diff --git a/src/applications/people/view/PhabricatorUserLogView.php b/src/applications/people/view/PhabricatorUserLogView.php index 309540c611..72a9378a1a 100644 --- a/src/applications/people/view/PhabricatorUserLogView.php +++ b/src/applications/people/view/PhabricatorUserLogView.php @@ -30,31 +30,65 @@ final class PhabricatorUserLogView extends AphrontView { $action_map = PhabricatorUserLog::getActionTypeMap(); $base_uri = $this->searchBaseURI; + $viewer_phid = $viewer->getPHID(); + $rows = array(); foreach ($logs as $log) { - $ip = $log->getRemoteAddr(); $session = substr($log->getSession(), 0, 6); - if ($base_uri) { - $ip = phutil_tag( - 'a', - array( - 'href' => $base_uri.'?ip='.$ip.'#R', - ), - $ip); + $actor_phid = $log->getActorPHID(); + $user_phid = $log->getUserPHID(); + + if ($viewer->getIsAdmin()) { + $can_see_ip = true; + } else if ($viewer_phid == $actor_phid) { + // You can see the address if you took the action. + $can_see_ip = true; + } else if (!$actor_phid && ($viewer_phid == $user_phid)) { + // You can see the address if it wasn't authenticated and applied + // to you (partial login). + $can_see_ip = true; + } else { + // You can't see the address when an administrator disables your + // account, since it's their address. + $can_see_ip = false; + } + + if ($can_see_ip) { + $ip = $log->getRemoteAddr(); + if ($base_uri) { + $ip = phutil_tag( + 'a', + array( + 'href' => $base_uri.'?ip='.$ip.'#R', + ), + $ip); + } + } else { + $ip = null; } $action = $log->getAction(); $action_name = idx($action_map, $action, $action); + if ($actor_phid) { + $actor_name = $handles[$actor_phid]->renderLink(); + } else { + $actor_name = null; + } + + if ($user_phid) { + $user_name = $handles[$user_phid]->renderLink(); + } else { + $user_name = null; + } + $rows[] = array( phabricator_date($log->getDateCreated(), $viewer), phabricator_time($log->getDateCreated(), $viewer), $action_name, - $log->getActorPHID() - ? $handles[$log->getActorPHID()]->getName() - : null, - $username = $handles[$log->getUserPHID()]->renderLink(), + $actor_name, + $user_name, $ip, $session, ); diff --git a/src/applications/settings/panel/PhabricatorActivitySettingsPanel.php b/src/applications/settings/panel/PhabricatorActivitySettingsPanel.php index eeeca27663..2759f3a26c 100644 --- a/src/applications/settings/panel/PhabricatorActivitySettingsPanel.php +++ b/src/applications/settings/panel/PhabricatorActivitySettingsPanel.php @@ -26,21 +26,6 @@ final class PhabricatorActivitySettingsPanel extends PhabricatorSettingsPanel { ->withRelatedPHIDs(array($user->getPHID())) ->executeWithCursorPager($pager); - $phids = array(); - foreach ($logs as $log) { - $phids[] = $log->getUserPHID(); - $phids[] = $log->getActorPHID(); - } - - if ($phids) { - $handles = id(new PhabricatorHandleQuery()) - ->setViewer($viewer) - ->withPHIDs($phids) - ->execute(); - } else { - $handles = array(); - } - $table = id(new PhabricatorUserLogView()) ->setUser($viewer) ->setLogs($logs);