Page MenuHomePhabricator

Support permissions/policies in all Phabricator applications
Closed, ResolvedPublic

Subscribers
Tokens
"Love" token, awarded by allan.laal."Mountain of Wealth" token, awarded by tristan."Doubloon" token, awarded by mister_zombie."Like" token, awarded by hwinkel."Like" token, awarded by ttr."Love" token, awarded by chad."Love" token, awarded by andytruong."Love" token, awarded by sascha-egerer.
Assigned To
Authored By
Cobi, Nov 3 2011

Description

As an admin, I should be able to group users into groups and limit groups to certain repositories in Diffusion, certain projects in Maniphest and Differential, and certain pages in Phriction.

Revisions and Commits

Closed
rPHU libphutil
D7216
rP Phabricator
Restricted Differential Revision
D7343
D7342
D7334
D7322
D7321
D7317
D7318
D7300
D7314
D7309
D7306
D7310
D7299
D7298
D7297
D7296
D7303
D7292
D7289
D7285
D7282
D7278
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision
Restricted Differential Revision

Related Objects

StatusAssignedTask
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
OpenNone
Openepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley
OpenNone
Resolvedepriestley
Resolvedepriestley
Resolvedepriestley

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
epriestley edited this Maniphest Task.Oct 6 2013, 10:48 PM
epriestley edited this Maniphest Task.Oct 6 2013, 11:30 PM
epriestley edited this Maniphest Task.Oct 7 2013, 12:07 AM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 7 2013, 12:10 AM
epriestley edited this Maniphest Task.Oct 7 2013, 1:02 PM
mathieuk removed a subscriber: mathieuk.Oct 7 2013, 1:28 PM
epriestley edited this Maniphest Task.Oct 7 2013, 4:25 PM
epriestley edited this Maniphest Task.Oct 7 2013, 5:41 PM
epriestley edited this Maniphest Task.Oct 7 2013, 7:51 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 7 2013, 8:29 PM
epriestley edited this Maniphest Task.Oct 8 2013, 12:57 AM
epriestley edited this Maniphest Task.Oct 8 2013, 1:00 AM
epriestley edited this Maniphest Task.Oct 8 2013, 1:24 AM
krz removed a subscriber: krz.Oct 8 2013, 6:49 AM
epriestley edited this Maniphest Task.Oct 8 2013, 1:33 PM
epriestley edited this Maniphest Task.Oct 8 2013, 1:38 PM
epriestley edited this Maniphest Task.Oct 8 2013, 2:04 PM
epriestley edited this Maniphest Task.Oct 9 2013, 8:45 PM
epriestley edited this Maniphest Task.Oct 9 2013, 8:47 PM
epriestley edited this Maniphest Task.Oct 9 2013, 8:52 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 9 2013, 8:56 PM
epriestley edited this Maniphest Task.Oct 9 2013, 8:58 PM
epriestley edited this Maniphest Task.Oct 9 2013, 9:05 PM
epriestley edited this Maniphest Task.Oct 9 2013, 10:00 PM
epriestley edited this Maniphest Task.Oct 9 2013, 10:06 PM
epriestley edited this Maniphest Task.Oct 9 2013, 11:21 PM
epriestley edited this Maniphest Task.Oct 9 2013, 11:24 PM
epriestley edited this Maniphest Task.Oct 10 2013, 8:40 PM
epriestley edited this Maniphest Task.Oct 10 2013, 11:10 PM
epriestley edited this Maniphest Task.Oct 11 2013, 2:22 AM
epriestley edited this Maniphest Task.Oct 11 2013, 3:36 PM
epriestley edited this Maniphest Task.Oct 13 2013, 12:08 AM
epriestley edited this Maniphest Task.
brent added a subscriber: brent.Oct 13 2013, 12:33 AM
epriestley edited this Maniphest Task.Oct 13 2013, 1:21 AM
epriestley edited this Maniphest Task.Oct 14 2013, 12:32 AM
epriestley edited this Maniphest Task.Oct 14 2013, 12:39 AM
epriestley edited this Maniphest Task.Oct 14 2013, 12:42 AM
epriestley edited this Maniphest Task.Oct 14 2013, 12:47 AM
epriestley edited this Maniphest Task.Oct 14 2013, 12:49 AM
epriestley edited this Maniphest Task.Oct 14 2013, 4:11 PM
epriestley edited this Maniphest Task.Oct 14 2013, 6:41 PM
epriestley edited this Maniphest Task.Oct 14 2013, 6:46 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 14 2013, 7:05 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 14 2013, 7:07 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 14 2013, 7:58 PM
epriestley edited this Maniphest Task.Oct 14 2013, 8:04 PM
epriestley edited this Maniphest Task.Oct 14 2013, 9:18 PM
epriestley edited this Maniphest Task.Oct 14 2013, 9:36 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 14 2013, 11:10 PM
epriestley edited this Maniphest Task.Oct 14 2013, 11:49 PM
epriestley edited this Maniphest Task.Oct 14 2013, 11:59 PM
epriestley edited this Maniphest Task.Oct 15 2013, 12:30 AM
epriestley edited this Maniphest Task.Oct 15 2013, 12:45 AM
epriestley edited this Maniphest Task.Oct 15 2013, 1:21 AM
epriestley edited this Maniphest Task.Oct 15 2013, 11:32 AM
epriestley edited this Maniphest Task.Oct 15 2013, 11:51 AM
epriestley edited this Maniphest Task.Oct 16 2013, 5:36 PM
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.
epriestley edited this Maniphest Task.Oct 17 2013, 1:50 AM
epriestley edited this Maniphest Task.Oct 17 2013, 5:50 PM
epriestley edited this Maniphest Task.Oct 17 2013, 7:47 PM
epriestley edited this Maniphest Task.Oct 17 2013, 7:52 PM
epriestley edited this Maniphest Task.Oct 17 2013, 7:57 PM
epriestley edited this Maniphest Task.Oct 17 2013, 8:00 PM
epriestley closed this task as Resolved.Oct 17 2013, 8:32 PM

