1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 19:40:55 +01:00

Give files uploaded to objects a very restrictive view policy

Summary:
Fixes T4589. This implements much better policy behavior for files that aligns with user expectations.

Currently, all files have permissive visibility.

The new behavior is:

  - Files uploaded via drag-and-drop to the home page or file upload page get permissive visibility, for ease of quickly sharing things like screenshots.
  - Files uploaded via the manual file upload control get permissive visibility by default, but the user can select the policy they want at upload time in an explicit/obvious way.
  - Files uploaded via drag-and-drop anywhere else (e.g., comments or Pholio) get restricted visibility (only the uploader).
    - When the user applies a transaction to the object which uses the file, we attach the file to the object and punch a hole through the policies: if you can see the object, you can see the file.
    - This rule requires things to use ApplicationTransactions, which is why this took so long to fix.
    - The "attach stuff to the object" code has been in place for a long time and works correctly.

I'll land D8498 after this lands, too.

Test Plan:
  - Uploaded via global homepage upload and file drag-and-drop upload, saw permissive visibility.
  - Uploaded via comment area, saw restricted visibility.
  - After commenting, verified links were established and the file became visible to users who could see the attached object.
  - Verified Pholio (which is a bit of a special case) correctly attaches images.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4589

Differential Revision: https://secure.phabricator.com/D10131
This commit is contained in:
epriestley 2014-08-02 14:46:13 -07:00
parent 1f1828e0c0
commit 9181929ebc
5 changed files with 45 additions and 27 deletions

View file

@ -8,10 +8,10 @@
return array(
'names' => array(
'core.pkg.css' => '66ada2ec',
'core.pkg.js' => '8cd3cd8c',
'core.pkg.js' => '4c28870b',
'darkconsole.pkg.js' => 'df001cab',
'differential.pkg.css' => '4a93db37',
'differential.pkg.js' => '79503aa4',
'differential.pkg.js' => 'eb182ccd',
'diffusion.pkg.css' => '591664fa',
'diffusion.pkg.js' => 'bfc0737b',
'maniphest.pkg.css' => 'f5d89daf',
@ -440,7 +440,7 @@ return array(
'rsrc/js/application/uiexample/gesture-example.js' => '558829c2',
'rsrc/js/application/uiexample/notification-example.js' => '7a9677fc',
'rsrc/js/core/Busy.js' => '6453c869',
'rsrc/js/core/DragAndDropFileUpload.js' => 'a575f592',
'rsrc/js/core/DragAndDropFileUpload.js' => 'f61aa8ec',
'rsrc/js/core/DraggableList.js' => '2cad29d1',
'rsrc/js/core/FileUpload.js' => 'a4ae61bf',
'rsrc/js/core/Hovercard.js' => '7e8468ae',
@ -465,7 +465,7 @@ return array(
'rsrc/js/core/behavior-file-tree.js' => '88236f00',
'rsrc/js/core/behavior-form.js' => '5c54cbf3',
'rsrc/js/core/behavior-gesture.js' => '3ab51e2c',
'rsrc/js/core/behavior-global-drag-and-drop.js' => '3672899b',
'rsrc/js/core/behavior-global-drag-and-drop.js' => '07f199d8',
'rsrc/js/core/behavior-high-security-warning.js' => '8fc1c918',
'rsrc/js/core/behavior-history-install.js' => '7ee2b591',
'rsrc/js/core/behavior-hovercard.js' => 'f36e01af',
@ -589,7 +589,7 @@ return array(
'javelin-behavior-doorkeeper-tag' => 'e5822781',
'javelin-behavior-error-log' => 'a5d7cf86',
'javelin-behavior-fancy-datepicker' => 'a5573bcd',
'javelin-behavior-global-drag-and-drop' => '3672899b',
'javelin-behavior-global-drag-and-drop' => '07f199d8',
'javelin-behavior-herald-rule-editor' => '7ebaeed3',
'javelin-behavior-high-security-warning' => '8fc1c918',
'javelin-behavior-history-install' => '7ee2b591',
@ -715,7 +715,7 @@ return array(
'phabricator-countdown-css' => '86b7b0a0',
'phabricator-crumbs-view-css' => '7fbf25b8',
'phabricator-dashboard-css' => 'a2bfdcbf',
'phabricator-drag-and-drop-file-upload' => 'a575f592',
'phabricator-drag-and-drop-file-upload' => 'f61aa8ec',
'phabricator-draggable-list' => '2cad29d1',
'phabricator-fatal-config-template-css' => '25d446d6',
'phabricator-feed-css' => '4e544db4',
@ -869,6 +869,13 @@ return array(
'javelin-util',
'phabricator-busy',
),
'07f199d8' => array(
'javelin-behavior',
'javelin-dom',
'javelin-uri',
'javelin-mask',
'phabricator-drag-and-drop-file-upload',
),
'09eee344' => array(
'javelin-behavior',
'javelin-stratcom',
@ -1042,13 +1049,6 @@ return array(
'javelin-behavior',
'javelin-dom',
),
'3672899b' => array(
'javelin-behavior',
'javelin-dom',
'javelin-uri',
'javelin-mask',
'phabricator-drag-and-drop-file-upload',
),
'3915d490' => array(
'javelin-install',
'javelin-util',
@ -1490,14 +1490,6 @@ return array(
'javelin-stratcom',
'javelin-vector',
),
'a575f592' => array(
'javelin-install',
'javelin-util',
'javelin-request',
'javelin-dom',
'javelin-uri',
'phabricator-file-upload',
),
'a5b67173' => array(
'javelin-dom',
'javelin-util',
@ -1877,6 +1869,14 @@ return array(
'multirow-row-manager',
'javelin-json',
),
'f61aa8ec' => array(
'javelin-install',
'javelin-util',
'javelin-request',
'javelin-dom',
'javelin-uri',
'phabricator-file-upload',
),
'f6555212' => array(
'javelin-install',
'javelin-reactornode',

