View Options

	diff --git a/src/applications/search/controller/PhabricatorSearchDeleteController.php b/src/applications/search/controller/PhabricatorSearchDeleteController.php
	index 9cbabd3a2f..fe3836017f 100644
	--- a/src/applications/search/controller/PhabricatorSearchDeleteController.php
	+++ b/src/applications/search/controller/PhabricatorSearchDeleteController.php
	@@ -1,100 +1,113 @@
	<?php

	final class PhabricatorSearchDeleteController
	extends PhabricatorSearchBaseController {

	public function handleRequest(AphrontRequest $request) {
	$viewer = $this->getViewer();

	$id = $request->getURIData('id');
	if ($id) {
	$named_query = id(new PhabricatorNamedQueryQuery())
	->setViewer($viewer)
	->withIDs(array($id))
	->requireCapabilities(
	array(
	PhabricatorPolicyCapability::CAN_VIEW,
	PhabricatorPolicyCapability::CAN_EDIT,
	))
	->executeOne();
	if (!$named_query) {
	return new Aphront404Response();
	}

	$engine = newv($named_query->getEngineClassName(), array());
	$engine->setViewer($viewer);

	$key = $named_query->getQueryKey();
	} else {
	$key = $request->getURIData('queryKey');
	$engine_class = $request->getURIData('engine');

	$base_class = 'PhabricatorApplicationSearchEngine';
	if (!is_subclass_of($engine_class, $base_class)) {
	return new Aphront400Response();
	}

	$engine = newv($engine_class, array());
	$engine->setViewer($viewer);

	if (!$engine->isBuiltinQuery($key)) {
	return new Aphront404Response();
	}

	$named_query = $engine->getBuiltinQuery($key);
	+
	+ // After loading a global query, make sure the viewer actually has
	+ // permission to view and edit it.
	+
	+ PhabricatorPolicyFilter::requireCapability(
	+ $viewer,
	+ $named_query,
	+ PhabricatorPolicyCapability::CAN_VIEW);
	+
	+ PhabricatorPolicyFilter::requireCapability(
	+ $viewer,
	+ $named_query,
	+ PhabricatorPolicyCapability::CAN_EDIT);
	}

	$builtin = null;
	if ($engine->isBuiltinQuery($key)) {
	$builtin = $engine->getBuiltinQuery($key);
	}

	$return_uri = $engine->getQueryManagementURI();

	if ($request->isDialogFormPost()) {
	if ($named_query->getIsBuiltin()) {
	$named_query->setIsDisabled((int)(!$named_query->getIsDisabled()));
	$named_query->save();
	} else {
	$named_query->delete();
	}

	return id(new AphrontRedirectResponse())->setURI($return_uri);
	}

	if ($named_query->getIsBuiltin()) {
	if ($named_query->getIsDisabled()) {
	$title = pht('Enable Query?');
	$desc = pht(
	'Enable the built-in query "%s"? It will appear in your menu again.',
	$builtin->getQueryName());
	$button = pht('Enable Query');
	} else {
	$title = pht('Disable Query?');
	$desc = pht(
	'This built-in query can not be deleted, but you can disable it so '.
	'it does not appear in your query menu. You can enable it again '.
	'later. Disable built-in query "%s"?',
	$builtin->getQueryName());
	$button = pht('Disable Query');
	}
	} else {
	$title = pht('Really Delete Query?');
	$desc = pht(
	'Really delete the query "%s"? You can not undo this. Remember '.
	'all the great times you had filtering results together?',
	$named_query->getQueryName());
	$button = pht('Delete Query');
	}

	$dialog = id(new AphrontDialogView())
	->setUser($viewer)
	->setTitle($title)
	->appendChild($desc)
	->addCancelButton($return_uri)
	->addSubmitButton($button);

	return id(new AphrontDialogResponse())->setDialog($dialog);
	}

	}

File Metadata

Mime Type: text/x-diff
Expires: Sun, Jan 19, 19:10 (1 d, 17 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 1127796
Default Alt Text: (3 KB)

No OneTemporary
Actions

View Options

File Metadata

Event Timeline

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions