Paths

Table of Contentst

Differential D11358

Config - add an option to lock policy settings
ClosedPublic
Actions

Authored by btrahan on Jan 12 2015, 11:49 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, Jan 31, 8:16 PM

	Unknown Object (File)
	Fri, Jan 24, 11:36 AM

	Unknown Object (File)
	Thu, Jan 23, 9:33 PM

	Unknown Object (File)
	Thu, Jan 23, 9:33 PM

	Unknown Object (File)
	Thu, Jan 23, 9:33 PM

	Unknown Object (File)
	Thu, Jan 23, 9:33 PM

	Unknown Object (File)
	Thu, Jan 23, 9:33 PM

	Unknown Object (File)
	Thu, Jan 23, 9:32 PM

Subscribers

Details

Reviewers

Maniphest Tasks

T6947: Add configuration to lock auth/user creation, or to lock application policies

Commits

Restricted Diffusion Commit
rP8cfc37f8fcba: Config - add an option to lock policy settings

Summary

Fixes T6947

Test Plan

locked people.create.user and noted the UI only showed a link to the existing policy with no way to edit it.

tried to set the config to all the various bad things and saw helpful error messages telling me what I did wrong.

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

btrahan updated this revision to Diff 27290.Jan 12 2015, 11:49 PM

btrahan added a task: T6947: Add configuration to lock auth/user creation, or to lock application policies.

btrahan retitled this revision from to Config - add an option to lock policy settings.

btrahan updated this object.

btrahan edited the test plan for this revision. (Show Details)

btrahan added a reviewer: epriestley.

Herald added subscribers: epriestley, Korvin. · View Herald TranscriptJan 12 2015, 11:50 PM

It might be slightly safer to have a map<policy-name, forced-policy> but I'm not sure how easy that is to implement. But then if we decide to lock something later, we don't have to migrate existing installs: we can just add the lock and force it to the desired policy.

This revision is now accepted and ready to land.Jan 12 2015, 11:52 PM

make the storage a dictionary and validate the heck out of everything

btrahan edited the test plan for this revision. (Show Details)Jan 13 2015, 7:44 PM

clean up some implemenation notes left in as comments

Closed by commit rP8cfc37f8fcba: Config - add an option to lock policy settings (authored by btrahan, committed by btrahan). · Explain WhyJan 13 2015, 7:46 PM

This revision was automatically updated to reflect the committed changes.

epriestley added inline comments.Jan 13 2015, 7:46 PM

src/applications/meta/controller/PhabricatorApplicationEditController.php
118	I think `$locked_map` will end up with `array('admin' => true)` here? We can just remove this line and rename one of the variables, I think?
src/applications/policy/config/PhabricatorPolicyConfigOptions.php
49	This option should probably be `setLocked(true)` itself, so you can't just unlock it and then unlock the policies. We can force it locked in config, but in the general case locking it seems like the right default.
src/applications/policy/config/PolicyLockOptionType.php
7	ees niceee

on the feeedback, new diff coming soonish

locklocklocklock

btrahan mentioned this in rP32edb7e2bbe8: Followup from D11358#106424 and make policy.locked fully work.Jan 13 2015, 8:03 PM

Not sure why the robots didn't close this one. Daemon task queue looks clear from the web console at the moment.

There was a close transaction earlier (D11358#106423), maybe there's some rare race condition.

Revision Contents
Changeset List

Path

Size

src/

__phutil_library_map__.php

2 lines

applications/

meta/

controller/

PhabricatorApplicationEditController.php

20 lines

policy/

config/

PhabricatorPolicyConfigOptions.php

16 lines

PolicyLockOptionType.php

63 lines

Diff 27308

src/__phutil_library_map__.php

Loading...

src/applications/meta/controller/PhabricatorApplicationEditController.php

Loading...

src/applications/policy/config/PhabricatorPolicyConfigOptions.php

Loading...

src/applications/policy/config/PolicyLockOptionType.php

Loading...