phorge-phorge

mirror of https://we.phorge.it/source/phorge.git synced 2024-12-03 04:02:43 +01:00

History

epriestley 55f4a258d2 When updating revisions in responset to commits, use the omnipotent viewer to pull diffs Summary: Ref T13625. See that task for discussion. Currently, the Viewer when performing revision updates in response to commits may be an arbitrary low-privilege user (an Application, a disabled User, a bot, a mailing list, etc). Today, this leads to an exception when trying to make API calls. Ideally, we probably would not perform the update in these cases. However, performing the update isn't a policy violation and is generally less surprising than not performing it, so continue performing it for now: just use the omnipotent user to interact with the API. Test Plan: - Authored a commit as a bot user without permission to view the repository or revision. - Commented out a couple of caches, and used `bin/repository reparse --publish ...` to republish the commit. - Before: exception when trying to interact with the API. - After: clean publish. Maniphest Tasks: T13625 Differential Revision: https://secure.phabricator.com/D21582	2021-03-01 11:11:34 -08:00
..
DiffusionUpdateObjectAfterCommitWorker.php	When updating revisions in responset to commits, use the omnipotent viewer to pull diffs	2021-03-01 11:11:34 -08:00

epriestley 55f4a258d2 When updating revisions in responset to commits, use the omnipotent viewer to pull diffs

Summary:
Ref T13625. See that task for discussion.

Currently, the Viewer when performing revision updates in response to commits may be an arbitrary low-privilege user (an Application, a disabled User, a bot, a mailing list, etc).

Today, this leads to an exception when trying to make API calls.

Ideally, we probably would not perform the update in these cases. However, performing the update isn't a policy violation and is generally less surprising than not performing it, so continue performing it for now: just use the omnipotent user to interact with the API.

Test Plan:
  - Authored a commit as a bot user without permission to view the repository or revision.
  - Commented out a couple of caches, and used `bin/repository reparse --publish ...` to republish the commit.
    - Before: exception when trying to interact with the API.
    - After: clean publish.

Maniphest Tasks: T13625

Differential Revision: https://secure.phabricator.com/D21582

2021-03-01 11:11:34 -08:00

DiffusionUpdateObjectAfterCommitWorker.php

When updating revisions in responset to commits, use the omnipotent viewer to pull diffs

2021-03-01 11:11:34 -08:00