1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 17:22:42 +01:00
phorge-phorge/src/applications/policy
epriestley c1c897b961 Provide core policy support for Spaces
Summary:
Ref T8424. No UI or interesting behavior yet, but integrates Spaces checks:

  - `PolicyFilter` now checks Spaces.
  - `PolicyAwareQuery` now automatically adds Spaces constraints.

There's one interesting design decision here: **spaces are stronger than automatic capabilities**. That means that you can't see a task in a space you don't have permission to access, //even if you are the owner//.

I //think// this is desirable. Particularly, we need to do this in order to exclude objects at the query level, which potentially makes policy filtering for spaces hugely more efficient. I also like Spaces being very strong, conceptually.

It's possible that we might want to change this; this would reduce our access to optimizations but might be a little friendlier or make more sense to users later on.

For now, at least, I'm pursuing the more aggressive line. If we stick with this, we probably need to make some additional UI affordances (e.g., show when an owner can't see a task).

This also means that you get a hard 404 instead of a policy exception when you try to access something in a space you can't see. I'd slightly prefer to show you a policy exception instead, but think this is generally a reasonable tradeoff to get the high-performance filtering at the Query layer.

Test Plan:
  - Added and executed unit tests.
  - Put objects in spaces and viewed them with multiple users.
  - Made the default space visible/invisible, viewed objects.
  - Checked the services panel and saw `spacePHID` constraints.
  - Verified that this adds only one query to each page.

Reviewers: btrahan, chad

Reviewed By: btrahan

Subscribers: chad, epriestley

Maniphest Tasks: T8424

Differential Revision: https://secure.phabricator.com/D13156
2015-06-04 17:46:32 -07:00
..
__tests__ Add support for "Extended Policies" 2015-06-03 18:59:27 -07:00
application Implement the getName method in PhabricatorApplication subclasses 2014-07-23 23:52:50 +10:00
capability phtize all the things 2015-05-22 21:16:39 +10:00
config phtize all the things 2015-05-22 21:16:39 +10:00
constants Use __CLASS__ instead of hard-coding class names 2015-05-14 07:21:13 +10:00
controller phtize all the things 2015-05-22 21:16:39 +10:00
exception Allow applications to define new policy capabilities 2013-10-07 13:28:58 -07:00
filter Provide core policy support for Spaces 2015-06-04 17:46:32 -07:00
interface Add support for "Extended Policies" 2015-06-03 18:59:27 -07:00
management phtize all the things 2015-05-22 21:16:39 +10:00
phid Simplify the implementation of PhabricatorPHIDType subclasses 2014-07-22 00:38:23 +10:00
query phtize all the things 2015-05-22 21:16:39 +10:00
rule Make browse action available for dynamic/JS-driven tokenizers 2015-04-17 11:06:58 -07:00
storage phtize all the things 2015-05-22 21:16:39 +10:00