1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 09:42:41 +01:00
Commit graph

3 commits

Author SHA1 Message Date
Joshua Spence
b4d7a9de39 Simplify the implementation of PhabricatorPolicyCapability subclasses
Summary: Instead of implementing the `getCapabilityKey` method in all subclasses of `PhabricatorPolicyCapability`, provide a `final` implementation in the base class which uses reflection. See D9837 and D9985 for similar implementations.

Test Plan: N/A

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D10039
2014-07-25 08:25:42 +10:00
Joshua Spence
c34de83619 Rename policy capabilities
Summary: Ref T5655. Rename `PhabricatorPolicyCapability` subclasses for consistency.

Test Plan: Browsed a few applications, nothing seemed broken.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Maniphest Tasks: T5655

Differential Revision: https://secure.phabricator.com/D10037
2014-07-25 08:20:39 +10:00
epriestley
5fd1e88a7a Add a granular capability for user directory browsing
Summary:
Fixes T4358. User request from IRC, but I think this is generally reasonable.

Although we can not prevent users from determining that other user accounts exist in the general case, it does seem reasonable to restrict browsing the user directory to a subset of users.

In our case, I'll probably do this on `secure.phabricator.com`, since it seems a little odd to let Google index the user directory, for example.

Test Plan: Set the policy to "no one" and tried to browse users.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4358

Differential Revision: https://secure.phabricator.com/D8112
2014-01-30 11:53:49 -08:00