mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-28 16:30:59 +01:00
e281c5ee90
Summary: Introduce a new configuration setting that by default disables the conduit as as user method. Wordily explain that turning it on is not recommended. Fixes T3818. Test Plan: ``` 15:25:19 ~/Dropbox/code/phalanx/src/applications/conduit (T3818) ~> echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami Waiting for JSON parameters on stdin... {"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-tghb3b2gbdyezdcuw2or","userName":"btrahan","realName":"Bob Trahan","image":"http:\/\/phalanx.dev\/file\/data\/yncjbh7phk7ktrdhuorn\/PHID-FILE-qyf4ui3x2ll3e52hpg5e\/profile-profile-gravatar","uri":"http:\/\/phalanx.dev\/p\/btrahan\/","roles":["admin","verified","approved","activated"]}} 15:25:34 ~/Dropbox/code/phalanx/src/applications/conduit (T3818) <go edit libconfig/conduitclient to spoof another user...> ~> echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami Waiting for JSON parameters on stdin... {"error":"ERR-CONDUIT-CORE","errorMessage":"ERR-CONDUIT-CORE: security.allow-conduit-act-as-user is disabled","response":null} 15:26:40 ~/Dropbox/code/phalanx/src/applications/conduit (T3818) <enable option via bin/config....> ~> echo '{}' | arc call-conduit --conduit-uri http://phalanx.dev/ user.whoami Waiting for JSON parameters on stdin... {"error":null,"errorMessage":null,"response":{"phid":"PHID-USER-6lcglnzbkiamdofishgi","userName":"xerxes","realName":"Xerxes Trahan","image":"http:\/\/phalanx.dev\/file\/data\/n2kyeevowetcuynbcxrg\/PHID-FILE-voquikectzpde256zzvm\/profile-1275455993.jpg","uri":"http:\/\/phalanx.dev\/p\/xerxes\/","roles":["verified","approved","activated"]}} ``` Reviewers: epriestley Reviewed By: epriestley Subscribers: jevripio, sowedance, epriestley, Korvin Maniphest Tasks: T3818 Differential Revision: https://secure.phabricator.com/D9881 |
||
---|---|---|
.. | ||
application | ||
call | ||
config | ||
controller | ||
garbagecollector | ||
method | ||
protocol | ||
query | ||
ssh | ||
storage |