Page MenuHomePhabricator

Create a Conduit API method to lookup Policy information
Closed, ResolvedPublic

Description

When I call diffusion.repository.search or various other Conduit endpoints the response can contain PHID-PLCY-* phids referencing various built-in or custom policies. In the Phabricator web gui these are rendered in a human readable manner (e.g. https://phabricator.wikimedia.org/diffusion/PHAB/manage/policies/). I'd like to be able to provide similar information in the Tools Lab management console by reading the data via a conduit api call.

A lookup done via phid.query for a custom policy only returns "Custom Policy" rather than providing any information on the details of said policy. The Phabricator web gui can produce a description of a custom policy that is human readable (e.g. https://phabricator.wikimedia.org/transactions/new/PHID-XACT-PROJ-2efs6bpul7vfqev/). I would like to be able to get the data needed to render something similar via Conduit.

Event Timeline

bd808 created this task.Jun 4 2016, 12:08 AM
Restricted Application added a project: User-bd808. · View Herald TranscriptJun 4 2016, 12:08 AM
Restricted Application added subscribers: Zppix, TerraCodes, Aklapper. · View Herald Transcript
bd808 added a comment.Jun 4 2016, 12:10 AM

@mmodell before I dive into this, can you think of a reason that it is a horrible idea? I've poked about a bit on the WMF Phabricator instance and I think that the details of a custom policy aren't really a secret. They may be a bit hidden in some parts of the UI, but I can't find an example of one that is completely opaque.

Luke081515 added a subscriber: Luke081515.EditedJun 4 2016, 12:20 AM

Maybe we can report it upstream, because it causes a problem for bots. But I'm not sure, how fast the would handle that request. Otherwise, we can write it on our own, and upload the patch upstream, if they thing that they want have that too.

(Opps, I didn't see that the task is already assigned ;))

@bd808 I don't think it's a terrible idea. In general we want policies to be transparent as long as they are enforced. Security through obscurity isn't security, etc.

:)

bd808 moved this task from Backlog to Doing on the Community-Tech-Tool-Labs board.Jun 5 2016, 6:19 PM
bd808 moved this task from To Do to In Dev/Progress on the User-bd808 board.
bd808 closed this task as Resolved.Jun 8 2016, 3:36 PM
bd808 moved this task from Doing to Done on the Community-Tech-Tool-Labs board.
bd808 moved this task from In Dev/Progress to Done on the User-bd808 board.
bd808 moved this task from Done to Archive on the User-bd808 board.Jun 21 2016, 7:40 PM