mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-10 08:52:39 +01:00
No description
301fed1b43
Summary: - When an administrator creates a user, provide an option to send a welcome email. Right now this workflow kind of dead-ends. - Prevent administrators from changing the "System Agent" flag. If they can change it, they can grab another user's certificate and then act as them. This is a vaguely weaker security policy than is exhibited elsewhere in the application. Instead, make user accounts immutably normal users or system agents at creation time. - Prevent administrators from changing email addresses after account creation. Same deal as conduit certs. The 'bin/accountadmin' script can still do this if a user has a real problem. - Prevent administrators from resetting passwords. There's no need for this anymore with welcome emails plus email login and it raises the same issues. Test Plan: - Created a new account, selected "send welcome email", got a welcome email, logged in with the link inside it. - Created a new system agent. - Reset an account's password. Reviewed By: aran Reviewers: tuomaspelkonen, jungejason, aran CC: anjali, aran, epriestley Differential Revision: 379 |
||
---|---|---|
bin | ||
conf | ||
externals | ||
resources | ||
scripts | ||
src | ||
support/aphlict | ||
webroot | ||
.arcconfig | ||
.divinerconfig | ||
.gitignore | ||
.gitmodules | ||
CHANGELOG | ||
README |
PROJECT STATUS: CAVEAT EMPTOR This is an unstable preview release. You can learn more at http://phabricator.org/ as well as click around our development install. Developer mailing list at https://groups.google.com/group/phabricator-dev and please report issues using GitHub. WHAT IS PHABRICATOR? Phabricator is a suite of web applications that facilitate software development tasks, particularly code review. The primary application in the suite is Differential, a code review tool. Phabricator is highly unstable and has many missing features! These applications are being brought over from Facebook's internal toolset, but there's a lot of stuff that hasn't made it over yet. Feel free to follow the project but you probably shouldn't try to install this yet unless you're extremely ambitious or just want to take a look at it. LICENSE Phabricator is released under the Apache 2.0 license except as otherwise noted. http://www.apache.org/licenses/LICENSE-2.0