1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 03:20:59 +01:00
phorge-phorge/src/applications/policy
epriestley f16778fc18 Fix excessively strict "Can Use Application" policy filtering
Summary:
Ref T9058. The stricter filtering is over-filtering Handles. For example, in the Phacility cluster, users can not see Almanac services.

So this filtering happens:

  - The AlmanacServiceQuery filters the service beacuse they can't see the application.
  - The HandleQuery generates a "you can't see this" handle.
  - But then the HandleQuery filters that handle! It has a "service" PHID and the user can't see Almanac.

This violates the assumption that all application code makes about handles: it's OK to query handles for objects you can't see, and you'll get something back.

Instead, don't do application filtering on handles.

Test Plan:
  - Added a failing test and made it pass.
  - As a user who can not see Almanac, viewed an Instances timeline.
    - Before patch: fatal on trying to load a handle for a Service.
    - After patch: smooth sailing.

Reviewers: chad

Maniphest Tasks: T9058

Differential Revision: https://secure.phabricator.com/D17152
2017-01-08 11:01:36 -08:00
..
__tests__ Remove empty implementations of describeAutomaticCapabilities() 2016-11-09 15:24:22 -08:00
application Allow different policy rules for different types of objects 2015-06-13 15:44:03 -07:00
capability Use getPhobjectClassConstant() to access class constants 2015-10-01 16:56:21 -07:00
codex Require several advanced postgraduate degrees to understand object policies 2016-11-09 15:05:38 -08:00
config Move FontIcon calls to Icon 2016-01-28 08:48:45 -08:00
constants Extend from Phobject 2015-06-15 18:02:27 +10:00
controller Fix some policy CSS 2016-11-11 13:43:13 -08:00
editor Fix an issue with editing pre-space objects using a form with no visibility controls 2016-02-18 11:15:40 -08:00
engineextension Allow *.search Conduit API methods to have data bulk-loaded by extensions 2016-07-31 11:15:18 -07:00
exception Modernize OAuthserver and provide more context on "no permission" exception 2015-09-03 10:05:23 -07:00
filter Fix excessively strict "Can Use Application" policy filtering 2017-01-08 11:01:36 -08:00
interface Require several advanced postgraduate degrees to understand object policies 2016-11-09 15:05:38 -08:00
management phtize all the things 2015-05-22 21:16:39 +10:00
phid Mark PhabricatorPHIDType::getPHIDTypeApplicationClass() as abstract 2015-11-03 06:47:12 +11:00
query Modernize "favorite project policies" setting 2016-06-04 14:42:11 -07:00
rule Fix flaky subscribers policy rule unit test 2016-12-11 12:27:57 -08:00
storage Remove empty implementations of describeAutomaticCapabilities() 2016-11-09 15:24:22 -08:00
view Require several advanced postgraduate degrees to understand object policies 2016-11-09 15:05:38 -08:00