

Closes T15438

Test Plan
  1. As an admin, go to /applications/view/PhabricatorDashboardApplication/
  2. See only two options "Can Use Application: All Users" and "Can Configure Application: Administrators"
  3. Apply patch
  4. As an admin, go to /applications/view/PhabricatorDashboardApplication/ and see the new option "Can Create Dashboards" set to "All Users"
  5. As an average user, go to /dashboard/ and successfully create a new Dashboard
  6. As an admin, go to /applications/edit/PhabricatorDashboardApplication/ and change "Can Create Dashboards" from "All Users" to "Administrators", select "Save Policies" button
  7. As an average user, go to /dashboard/ and see that "Create Dashboard" is disabled
  8. As an average user, go to an existing dashboard not created by this user and see that selecting "Edit Dashboard" shows "You do not have permission to edit this object."
  9. As an average user, go to the existing dashboard that you created yourself and see that the Edit Policy is set to this user.
  10. As an average user, go to the existing dashboard that you created yourself and see that you can still create or add panels.

Diff Detail

Repository
rP Phorge
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

aklapper requested review of this revision.Jun 2 2023, 16:16

Is a database migration needed to update existing installs or will the default just apply?

In D25270#7942, @speck wrote:

Is a database migration needed to update existing installs or will the default just apply?

Nice question. I'm 99.999% sure that nope, since that was not necessary here too:

D25101: Countdown: add a capability to decide who can Create

Tested locally! It works, no database patch required!

I also double-checked that arc liberate was executed.

Database patch is not required ✨

src/applications/dashboard/application/PhabricatorDashboardApplication.php
90

I suggest to put "Dashboards" capitalized

This revision is now accepted and ready to land.Jun 12 2023, 20:38
This revision was automatically updated to reflect the committed changes.
aklapper marked an inline comment as done.