1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-21 13:00:56 +01:00
phorge-phorge/resources/sql/autopatches/20150114.oauthserver.client.policy.sql
Bob Trahan 1cc81b1d0a OAuthServer - hide client secret behind a "View Secret" action
Summary: ...also adds policies on who can view and who can edit an action. Fixes T6949.

Test Plan: viewed a secret through the new UI and it worked

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T6949

Differential Revision: https://secure.phabricator.com/D11401
2015-01-14 17:27:45 -08:00

11 lines
490 B
SQL

ALTER TABLE {$NAMESPACE}_oauth_server.oauth_server_oauthserverclient
ADD viewPolicy VARBINARY(64) NOT NULL AFTER creatorPHID;
UPDATE {$NAMESPACE}_oauth_server.oauth_server_oauthserverclient
SET viewPolicy = 'users' WHERE viewPolicy = '';
ALTER TABLE {$NAMESPACE}_oauth_server.oauth_server_oauthserverclient
ADD editPolicy VARBINARY(64) NOT NULL AFTER viewPolicy;
UPDATE {$NAMESPACE}_oauth_server.oauth_server_oauthserverclient
SET editPolicy = creatorPHID WHERE viewPolicy = '';