1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 19:40:55 +01:00
phorge-phorge/src/applications/files/controller
epriestley e919233b31 Don't show personalized menu items until users establish a full session
Summary:
Depends on D18792. Fixes T13024. Fixes T89198. Currently, when users are logging in initially (for example, need to enter MFA) we show more menu items than we should.

Notably, we may show some personalized/private account details, like the number of unread notifications (probably not relevant) or a user's saved queries (possibly sensitive). At best these are misleading (they won't work yet) and there's an outside possibility they leak a little bit of private data.

Instead, nuke everything except "Log Out" when users have partial sessions.

Test Plan:
Hit a partial session (MFA required, email verification required) and looked at the menu. Only saw "Log Out".

{F5297713}

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13024

Differential Revision: https://secure.phabricator.com/D18793
2017-11-28 10:01:58 -08:00
..
PhabricatorFileComposeController.php More button grey conversions 2017-06-07 09:34:50 -07:00
PhabricatorFileController.php Remove newFromMenu() from SideNav 2016-01-14 05:33:34 -08:00
PhabricatorFileDataController.php Don't show personalized menu items until users establish a full session 2017-11-28 10:01:58 -08:00
PhabricatorFileDeleteController.php Switch File deletion to use ModularTransactions 2017-04-18 13:01:51 -07:00
PhabricatorFileDropUploadController.php Provide an <input type="file"> control in Remarkup for mobile and users with esoteric windowing systems 2016-05-20 16:24:22 -07:00
PhabricatorFileEditController.php Move Files editing and commenting to EditEngine 2017-04-04 16:15:11 -07:00
PhabricatorFileIconSetSelectController.php Add more icon choices to Badges 2017-03-03 13:45:53 -08:00
PhabricatorFileImageProxyController.php Fix a bug in the imageproxy controller 2016-09-26 10:44:55 -04:00
PhabricatorFileInfoController.php Search and Replace calls to setShade 2017-05-22 18:59:53 +00:00
PhabricatorFileLightboxController.php Use Log In vs. Login when it's a verb 2017-08-02 12:26:47 -07:00
PhabricatorFileListController.php Remove newFromMenu() from SideNav 2016-01-14 05:33:34 -08:00
PhabricatorFileTransformController.php When file transforms race and lose, accept defeat gracefully 2015-05-21 09:42:20 -07:00
PhabricatorFileTransformListController.php Separate button CSS classes 2017-06-05 20:14:34 +00:00
PhabricatorFileUploadController.php Update file edit UI 2017-09-07 11:35:40 -07:00
PhabricatorFileUploadDialogController.php Allow Pholio mocks to be created and edited without drag-and-drop 2016-06-09 08:43:38 -07:00