Page MenuHomePhabricator

ability to set visibility / editability of Herald rules
Closed, ResolvedPublic

Description

Users should be able to set who can see or edit (or at least just who can edit) Herald rules.

Specifically for cases where Phabricator hosts the git repository, I want to ensure that under no circumstances is a commit to be landed if persons A, B or C have not signed off on its differential review. I can set a Herald rule to decline commits of reviews that haven't been accepted, and I can make it so those people are blocking reviewers of changes to a block of code, but all of those rules are global and can be edited by anyone.

Event Timeline

Global rules can only be edited by users with "Can Manage Global Rules" permission (ApplicationsHeraldConfigureCan Manage Global Rules). By default, this is administrators.

For example, try editing H68 on this install.

(The policy hint in the rule header is not clear about this and shows "All Users", but there should be no way to actually edit global rules without additionally having the "Can Manage Global Rules" capability.)

Er, rather, the policy hint is fine since that's the view policy.

I'm experiencing a dumb.

looking at https://instance/herald/ I don't see "Configure" anywhere

looking at https://instance/config/ I don't see "Herald" anywhere

... halp?

Go to /applications/, then click this:

(We probably should provide some pathway from applications to this UI.)

:o yeah that works

the UI is pretty bad on 27" :D

what about object rules?

Object rules have the same edit policy as the corresponding object.

that's good enough for me but the UI and docs need improving. I'll try and get the docs at least when I have a minute.