Page MenuHomePhabricator
Create Task
Maniphest T382034

Consolidate code to check ACL membership of acting user
Open, Stalled, LowPublic
Actions

Description

Looking into non-public T373358 reminded me again that I am duplicating code, and that is no good:

./libext/misc/src/policy/WMFSecurityPolicy.php:    $trusted_project_names = ["Trusted-Contributors", "WMF-NDA", "acl*sre-team", "acl*security"];
./libext/ava/src/herald/AntiVandalismAction.php:      $trusted_project_names = ["Trusted-Contributors", "WMF-NDA", "acl*sre-team", "acl*security"];
./phabricator/src/applications/maniphest/editor/ManiphestEditEngine.php:    // ["Trusted-Contributors", "WMF-NDA", "acl*sre-team", "acl*security"];
./phabricator/src/applications/maniphest/editor/ManiphestEditEngine.php:       'PHID-PROJ-fqb3bhereyljcqrsbju7', 'PHID-PROJ-koo4qqdng27q7r65x3cw']; // acl-security
./phabricator/src/applications/maniphest/editor/ManiphestEditEngine.php:       'PHID-PROJ-fqb3bhereyljcqrsbju7', 'PHID-PROJ-koo4qqdng27q7r65x3cw']; // acl*sre_team
./phabricator/src/applications/maniphest/editor/ManiphestEditEngine.php:      ['PHID-PROJ-rte2hubdntrhiwyoau6n', 'PHID-PROJ-ibxm3v6ithf3jpqpqhl7', // trusted-contributors
./phabricator/src/applications/maniphest/editor/ManiphestEditEngine.php:      ['PHID-PROJ-rte2hubdntrhiwyoau6n', 'PHID-PROJ-ibxm3v6ithf3jpqpqhl7', // wmf-nda

Details

Related Changes in GitLab:
TitleReferenceAuthorSource BranchDest Branch
Don't duplicate code from Security extensionrepos/phabricator/phabricator!83aklapperT382034wmf/stable
Customize query in GitLab

Related Objects

Event Timeline

Aklapper created this task.Dec 11 2024, 9:16 PM
Aklapper triaged this task as Low priority.
Aklapper moved this task from To Triage to Needs code (in Phab or bot) on the Phabricator board.Dec 17 2024, 2:29 PM
Aklapper updated the task description. (Show Details)Jan 23 2025, 1:55 PM
CodeReviewBot added a project: Patch-For-Review.Feb 8 2025, 8:12 PM

aklapper opened https://gitlab.wikimedia.org/repos/phabricator/phabricator/-/merge_requests/83

Don't duplicate code from Security extension

Aklapper claimed this task.Feb 8 2025, 8:14 PM

I prefer not to have AVA depend on libext/misc for a single call (also: potential re-use outside of Wikimedia) so I'll keep a copy of getProjectByName() in src/herald/AntiVandalismAction.php.
Which leaves us with https://gitlab.wikimedia.org/repos/phabricator/phabricator/-/merge_requests/83 (though I wonder if a surrounding if (function_exists('fooo')) could be good?)

CodeReviewBot added a comment.Mar 3 2025, 11:12 AM

aklapper closed https://gitlab.wikimedia.org/repos/phabricator/phabricator/-/merge_requests/83

Don't duplicate code from Security extension

Aklapper closed this task as Invalid.Mar 3 2025, 11:14 AM
Aklapper removed a project: Patch-For-Review.

Unneeded now due to https://phabricator.wikimedia.org/rPHAB9e3e4130a1344ff541c99427d7f962c752ff9429

Aklapper reopened this task as Stalled.Feb 8 2026, 9:41 PM

Reopening for now as I proposed https://we.phorge.it/D26738 in upstream

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits