Page MenuHomePhabricator

Auth - add "manage providers" capability
ClosedPublic

Authored by btrahan on Jan 12 2015, 10:13 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Jan 1, 3:09 PM
Unknown Object (File)
Dec 26 2022, 5:53 PM
Unknown Object (File)
Dec 22 2022, 2:25 AM
Unknown Object (File)
Dec 16 2022, 12:13 AM
Unknown Object (File)
Dec 12 2022, 5:41 PM
Unknown Object (File)
Nov 15 2022, 7:44 AM
Unknown Object (File)
Nov 12 2022, 7:48 PM
Unknown Object (File)
Nov 5 2022, 2:47 AM
Subscribers

Details

Summary

Ref T6947.

Test Plan

toggled setting in application settings and changes stuck. set policy to admin user a only and could not add a provider as a admin user b.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

btrahan retitled this revision from to Auth - add "manage providers" capability.
btrahan updated this object.
btrahan edited the test plan for this revision. (Show Details)
btrahan added a reviewer: epriestley.
epriestley edited edge metadata.

One inline. We should also:

  • Check in PhabricatorAuthDisableController.
  • Maybe setDisabled(true) on the "Add Authentication Provider" link on the List view if you don't have the capability, so the button greys out. Likewise with the "disable" "X" on the list view.
  • After we default to "Admin", we could remove shouldRequireAdmin() from PhabricatorAuthProviderConfigController. I'm not 100% sure this has use cases -- it would let you create a more open policy around provider management -- but it's more consistent with how other policies work.
src/applications/auth/application/PhabricatorAuthApplication.php
149

This should default to PhabricatorPolicies::POLICY_ADMIN here.

This revision is now accepted and ready to land.Jan 12 2015, 10:19 PM
btrahan edited edge metadata.

changes as requested

This revision was automatically updated to reflect the committed changes.

The handleReqeust(AphrontRequest $request) cleanups are also really nice, I'm glad we made that change.

Yeah, the code definitely looks better this way... I figure I'll keep nibbling and eventually we can get more serious about conversion.