mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-26 08:42:41 +01:00
Correct overbroad automatic capability grant of global settings objects
Summary: Ref T13679. In D16983, global settings objects were given an exception to let logged-out users see them, even on installs with no "public" user role. This exception is too broad and grants everyone all capabilities, not just "CAN_VIEW". In particular, it incorrectly grants "CAN_EDIT", so any user can edit global settings defaults. Restrict this grant to "CAN_VIEW". Test Plan: - As a non-administrator, tried to edit global settings. - Before: could. - After: could not. Maniphest Tasks: T13679 Differential Revision: https://secure.phabricator.com/D21811
This commit is contained in:
parent
01253d533b
commit
698ada2470
1 changed files with 9 additions and 5 deletions
|
@ -219,8 +219,12 @@ final class PhabricatorUserPreferences
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($this->getBuiltinKey()) {
|
$builtin_key = $this->getBuiltinKey();
|
||||||
case self::BUILTIN_GLOBAL_DEFAULT:
|
|
||||||
|
$is_global = ($builtin_key === self::BUILTIN_GLOBAL_DEFAULT);
|
||||||
|
$is_view = ($capability === PhabricatorPolicyCapability::CAN_VIEW);
|
||||||
|
|
||||||
|
if ($is_global && $is_view) {
|
||||||
// NOTE: Without this policy exception, the logged-out viewer can not
|
// NOTE: Without this policy exception, the logged-out viewer can not
|
||||||
// see global preferences.
|
// see global preferences.
|
||||||
return true;
|
return true;
|
||||||
|
|
Loading…
Reference in a new issue