Page MenuHomePhabricator
Differential D13518

Remove "feed.public" and sort out feed policies
ClosedPublic
Actions

Authored by epriestley on Jul 1 2015, 9:49 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Apr 25, 1:37 AM
Unknown Object (File)
Tue, Apr 16, 10:24 AM
Unknown Object (File)
Thu, Apr 11, 9:20 AM
Unknown Object (File)
Thu, Apr 11, 5:41 AM
Unknown Object (File)
Sun, Apr 7, 1:44 AM
Unknown Object (File)
Sat, Apr 6, 2:28 AM
Unknown Object (File)
Tue, Apr 2, 6:23 PM
Unknown Object (File)
Tue, Apr 2, 5:17 PM
View All Files
Subscribers
chad
epriestley

Details

Reviewers
btrahan
Maniphest Tasks
T6817: Token given feed entry's target link is not struck through and greyed out when the target is closed
T8731: Logged out secure.phabricator.com feed error
Commits
Restricted Diffusion Commit
rP6a996d76fd1a: Remove "feed.public" and sort out feed policies
Summary

Ref T6817. Fixes T8731. On the old secure host, feed.public was set to true. I didn't bring the option over, which caused the secondary issue in T8731.

Specifically, when feed.public is off, a logged-out user looking at feed can't see any stories, so they query all of feed until they hit the time limit.

To fix this immediately, just use the most open policy, which is basically equivalent but always correct.

To fix this more thoroughly:

  • Remove feed.public, which violates policies and has been slated for removal for a while (see T6817).
  • Clean up policy handling.
Test Plan
  • As a logged-out user, viewed feed on a public install with feed.public off; no longer saw all stories get queried + no feed shown.
  • Grepped for feed.public.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 32681.Jul 1 2015, 9:49 PM
epriestley retitled this revision from to Remove "feed.public" and sort out feed policies.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley added tasks: T8731: Logged out secure.phabricator.com feed error, T6817: Token given feed entry's target link is not struck through and greyed out when the target is closed.
Herald added a subscriber: epriestley. · View Herald TranscriptJul 1 2015, 9:49 PM
chad added a subscriber: chad.Jul 1 2015, 9:50 PM

itsawesome

epriestley added inline comments.Jul 1 2015, 9:51 PM
src/applications/feed/story/PhabricatorFeedStory.php
364

This should fix or at least improve T6817, although I didn't actually check what happens with it.

504

This method was buggy and never worked -- this should have been isset().

epriestley added inline comments.Jul 1 2015, 9:52 PM
src/applications/feed/story/PhabricatorFeedStory.php
91–97

Specifically, this is performing the effective policy check: you need to be able to see a story's object(s) in order to see the story.

epriestley added a comment.Jul 1 2015, 9:53 PM

Oh, and "public feed" (e.g., feed on this install) still works fine, just not the special secret magical iframe policy-violating feed.

btrahan accepted this revision.Jul 1 2015, 10:04 PM
btrahan edited edge metadata.

awesometown

This revision is now accepted and ready to land.Jul 1 2015, 10:04 PM
Closed by commit rP6a996d76fd1a: Remove "feed.public" and sort out feed policies (authored by epriestley, committed by epriestley). · Explain WhyJul 1 2015, 10:07 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Diff 32684

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/config/check/PhabricatorExtraConfigSetupCheck.php

Loading...
View Options

src/applications/feed/application/PhabricatorFeedApplication.php

Loading...
View Options

src/applications/feed/builder/PhabricatorFeedBuilder.php

Loading...
View Options

src/applications/feed/config/PhabricatorFeedConfigOptions.php

Loading...
View Options

src/applications/feed/controller/PhabricatorFeedPublicStreamController.php

Loading...
View Options

src/applications/feed/story/PhabricatorFeedStory.php

Loading...
Phabricator · Built by Phacility