View file

@ -8,7 +8,7 @@ final class PhabricatorFileDropUploadController
*/
public function processRequest() {
$request = $this->getRequest();
$user = $request->getUser();
$viewer = $request->getUser();
// NOTE: Throws if valid CSRF token is not present in the request.
$request->validateCSRF();
@ -16,11 +16,21 @@ final class PhabricatorFileDropUploadController
$data = PhabricatorStartup::getRawInput();
$name = $request->getStr('name');
// If there's no explicit view policy, make it very restrictive by default.
// This is the correct policy for files dropped onto objects during
// creation, comment and edit flows.
$view_policy = $request->getStr('viewPolicy');
if (!$view_policy) {
$view_policy = $viewer->getPHID();
}
$file = PhabricatorFile::newFromXHRUpload(
$data,
array(
'name' => $request->getStr('name'),
'authorPHID' => $user->getPHID(),
'authorPHID' => $viewer->getPHID(),
'viewPolicy' => $view_policy,
'isExplicitUpload' => true,
));

View file

@ -28,6 +28,7 @@ final class PhabricatorGlobalUploadTargetView extends AphrontView {
'instructions' => $instructions_id,
'uploadURI' => '/file/dropupload/',
'browseURI' => '/file/query/authored/',
'viewPolicy' => PhabricatorPolicies::getMostOpenPolicy(),
));
return phutil_tag(

View file

@ -174,8 +174,13 @@ JX.install('PhabricatorDragAndDropFileUpload', {
var up_uri = JX.$U(this.getURI())
.setQueryParam('name', file.getName())
.setQueryParam('__upload__', 1)
.toString();
.setQueryParam('__upload__', 1);
if (this.getViewPolicy()) {
up_uri.setQueryParam('viewPolicy', this.getViewPolicy());
}
up_uri = up_uri.toString();
var onupload = JX.bind(this, function(r) {
if (r.error) {
@ -235,6 +240,7 @@ JX.install('PhabricatorDragAndDropFileUpload', {
},
properties: {
URI : null,
activatedClass : null
activatedClass : null,
viewPolicy : null
}
});

View file

@ -21,7 +21,8 @@ JX.behavior('global-drag-and-drop', function(config) {
}
var drop = new JX.PhabricatorDragAndDropFileUpload(document.documentElement)
.setURI(config.uploadURI);
.setURI(config.uploadURI)
.setViewPolicy(config.viewPolicy);
drop.listen('didBeginDrag', function() {
JX.Mask.show();