epriestley
f9836cb646
Summary: Ref T10262. Files have an internal secret key which is partially used to control access to them, and determines part of the URL you need to access them. Scramble (regenerate) the secret when: - the view policy for the file itself changes (and the new policy is not "public" or "all users"); or - the view policy or space for an object the file is attached to changes (and the file policy is not "public" or "all users"). This basically means that when you change the visibility of a task, any old URLs for attached files stop working and new ones are implicitly generated. Test Plan: - Attached a file to a task, used `SELECT * FROM file WHERE id = ...` to inspect the secret. - Set view policy to public, same secret. - Set view policy to me, new secret. - Changed task view policy, new secret. - Changed task space, new secret. - Changed task title, same old secret. - Added and ran unit tests which cover this behavior. Reviewers: chad Reviewed By: chad Maniphest Tasks: T10262 Differential Revision: https://secure.phabricator.com/D15641
Phabricator is a collection of web applications which help software companies build better software.
Phabricator includes applications for:
- reviewing and auditing source code;
- hosting and browsing repositories;
- tracking bugs;
- managing projects;
- conversing with team members;
- assembling a party to venture forth;
- writing stuff down and reading it later;
- hiding stuff from coworkers; and
- also some other things.
You can learn more about the project (and find links to documentation and resources) at Phabricator.org
Phabricator is developed and maintained by Phacility.
SUPPORT RESOURCES
For resources on filing bugs, requesting features, reporting security issues, and getting other kinds of support, see Support Resources.
NO PULL REQUESTS!
We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide.
LICENSE
Phabricator is released under the Apache 2.0 license except as otherwise noted.