mirror of
https://we.phorge.it/source/phorge.git
synced 2025-02-28 06:29:27 +01:00
058952e72e
Summary: Depends on D19605. Ref T13189. See PHI642. This adds a separate "Can Disable Users" capability, and makes the underlying transaction use it. This doesn't actually let you weaken the permission, since all pathways need more permissions: - `user.edit` needs CAN_EDIT. - `user.disable/enable` need admin. - Web UI workflow needs admin. Upcoming changes will update these pathways. Without additional changes, this does let you //strengthen// the permission. This also fixes the inability to disable non-bot users via the web UI. Test Plan: - Set permission to "No One", tried to disable users. Got a tailored policy error. - Set permission to "All Users", disabled/enabled a non-bot user. Reviewers: amckinley Maniphest Tasks: T13189 Differential Revision: https://secure.phabricator.com/D19606 |
||
|---|---|---|
| .. | ||
| PeopleBrowseUserDirectoryCapability.php | ||
| PeopleCreateUsersCapability.php | ||
| PeopleDisableUsersCapability.php | ||