1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 14:52:41 +01:00

Reduce visibility of "Host" and "Path" Differential fields by default

Summary:
See discussion in T838. These fields expose information which it isn't necessary
or useful to expose in the general case.

  - Disable fields by default, allow them to be enabled in config (these fields
were useful for me at Facebook when I had access to all the machines).
  - Remove 'sourcePath' from Conduit methods other than differential.query.
  - Condition 'sourcePath' field in Conduit on the caller being the revision
author. This is a bit hacky but not so awful.

Test Plan:
  - Verified fields are gone by default and restored by configuration.
  - Verified Conduit no longer returns these fields other than
differential.query.
  - Verified field presence/absence according to authorship in
differential.query.
  - Grepped around in arcanist to make sure we aren't relying on sourcePath.
There's a workflow in "arc merge" that technically might hit it, but I think
it's unreachable, definitely irrelvant (we never use source path as a
distinguisher under git/hg, and can't 'arc merge' in SVN) and it's going away
Real Soon Now anyway.

Reviewers: btrahan, arice

Reviewed By: arice

CC: aran, epriestley

Maniphest Tasks: T838

Differential Revision: https://secure.phabricator.com/D1582
This commit is contained in:
epriestley 2012-02-06 12:14:07 -08:00
parent 15f6216634
commit 36e72639de
5 changed files with 38 additions and 10 deletions

View file

@ -597,6 +597,13 @@ return array(
'differential.field-selector' => 'DifferentialDefaultFieldSelector',
// Differential can show "Host" and "Path" fields on revisions, with
// information about the machine and working directory where the change
// came from. These fields are disabled by default because they may
// occasionally have sensitive information; you can set this to true to
// enable them.
'differential.show-host-field' => false,
// If you set this to true, users can "!accept" revisions via email (normally,
// they can take other actions but can not "!accept"). This action is disabled
// by default because email authentication can be configured to be very weak,

View file

@ -166,7 +166,7 @@ class ConduitAPI_differential_query_Method extends ConduitAPIMethod {
}
$id = $revision->getID();
$results[] = array(
$result = array(
'id' => $id,
'phid' => $revision->getPHID(),
'title' => $revision->getTitle(),
@ -178,7 +178,6 @@ class ConduitAPI_differential_query_Method extends ConduitAPIMethod {
'statusName' =>
ArcanistDifferentialRevisionStatus::getNameForRevisionStatus(
$revision->getStatus()),
'sourcePath' => $diff->getSourcePath(),
'branch' => $diff->getBranch(),
'summary' => $revision->getSummary(),
'testPlan' => $revision->getTestPlan(),
@ -188,6 +187,14 @@ class ConduitAPI_differential_query_Method extends ConduitAPIMethod {
'reviewers' => array_values($revision->getReviewers()),
'ccs' => array_values($revision->getCCPHIDs()),
);
// TODO: This is a hacky way to put permissions on this field until we
// have first-class support, see T838.
if ($revision->getAuthorPHID() == $request->getUser()->getPHID()) {
$result['sourcePath'] = $diff->getSourcePath();
}
$results[] = $result;
}
return $results;

View file

@ -20,7 +20,7 @@ final class DifferentialDefaultFieldSelector
extends DifferentialFieldSelector {
public function getFieldSpecifications() {
return array(
$fields = array(
new DifferentialTitleFieldSpecification(),
new DifferentialSummaryFieldSpecification(),
new DifferentialTestPlanFieldSpecification(),
@ -34,13 +34,27 @@ final class DifferentialDefaultFieldSelector
new DifferentialCommitsFieldSpecification(),
new DifferentialDependenciesFieldSpecification(),
new DifferentialManiphestTasksFieldSpecification(),
);
if (PhabricatorEnv::getEnvConfig('differential.show-host-field')) {
$fields = array_merge(
$fields,
array(
new DifferentialHostFieldSpecification(),
new DifferentialPathFieldSpecification(),
));
}
$fields = array_merge(
$fields,
array(
new DifferentialArcanistProjectFieldSpecification(),
new DifferentialApplyPatchFieldSpecification(),
new DifferentialRevisionIDFieldSpecification(),
new DifferentialGitSVNIDFieldSpecification(),
);
));
return $fields;
}
}

View file

@ -26,6 +26,7 @@ phutil_require_module('phabricator', 'applications/differential/field/specificat
phutil_require_module('phabricator', 'applications/differential/field/specification/testplan');
phutil_require_module('phabricator', 'applications/differential/field/specification/title');
phutil_require_module('phabricator', 'applications/differential/field/specification/unit');
phutil_require_module('phabricator', 'infrastructure/env');
phutil_require_source('DifferentialDefaultFieldSelector.php');

View file

@ -160,7 +160,6 @@ class DifferentialDiff extends DifferentialDAO {
'sourceControlBaseRevision' => $this->getSourceControlBaseRevision(),
'sourceControlPath' => $this->getSourceControlPath(),
'sourceControlSystem' => $this->getSourceControlSystem(),
'sourcePath' => $this->getSourcePath(),
'branch' => $this->getBranch(),
'unitStatus' => $this->getUnitStatus(),
'lintStatus' => $this->getLintStatus(),