1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 10:22:42 +01:00
phorge-phorge/src/applications
epriestley 293a475e39 Show why recipients were excluded from mail
Summary:
Ref T3306. This interface has a hard time balancing security/policy issues and I'm not sure what the best way forward is. Some possibilities:

  # We just let you see everything from the web UI.
    - This makes debugging easier.
    - Anyone who can see this stuff can trivially take over any user's account with five seconds of work and no technical expertise (reset their password from the web UI, then go read the email and click the link).
  # We let you see everything, but only for messages you were a recipient of or author of.
    - This makes it much more difficult to debug issues with mailing lists.
      - But maybe we could just say mailing list recipients are "public", or define some other ruleset.
    - Generally this gets privacy and ease of use right.
  # We could move the whole thing to the CLI.
    - Makes the UI/UX way worse.
  # We could strike an awkward balance between concerns, as we do now.
    - We expose //who// sent and received messages, but not the content of the messages. This doesn't feel great.

I'm inclined to probably go with (2) and figure something out for mailing lists?

Anyway, irrespective of that this should generally make things more clear, and improves the code a lot if nothing else.

Test Plan:
{F49546}

  - Looked at a bunch of mail.
  - Sent mail from different apps.
  - Checked that recipients seem correct.

Reviewers: btrahan, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3306

Differential Revision: https://secure.phabricator.com/D6413
2013-07-10 15:17:38 -07:00
..
arcanist/conduit Move Conduit methods inside applications 2012-12-21 12:21:59 -08:00
audit Use PHUIIconView for PhabricatorActionView 2013-07-10 12:33:51 -07:00
auth Reduce invasiveness of bin/auth ldap 2013-07-09 16:23:12 -07:00
base Provide contextual help on auth provider configuration 2013-06-20 11:18:48 -07:00
cache Provide 'bin/cache', for managing caches 2013-05-20 10:16:35 -07:00
calendar Conpherence calendar updates 2013-05-29 14:35:34 -07:00
chatlog Consolidate some datetime code and add unit tests 2013-06-03 12:58:11 -07:00
conduit Provide PhabricatorSavedQuery to renderResultsList() 2013-07-03 05:46:04 -07:00
config Detect and warn about APC 3.1.14 / 3.1.15 2013-07-10 13:20:00 -07:00
conpherence Use ActionListView for all profile actions 2013-07-10 05:11:08 -07:00
countdown Simplify and generalize remarkup engine construction 2013-07-09 16:23:33 -07:00
daemon Give Asana feed publishing tasks a less aggressive retry/backoff schedule 2013-07-08 14:34:18 -07:00
differential Store revision reviewer state as edges 2013-07-10 13:50:21 -07:00
diffusion Use ActionListView for all profile actions 2013-07-10 05:11:08 -07:00
directory/controller Minor, fix some margins on the homepage directory view. 2013-07-03 06:24:46 -07:00
diviner Simplify and generalize remarkup engine construction 2013-07-09 16:23:33 -07:00
doorkeeper Add a link to the main Asana task from Differential 2013-07-09 16:22:33 -07:00
draft/storage Add draft support to ApplicationTransactions 2012-12-21 05:57:14 -08:00
drydock Add PhabricatorWorker->log() 2013-06-25 16:31:37 -07:00
fact Convert AphrontTableView to safe HTML 2013-02-09 15:11:38 -08:00
feed Allow Feed HTTP hooks to be https:// 2013-07-08 09:26:21 -07:00
files Improve UI for selecting profile pictures 2013-07-09 16:23:54 -07:00
flag Use ActionListView for all profile actions 2013-07-10 05:11:08 -07:00
harbormaster Add HarbormasterRunnerWorker, for running CI tests 2012-12-17 13:43:26 -08:00
help/controller Some help pht 2013-05-21 15:29:21 -07:00
herald PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
legalpad Legalpad - add signature page 2013-07-10 11:46:39 -07:00
lipsum Files Generating 2013-05-06 10:30:38 -07:00
macro Adding macro create method. 2013-07-08 19:49:05 -07:00
mailinglists PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
maniphest Use PHUIIconView for PhabricatorActionView 2013-07-10 12:33:51 -07:00
meta Fix white + icon hover / apps create 2013-06-11 19:10:12 -07:00
metamta Show why recipients were excluded from mail 2013-07-10 15:17:38 -07:00
notification Fix weird "0" notification numbers 2013-05-21 15:44:44 -07:00
oauthserver Initialize used variable 2013-07-09 21:55:27 -07:00
owners PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
paste Provide PhabricatorSavedQuery to renderResultsList() 2013-07-03 05:46:04 -07:00
people Move roles and status into properties on profile view 2013-07-10 12:34:09 -07:00
phame Provide syntax highlighting css for oblivious phame posts 2013-06-26 15:01:56 -07:00
phid Conpherence - make threads loadable as handles 2013-07-03 16:46:33 -07:00
phlux PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
pholio UIEvents - add support for "subscribers property" 2013-07-08 13:41:10 -07:00
phortune PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
phpast Uninstall Conduit calls when uninstalling applications 2013-03-13 07:09:05 -07:00
phrequent Updates to phrequent's landing page 2013-04-29 12:01:02 -07:00
phriction Simplify and generalize remarkup engine construction 2013-07-09 16:23:33 -07:00
policy Fix typo in variable name 2013-07-10 08:25:40 -07:00
ponder PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
project Remove PhabricatorProfileHeaderView in favor of PhabricatorHeaderView 2013-07-09 16:23:22 -07:00
releeph Always provide a viewer when executing DifferentialRevisionQuery 2013-07-01 12:38:27 -07:00
remarkup/conduit Convert Remarkup to safe HTML 2013-02-13 12:34:49 -08:00
repository Phabricator event timeline removed 2013-07-09 18:07:42 -07:00
search Provide PhabricatorSavedQuery to renderResultsList() 2013-07-03 05:46:04 -07:00
settings Merge "Profile" and "Account" settings panels 2013-07-10 05:09:50 -07:00
slowvote PHUIList, PHUIDocument updates 2013-06-05 08:41:43 -07:00
subscriptions UIEvents - add support for "subscribers property" 2013-07-08 13:41:10 -07:00
system Add a user-accessible hook for dumping debug code into an install 2013-03-04 13:45:51 -08:00
tokens Tokens - make action disabled if user not logged in 2013-07-08 17:05:46 -07:00
transactions Make ApplicationTransactions preview -> submit flow less janky 2013-06-24 15:41:59 -07:00
typeahead Showing tasks & diffs in the typeahead. 2013-07-08 09:50:08 -07:00
uiexample Fix full width form layouts 2013-07-03 20:24:28 -07:00
xhprof Fix XHProf index page 2013-04-02 09:52:52 -07:00