I'm going to close this task, since it has served its purpose and we have basically-usable policies almost-everywhere now.

Policies are newly implemented, and are obviously not mature. There are likely to be some remaining bugs, rough edges, etc. However, by all appearances they work correctly and are reasonably usable. You should be cautious about using them to protect nuclear launch codes from hostile nations, but they should be fine for hiding information from your enemies at your company, and for opening up applications on open source installs.

The policy implementation today consists of flexible infrastructure, a basically reasonable UI on top of it, and some application-level defaults and settings (accessible in the "Applications" application). We expect to refine all of these things in time, but mostly in response to feedback. If you begin using these features, let us know what works, what doesn't work, what's confusing, what you wish were easier, etc.

Some particular notes:

  • Open-Source Installs
    • There's no logged-out version of the home page yet. Do you want one? What should it look like or do?
    • There may be performance issues with some queries if you have a large amount of private data and a small amount of public data. Let us know if you run into these.
    • There's no script to retroactively open up access. You can generally update the viewPolicy column of an object type in the DB, or we can build tools for this.
  • Installs with Clients or Project-Level Policy Implications
    • We suspect the current implementation is very labor-intensive for the use case of having several clients, each of whom you only want to see their own stuff. Is this true? Some discussion in T3820.
    • Broadly, the implementation is easier to use with policies that are default-open, selective-deny than default-deny, selective-open. We think this is the more common use case, but maybe not?
  • Tooling
    • There isn't much support tooling yet. What do you need?
    • The bin/policy tool does exist, and will let you unlock objects which you accidentally lock yourself out of. (We'll make it harder to lock yourself out of things, too -- it's fairly easy in a few interfaces now.)
  • Custom Policies
    • The custom policy UI provides "user", "project", "admin", and "lunar phase" rules. What additional rules do you need? "Time of day"? "LDAP group"?
    • These rules are relatively pluggable. Are you interested in writing custom rules?
    • Do you even end up using custom policies? Could we have gotten away without building them?
  • Defaults
    • We provide global defaults in most applications now. Do we need more fine-grained defaults (per-user, per-project...)?
    • There's no way to save or bookmark specific custom policies. Is this important?
    • Some object types have implicit rules, e.g. the author of a paste can always view and edit it. Are there other rules we should have? Do current rules make sense?
  • Clarity
    • A particular goal of this implementation is to make it clear how policies operate. Did we succeed? When you can't see an object, is it clear why you can't see it? Are policy rules intuitive?
    • Is it easy to set the policies you want to set?
  • Incomplete Applications and Policies
    • Not all applications have full policy support yet, usually because it's blocked by something or they're beta. Which remaining apps do you want support for?
    • Capabilities are relatively coarse right now, and mostly fall into "edit" and "view". Do you need more fine-grained capabilities (like "comment" as distinct from "view")?
  • Documentation
    • If you're lost, yell at me and I can write some sooner rather than later.
    • Or if you'd just find this interesting or whatever.
  • General
    • We believe policies are broadly at a level where they're usable, make sense, and are consistently enforced everywhere. If you see anything suspicious or confusing or which seems obviously broken or doesn't make sense, let us know. From here on out, they're expected to work in a generally reasonable way.

If you have feedback on any of this, file a new task and we'll merge things together into some smaller piles and move them forward separately with less than 100 people on the CC list. I'd guess that most of these topics are not interesting to most installs.

should this nice description an question find a way into the docs?

Just configured a new clean phab instance, is there a way to set a default behavior? How can I lock out all people by default and give them access only if they belong to a project."Installs with Clients or Project-Level Policy Implications" its really labor intensive. Can we have a config option or install question which controls the general behavior and default permissions?

Most default policies are configured in the Applications app, only a few have them right now - what do you need that is missing?.

As @epriestley mentioned, that is currently the weakest state for the policy infrastructure right now, but will probably need to wait for T390 to get any real work.

btrahan closed subtask Restricted Maniphest Task as Resolved.Jul 10 2014, 10:41 PM
rftfaria removed a subscriber: rftfaria.Apr 28 2016, 8:26 PM
Twilight added a subscriber: Twilight.EditedNov 25 2017, 5:26 AM

Not all applications have full policy support yet, usually because it's blocked by something or they're beta.

Does Differential have this? (Differential isn't in beta and I don't see any blocking tasks for it)