mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-24 07:42:40 +01:00
f214abb63f
Summary: Depends on D19018. Fixes T4776. Ref T13053. When you remove someone from an object's recipient list (for example, by removing them a reviewer, auditor, subscriber, owner or author) we currently do not send them mail about it because they're no longer connected to the object. In many of these cases (Commandeer, Reassign) the actual action in the UI adds them back to the object somehow (as a reviewer or subscriber, respectively) so this doesn't actually matter. However, there's no recovery mechanism for reviewer or subscriber removal. This is slightly bad from a policy/threat viewpoint since it means an attacker can remove all the recipients of an object "somewhat" silently. This isn't really silent, but it's less un-silent than it should be. It's also just not very good from a human interaction perspective: if Alice removes Bob as a reviewer, possibly "against his will", he should be notified about that. In the good case, Alice wrote a nice goodbye note that he should get to read. In the bad case, he should get a chance to correct the mistake. Also add a `removed(@user)` mail stamp so you can route these locally if you want. Test Plan: - Created and edited some different objects without catching anything broken. - Removed subscribers from tasks, saw the final email include the removed recipients with a `removed()` stamp. I'm not totally sure this doesn't have any surprising behavior or break any weird objects, but I think anything that crops up should be easy to fix. Reviewers: amckinley Subscribers: sophiebits Maniphest Tasks: T13053, T4776 Differential Revision: https://secure.phabricator.com/D19019 |
||
|---|---|---|
| .. | ||
| application | ||
| bulk | ||
| commentaction | ||
| conduit | ||
| constants | ||
| controller | ||
| data | ||
| draft | ||
| edges | ||
| editengine | ||
| editfield | ||
| editor | ||
| edittype | ||
| engineextension | ||
| error | ||
| exception | ||
| feed | ||
| interface | ||
| phid | ||
| query | ||
| replyhandler | ||
| response | ||
| storage | ||
| typeahead | ||
| view | ||
| worker | ||
| xaction | ||