phorge-phorge

mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00

No description

Find a file

epriestley 03ac59a877 Don't put "spacePHID IN (...)" constraints in queries which will raise policy exceptions Summary: See T13240. Ref T13242. When we're issuing a query that will raise policy exceptions (i.e., give the user a "You Shall Not Pass" dialog if they can not see objects it loads), don't do space filtering in MySQL: when objects are filtered out in MySQL, we can't distinguish between "bad/invalid ID/object" and "policy filter", so we can't raise a policy exception. This leads to cases where viewing an object shows "You Shall Not Pass" if you can't see it for any non-Spaces reason, but "404" if the reason is Spaces. There's no product reason for this, it's just that `spacePHID IN (...)` is important for non-policy-raising queries (like a list of tasks) to reduce how much application filtering we need to do. Test Plan: Before: ``` $ git pull phabricator-ssh-exec: No repository "spellbook" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. ``` After: ``` $ git pull phabricator-ssh-exec: [You Shall Not Pass: Unknown Object (Repository)] This object is in a space you do not have permission to access. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. ``` Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13242 Differential Revision: https://secure.phabricator.com/D20042		2019-01-28 09:03:32 -08:00
bin	Remove dead symlink	2019-01-10 16:27:45 -08:00
conf	Remove an old digest in Celerity code and some obsolete configuration options	2019-01-04 13:43:38 -08:00
externals	Update the "SES" and "sendmail" mailers for the new API; remove "encoding"	2019-01-16 13:18:55 -08:00
resources	Add CSRF to SMS challenges, and pave the way for more MFA types (including Duo)	2019-01-24 15:10:57 -08:00
scripts	Fix bin/accountadmin when not making changes	2019-01-21 12:40:59 -08:00
src	Don't put "spacePHID IN (...)" constraints in queries which will raise policy exceptions	2019-01-28 09:03:32 -08:00
support	Use phutil_microseconds_since(...) to simplify some timing arithmetic	2018-11-08 16:46:32 -08:00
webroot	Add CSRF to SMS challenges, and pave the way for more MFA types (including Duo)	2019-01-24 15:10:57 -08:00
.arcconfig	Set "history.immutable" to "false" explicitly in .arcconfig	2016-08-03 08:12:49 -07:00
.arclint	Begin adding test coverage to GitHub Events API parsers	2016-03-09 09:30:07 -08:00
.arcunit	Use the configuration driven unit test engine	2015-08-11 07:57:11 +10:00
.editorconfig	Fix text lint issues	2015-02-12 07:00:13 +11:00
.gitignore	Make i18n string extraction faster and more flexible	2016-07-04 10:23:30 -07:00
LICENSE	Fix text lint issues	2015-02-12 07:00:13 +11:00
NOTICE	Update Phabricator NOTICE file to reflect modern legal circumstances	2014-06-25 13:42:13 -07:00
README.md	Remove push to IRC from "readme.md" too	2015-10-24 18:39:16 -07:00

README.md

Phabricator is a collection of web applications which help software companies build better software.

Phabricator includes applications for:

reviewing and auditing source code;
hosting and browsing repositories;
tracking bugs;
managing projects;
conversing with team members;
assembling a party to venture forth;
writing stuff down and reading it later;
hiding stuff from coworkers; and
also some other things.

You can learn more about the project (and find links to documentation and resources) at Phabricator.org

Phabricator is developed and maintained by Phacility.

SUPPORT RESOURCES

For resources on filing bugs, requesting features, reporting security issues, and getting other kinds of support, see Support Resources.

NO PULL REQUESTS!

We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.