archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Make Herald rules obey policies during application

Browse Source 
Summary:
Ref T603. This closes the other major policy loophole in Herald, which was that you could write a rule like:

  When [Always], [Add me to CC]

...and end up getting email about everything. These rules are now enforced:

  - For a //personal// rule to trigger, you must be able to see the object, and you must be able to use the application the object exists in.
  - In contrast, //global// rules will //always// trigger.

Also fixes some small bugs:

  - Policy control access to thumbnails was overly restrictive.
  - The Pholio and Maniphest Herald rules applied only the //last// "Add CC" or "Add Project" rules, since each rule overwrote previous rules.

Test Plan:
  - Created "always cc me" herald and maniphest rules with a normal user.
  - Created task with "user" visibility, saw CC.
  - Created task with "no one" visibility, saw no CC and error message in transcript ("user can't see the object").
  - Restricted Maniphest to administrators and created a task with "user" visibility. Same deal.
  - Created "user" and "no one" mocks and saw CC and no CC, respectively.
  - Thumbnail in Pholio worked properly.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D7224
This commit is contained in:
epriestley
2013-10-05 12:55:34 -07:00
parent ae27ce0f7d
commit e6d8e1a00a
10 changed files with 84 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/applications/files/controller/PhabricatorFileTransformController.php
View File

@@ -7,21 +7,24 @@ final class PhabricatorFileTransformController
private $phid;
private $key;
public function shouldRequireLogin() {
return false;
}
public function willProcessRequest(array $data) {
$this->transform = $data['transform'];
$this->phid = $data['phid'];
$this->key = $data['key'];
}
public function shouldRequireLogin() {
return false;
}
public function processRequest() {
$viewer = $this->getRequest()->getUser();
// NOTE: This is a public/CDN endpoint, and permission to see files is
// controlled by knowing the secret key, not by authentication.
$file = id(new PhabricatorFileQuery())
->setViewer($viewer)
->setViewer(PhabricatorUser::getOmnipotentUser())
->withPHIDs(array($this->phid))
->executeOne();
if (!$file) {
@@ -130,7 +133,7 @@ final class PhabricatorFileTransformController
PhabricatorTransformedFile $xform) {
$file = id(new PhabricatorFileQuery())
->setViewer($this->getRequest()->getUser())
->setViewer(PhabricatorUser::getOmnipotentUser())
->withPHIDs(array($xform->getTransformedPHID()))
->executeOne();
if (!$file) {