revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-24 13:38:19 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/differential
History
epriestley 19e0abcb27 Fix an issue where raw diffs that are not attached to revisions could skip repository policy checks 
Summary:
See PHI1697. If a diff is not attached to a revision (for example, if it was created with "arc diff --only"), but is attached to a repository, it is supposed to be visible only to users who can see that repository.

It currently skips this extended policy check and may incorrectly be visible to too many users.

(Once a diff is attached to a revision, this rule is enforced properly via the revision policy.)

Test Plan:
  - Set repository R to be visible only to Alice.
  - As Alice, created a diff from a working copy of repository R with "arc diff --only".
  - As Bailey, viewed the diff.
    - Before: visible diff.
    - After: policy exception (as expected).

Differential Revision: https://secure.phabricator.com/D21103
2020-04-13 12:08:35 -07:00
..
__tests__ Put some whitespace behaviors back, but only for "diff alignment", not display 2019-02-19 13:11:50 -08:00
application Add a test to verify that all routing maps are plausibly valid, and remove some dead routes 2020-02-14 18:06:24 -08:00
capability Simplify the implementation of PhabricatorPolicyCapability subclasses 2014-07-25 08:25:42 +10:00
command Fix another stray "msort()/msortv()" issue 2019-06-17 13:20:10 -07:00
conduit When a client submits an overlong "sourcePath", truncate it and continue 2019-08-21 19:28:18 -07:00
config Remove all whitespace options/configuration everywhere 2019-02-19 13:09:29 -08:00
constants Add some more UI reminder text about draft revisions 2018-03-08 12:07:40 -08:00
controller Allow DocumentEngine to elect into diff construction 2019-09-25 16:23:06 -07:00
customfield Tailor the "no reviewers on this revision" warnings to handle the case where all reviewers have resigned 2018-11-28 13:50:29 -08:00
doorkeeper Remove "metamta.*.subject-prefix" options 2019-01-17 19:18:50 -08:00
edge Update parent/child revision timeline messages to use modern language ("parent revision") 2018-07-13 09:02:10 -07:00
editor Fix missing link targets for "View Object" header buttons in HTML email 2019-06-18 13:20:56 -07:00
engine Add "Revision has passing builds" Herald rules for commit content (pushes) and commits (discovery) 2019-05-01 10:02:47 -07:00
engineextension Add a "commits" attachment to "differential.diff.search" for retrieving local commit information 2018-04-19 17:25:06 -07:00
exception Remove an unused class 2015-01-03 09:07:32 +11:00
field Move misplaced validation for ambiguous fields in "Test Plan" to the right place 2017-06-30 06:36:05 -07:00
garbagecollector Provide bin/garbage for interacting with garbage collection 2015-10-02 09:17:24 -07:00
harbormaster Don't try to publish build results to bare diffs 2019-02-13 12:19:29 -08:00
herald Implement an "Author's packages" Herald field for Differential 2020-01-22 18:27:51 -08:00
lipsum Fix deprecated argument order for "implode()" 2019-10-17 09:11:27 -07:00
mail Remove "metamta.*.subject-prefix" options 2019-01-17 19:18:50 -08:00
management When showing a diff-of-diffs, hide files which didn't get any more changes and have no inlines 2018-05-16 17:18:53 -07:00
parser Continue moving classes with no callers in libphutil or Arcanist to Phabricator 2020-02-12 13:14:04 -08:00
phid Remove "State Icons" from handles 2019-10-31 12:04:43 -07:00
query Improve recovery from panel action rendering exceptions, and mark "Changeset" queries as not suitable for panel generation 2019-11-08 17:15:21 -08:00
relationships Convert all standard relationship-editing actions to modern Relationships code 2016-06-29 11:24:52 -07:00
remarkup Rename PhutilRemarkupRule subclasses 2014-08-05 00:55:43 +10:00
render Fix an issue with 1up diff block rendering for added or removed blocks 2019-11-08 07:37:06 -08:00
search Reduce the amount of boilerplate that implementing FerretInterface requires 2017-09-07 13:23:31 -07:00
storage Fix an issue where raw diffs that are not attached to revisions could skip repository policy checks 2020-04-13 12:08:35 -07:00
typeahead Support "none()" in Differential to find revisions with no (un-resigned) reviewers 2019-05-21 12:56:59 -07:00
view Add a "View as..." option to diff dropdowns for selecting between document engines 2019-09-25 16:29:21 -07:00
xaction Add an "isDone" flag to "transaction.search" for Differential inline comments 2020-04-05 09:36:15 -07:00
DifferentialGetWorkingCopy.php Extend from Phobject 2015-06-15 18:02:27 +10:00