Fix an issue where file queries would throw incorrectly

epriestley · epriestley · commit c9fe16247005 · 2014-08-02T14:46:36.000-07:00
Summary: Ref T4589. When you look at a file, we load attached objects in order to run the "you can see this if you can see any attached object" policy check. However, right now the subquery inherits the "throw on filter" flag from the parent query. This inheritance makes sense in other cases[1], but because this is an "ANY" rule it does not make sense here. In practice, it means that if the file is attached to several objects, and any of them gets filtered, you can not see the file. Instead, explicitly drop the flag for this subquery. [1] Sort of. It doesn't produce wrong results in other cases, but now that I think about it might produce a less-tailored error than it could. I'll look into this the next time I'm poking around. Test Plan: - Viewed an "All Users" file attached to a private Mock. - Prior to this patch, I incorrectly received an exception when the Mock was loaded. This is wrong; I should be able to see the file because the policy is "All Users". - After the patch, I can correctly view the file, just not the associated mock. {F127074} Reviewers: btrahan Reviewed By: btrahan Subscribers: 20after4, aran, epriestley Maniphest Tasks: T4589 Differential Revision: https://secure.phabricator.com/D8498
diff --git a/src/applications/files/query/PhabricatorFileQuery.php b/src/applications/files/query/PhabricatorFileQuery.php
@@ -137,10 +137,16 @@ protected function loadPage() {
 
     $objects = array();
     if ($object_phids) {
+      // NOTE: We're explicitly turning policy exceptions off, since the rule
+      // here is "you can see the file if you can see ANY associated object".
+      // Without this explicit flag, we'll incorrectly throw unless you can
+      // see ALL associated objects.
+
       $objects = id(new PhabricatorObjectQuery())
         ->setParentQuery($this)
         ->setViewer($this->getViewer())
         ->withPHIDs($object_phids)
+        ->setRaisePolicyExceptions(false)
         ->execute();
       $objects = mpull($objects, null, 'getPHID');
     }
diff --git a/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php b/src/infrastructure/query/policy/PhabricatorPolicyAwareQuery.php
@@ -29,14 +29,22 @@
 abstract class PhabricatorPolicyAwareQuery extends PhabricatorOffsetPagedQuery {
 
   private $viewer;
-  private $raisePolicyExceptions;
   private $parentQuery;
   private $rawResultLimit;
   private $capabilities;
   private $workspace = array();
   private $policyFilteredPHIDs = array();
   private $canUseApplication;
 
+  /**
+   * Should we continue or throw an exception when a query result is filtered
+   * by policy rules?
+   *
+   * Values are `true` (raise exceptions), `false` (do not raise exceptions)
+   * and `null` (inherit from parent query, with no exceptions by default).
+   */
+  private $raisePolicyExceptions;
+
 
 /* -(  Query Configuration  )------------------------------------------------ */
 
@@ -186,7 +194,7 @@ final public function execute() {
     }
 
     $parent_query = $this->getParentQuery();
-    if ($parent_query) {
+    if ($parent_query && ($this->raisePolicyExceptions === null)) {
       $this->setRaisePolicyExceptions(
         $parent_query->shouldRaisePolicyExceptions());
     }
