1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 01:32:42 +01:00
phorge-phorge/src/applications/policy
epriestley 4dfdd0d316 Treat invalid policies as broadly similar to "no one"
Summary:
Ref T3903. Ref T603. We currently overreact to invalid policies. Instead:

  - For non-omnipotent users, just reject the viewer.
  - For omnipotent users, we already shortcircuit and permit the viewer.
  - Formalize and add test coverage for these behaviors.

Also clean up some strings.

The practical effect of this is that setting an object to an invalid policy (either intentionally or accidentally) doesn't break callers who are querying it.

Test Plan:
  - Created a Legalpad document and set view policy to "asldkfnaslkdfna".
  - Verified this policy behaved as though it were "no one".
  - Added, executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603, T3903

Differential Revision: https://secure.phabricator.com/D7185
2013-10-01 11:25:30 -07:00
..
__tests__ Treat invalid policies as broadly similar to "no one" 2013-10-01 11:25:30 -07:00
application Explain policy exception rules to users 2013-09-27 08:43:41 -07:00
config Move policy config to "Policy" app and make policy.allow-public description scarier 2013-09-27 10:50:19 -07:00
constants Delete license headers from files 2012-11-05 11:16:51 -08:00
controller Explain policy exception rules to users 2013-09-27 08:43:41 -07:00
exception Provide better strings in policy errors and exceptions 2013-09-27 08:43:50 -07:00
filter Treat invalid policies as broadly similar to "no one" 2013-10-01 11:25:30 -07:00
interface Explain policy exception rules to users 2013-09-27 08:43:41 -07:00
management Add a very simple bin/policy script for CLI policy administration 2013-09-29 09:06:41 -07:00
query Explain policy exception rules to users 2013-09-27 08:43:41 -07:00