Paths

Table of Contentst

Differential D19606

Add a "Can Disable Users" capability to the "People" application
ClosedPublic
Actions

Authored by epriestley on Aug 27 2018, 1:58 PM.

Details

Reviewers

amckinley

Maniphest Tasks

T13189: Plans: 2018 Week 35 Bonus Content

Commits

rP058952e72ecf: Add a "Can Disable Users" capability to the "People" application

Summary

Depends on D19605. Ref T13189. See PHI642. This adds a separate "Can Disable Users" capability, and makes the underlying transaction use it.

This doesn't actually let you weaken the permission, since all pathways need more permissions:

user.edit needs CAN_EDIT.
user.disable/enable need admin.
Web UI workflow needs admin.

Upcoming changes will update these pathways.

Without additional changes, this does let you strengthen the permission.

This also fixes the inability to disable non-bot users via the web UI.

Test Plan

Set permission to "No One", tried to disable users. Got a tailored policy error.
Set permission to "All Users", disabled/enabled a non-bot user.

Diff Detail

Repository

rP Phabricator

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley created this revision.Aug 27 2018, 1:58 PM

Harbormaster completed remote builds in B20676: Diff 46871.Aug 27 2018, 2:00 PM

epriestley requested review of this revision.Aug 27 2018, 2:00 PM

epriestley added a child revision: D19607: Align web UI "Disable" and "Approve/Disapprove" flows with new "Can Disable Users" permission.Aug 27 2018, 2:46 PM

This revision was not accepted when it landed; it landed in state Needs Review.Aug 27 2018, 3:01 PM

Closed by commit rP058952e72ecf: Add a "Can Disable Users" capability to the "People" application (authored by epriestley). · Explain Why

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

src/

__phutil_library_map__.php

applications/

people/

application/

PhabricatorPeopleApplication.php

3 lines

capability/

PeopleDisableUsersCapability.php

16 lines

xaction/

PhabricatorUserDisableTransaction.php

14 lines

Diff 46876

View Options

src/__phutil_library_map__.php

View Options

src/applications/people/application/PhabricatorPeopleApplication.php

View Options

src/applications/people/capability/PeopleDisableUsersCapability.php

View Options

src/applications/people/xaction/PhabricatorUserDisableTransaction.php

Add a "Can Disable Users" capability to the "People" applicationClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 46876

src/__phutil_library_map__.php

src/applications/people/application/PhabricatorPeopleApplication.php

src/applications/people/capability/PeopleDisableUsersCapability.php

src/applications/people/xaction/PhabricatorUserDisableTransaction.php

Add a "Can Disable Users" capability to the "People" application
ClosedPublic
Actions

Revision Contents
Changeset List