"changed Security from none to none." in initial task creation
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Qgil
	Sep 25 2014, 10:04 AM

Description

When a user creates a task, this entry appears in the timeline:

Qgil changed Security from none to none.

Can this entry be avoided in the future? No need to change anything in tasks that already have it.

Details

	Project	Branch	Lines +/-	Subject
	operations/puppet	production	+1 -1	phabricator: Change security_topic from "default: none" to "default: default"

Customize query in gerrit

Revisions and Commits

	Unknown Object (Diffusion Commit)
	Unknown Object (Diffusion Commit)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Duplicate		mmodell	T76008 Nonexistent change in custom policy logged when mentioning a security task
		Resolved		mmodell	T479 "changed Security from none to none." in initial task creation

Event Timeline

Qgil created this task.Sep 25 2014, 10:04 AM

Qgil raised the priority of this task from to Needs Triage.

Qgil updated the task description. (Show Details)

Qgil added a project: Phabricator.

Qgil changed Security from none to None.

Qgil added a subscriber: Qgil.

I'm not exactly sure why this is happening. I looked through the security plugin code and I don't see anything that would be causing this.

No need to "+1" when you can "Award Token". :)

happy? :)

mmodell triaged this task as Low priority.Oct 4 2014, 3:51 PM

Qgil merged a task: T622: "Nemo_bis changed Security from none to none.".Oct 10 2014, 6:44 PM

Qgil added subscribers: Unknown Object (MLST), Nemo_bis.

Qgil added a subscriber: Legoktm.Oct 11 2014, 11:02 PM

apparently this is not just a problem at initial filing time. T109#10883:

jeremyb-phone set Security to none.

Krenair added a subscriber: Krenair.Oct 12 2014, 5:59 PM

In T479#10885, @jeremyb-phone wrote:

apparently this is not just a problem at initial filing time.

Yes, it also affects tickets that were imported or created before setting up the specific Security field values.

Ricordisamoa awarded a token.Oct 19 2014, 9:21 AM

Ricordisamoa added a subscriber: Ricordisamoa.

Qgil edited projects, added Project-Management; removed Phabricator.Oct 22 2014, 10:29 PM

jeremyb-phone mentioned this in T899: Unclear what the point of tokens in Phabricator is.Oct 25 2014, 9:42 PM

• MZMcBride added a subscriber: • MZMcBride.Oct 26 2014, 3:26 AM

Do we have any idea whether the Bugzilla and RT migrated tasks will inherit this problem as well?

matmarex added a subscriber: matmarex.Nov 9 2014, 10:07 PM

Do we have any idea whether the Bugzilla and RT migrated tasks will inherit this problem as well?

Can this be tested on the bugzilla preview?

Imported BZ tasks didn't get "changed Security from none to none", thankfully. But the first time you use "Edit Task", Phabricator thinks that you "set Security to none", which is equally annoying. See T58091 for an example.

This is annoying but I've tried everything I can think of to make it go away and no matter what I've tried phab still does some form of this logging in the task transactions. It's dumb and I really don't know what the solution is but I'll keep this on my radar.

mmodell lowered the priority of this task from Medium to Low.Nov 24 2014, 3:22 AM

Is it worth to ask for a second pair of eyes upstream? It is just a detail but it is indeed annoying.

In T479#777578, @Qgil wrote:

Is it worth to ask for a second pair of eyes upstream? It is just a detail but it is indeed annoying.

Yes.

Qgil merged a task: T75889: don't show "from none to none" in newly created tasks.Nov 25 2014, 2:46 PM

Qgil added a subscriber: Amire80.

PleaseStand mentioned this in T76008: Nonexistent change in custom policy logged when mentioning a security task.Nov 26 2014, 3:01 PM

He7d3r awarded a token.Nov 29 2014, 2:41 PM

He7d3r added a subscriber: He7d3r.

This problem triggered in a any new or migrated task plus T76008 is more than a cosmetic problem. Increasing priority. @mmodell, if you think your code is fine and this is something that Herald or something else is doing wrong, I can file a task upstream.

Lydia_Pintscher added a subscriber: Lydia_Pintscher.Dec 3 2014, 11:52 AM

As an intermediate solution, could we have a bot go through and null edit every task to mark all the tasks that are currently public as Security = none.

This currently feels like death by a thousand cuts. If Phabricator/Maniphest insists that every task have a security policy, can we just do a single pass with a bot and get this over with?

Please let us fix T493 (should be done one of these days) and see what happens with this problem.

