Page MenuHomePhabricator

Apply hierarchical policy checks to Phriction
ClosedPublic

Authored by epriestley on May 19 2014, 2:31 PM.
Tags
None
Referenced Files
F14375117: D9199.diff
Fri, Dec 20, 9:55 PM
Unknown Object (File)
Sun, Dec 15, 3:53 PM
Unknown Object (File)
Fri, Nov 29, 3:45 AM
Unknown Object (File)
Tue, Nov 26, 9:28 AM
Unknown Object (File)
Thu, Nov 21, 7:41 PM
Unknown Object (File)
Nov 20 2024, 12:24 PM
Unknown Object (File)
Nov 20 2024, 4:54 AM
Unknown Object (File)
Nov 19 2024, 9:09 AM
Subscribers

Details

Summary

Ref T4029. When checking the view policy of a document, require the viewer to also be able to see all of the ancestors.

Test Plan
  • Hard-coded /x/y/ to "no one".
    • Checked that /x/y/ is not visible.
    • Checked that /x/y/z/ is not visible.
    • Checked that /x/, /x/q/, etc., are still visible.
  • Tested project pages and sub-pages for project visibility.

Diff Detail

Repository
rP Phabricator
Branch
phriction2
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 572
Build 572: [Placeholder Plan] Wait for 30 Seconds

Event Timeline

epriestley retitled this revision from to Apply hierarchical policy checks to Phriction.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.

It would be cool if

  • when creating a new wiki document it defaulted to the most-restrictive applicable policy based on ancestors
  • when editing a wiki document it was apparent what the most-visible policy possible is given ancestor policies
  • changes to policies that could not be enforced - making a child document public in a restricted ancestor hierarchy - loudly gave error messages and possibly prompted the user on how to solve corner cases ("Because Phriction enforces wiki policy hierarchically, you should make a new document outside this hierarchy. Consider a 'public' folder just below the top-most node." ...or something...)

...taking a step back, maybe the policy UI for Phriction needs to be different. You are in essence adding an additional constraint or constraints to the existing set specified by the hierarchy. Ergo, perhaps something that clearly displayed the existing set as read-only and then let you add new policy constraint(s) via the existing-ish UI?

src/applications/phriction/controller/PhrictionDocumentController.php
121

that must have worked well

This revision is now accepted and ready to land.May 19 2014, 7:16 PM
epriestley updated this revision to Diff 21861.

Closed by commit rP9cb4047134f5 (authored by @epriestley).