HomePhabricator

Huge refactor of security policy enforcer stuff.
e45d967b530eUnpublished

Authored by mmodell.

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

Huge refactor of security policy enforcer stuff.

This revision involves 3 cooperating classes to secure tasks considered
either 'sensitive' or 'security bug'

  1. SecurityPolicyListener applies an initial security policy to tasks submitted with the 'security' option set to anything other than 'none.' It will also reset the security policy if anyone tries to override the policy to 'public' or 'any user' when the security flag is set to something other than 'none', this is just a sanity check to keep someone from inadvertantly or maliciously revealing a secure task without explicitly setting the security to 'none'
  2. The default security policy now includes a new custom policy rule, implemented in PhabricatorPolicyRuleTaskSubscribers, which allows anyone subscribed to a task to /view + comment/ on the task. !
  3. WMFSecurityPolicy class contains static functions related to the implementation of the other two, whereever it's appropriate to abstract the functionality intp a less workflow-specific reusable function.

Note: The following pre-existing behavior is not changed by the new patch:

The task author, the assignee, and any member of the corresponding 'security' project
will be able to view/edit the task without explicitly being subscribed.

Note2: The custom Herald action related to security policy enforcement is now deprecated

and it will now function as a no-op. The related herald rule should be removed from
phabricator.

Bug: T493
Bug: T76008

Change-Id: I5b1fcb35c6f390f1a54acfe4081da28f76245ab4

Details

Committed
chasempJan 5 2015, 9:23 PM
Parents
rPHEXc2e1fe7e3fb8: rename mediawiki user field to match ldap
Branches
Unknown
Tags
Unknown
ChangeId
I5b1fcb35c6f390f1a54acfe4081da28f76245ab4