I finally got to the bottom of the "none" to "none" issue:

The field configuration has "default": "none"
And the options also has "default": "none"

however, the value of "default" is supposed to point to the key of the entry in options, so
we need to change it to "default": "default" as in the following field config:

 "security_topic" : {
   "default" : "default",
   "description" : "Used for security oriented custom extensions",
   "instructions" : "Security settings will override permissions and projects as needed.",
   "name" : "Security",
   "options" : {
     "default" : "none",
     "sensitive" : "Private Issue",
     "security-bug" : "Security Bug"
   },
   "search" : true,
   "type" : "select"
}

Change 179407 had a related patch set uploaded (by 20after4):
change "default: none" to "default: default" for phabricator's security_topic field to fix the "changed none to none" bug. This fixes T479

https://gerrit.wikimedia.org/r/179407

Patch-For-Review

Amire80 removed a subscriber: Amire80.Dec 12 2014, 7:34 PM

This is extra confusing when a task has a non-public view policy. Security is none but also it's not visible to a typcial user. (maybe off-topic for this task. feel free to point me somewhere else)

@jeremyb, can you post here the number of the task you are referring to?

non-public tasks should have the Security field set to something other than "none", as it is the case reported in T76008 (a blocked task that I hope is solved by the same patch under review for this one).

look at almost any ops-core task

@Qgil & @jeremyb-phone: The patch linked above will resolve the issue of confusing entries in the task transaction log. It will not prevent you from setting a custom policy yet leaving the security field set to none. You shouldn't need to use the custom policy interface, just set the security field and let phabricator take care of generating the custom policy for you.

jeremyb removed a project: ops-core.Dec 20 2014, 3:38 AM

Change 179407 merged by Rush:
phabricator: Change security_topic from "default: none" to "default: default"

https://gerrit.wikimedia.org/r/179407

• chasemp mentioned this in Unknown Object (Diffusion Commit).Dec 22 2014, 6:42 PM

Qgil edited projects, added Phabricator; removed Project-Management.Dec 23 2014, 9:11 PM

Fixed by rOPUP26192d415b59

• chasemp mentioned this in rOPUP26192d415b59: phabricator: Change security_topic from "default: none" to "default: default".Dec 30 2014, 7:59 PM

The "USERNAME set Security to none" action is still happening for tasks imported from bugzilla, and is confusing some users. See T20871#983927

In T479#840405, @MZMcBride wrote:

As an intermediate solution, could we have a bot go through and null edit every task to mark all the tasks that are currently public as Security = none.

This currently feels like death by a thousand cuts. If Phabricator/Maniphest insists that every task have a security policy, can we just do a single pass with a bot and get this over with?

There's a plan to do this or has it been declined?

Krenair merged a task: T87135: Phabricator should only notify changes to the "Security" field if it is indeed changed.Jan 18 2015, 7:19 AM

Krenair added a subscriber: scfc.

scfc mentioned this in T87135: Phabricator should only notify changes to the "Security" field if it is indeed changed.Jan 18 2015, 9:22 AM

PiRSquared17 awarded a token.Feb 12 2015, 9:59 PM

This isn't fixed on new tasks either. https://phabricator.wikimedia.org/T89398#1035387

I think @PiRSquared17 used "Edit Task" to subscribe you and thus triggered T87135. This task is only about the initial creation of a task which worked fine for T89398.

Yes, and the string is slightly different, but the difference is negligible.

Nemo_bis renamed this task from "changed Security from none to none." to "Security from none to none" and "Security to None" clutter.Feb 13 2015, 9:44 AM

Nemo, I don't understand why you insist on keeping two tasks about one issue open.

No. There were two errors triggered (likely) by different code paths:

"Qgil changed Security from none to None." in the initial task creation (like in the timeline of this task). This has been fixed, and thus this task should be closed.
"scfc set Security to None." in subsequent uses of "Edit Task" (like in the timelines of T87135 or T89398). This has not been fixed, and is covered by T87135.

Mixing this up in one task is not aiding fixing them as then energy is lost in deciphering what already has been resolved and what still needs to be fixed.

Let's continue the discussion at T87135 then.

matmarex renamed this task from "Security from none to none" and "Security to None" clutter to "changed Security from none to none.".Feb 13 2015, 2:14 PM

Aklapper renamed this task from "changed Security from none to none." to "changed Security from none to none." in initial task creation.Feb 13 2015, 6:52 PM

Diffusion added a commit: Unknown Object (Diffusion Commit).Mar 4 2015, 8:15 AM

Diffusion added a commit: Unknown Object (Diffusion Commit).

Accidental clash. Known issue. Sorry for the noise.

"changed Security from none to none." in initial task creationClosed, ResolvedPublicActions