Huge refactor of security policy enforcer stuff.
This revision involves 3 cooperating classes to secure tasks considered
either 'sensitive' or 'security bug'
- SecurityPolicyListener applies an initial security policy to tasks submitted with the 'security' option set to anything other than 'none'
- The default security policy now includes a new custom policy rule, implemented in PhabricatorPolicyRuleTaskSubscribers, which allows anyone subscribed to a task to /view + comment/ on the task. !
- SecurityPolicyEnforcerAction is a herald custom action which is used to reset the security policy if anyone tries to override the policy to 'public' or 'any user' when the security flag is set to something other than 'none', this is just a sanity check to keep someone from inadvertantly or maliciously revealing a secure task without explicitly setting the security to 'none'
Note: The following pre-existing behavior is not changed by the new patch:
The task author, the assignee, and any member of the corresponding 'security' project will be able to view/edit the task without explicitly being subscribed.